The EU Wants to Scan Your Chats
"Chat Control" — the colloquial name for the policy that is known officially in the European Union Council as E-003250/2025 — has been pushed since 2022. Though it has failed repeatedly to be passed, it has always returned with various tweaks. This time, it is back on the menu and set to be voted into law or not on October 14th, 2025.
Supporters of the proposal argue it is necessary to combat online child abuse, while some critics warn that it would mean “the death of anonymity and privacy.”
At a masterclass, led by 4 professors, entitled "Democracy and Technology: stakes for law and peace," at the Catholic University of Lille, a mic was passed around to students for questions; it made its way into the hands of a young woman seated in the front, who aimed her question specifically at a professor Malik, one of the four professors leading the class.
She asked, "Chat Control is about to be passed in the European Union Council. If it is, that seems like it would be the death of anonymity. What can we do?"
Professor Malik Bozzo-Rey is a professor of Philosophy and Ethics at the University, as well as a fellow at Science Po Law School and University College London’s Bentham project. Unlike his enthusiastic presentation half an hour prior, his answer was blunt and taciturn.
He responded, "Chat Control would be the death of anonymity and privacy. Which is a loss of humanity. What can we do? Don’t use WhatsApp or social media ... like I said earlier, we did not consent to any of this. There will always be ways to find tools to create privacy."
What does it aim to stop and how does it aim to do so?
Chat Control is officially aimed at stopping and preventing child exploitation. It aims to do this by breaking end-to-end encryption, such as WhatsApp, Signal, Proton Mail and other messaging providers. It would require messaging providers to scan all — that’s right, all — content in every message, text or email of every EU citizen, prior to its encryption, to check for any illegal material. The law, however, will not apply to EU politicians, according to the ‘Confidential Information’ clause in Article 1 (2A) of the law’s proposal, where it explicitly states that the law will not apply to "professional government accounts or parts of the services used for national security purposes, maintaining law and order or military purposes." But for everybody else — including anyone who is messaging an EU citizen — those messages are fair game to be scanned.
The EU Parliament has raised concerns regarding what effects the nature of the law will have on privacy. The law amounts to mass surveillance. Everyone wants a safer world and a safer internet for children. But this law would eradicate any citizen’s right to privacy (barring politicians) immediately. Additionally, this law is a direct violation, at face value, of core principles of the EU Human Rights Articles 7 & 8.:
"No punishment without law: the principle that only the law can define a crime and prescribe a penalty."
"1. Everyone has the right to the protection of personal data concerning him or her.
2. Such data must be processed fairly for specified purposes and on the basis of the consent of the person concerned or some other legitimate basis laid down by law. Everyone has the right of access to data which has been collected concerning him or her, and the right to have it rectified."
Why Is It Important?
Really, the intent of the law has nothing to do with you. Critics argue that the proposal risks using child protection as a justification for broad surveillance powers. But, if the law comes into effect, the EU (and your messaging provider) will have access to ALL your messages and data: that sensitive information about your health; the tricky, embarrassing case details between you and your lawyer; private, precious conversations between you, your family and your friends; intimate photos between significant others, and on and on. All of it will be scanned, stored and processed by AI first, and if it’s flagged for any reason, then some bureaucrat or police officer in an EU office.
There are many reasons why this law should not be passed; moral, technical and legal among the most salient. Privacy advocacy experts at Fight Chat Control broke down each of said reasons:
- It’s Mass Surveillance, it sets a precedent for all authoritarian regimes worldwide and is extremely dangerous for lawyers, human rights workers, journalists, activists, and many others who rely on encryption to stay safe and do their professional work, etc..
- It breaks end-to-end encryption, which exposes your data — medical, financial, and private — to hackers, criminals and hostile actors.
- It undermines democracy and human rights, as seen in Articles 7 & 8 of the EU Charter.
- Automated AI scanners routinely misidentify data as "suspicious" — such as vacation photos or jokes, taken out of context — putting ordinary people at risk for false accusations and damaging investigations.
- It’s an ineffective form of child protection. Child protection experts (including the UN) state that mass surveillance fails to prevent abuse, weakens security for everyone and diverts resources from proven measures.
What Can Be Done?
Unfortunately, it’s already late in the game. The vote was scheduled for Wednesday, October 14, 2025. The vote was delayed due to Germany's opposition, causing the support to no longer hold the majority. A new date has not been scheduled. As of today, nine member states oppose it, 12 states support it and six are undecided.
Campaign groups such as Fight Chat Control and EDRi are urging EU citizens to contact their MEPs. You can do this easily and quickly through the FCC’s website. There is a pre-formulated template message available for you. It’s not too late to demand that your rights, privacy and democracy be protected. Here are some other advocacy and campaign resources to help you protect your privacy, rights and hold politicians accountable:
