EU Blocks Chat Control Again as Lawmakers Remove Mandatory Message Scanning

What Just Happened With the EU’s Controversial Chat Control Proposal?

The European Union’s attempt to mandate scanning of private messages has stalled again, marking another reversal for the bloc’s proposed “Chat Control” legislation and a significant win for digital rights groups. The latest draft of the Regulation to Prevent and Combat Child Sexual Abuse removed language that activists said would have enabled a backdoor for mandatory client-side message scanning.

German digital rights advocate and Pirate Party Germany lawmaker Patrick Breyer flagged the change in a November 15 post, noting that a new line added under the Danish Presidency of the Council of the EU stated: “Nothing in this Regulation should be understood as imposing any detection obligations on providers.”

Breyer and other critics have argued that earlier drafts used vague wording about “all possible risk mitigation measures,” which could later be interpreted to force companies to deploy device-level scanning systems. These systems would check messages — including encrypted ones — before users could send them.

While the backdoor clause has been removed, Breyer warned the public not to view it as a complete victory, describing earlier changes as “political deception of the highest order.” Denmark’s draft had simultaneously softened some scanning obligations while slipping in wording that allowed those identical obligations to reappear through indirect means.

Investor Takeaway

What Risks Still Remain in the Current Version of the Bill?

Removing mandatory scanning does not eliminate all concerns. Breyer emphasized that the proposal still includes two privacy:

1. Anonymous communication could become impossible.
   The bill still contains age-verification requirements for messaging platforms that would effectively eliminate anonymous email and messenger accounts. Critics argue this would disproportionately harm teens and vulnerable groups, while also exposing users to new privacy risks.
2. Voluntary mass scanning remains allowed.
   Service providers may still choose to scan . Privacy groups warn that “voluntary” scanning could become de facto mandatory under regulatory pressure or industry standard-setting.

The legislative process is ongoing. On November 19, the Committee of the Permanent Representatives of the Governments of the Member States to the EU (COREPER II) is expected to endorse the draft as a “non-discussion” item. later than that, the bill moves to a Council of Ministers meeting, where it could be adopted without debate unless a minister intervenes.

Meanwhile, many unencrypted services — including Gmail, Facebook, Instagram, Skype, Snapchat, iCloud email and Xbox — already run voluntary scanning systems. The European Commission believes mandatory scanning would increase the number of reportable cases by a factor of 3.5.

Why the Crypto and Privacy Community views This as Part of a largeger Battle

The push to scan private messages touches the core of the privacy and encryption debate — a conflict that stretches back decades. Modern cryptocurrencies, including BTC, are direct descendants of the cypherpunk movement of the 1980s and 1990s, which championed strong encryption as a tool for individual freedom.

The cited work by British cryptographer Adam Back, a leading cypherpunk. Back famously assisted protest U.S. cryptography restrictions by printing encrypted code on T-shirts labeled as “munitions,” highlighting the absurdity of export