The European Union is determined to invade your private messages by October 2025, using “child safety” as its excuse for blanket surveillance.
The so-called Chat Control aims to halt the spread of CSAM content online by scanning all communications, in particular encrypted ones. Since inception, the sweeping bill has faced scrutiny from privacy advocates, technologists and politicians alike.
The EU is the best example when it comes to this. The first law was introduced in 2022 called “Chat Control” aimed to combat CSAM. This law failed to progress due to heavy criticism from privacy advocates, yet the EU didn’t stop from doing it again pic.twitter.com/4YLLHQ6yTv
— Zeluvy 🐍🇷🇴 (@therealzeluvy) July 28, 2025
Experts have pointed to the fact that the proposed obligations would undermine encryption protections, security as well as basic privacy rights.
The technology used by the likes of Signal, ProtonMail and top VPNs essentially scrambles user messages into an unreadable format, preventing prying eyes from unauthorised access whilst guaranteeing that chats remain private, as they should.
In the first version, all messaging software providers would be obliged to perform indiscriminate scanning of private messages, or so-called ‘client-side scanning’. A strong backlash ensued, and eventually the European Court of Human Rights ended up banning efforts to weaken encryption of secure communications in Europe.
In June 2024, Belgium proposed to target shared photos, videos and URLs with user permission. This version did not pass either.
Fast-forward to February 2025 and Poland tried to make encrypted chat scanning a voluntary thing instead of mandatory. Whilst some experts found that this version showed ‘major progress’, the fact of the matter is that the risk of mass surveillance is simply too great.
And indeed, a bill born out of the desire to gain unrestricted access to personal data whilst cynically using child safety as an excuse couldn’t possibly have a happy ending, now could it?
In the latest efforts to undermine encryption, on June 24, 2025, the EU Commission published its ProtectEU strategy, which seeks to enable authorities to decrypt your private data by 2030.
Notably, this latest push comes in tandem with an entire salvo of laws peddling surveillance as security, the UK’s botched Online Safety Act being a prime example.
It’s almost as if policy-makers are determined to cloak their intentions in sanctimonious and moralising legal-speak, hoping you don’t make a fuss about having the rug pulled out from under you.
If you found this article useful, consider sharing it.