- Denmark has reintroduced the disputed child sexual abuse (CSAM) scanning bill on the first day of its EU Presidency
- The so-called Chat Control proposal could be adopted as early as October 14, 2025
- The proposal has been failing to attract the needed majority since May 2022
Denmark kicked off its EU Presidency on July 1, 2025, and, among its first actions, lawmakers swiftly reintroduced the controversial child sexual abuse (CSAM) scanning bill to the top of the agenda.
Having been deemed by critics as Chat Control, the bill aims to introduce new obligations for all messaging services operating in Europe to scan users’ chats, even if they’re encrypted.
The proposal, however, has been failing to attract the needed majority since May 2022, with Poland’s Presidency being the last to give up on such a plan.
Denmark is a strong supporter of Chat Control. Now, the new rules could be adopted as early as October 14, 2025, if the Danish Presidency manages to find a middle ground among the countries’ members.
Chat Control is back – what we know so far
The Danish Parliament has not yet disclosed the contents of the new compromises. At the time of writing, we know that another meeting is scheduled for later this week (July 11), with lawmakers expected to deliberate on the bill on October 14 (see page 31 of the agenda).
We also know that among the objectives of the Danish EU Presidency, there’s a commitment to “focus on strengthening the abilities to make use of the digital development for law enforcement when fighting serious crime, while also addressing the misuse of new technologies for criminal or harmful purposes,” Denmark’s program reads.
So-called Chat Control aims to halt the spread of CSAM content online by scanning all communications, especially encrypted ones. Over the years, however, the proposal has seen some twists and turns as privacy advocates, technologists, and even politicians raised concerns.
Experts worry that these new obligations will undermine encryption protections. Encryption is a technology that the likes of WhatsApp, Signal, ProtonMail, and even the best VPN apps use to scramble users’ messages into an unreadable form, preventing unauthorized access and guaranteeing that chats remain private.
As per its first version, all messaging software providers would be required to perform indiscriminate scanning of private messages to look for CSAM – so-called ‘client-side scanning’. The proposal was met with a strong backlash, and the European Court of Human Rights ended up banning all legal efforts to weaken encryption of secure communications in Europe.
In June 2024, Belgium then proposed a new text to target only shared photos, videos, and URLs, upon users’ permission. This version didn’t satisfy either the industry or voting EU members due to its coercive nature. As per the Belgian text, users must give consent to the shared material being scanned before being encrypted to keep using the functionality.
🇬🇧🚨 Under Danish leadership, #ChatControl is to be adopted as early as October 14! https://t.co/dKVuSlrSJX (p. 31)The decisive factor is Germany: neither Conservatives nor Socialists have yet declared digital privacy of correspondence and secure encryption to be a red line.July 1, 2025
Fast-forward to February 2025, Poland tried to find a better compromise by making the scanning of encrypted chats voluntary instead of mandatory and classified as “prevention.” While experts found this version a “major progress,” they still lamented the risk of mass surveillance, and, ultimately, lawmakers failed to attract the needed majority.
We could then expect the Danish text to try finding a compromise that appeals to most of the country’s members.
According to the former MEP for the German Pirate Party, Patrick Breyer, Denmark crucially needs to manage to convince Germany of its proposed text. The new government has not yet taken a position at the time of writing.
What’s certain, however, is that the controversial CSAM scanning bill is far from being the only proposal threatening encryption in Europe.
In the latest of these efforts, on June 24, 2025, the EU Commission published the first step in its ProtectEU strategy, which looked to enable law enforcement bodies to decrypt your private data by 2030.
You might also like
