EU Parliament Votes to Kill Chat Control Ending Mass Surveillance Threat to Encrypted Messaging
Regulation that would have allowed platforms to scan private messages expires on April 4 with no replacement
The vote was decisive, with the European People's Party failing in its attempt to compel a re-vote to overturn an earlier decision. Since 2021, a temporary EU law called Chat Control 1.0 had allowed companies like Meta to voluntarily scan messages before encryption for child sexual abuse material.
The EU Commission had pushed to make the legislation permanent and compulsory through Chat Control 2.0, which would have required every messaging app to implement client-side scanning. Signal CEO Meredith Whittaker had threatened to withdraw the app from Europe entirely if the law passed, and WhatsApp would have been forced to create a similar backdoor.
Parliament fought back with strict conditions: scanning had to be court-ordered, targeted at specific suspects, and end-to-end encrypted communications were explicitly excluded. The Council declined those terms, and negotiations collapsed in mid-March.
Analysis
Why This Matters
This is a landmark victory for privacy advocates and encrypted messaging. Client-side scanning would have fundamentally undermined end-to-end encryption by compromising messages before they were ever encrypted.
Background
The debate pitted child safety advocates against privacy and security experts. Proponents argued scanning was necessary to combat child exploitation. Opponents countered that any backdoor would inevitably be exploited by authoritarian governments and criminals.
Key Perspectives
Signal and WhatsApp made clear they would rather exit Europe than compromise encryption. Security researchers widely agreed that client-side scanning could not be limited to its stated purpose.
What to Watch
The Commission may attempt new legislation, but this vote sets a strong precedent. The privacy-first approach is likely to influence similar debates worldwide.