As the EU Council heads to vote on the so-called “Chat Control” law, Germany could prove the deciding factor.
Put forward by Denmark, the law would essentially eliminate encrypted messaging, requiring services such as Telegram, WhatsApp and Signal to allow regulators to screen messages before they are encrypted and sent.
Legislators from 15 member states of the EU have indicated support for the bill, but those countries do not constitute at least 65% of the EU population, meaning they need additional support.
Germany has been on the fence about supporting the law, and it could deal a major blow to privacy in Europe if it decides to support it.
EU Chat Control bill aims to fight child abuse
The Regulation to Prevent and Combat Child Sexual Abuse (CSA), or “Chat Control” regulation, was first introduced by then-European Commissioner for Home Affairs Ylva Johansson in 2022. It aims to fight the spread of online child sexual abuse material (CSAM) through, among other things, screening messages before they are encrypted. The law has previously failed to achieve the support necessary to move forward.
On July 1, the first day of Denmark’s presidency of the Council of the European Union (EU Council), the country said the directive would receive “high priority.”
Since the beginning of Denmark’s six-month presidency of the council, member states have been solidifying their positions, which they are expected to finalize before a meeting on Sept. 12 and an eventual vote on Oct. 14.
The supporting block needs more support to comprise 65% of the EU population and obtain a qualified majority. Six countries remain undecided, according to Fight Chat Control, an activist group opposed to the regulation:
-
Estonia
-
Germany
-
Greece
-
Luxembourg
-
Romania
-
Slovenia.
Among these countries, Germany is necessary to sway the outcome of the EU Council vote. Its 83 million citizens would bring the population of countries supporting Chat Control to some 322 million, or 71% of the EU. The other five countries combined, even if they voted in support, do not make up a large enough segment of the population.
Related: EU proposal to scan all private messages gains momentum
Per Fight Chat Control, many German members of the European Parliament (MEPs) oppose the draft law. Citing documents from a July 11 meeting leaked to German publication Netzpolitik.org, it found opposition to Chat Control across the political spectrum. MEPs from the Bündnis 90/Die Grünen and Alternative für Deutschland — respectively representing the center-left and far-right of German opposition politics — oppose Chat Control.
However, an equally large number of parliamentarians from the ruling Social Democrats, Christian Democrats and Social Democratic Union of Bavaria are reportedly uncommitted.
Some are concerned that these uncommitted lawmakers could be inclined to take existing German law and apply it to the entire EU.
Germany already has laws that allow police to circumvent encryption used by popular messaging platforms like WhatsApp and Signal. In 2021, the Bundestag amended laws to allow the police to intercept communications of “persons against whom no suspicion of a crime has yet been established and therefore no criminal procedure measure can yet be ordered.”
Software developer and privacy rights advocate Jikra Knesl said, “A form of ChatControl already exists in Germany. Companies like Meta are sharing their reports with the police.”
If expanded to the entire EU, it could affect “millions of innocent people whose homes might be searched even when they did nothing wrong,” he said.
Civil society mobilizes against Chat Control
As the decision draws closer, civil rights groups, activists and even European parliamentarians have been speaking out against Chat Control.
Emmanouil Fragkos, an MEP for the right-wing Greek Solution party, submitted a parliamentary question about Chat Control in July. He said that a review of the law “raised new, grave concerns about the respect of fundamental rights in the EU.”
Oliver Laas, a junior lecturer of philosophy at Tallinn University, wrote in an op-ed on Monday that laws like Chat Control “are laying the groundwork in the present for a potential democratic backslide.”
“In a world that is slowly but surely becoming more authoritarian, individuals are not protected by the state’s surveillance capabilities being reined in by law — they are protected by the absence of such capabilities altogether,” he said.
Another point of contention is the impact Chat Control could have on the efficacy of encryption technology.
Fragkos said that creating mandatory gaps in encryption would “create security gaps open to exploitation by cybercriminals, rival states and terrorist organisations.”
The FZI Research Center for Information Technology, a nonprofit organization for IT research, released a position paper opposing Chat Control last year. It acknowledged that the goal of the law is undisputed, but Chat Control’s implementation would both weaken user rights to privacy and the efficacy of encryption technology itself.
Sascha Mann, policy shaper for digitalization and digital rights at Volt Europa — a federalist, pan-European political party in the European Parliament — also questioned the efficacy of Chat Control.
“Besides the issues of privacy and consent, chat control may even hinder law enforcement efforts to effectively fight sexual abuse,” he said. The sheer volume of content sent by messengers in the EU would “result in an abundance of false positives that would eat up law enforcement resources.”
Some 400 scientists from global research institutions confirmed this problem of false positives in an open letter signed this morning.
“Existing research confirms that state-of-the-art detectors would yield unacceptably high false positive and false negative rates, making them unsuitable for large-scale detection campaigns at the scale of hundreds of millions of users as required by the proposed regulation,” the letter read.
Mann suggested it would be better for the EU to implement solutions suggested by organizations fighting CSA. These included deleting CSA materials online after an investigation and increasing law enforcement resources.
On Friday, Europe will see whether these concerns are enough to convince undecided MEPs and chart the future for digital privacy, or lack thereof, in the EU.
Magazine: Can Robinhood or Kraken’s tokenized stocks ever be truly decentralized?
