European Union lawmakers are scheduled to vote this Thursday on the revival of the "Chat Control" proposal to scan private electronic messages [1].

The measure represents a significant shift in digital privacy. If passed, the rules would require messaging services to implement on-device scanning to detect illegal content, specifically child sexual abuse material [2, 3].

EU officials said the measure is necessary to combat the spread of illegal material online [3]. However, the proposal has faced backlash from digital-rights experts and technology leaders who said the mechanism fundamentally undermines the security of private communications [2, 3].

One digital-rights expert said, "The proposal would force on-device scanning of private messages, which could break end-to-end encryption" [2]. This technology would allow the device to analyze content before it is encrypted and sent, creating a potential backdoor for government surveillance.

Vitalik Buterin, a prominent figure in the cryptocurrency space, also warned against the legislation. "Chat Control threatens cybersecurity for everyone, including crypto users," Buterin said [2].

Lawmakers used a rare urgent procedure to set up the vote for Thursday [1]. The proposal re-emerged on the EU legislative agenda after previous attempts to implement similar oversight faced legal and technical hurdles [1, 3].

While the primary focus of the current proposal is the protection of children, some reports suggest a broader scope involving the revival of data-retention laws that could target Virtual Private Networks (VPNs) [4]. This contradiction in the scope of the rules adds to the uncertainty surrounding the final legislative text.

“Chat Control threatens cybersecurity for everyone, including crypto users.”

The EU is attempting to balance the urgent need to protect children from online abuse with the fundamental right to privacy. However, by targeting end-to-end encryption through on-device scanning, the EU risks creating systemic vulnerabilities that could be exploited by malicious actors or used for broader state surveillance, potentially alienating the global tech community and undermining the security of the digital economy.