Just ahead of the final vote on the European Union’s controversial “Chat Control” proposal, a broad coalition of tech industry figures has come together to appeal to the bloc’s governments to reject it in the name of privacy, security and free speech.
The new regulation, which would require platforms to implement a means of scanning all end-to-end encrypted content for child abuse material, stands a good chance of passing with 15 nations having expressed support and 6 of the remaining 12 undecided. Critics point out that it will likely undermine the security of encryption, lead to spying and monitoring of individuals, and be plagued with so many implementation issues and “false positives” that it may not even function as advertised.
Final push to change minds on chat control ahead of October 14 vote
Officially titled the “Regulation to Prevent and Combat Child Sexual Abuse (CSAR)”, the informally-dubbed “Chat Control” legislation has been floating around and evolved through several forms since 2022. The stated purpose is to combat the spread of child abuse materials and grooming by providing EU member law enforcement agencies with a new tool to penetrate the usually encrypted organized networks that deal in these things. But critics see it as another “mandatory backdoor” program that will essentially make secure encryption impossible and will be left wide open to abuse.
Passage of the law requires 65% of the bloc’s members to vote in favor of it, weighted by their population count. At the moment there are 15 nations that have expressed support. Six others have declared against it, and six more are undecided. The current form of Chat Control was introduced by Denmark, which is in the middle of its six-month presidency of the Council of the European Union and had declared that the regulation would be a high priority for it during its term.
The supporting members are currently meeting to finalize the terms of Chat Control, and a vote could come as early as October 14. Many observers feel that Germany is the key undecided vote; should it come down in favor, its population would shoot the count of support to 71% even if the other five undecideds voted against it. However, there is strong bipartisan resistance among Germany’s European Parliament ranging from its center-left to right-wing parties.
617 signatories warn chat control represents “unprecedented” privacy violation
The group of 617 signatories to the open letter warn that Chat Control not only threatens privacy and security in Europe, but beyond its borders to extend to potentially the whole world. The collection of tech experts warns that the implementation of such a scanning system violates the fundamental principles of end-to-end encryption and creates the distinct possibility of third parties being able to hack into this capability.
The letter also calls into question how useful the Chat Control system could possibly be, even if privacy concerns were taken off the table. It notes that each platform will have to scan hundreds of millions of pieces of content for child abuse identification markers each day, with prior studies showing that smaller sample sets tend to produce unacceptably high rates of false flags and errors. Learning AI has been proposed as a means of assisting this process, but here too the experts note that the present technology is not advanced or reliable enough to be trusted to accurately and capably perform this task.
Similar letters have been signed by tech and related industry experts in response to previous Chat Control proposals introduced in 2023 and 2024. The supporting nations have since backed off from some of the original elements of the legislation, for example reducing the content to be scanned from all types of text and media to only URLs and “visual content” such as images and videos. The experts say that reducing the range of content does not meaningfully improve the expected accuracy of these systems, and they will still be rife with false flags that waste time and potentially cause serious problems for innocent parties.
Opinions about law enforcement access to encrypted materials vary, but some EU bloc members want to go even farther than Chat Control. The Spanish government has made efforts to introduce terms to require encryption backdoors in all services, similar to what was demanded of Apple in its recent flap with the United Kingdom. Sweden and France have called for VPNs to be required to provide decrypted logs to law enforcement upon demand. And Austria has already made it legal for law enforcement there to deploy “trojan horses” against suspects that can intercept encrypted messages in transit.
If Chat Control does pass, the response could be similar to the decision Apple reached when it was ordered to insert cloud backdoors by the UK; to simply pull their services from the region rather than comply. Enabling a real-time scanning system would essentially break their encryption features beyond the borders of the EU and tank global trust in the products, and though loss of the EU as a market would be a substantial financial hit it could well pale in comparison to the cost of having the whole world divest from a service now seen to be fundamentally insecure and unable to deliver on its privacy and security promises.

