← Back to blog

Chat control 1.0 has renewed till 2028

Chat control is a EU rule that wants to mass scan all private comunications including E2E encrypted ones


What is Chat Control?

Chat control is an EU proposal that was temporarily accepted on its version 1.0. This rule allowed tech companies to voluntarily scan unencrypted messages (Discord, Gmail…) for child sexual abuse material (CSAM) and it expired on April 2026. After that the version 2.0 was proposed and it was way worse as it wanted to implement this mass surveillance on E2E encrypted comunications. This breaks the point of E2E encryption and since it’s on the client it can probably be bypassed in some way. This proposal also violates fundamental privacy rights of all European citizens and we need to stop this.

The procedural loop hole to extend 1.0

The proposal was voted just before the holidays and many representatives where already on holidays, that helped pass the law as the opposition fell short on votes (314 for no vs. 276 for yes). Even with a majority of NO the law was renewed due to not being able to reach the 361 threshold. Seeing that many people voted to renew the 1.0 versions show that finding enough votes to reach the majority and reject the 2.0 proposal is going to be hard.

Chat control 2.0

The second version is proposed as a permanent law unlike the past version and will be a mandatory scanning while on 1.0 it was optional, the company operating the service decided to do it or not. Since this version will apply to E2E encryption on all messages, no search warrant needed, they will have access to EVERYTHING you say and send. How can we be sure that unauthorized people aren’t reading our private messages? Because they say it will be secure. The funny part? Politicians, police and other goverment comunications won’t be scanned because they are handling sensitive information and it would be a security hole, so how its going to be secure for 450 million people but not for goverment comunications? If governments cannot even hold our drivers license data (DGT in spain leaked the data of more than 34 million people) how are they going to keep secure all our comunications? It’s insane that the EU tries to protect the privacy of its citizens and then has proposals like this one

What can we do about it?

There’s a website called fight chat control where people can easily send an email to all of the representatives of their country asking to reject the proposal, the web also shows information about the current votes on the proposals by country and representative. The website is updated regularly with new information about the state of both proposals.