Green light for child abuse? EU won’t extend controversial Chat Control measure
The European Parliament has voted against extending a temporary measure allowing service providers to scan private communications for child sexual abuse material (CSAM).
The Parliament voted not to prolong an existing derogation of the ePrivacy Directive, known as Chat Control,” which allows messaging services and platforms like Meta, Google, and LinkedIn to scan communications to identify and report illegal content.
The temporary measure was adopted while negotiations continue on a long-term legal framework to prevent and combat CSAM. The derogation will expire after April 3rd, 2026, if no other solution is found.
The Parliament’s position, adopted on March 11th, 2026, favored extending the measures until August 2027 – a shorter period than the European Commission proposed – with a narrower scope.
The Computer & Communications Industry Association (CCIA Europe) issued a statement saying that the end of the regulation leaves online platforms in a legal vacuum.
“In the immediate future, we urgently need assurances from regulators that online platforms that continue detecting and reporting CSAM will not be penalized for non-compliance with the ePrivacy Directive until lawmakers rapidly agree on a clear solution,” the statement reads.
The European Child sexual abuse Legislation Advocacy Group (ECLAG) slammed the failure to extend the derogation, calling it “a deeply alarming and irresponsible step backwards for child protection.”
“The risks are not theoretical. During the previous lapse in the legal framework in 2021, reports of child sexual abuse material dropped by 58%, not because abuse decreased, but because detection efforts could no longer function effectively,” the ECLAG’s statement reads.
User privacy vs protection of children
The measure has been controversial, as it raised concerns that platforms could use it to conduct mass surveillance.
Moreover, there may be a fine line between the actual abuse material and child images shared for other purposes.
For instance, when a US man took pictures of his son’s inflamed groin to send them to a doctor for a diagnosis, the images were identified as CSAM, resulting in him losing all his Gmail and other Google accounts and a long battle to retrieve them.
The Commission's 2025 report states that materials automatically flagged as possible CSAM are overwhelmingly confirmed as such during human review, with false-positive rates as low as 1 in 50 billion for some tools.
However, it concludes that the data are insufficient to determine whether the measure achieves the balance sought between combating crime and protecting children’s rights, and safeguarding the fundamental rights of users, such as privacy and personal data protection.
At the same time, the increasing use of AI opens new avenues for child abuse online.
The Internet Watch Foundation (IWF) has urged the EU to preserve the detection systems that protect children, warning that child sex abuse material, including AI-generated, will be able to circulate unchecked after April 3rd.
The IWF said, “Unless negotiators return to the table, the EU has effectively given the green light to uploading, sharing, and seeking AI images and videos depicting the sexual abuse of children.”
Unlock more exclusive Cybernews content on YouTube.
