Chat Control 1.0 vs. 2.0

latexr1 pts0 comments

Chat Control 1.0 vs 2.0 - Fight Chat Control

Chat Control 1.0 and 2.0 Explained

There is not one proposed &ldquo;Chat Control&rdquo; law — there<br>are two , and they are moving<br>through the EU institutions<br>in parallel . This is why the news<br>can seem contradictory: one Chat Control was<br>"stopped" in March 2026, yet another is still being<br>negotiated, and the first is now being revived. This<br>page untangles the two.

Chat Control 1.0

Regulation (EU) 2021/1232 — the<br>"temporary" law

Expired 4 April 2026 — revival in<br>progress

What is it?

A temporary derogation from the ePrivacy<br>Directive that allowed (but did not<br>require) providers to scan private messages<br>of unsuspected users for potential child sexual abuse material.

Is scanning mandatory?

No — voluntary. In practice used<br>mainly by unencrypted US services such as<br>Gmail, Facebook/Instagram Messenger, Skype,<br>Snapchat, iCloud Mail, and Xbox.

Does it touch encrypted messages?

No. End-to-end encrypted communications were<br>never scanned but providers could deploy<br>client-side scanning under this law.

Status today

Legally expired since 4 April 2026 after<br>Parliament refused to extend it. The Council<br>is now attempting an unprecedented<br>fast-track revival via a formally "new" law<br>with identical content.

Chat Control 2.0

CSA Regulation (CSAR) — the permanent<br>proposal

In trilogue negotiations — no<br>agreement

What is it?

A proposed permanent regulation that would<br>make detection and reporting of child sexual<br>abuse material a<br>legal requirement for digital<br>platforms.

Is scanning mandatory?

That is the core of the fight. The original<br>proposal mandated scanning of private<br>communications; the Council&rsquo;s 2025<br>position shifted to &ldquo;voluntary&rdquo;<br>suspicionless detection plus broad<br>risk-mitigation duties that incentivise<br>scanning anyway. The Parliament&rsquo;s<br>position is that scanning of private<br>communications must be limited to individual<br>users or a specific group of users suspected<br>of links to child sexual abuse, and that a<br>court order is required; implementation of<br>the order would then be mandatory.

Does it touch encrypted messages?

Potentially yes — inclusion of<br>end-to-end encrypted messengers remains<br>contentious between Parliament and the<br>Council.

Status today

Five trilogue rounds have failed to produce<br>a deal. The supposedly final trilogue on 29<br>June 2026 collapsed over suspicionless<br>scanning; negotiations continue under the<br>Irish presidency.

Timeline: Chat Control 1.0

The temporary, voluntary scanning regime —<br>adopted in 2021, rejected by Parliament in March<br>2026, expired in April 2026, and now the subject of<br>an unprecedented revival attempt.

Jul 14, 2021

Temporary derogation adopted

Regulation (EU) 2021/1232 creates a<br>temporary exception to the ePrivacy<br>Directive, giving providers a legal<br>basis to voluntarily scan<br>private messages for child sexual abuse<br>material. Originally set to expire 3<br>August 2024.

Apr 29, 2024

First extension

With the permanent regulation (Chat<br>Control 2.0) nowhere near agreement, the<br>derogation is extended until 3 April<br>2026.

Dec 18, 2025

Commission proposes second extension

The Commission proposes extending the<br>derogation by another two years, to<br>April 2028.

Mar 2, 2026

LIBE committee rejects the extension

In a surprise vote, the Parliament's<br>civil liberties committee rejects the<br>draft extension by 38 votes to 28.

Mar 11, 2026

Parliament adopts a protective position

The plenary votes 458–103 for a<br>compromise: extend to 2027, but only<br>with targeted and proportionate<br>detection of known content, no<br>end-to-end encrypted communications,<br>and limiting scanning to suspected users<br>or groups identified by the competent<br>judicial authority.

Mid-Mar 2026

Trilogue on the extension collapses

The Council rejects Parliament's<br>conditions and shows no flexibility in<br>negotiations; talks on the extension<br>break down.

Mar 26, 2026

Parliament rejects the extension<br>outright

311 MEPs vote against extending the<br>derogation (228 in favour, 92<br>abstentions). The critical Amendment 34,<br>rejecting automated assessment of<br>unknown photos and texts, passes by a<br>single vote (307–306).

Apr 4, 2026

Chat Control 1.0 expires

The legal ground for voluntary,<br>indiscriminate scanning ends. Google,<br>Meta, Microsoft, and Snap state they<br>will continue scanning private messages<br>regardless.

Jun 26, 2026

Council moves to resurrect the expired<br>law

EU ambassadors agree to push a temporary<br>revival — unprecedented, as<br>Parliament's rejection was considered<br>final. Because an expired regulation<br>cannot be extended, the Council<br>proposes a formally<br>new law with identical<br>content via an expedited procedure.

Jul 2, 2026

Council adopts its position

The Council adopts its position on the<br>"new" regulation via written procedure.

Jul 7, 2026 (expected)

Urgency vote in Parliament

The draft is on Parliament&rsquo;s<br>agenda for deciding on whether to<br>apply the urgency procedure, just<br>before summer recess. If the urgency is<br>approved, the proposal will skip...

chat control scanning parliament council regulation

Related Articles