Skip to content
Chimera readability score 80 out of 100, Expert reading level.

Today, 9 July, the European Parliament voted to revive the interim derogation from the ePrivacy Directive, commonly known as “Chat Control 1.0” (Regulation (EU) 2021/1232), which provides the legal basis for the voluntary, indiscriminate scanning of private communications for known and new Child Sexual Abuse Material (CSAM), and for the solicitation of children.
This vote is the outcome of an urgent procedure to revive and fast-track virtually the same derogation that Parliament had already rejected in March. These highly politicised procedural efforts, urged by European President Roberta Metsola, have been described by diplomats, experts and media as an “unprecedented move”, heavily criticised for overstepping Parliament’s own mandate and previous vote.
The Timing of this Procedural Manoeuvre is Specific
The voting day, Thursday, was the last sitting day before the summer recess, and because the file has been framed as a second reading, stopping it required an absolute majority of Parliament’s full membership (361 votes) rather than a simple majority of those present. Falling short of that threshold meant the Council’s text passed automatically, with no active endorsement required. Notably, a simple majority was reached both on the first vote on the rejection and on the final vote on the rejection of the text as amended. The vote demonstrated considerable opposition to the proposal, but votes fell short of the higher threshold required under the urgency procedure, which was compounded by reduced attendance ahead of the summer recess. Importantly, although only two amendments were adopted, they ensured the protection of end-to-end encryption.
Jeopardising the Long-term Framework
This revival comes barely a week after the final trilogue on the Child Sexual Abuse Material Regulation (CSAR), the permanent framework for CSAM detection, concluded on 29 June without agreement, with talks set to resume after the summer. Whether scanning is voluntary or mandatory, it raises complex legal and technical questions that demand careful, evidence-based lawmaking, as highlighted by the CSAR negotiations. Reviving Chat Control 1.0 now risks undermining progress on CSAR.
The Evidence for Urgency is Lacking
The urgent procedure rests on the claim that unforeseen developments make this procedural route necessary. The evidence does not support that claim, not for the derogation itself nor for the urgency justification. The German Federal Police, which had previously warned of a “drastic decline” in CSAM reporting if the derogation expired, has since acknowledged there is no specific link between the expiration of the interim regulation and the number of reports received.
Just before the vote, as already done with the past vote in March, four European Commissioners wrote to MEPs ahead of the vote arguing that the derogation’s expiry would create an immediate and severe regulatory gap for online platforms. However, it is worth noting that the derogation was always designed as an exceptional, time-limited carve-out, not the legal basis for online child sexual abuse investigations as such. Moreover, its expiry has not created a legal loophole as even without it:
- Targeted telecommunications surveillance based on concrete suspicion and judicial authorisation remains fully permissible, as do production and preservation orders for electronic evidence under the EU’s e-evidence framework.
- Content hosted on platforms remains subject to existing removal and reporting channels: legal orders to expeditiously remove clearly illegal content (CSAM among the clearest examples), notice-and-action mechanisms, and dedicated CSAM-flagging channels for trusted flaggers under the Digital Services Act.
- Known, previously verified CSAM, in hosted environments, can still be identified through hash-matching, a tool that flags content for human review within narrowly defined parameters, without requiring the broader scanning regime the derogation authorises.
CDT Europe regrets and disagrees with both this vote and the procedural way in which it came about. CDT Europe has consistently supported the European Parliament’s efforts to reject Chat Control 1.0, first in March, and now against this renewed attempt under the guise of urgent procedure, and has engaged throughout the CSAR legislative process. We will continue working to ensure that any final framework rejects mass surveillance and while fully protecting end-to-end encryption. We call for a narrowly tailored and proportionate regulatory pathway that upholds fundamental rights, protects against indiscriminate mass-scanning models and expansive risk-mitigation mandates, and aligns with international human rights standards and the jurisprudence of the European Court of Human Rights.

