How the EU Kept Chat Control Alive

The extension of the Chat Control exemption despite earlier parliamentary opposition has reignited debate over privacy, legislative procedure and the limits of democratic decision-making within the European Union.

The debate around Chat Control has become one of the European Union\'s most controversial battles over digital privacy and legislative procedure.

The debate around Chat Control has become one of the European Union\'s most controversial battles over digital privacy and legislative procedure. Photo: Statement/Midjourney

European institutions have tried for several years to introduce legislation commonly known as "Chat Control". The proposal continues to face significant opposition because critics argue that it would enable unprecedented surveillance of private communications across the European Union.

Supporters say the regulation is intended to combat child sexual abuse online. However, it would require technology providers to scan private messages before they are sent to determine whether they contain illegal material. If implemented in its original form, meaningful privacy in digital communications would largely disappear, even for encrypted messaging services.

Keep Voting Until Chat Control Passes

You might be interested Keep Voting Until Chat Control Passes

Monitoring Almost Everyone

One of the more controversial aspects of the proposal is that certain categories of communications would remain exempt from the scanning requirements, including some involving the military, security services and EU institutions. Critics argue that this creates an obvious contradiction. While ordinary citizens would face increased monitoring, certain official communications would remain protected.

The European Parliament previously rejected mandatory, blanket monitoring and instead approved a significantly watered-down version of Chat Control 1.0. Under that compromise, technology companies could voluntarily detect and report child sexual abuse material for a limited period rather than being required to do so.

The member states ultimately agreed to this compromise after the Danish presidency of the EU Council secured sufficient support, including from Germany, which had previously opposed the proposal. At the same time, negotiations continued on a permanent legislative framework often referred to as "Chat Control 2.0" that would revive many of the original provisions.

Parliament Rejected an Extension

Rather than introducing mandatory scanning immediately, the EU temporarily relied on an exemption from privacy legislation that allowed technology companies to voluntarily detect and report child sexual abuse material until 3 April 2026.

In March 2026, however, the European Parliament voted against extending that exemption. The proposal received 311 votes against, 228 in favor and 92 abstentions.

Technology companies and child protection organizations warned that, without the exemption, platforms would lose their legal basis for voluntarily detecting and reporting child sexual abuse material. The Council of the European Union subsequently sought to restore the voluntary regime but failed to reach agreement with Parliament during the first reading.

Fears Grow EU Set to Clamp Down on VPNs

You might be interested Fears Grow EU Set to Clamp Down on VPNs

How the Proposal Returned

Despite Parliament's earlier rejection, the temporary exemption was ultimately reinstated and extended until 3 April 2028. Although more MEPs voted against the proposal than in favor of it, the measure nevertheless survived.

The reason lies in the legislative procedure used by the Council of the European Union. After Parliament rejected the proposal in its first reading, the Council adopted its own position and returned it to Parliament as an amended version of the legislation. Critics argue that the changes were largely procedural rather than substantive, but they were sufficient to trigger a second parliamentary reading. That procedural step significantly altered the voting threshold.

During a first reading, legislation can generally be rejected by a simple majority of those voting. In a second reading, however, rejecting the Council's position requires an absolute majority of all members of the European Parliament at least 361 votes.

In the second reading, 314 MEPs voted against the proposal, 276 supported it and 17 abstained. Although opponents outnumbered supporters, they fell short of the 361 votes required to reject the measure. As a result, the exemption remained in force.

Identity Checks at the Gates of the Internet

You might be interested Identity Checks at the Gates of the Internet

The Role of the Urgent Procedure

Another important factor was the European Parliament's use of the urgent legislative procedure.

This procedure is normally reserved for exceptional circumstances requiring a rapid legislative response. Requests from either the European Commission or the Council must be justified, typically by reference to legal deadlines or urgent developments.

A rough comparison would be Slovakia's expedited legislative procedure, which is intended for genuine emergencies.

In this case, urgency was justified by the need to preserve the legal framework allowing companies to continue voluntarily detecting child sexual abuse material after the previous exemption expired on 3 April 2026. Without replacement legislation, platforms would no longer have a specific legal basis for carrying out those activities.

Opponents questioned whether the urgent procedure was appropriate. The expiration date had been known for years, they argued, and the resulting legal vacuum stemmed from unsuccessful political negotiations rather than an unforeseen emergency.

EU Digital Identity Fuels Surveillance Fears

You might be interested EU Digital Identity Fuels Surveillance Fears

A Question of Parliamentary Procedure

Whether the use of the urgent procedure was justified remains a matter of political interpretation. Supporters argue that preserving the legal framework for detecting child sexual abuse material justified rapid legislative action. Critics counter that the Council effectively revived legislation Parliament had already rejected by making procedural amendments and returning it under rules that required a significantly higher threshold to block it.

Because opponents failed to secure the required absolute majority, the temporary exemption remains in force. The controversy therefore extends beyond the substance of Chat Control itself. It also concerns how procedural rules can shape legislative outcomes, particularly when different voting thresholds apply at different stages of the process.

Critics also continue to argue that allowing private companies to scan communications even voluntarily and for the purpose of detecting child sexual abuse material raises significant questions about privacy, oversight and accountability. They ask who ultimately oversees these systems, how errors are corrected and what safeguards exist to prevent abuse.

France’s Fight Over Encrypted Chats Flares Up Again

You might be interested France’s Fight Over Encrypted Chats Flares Up Again

A Broader Debate About Democracy

For many opponents, the controversy extends beyond digital privacy. They argue that the episode illustrates a broader trend within the European Union in which procedural mechanisms can allow legislation to advance despite majority opposition in an earlier parliamentary vote.

Supporters of the legislation reject that interpretation, noting that the second reading followed the procedures established by the EU treaties and Parliament's own rules.

The debate therefore raises a broader constitutional question: when legislative procedures produce an outcome that differs from an earlier majority vote, should the result be viewed as a flaw in democratic accountability or simply as the normal operation of parliamentary law?