TZUTC: -0500   
   MSGID: 1491.consprcy@1:2320/105 2d296bfd   
   PID: Synchronet 3.21a-Linux master/123f2d28a Jul 12 2025 GCC 12.2.0   
   TID: SBBSecho 3.28-Linux master/123f2d28a Jul 12 2025 GCC 12.2.0   
   BBSID: CAPCITY2   
   CHRS: ASCII 1   
   FORMAT: flowed   
   The EU has never been closer to agreeing on the scanning of your private    
   chats -- but how did we get here?   
      
   Date:   
   Thu, 11 Sep 2025 17:00:00 +0000   
      
   Description:   
   After several proposals, the Danish version of Chat Control is thought to    
   have the best chances of becoming law since 2022, with a crucial meeting set   
   for September 12.   
      
   FULL STORY   
   ======================================================================   
      
   On Friday, September 12, 2025, EU Council members are asked to share their   
   final position on the controversial child sexual abuse (CSAM) scanning bill.    
      
   It's been a long ride, started in May 2022, when the EU Commission first   
   unveiled its Child Sexual Abuse Regulation (CSAR) proposal. The goal is   
   ambitious  to make the online environment safer for kids by preventing the   
   sharing of child sexual abuse material. Yet, the proposed system for how to    
   do that, meaning the scanning of private messages, has sparked a strong    
   debate among political ranks and the tech industry alike.    
      
   Three years after failing to reach an agreement, the Danish Presidency   
   unveiled the latest iteration of what's become known as Chat Control on July   
   1, 2025. For the first time, lawmakers appear to be close to getting the   
   majority of countries on board. At the time of writing, 15 countries already   
   support the proposal, six are undecided, and only six are against.    
      
   The Danish proposal introduces new obligations for all messaging services   
   operating in Europe to scan users' chats  even if they're encrypted  in the   
   search for both known and unknown CSAM material.    
      
   Crucially, the mandatory scanning is expected to occur directly on the device   
   before messages get encrypted, targeting shared URLs, pictures, and videos.   
   Only governments and military accounts are excluded from the scope of the   
   bill.    
      
   While acknowledging some of the improvements the Danish version has made, on   
   Tuesday (September 9), over 500 cryptography scientists and researchers    
   signed a letter to warn the EU Council of the risks of agreeing to the   
   proposal in its current form. This is the third time since 2022 that experts   
   have urged against mandatory chat scanning. So, how did we get here? And   
   what's at stake?   
      
   Three years of failed attempts   
      
   As mentioned earlier, the EU Council has so far failed to craft a bill that   
   could attract the necessary majority for submission to the Parliament for   
   negotiations. Over a period of more than three years, various proposals have   
   been made, as Presidency after presidency attempted to find a compromise that   
   could work for most countries.    
      
   As per its first version, all messaging software providers would be required   
   to perform indiscriminate scanning of private messages to look for CSAM. The   
   backlash was strong, with the European Court of Human Rights proceeding to    
   ban all legal efforts to weaken the encryption of secure communications in   
   Europe.    
      
   In June 2024, Belgium proposed a new, more compromising text to target only   
   shared photos, videos, and URLs, with users' permission. In February 2025,   
   Poland tried to find a better compromise by making encrypted chat scanning   
   voluntary and classified as "prevention."    
      
   Fast forward to July 2025, Denmark reintroduced Chat Control as a top   
   legislative priority on its first day of Presidency. While keeping the    
   Belgian approach of limiting scanning to URLs and multimedia files, many   
   experts feel that the text goes back to where it started  it reintroduces the   
   indiscriminate scanning of unknown CSAM material, too.    
      
   That's most likely why former MEP for the German Pirate Party and digital   
   rights jurist, Patrick Breyer, deemed the Danish proposal the "more radical   
   version" so far, warning against the "intrusive and unreliable scanning" that   
   the law will create. Other experts who talked to TechRadar also agree that,    
   as it stands, the regulation is too far-reaching and likely ineffective.    
      
   Defining between consensual and non-consensual abuse material is challenging,   
   in fact, and even AI detection tech won't help against false positives. Also,   
   limiting the scanning to a certain part of the private messages could allow   
   criminals to easily bypass detection, ultimately creating a false sense of   
   security for both parents and children.    
      
   All of this, while irremediably breaking encryption for all. As Bart Preenel,   
   a Belgian cryptographer, professor at Leuven University, and signatory of the   
   September 9 open letter, explains, while the Danish proposal mentions the   
   commitment to preserve end-to-end encryption protections, that technology   
   simply does not exist.    
      
   "[Lawmakers] try to deny it, but encryption means that only the sender and   
   receiver can see the message. If anybody has looked at it [even before    
   getting encrypted], then you destroy the value offered by the encryption,"   
   Preenel told TechRadar.   
      
   Why breaking encryption is a bad idea    
      
    Encryption refers to the technical infrastructure that scrambles our online   
   communications to prevent unauthorized access.    
      