Facts Only

* The European Parliament voted to revive the interim derogation from the ePrivacy Directive, “Chat Control 1.0” (Regulation (EU) 2021/1232).
* This derogation provides the legal basis for voluntary, indiscriminate scanning of private communications for CSAM and child solicitation.
* The vote took place on Thursday, the last sitting day before the summer recess.
* The procedure was framed as an urgent procedure to revive a derogation previously rejected in March.
* Stopping the file required an absolute majority of Parliament’s full membership (361 votes).
* The Council’s text passed automatically without active endorsement due to failing the higher threshold under the urgency procedure.
* Two amendments were adopted to ensure the protection of end-to-end encryption.
* The final trilogue on the CSAM Regulation concluded on June 29 without agreement.
* The German Federal Police acknowledged no specific link between the derogation's expiration and a decline in CSAM reporting.
* Existing legal mechanisms remain for targeted surveillance based on suspicion and e-evidence frameworks.
* Content hosted on platforms remains subject to existing removal channels and CSAM flagging.

Executive Summary

The European Parliament voted to revive the interim derogation from the ePrivacy Directive, known as “Chat Control 1.0,” which permits the voluntary and indiscriminate scanning of private communications for Child Sexual Abuse Material (CSAM) and child solicitation. This vote occurred on Thursday, the last sitting day before the summer recess, following an urgent procedure aimed at fast-tracking a measure previously rejected by Parliament in March. The procedural voting involved a threshold requiring an absolute majority of full membership (361 votes), which was not met, leading to automatic passage without active endorsement from the Council. Although two amendments were adopted ensuring end-to-end encryption protection, the move has drawn significant criticism from diplomats, experts, and the organization CDT Europe for potentially undermining the progress made on the permanent Child Sexual Abuse Material Regulation (CSAR).
The revival occurs shortly after discussions on the CSAR framework concluded without agreement, raising concerns about the legal and technical questions surrounding mandatory or voluntary scanning. The urgency justification lacks supporting evidence regarding unforeseen developments necessitating this specific procedural route. Furthermore, legal safeguards against mass surveillance remain available through existing mechanisms like targeted surveillance based on suspicion and e-evidence frameworks, alongside existing content removal channels and hash-matching for previously verified CSAM.

Full Take

The procedural maneuver surrounding the revival of Chat Control 1.0 raises significant questions about how urgent procedures interact with established legislative mandates, particularly when they involve broad surveillance powers. The fact that the urgency procedure was used, yet failed to meet a higher voting threshold, suggests a tension between perceived necessity and deliberative democratic process, especially given the context of reduced attendance preceding the summer recess. The failure of this procedural mechanism highlights a potential pattern where political urgency is leveraged to bypass careful legal scrutiny over foundational rights frameworks.
The risk identified—undermining the permanent framework of the CSAR—is not merely a technical disagreement but a strategic opportunity to decouple urgent, reactive measures from comprehensive, evidence-based lawmaking. The argument that mass scanning is necessary due to unforeseen developments struggles against the established counter-evidence demonstrating existing legal avenues for specific investigations and content management, such as targeted surveillance or hash-matching tools. This suggests a pattern where operational expediency is prioritized over establishing robust, proportionate regulatory boundaries for sensitive data.
What are the long-term implications if procedural urgency routinely overrides legislative deliberation on fundamental privacy rights? Who bears the cost when mass scanning regimes are implemented based on temporary justifications rather than comprehensive legal consensus? How can frameworks be constructed to ensure that technological responses maintain proportionality and align with international human rights jurisprudence, rather than creating new, unaccountable surveillance modalities? What alternatives exist for risk mitigation that do not rely on broad, indiscriminate data access?

Sentinel — Human

Confidence

The text reads like a statement of policy or advocacy, grounded in specific legal procedures, showing a human intent to analyze and critique recent political actions based on established frameworks.

Signals Detected
low severity: Moderate sentence length variance; shifts between narrative flow and dense legal exposition.
low severity: Strong thematic coherence focused on procedural history, legal implications, and ongoing framework negotiations.
low severity: The structure follows a logical progression (event -> context -> risk -> rebuttal), typical of advocacy/policy writing.
low severity: Specific legal references and named procedural steps suggest grounded, careful drafting rather than pure hallucination.
Human Indicators
Use of specific institutional references (e.g., Chat Control 1.0, CSAR, e-evidence framework) combined with expressed dissent from a named organization (CDT Europe) indicates an engaged stakeholder perspective.
The argument employs sophisticated rhetorical framing (urging against procedural manoeuvres) rather than purely descriptive reporting.
Return of Mass Scanning of Private Communications through Undemocratic Procedure — Arc Codex