According to TechRadar, EU lawmakers met on November 12 to discuss the revised Chat Control bill following a November 5 meeting where it received “broad support without any dissenting votes.” The new proposal removes mandatory detection obligations and makes CSAM scanning voluntary for messaging services, appearing to address three years of opposition. However, digital rights jurist Patrick Breyer calls it “a political deception of the highest order” because Article 4 includes a loophole requiring “all appropriate risk mitigation measures” for high-risk services. This could effectively make client-side scanning mandatory, breaking the encryption used by services like Signal and WhatsApp. The compromise also expands monitoring from multimedia to private chat texts and metadata.
The Voluntary Trap
Here’s the thing about “voluntary” scanning – it’s never really voluntary when there’s a gun to your head. The new proposal sounds reasonable on the surface, right? Services can choose whether to scan. But that Article 4 loophole is basically a backdoor mandate. When they define “high-risk services,” who gets to decide what qualifies? And once you’re on that list, you’re suddenly required to implement scanning that breaks end-to-end encryption.
I think we’ve seen this movie before. Governments start with “voluntary” measures that gradually become de facto requirements. Breyer isn’t exaggerating when he says this could mean client-side scanning on our smartphones becoming mandatory. That’s the technology that scans your messages before they’re even encrypted. So much for privacy.
worse-than-before”>Worse Than Before
Now here’s what really gets me – this version actually expands surveillance beyond the original proposal. The discarded version focused on AI-powered monitoring of shared multimedia like photos and videos. This new compromise? It includes scanning private chat texts and metadata too. So they’re not just backing down from the public outcry – they’re actually pushing for more invasive monitoring.
Breyer’s warning that “the public is being played for fools” seems pretty accurate. Germany, the Netherlands, Poland, and Austria already said no to indiscriminate Chat Control. So now it’s coming back through what Tuta accurately calls “the back door.” When several member states reject something outright, you’d think that would be the end of it. But apparently not.
What’s Next
So where does this leave us? The Law Enforcement Working Party met today, and we’re waiting to see the outcomes. But the fact that this got “broad support” on November 5 without needing further changes suggests it’s moving forward quickly. That’s concerning because once these surveillance mechanisms are in place, they rarely get removed.
Look, everyone wants to protect children from abuse. That’s not the debate. The problem is creating systems that break fundamental privacy protections for everyone. Once you break encryption, you don’t just open doors for law enforcement – you create vulnerabilities that criminals and hostile governments can exploit too. It’s like solving a burglary problem by requiring everyone to leave their keys under the mat.
The fight isn’t over, but it’s definitely entering a more dangerous phase. When surveillance measures get rebranded as “voluntary” while containing mandatory backdoors, that’s when we need to pay the closest attention.
