Wow - things moved even faster than expected. Another quick update on EU “ChatControl” 🇪🇺 Only a week ago (see post below), it looked like a full reversal: ➡️ No agreement between Council and Parliament → legal basis for voluntary scanning expiring April 3 ➡️ Platforms would have had to stop scanning altogether (even voluntarily) A big win for privacy advocates. Now that’s changed - again. An emergency vote in the European Parliament today (March 26) is set to extend the current regime (“ChatControl 1.0”). What’s being voted on? Not the controversial mandatory scanning proposal (“ChatControl 2.0”) debated last year. Instead: ➡️ Extending the existing voluntary scanning framework (incl. ePrivacy exemption) ➡️ Avoiding a legal vacuum from April 3 ➡️ Buying time for negotiations on a permanent solution What’s new? Parliament added safeguards: • No indiscriminate mass scanning • “Targeted” detection with oversight • No obligation to break encryption But the tricky part: key concepts remain unclear. Especially what “targeted” means. On paper → limits mass surveillance In practice → could still allow broad voluntary scanning The vote is imminent and will likely get a majority. What’s next? ➡️ Trilogues between Parliament, Council (EU Member States), and Commission ➡️ Member States remain more supportive of broader scanning powers Bottom line Another fast turn in EU tech policy - and the privacy win from last week is already outdated. Even if adopted today, this is only a temporary extension (likely until ~2027). The real privacy battle is still ahead: negotiating the permanent framework.
