Chat Control: EU Parliament said no to Big Tech mass surveillance of your chats

techradar.com · iamnothere · 20 days ago · view on HN · security
0 net
Tags
facebook google
Chat Control: EU Parliament said no to Big Tech mass surveillance of your chats — but the battle for privacy isn't done | TechRadar Skip to main content Don't miss these VPN Privacy & Security Australia’s age verification rules: Is a VPN ban on the horizon? VPN Privacy & Security VPNs surge in Australia as mandatory age verification for adult content begins VPN Services “Not equipped to handle that responsibility”: the VPN industry reacts to TechRadar's latest research VPN Privacy & Security Australia 'Swiss cheese-like age verification' may lead to a VPN ban, and digital safety is at risk VPN Privacy & Security Dutch MPs call for free government-backed VPN, ad-blocker, and password manager for all citizens VPN Privacy & Security 'A liability trap' — NordVPN slams Utah age verification law targeting VPN users OpenAI ChatGPT's adult mode will 'safely relax the restrictions' of the chatbot VPN Services 'It doesn’t have to be all or nothing' — ExpressVPN launches privacy-first tool to combat CSAM VPN Privacy & Security Russia’s crackdown on VPNs reaches new heights as internet restrictions intensify VPN Privacy & Security Mullvad VPN takes its banned anti-surveillance ad to the streets after UK TV rejection VPN Services Russia’s battle against VPNs is entering a new phase: Here's what to expect in 2026 VPN Privacy & Security Age verification changed the internet in 2025 – here's what it means for your privacy in 2026 VPN Privacy & Security 'No approach is a silver bullet' — UK launches online safety consultation that could see VPNs age-restricted VPN Privacy & Security Russia is using DNS and DPI to block YouTube, Telegram and WhatsApp while pushing state-controlled MAX as alternative VPN Privacy & Security 'The UK war on VPNs is an embarrassment' – backlash grows over proposed VPN age-checks (Image credit: Unsplash) Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Threads Email Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Tech Radar Get the TechRadar Newsletter Sign up for breaking news, reviews, opinion, top tech deals, and more. Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over. You are now subscribed Your newsletter sign-up was successful An account already exists for this email address, please log in. Subscribe to our newsletter Untargeted mass scanning of your private chats. That's what Big Tech has been allowed to do since 2021 on a voluntary basis — until now. What's been dubbed Chat Control 1.0 is the interim law that gives the green light for messaging services and social media providers to scan our communications in the lookout for child sexual abuse material (CSAM). The law, which was meant to be a temporary measure to fill the legal vacuum until permanent legislation passes, has been in place since 2021. It expires on April 3, with lawmakers needing to extend it once again. This time, though, they have listened to tech experts and digital rights advocates, and tightened the rules in favor of user privacy. Article continues below You may like The EU prepares ground for wider data retention – and VPN providers are among the targets Age verification changed the internet in 2025 – here's what it means for your privacy in 2026 2025 Digital rights review: Spyware, AI war & EU regulations On Wednesday, an overwhelming majority of the European Parliament (458 in favour, 103 against, and 63 abstentions) endorsed the temporary extension until August 2027, but with some significant conditions. CSAM scanning will now need to be “proportional and targeted”, and end-to-end encrypted communications, such as WhatsApp, Signal, and Telegram, for example, are out of scope Long-time Chat Control critic, the former MEP for the German Pirate Party and digital rights jurist, Patrick Breyer, welcomed the news as "a sensational victory" and historic vote. "Just as with our physical mail, the warrantless screening of our digital communications must remain taboo," he said. While this is very much a battle won for the digital rights-conscious citizens of Europe, it’s still just an interim measure. With the EU Council, Commission, and Parliament still debating the details of the Child Sexual Abuse Regulation (CSAR) Bill – what critics have labelled Chat Control 2.0 – the privacy war rages on. Are these legislative bodies prepared to double down on their rejection of mass surveillance, or will the pendulum swing back in favor of Big Tech? What’s wrong with untargeted CSAM scanning The problem with untargeted CSAM scanning lies in its potential for mass surveillance and the inherent technical and legal flaws. Prior to the Wednesday vote, Chat Control 1.0 — officially interim ePrivacy derogation 2025/0429(COD) — enabled internet service providers to automatically check all users' private messages in the lookout for illegal material. Chats were scanned, and suspicious images and videos compared with databases of known CSAM. What to read next To repeal or not repeal: UK Parliament discusses the Online Safety Act The price to pay — This is why 400+ scientists are calling for a halt to mandatory age verification 'A violation of fundamental rights' – Civil society calls on Switzerland to abandon data retention proposals This practice, however, is legally problematic — the confidentiality of electronic communications is a fundamental principle of the ePrivacy Directive . 🗳️@Europarl_en has endorsed extending a current ePrivacy derogation so that service providers can voluntarily detect child sexual abuse material- support for extension until 3 Aug 2027- MEPs want to keep encrypted communications out of scopeNext: talks w/@EUCouncil 1/2 pic.twitter.com/etUSugWObx March 11, 2026 Privacy experts have long warned that mass, untargeted scanning, even when voluntary (i.e. even when the companies are not forced to do it), still harms security and privacy. What’s more, the last five years of open CSAM scanning have uncovered mostly legal shortcomings and false positives, and very little actual prevention of CSAM. In fact, as digital rights experts at Netzpolitik noted, the latest CSAM scanning evaluation published by the EU Commission in November still "fails to provide sufficient facts and statistics to judge the proportionality of voluntary chat monitoring." On February 16, the European Data Protection Supervisor (EDPS) — an independent supervisory authority with responsibility for monitoring the processing of personal data by EU bodies — also published its opinion , arguing that the Chat Control 1.0 extension “must address shortcomings and prevent indiscriminate scanning." Finally, a coalition of 50+ civil society organizations, cryptographers, computer scientists, and other digital rights experts signed an open letter to urge lawmakers to vote against the extension, arguing that the interim law would "allow Big Tech companies to continue to scan billions of private messages (chats), emails and social media posts of people across the EU, and report them to a US center in case they suspect abuse material is being shared." In the end, it seems, it was enough to make legislators think twice, at least for now. How the new rules look like At Wednesday’s plenary vote , lawmakers agreed to limit the scope of the scanning. They have inserted a new clause which states that data processing must be targeted, specified, and limited to individual users or specific groups (such as subscribers to a specific channel). Additionally, this targeted processing is only permitted when there are reasonable grounds of suspicion of a link to child sexual abuse material, and the targets must be identified by a competent judicial authority. The new rules explicitly exclude end-to-end encrypted communications and the scanning of audio messages from the scope of the law. What's next for our privact chats (Image credit: Getty Images) After years of campaigning, the EU Parliament’s response to the complaints is heartening for digital rights activists, but the recent concessions may not reflect the final decision. The EU Council, Commission, and Parliament are currently going through the remaining negotiations on the permanent legislation that will replace the interim CSAM scanning law. The Council may have reached an agreement at the end of last year, but the proposal going to the trialogue is still "a disaster waiting to happen " according to technologists and privacy experts because "voluntary CSAM scanning" is still a main component with few strong provisions to protect encrypted communications. Yet, since the November vote on Chat Control, there have been some changes to the discussion. Back in December, the EU Commissioner for Home Affairs, Magnus Brunner, backed the Parliament line on targeted monitoring . Now, the EU Parliament's strengthened stance on encryption and targeted scanning shows us that some other lawmakers are ready to fight against rules that could inadvertently put Europe into a downward spiral of mass surveillance. The CSAM bill still includes provisions on age verification that remain problematic for privacy, according to over 400 scientists who are calling for a halt to these measures until a "scientific consensus" regarding the technical feasibility and benefits is reached. With all this mounting pressure on Chat Control, the digital rights lobby might smell victory, but the matter is far from decided and, how Big Tech might feel about the outcome, well, that’s another story. Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button! Chiara Castro News Editor (Tech Software) Chiara is a multimedia journalist committed to covering stories to help promote the rights and denounce the abuses of the digital side of life – wherever cybersecurity, markets, and politics tangle up. She believes an open, uncensored, and private internet is a basic human need and wants to use her knowledge of VPNs to help readers take back control. She writes news, interviews, and analysis on data privacy, online censorship, digital rights, tech policies, and security software, with a special focus on VPNs, for TechRadar and TechRadar Pro. Got a story, tip-off, or something tech-interesting to say? Reach out to [email protected] View More You must confirm your public display name before commenting Please logout and then login again, you will then be prompted to enter your display name. Logout Read more The EU prepares ground for wider data retention – and VPN providers are among the targets Age verification changed the internet in 2025 – here's what it means for your privacy in 2026 2025 Digital rights review: Spyware, AI war & EU regulations To repeal or not repeal: UK Parliament discusses the Online Safety Act 'A violation of fundamental rights' – Civil society calls on Switzerland to abandon data retention proposals Brits are turning their backs on US Big Tech — and looking to Europe for privacy Privacy vs control: a “whack-a-mole game” with no clear winners 'No approach is a silver bullet' — UK launches online safety consultation that could see VPNs age-restricted EU goes soft on Big Tech in digital rules overhaul EU Parliament bans AI use on government work devices as security fears rise 'The UK war on VPNs is an embarrassment' – backlash grows over proposed VPN age-checks Wisconsin scraps VPN ban from age verification bill following backlash Latest in VPN Privacy & Security Russia’s crackdown on VPNs reaches new heights as internet restrictions intensify Russia's state-backed MAX app may know if you are using a VPN to bypass censorship How to tell if your kids are using a VPN - and should you be worried? Australia 'Swiss cheese-like age verification' may lead to a VPN ban, and digital safety is at risk Australia’s age verification rules: Is a VPN ban on the horizon? VPNs surge in Australia as mandatory age verification for adult content begins Iranians threatened with legal action for using VPNs to bypass internet blocks — here's everything we know 'A liability trap' — NordVPN slams Utah age verification law targeting VPN users Dutch MPs call for free government-backed VPN, ad-blocker, and password manager for all citizens NordVPN’s Android feature now warns Europeans about scam calls before they answer Security researchers found 'critical' flaw in IPVanish Mac VPN app — here's all you need to know 'It doesn’t have to be all or nothing' — ExpressVPN launches privacy-first tool to combat CSAM Latest in Features Tired of ChatGPT baiting you with follow-up questions? Make this one change Sonos CEO Tom Conrad full interview: in-depth on hardware, software & more I tried Claude’s new interactive visuals and it’s surprisingly playful 15 deals I’m eyeing in Walmart’s massive spring sale — patio furniture, grills, vacuums, and more from $29.99 Just got a Nintendo Switch 2 for Pokémon Pokopia? Keep your new console safe with these cases and screen protectors The next Xbox is coming soon, here's what we know (and don’t know) about Project Helix so far Sonos' CEO reveals what's 'holding us back' from music streaming innovation Black Ops Royale launches in Warzone today to try and help the 'stagnant' game with 'the nostalgia of Blackout' The best 13-inch MacBook Air cases and bags to keep your new laptop protected 5 Claude prompts to unlock its unique strengths Check out these 3 new Disney+ shows to stream in March Sonos' CEO is cool about Dolby Atmos FlexConnect muscling in on his turf LATEST ARTICLES 1 EU Parliament said no mass surveillance of your chats — but the Chat Control saga isn't done 2 Loblaw confirms data breach, says 'basic customer information' affected 3 Sonos CEO Tom Conrad full interview: in-depth on hardware, software & more 4 'We have no plans for additional DLCs or expansions' — CD Projekt Red shuts down a 'secret' Cyberpunk 2077 content drop, but is remaining suspiciously quiet amid Witcher 3 expansion rumors 5 Dell CEO says companies can't dictate how technology is used by governments Useful links Best VPN Best Free VPN Best Web Hosting Service Best Website Builder Best Laptops Best Gaming Laptops Best Gaming PC Best PC Gaming Chair Best Phone Best TV Best Oled TVs Best Smartwatch Best Turntables Best Noise Cancelling Headphones Best Wireless Earbuds Best Office Chairs Best Camera Best Dash Cam Best Drones Best Robot Vacuums Close Please login or signup to comment Please wait... Login Sign Up
← Back to stories