   Encrypted messaging apps like Signal or WhatsApp, secure email providers like   
   Proton Mail and Tuta , and the best VPN services all rely on end-to-end   
   encryption to ensure our communications remain private between the sender and   
   the receiver  end-to-end.    
      
   Law enforcement bodies, however, have long argued that this level of   
   protection is an obstacle during investigations and have been pushing to   
   create an encryption backdoor (in and out of the EU) for years.    
      
   Digital rights experts, cryptographers, and technologists keep fighting back   
   against this idea, though, warning that a backdoor could cause more harm than   
   good. Do you know? (Image credit: Tuta) German encrypted mail provider, Tuta,   
   is ready to drag the EU into Court if the controversial Danish CSAM scanning   
   bill becomes law. "We will not stand by while the EU destroys encryption,"   
   says Matthias Pfau, CEO of Tuta Mail.    
      
   Talking to TechRadar, Director of Government Affairs and Advocacy at the   
   Internet Society, Callum Voge, explains that the proposed "client-side   
   scanning" system would not only violate people's right to privacy and   
   confidentiality, but also inevitably introduce new vulnerabilities that both   
   law enforcement and cybercriminals will be able to exploit.    
      
   "This is a very big threat to national security in the EU. A weakness that    
   the EU should not be creating at all," said Voge. "Given the current   
   geopolitical situation, we think governments should really be encouraging    
   more encryption, not trying to weaken it, or undermine it."    
      
   He's certainly not alone in feeling this way. Both the Swedish Armed Forces   
   and the Netherlands Intelligence Agency have stressed that circumventing   
   encryption creates too great a national security risk, arguing that hostile   
   nations would exploit new technologies to attack European users. Yet, while   
   the Netherlands is currently opposing the bill in the Council, Sweden is    
   among the supporters.    
      
   "What's very telling of the Danish proposal is that government and military   
   accounts are exempt from scanning. So, clearly [lawmakers] understand there's   
   a security risk, but they think that risk is acceptable for the public but    
   not acceptable for themselves," Voge added.    
      
   Beyond national security, concerns include the potential for indiscriminate   
   surveillance against all EU citizens.    
      
   As Voge puts it, "If breaking encryption is like a letter going to the post   
   office and someone rips it open and reads what's inside, then client-side   
   scanning is like someone reads the letter over your shoulder as you write it.   
   Crucially, once the system is created, it's very easy to expand it to scan    
   for anything you want."   
      
   Friday is the day EU members need to share their final positions on the    
   Danish Chat Control proposals. Another meeting with the EU Justice Minister    
   is also set for October 14, but that's just a formal sign-off, with the   
   country's positions expected to remain unchanged.    
      
   If successful, the CSAR bill will finally land in the European Parliament to   
   be discussed as part of the trilogue negotiations, alongside the EU Council   
   and Commission.    
      
   Despite the list of countries opposing the law growing , support for Chat   
   Control remains strong, with 15 countries supporting the proposal (including   
   crucial members like France, Italy, and Spain) against six opposing the law   
   (Austria, Belgium, the Czech Republic, Finland, the Netherlands, and Poland),   
   and six still undecided (Germany, Estonia, Greece, Luxembourg, Romania, and   
   Slovenia), according to the latest data.    
      
   Among the latter group, Germany is thought to be the deciding factor  and    
   it's making Chat Control's critics worried.    
      
   As Voge from the Internet Society explains, Germany is key because there's a   
   new government in charge. The previous government was indeed very   
   pro-encryption  seeking to make encryption a legal right at home, while   
   strongly opposing mandatory scanning in the block. Yet, the new    
   administration "is giving very mixed messages and no one can definitively say   
   what's going to happen on Friday," Voge added.    
      
   What's certain, however, is that the Chat Control is far from being the only   
   proposal threatening encryption protections in the EU.    
      
   Commenting on this point, Preenel told TechRadar: "There is enormous pressure   
   to get access to encrypted data: it's not only the CSAM case, there is also   
   the ProtectEU document. That's the real debate, and I think that CSAM is used   
   as an excuse to open the door."   
   ======================================================================   
   Link to news story:   
   https://www.techradar.com/vpn/vpn-privacy-security/the-eu-has-never-been-close   
   r-to-agreeing-on-the-scanning-of-your-private-chats-but-how-did-we-get-here   
   $$   
   --- SBBSecho 3.28-Linux   
    * Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)   
   SEEN-BY: 105/81 106/201 128/187 129/14 305 153/7715 154/110 218/700   
   SEEN-BY: 226/30 227/114 229/110 111 206 300 307 317 400 426 428 470   
   SEEN-BY: 229/664 700 705 266/512 291/111 320/219 322/757 342/200 396/45   
   SEEN-BY: 460/58 712/848 902/26 2320/0 105 304 3634/12 5075/35   
   PATH: 2320/105 229/426