The European Parliament has once again given the green light for companies like Meta, Google or Microsoft to voluntarily track private conversations of its users looking for child sexual abuse material. The striking thing is that the decision is going to go ahead despite the fact that more MEPs have voted against it than in favor.
What has happened? The European Chamber voted this Thursday on the extension of the so-called “ePrivacy exception”, a temporary rule that allows (but does not require) messaging platforms to scan chats, emails and social networks to detect already identified child abuse content.
Although more deputies voted against this extension than in favor, the absolute majority of 361 votes necessary to overturn it has not been reached, so the rule remains in place until April 2028.
Without absolute majority. Since this is a second reading, it is not enough for the “no” to win. It is necessary for 361 of the 720 MEPs to expressly vote against to block the regulations. If that number is not reached, the proposal goes ahead by default, even if the votes in favor are fewer than the votes against. It’s just what has happened.
In detail. The original text, approved in 2021, had expired on April 3 after the European Parliament refused to extend it by 311 votes to 228, with 92 abstentions, according to collect Brussels Signal. To revive the proposal, the European People’s Party (EPP) resorted to an unusual emergency procedure, also promoted by the President of Parliament, Roberta Metsola, and by national governments.
This shortcut has allowed the text to be voted on again in the last session before the summer, precisely when many parliamentarians are no longer present during these dates, according to explains the German medium Heise.
The rejection proposal was 47 votes short of the necessary absolute majority. Before that final vote, MEPs have managed to approve two amendments that expressly exclude services with end-to-end encryption, such as WhatsApp or Signal, from being traced, as confirm Euronews. These amendments passed with 369 and 362 votes respectively.
Between the lines. A good part of the social democratic group, including German MEP Birgit Sippel (the rapporteur on the file), voted in favor of limiting the scope of the rule, according to Euronews. However, that same group had previously facilitated the approval of the emergency procedure that made the entire maneuver possible, something that Heise describelike a previous transfer that has ended up playing against its own intentions.
The European Commission has also actively lobbied, as four commissioners sent a last-minute letter warning of a legal loophole if the mechanism was not extended, according to collect Heise. The vice president of the EPP, Tomas Tobé, has defended that summer could not be reached “without tools to protect minors.”
The critical voices. Simeon de Brouwer, advisor to the digital rights organization European Digital Rights, countedWired that the standard opens the door for companies to review, if they so choose, any message, email or image that a user shares. On the other hand, activist and former MEP Patrick Breyer has described the result as a “farce” that damages democracy, and has pointed out in a statement collected by Brussels Signal that the real losers of this process are the minors themselves.
Breyer points to the European Commission’s own figures, indicating that mass scanning of private chats has only accounted for 36% of abuse reports in 2024. The majority came from public posts and cloud storage services. On the other hand, the German Federal Criminal Police (BKA) warns that 48% of the alerts generated lack criminal relevance, and that 40% of the resulting investigations end up pointing to minors. Furthermore, according to they point From Brussels Signal, 99% of the reports that Meta sends under this mechanism correspond to material already known previously, which provides little value in the face of cases of active abuse.
From Heise they mention also to cybersecurity researchers who have warned in open letters of the high error rates of automated scanning systems based on AI, which would put the privacy of users at risk without any connection with crimes.
And now what. This vote only extends the current system, which is temporary and not mandatory, since companies can scan messages if they want, but they do not have to do so by law. The permanent and much stricter regulations (known as Chat Control 2.0and which would require a widespread scan) is still being negotiated separately and has not yet been approved. Meanwhile, companies like Meta, Google or Microsoft will be able to continue scanning messages, emails and photos of their users until 2028, with the only exception of end-to-end encrypted conversations, such as those on WhatsApp or Signal.



GIPHY App Key not set. Please check settings