Germany has drawn a clear line in the ongoing debate over the EU’s proposed “Chat Control” regulation, stating it will not support measures that undermine encryption in private communications.
The position, confirmed in a Bundestag Digital Committee meeting earlier this week, could prove decisive in upcoming EU Council negotiations where the controversial law faces growing opposition.
The proposal, formally known as the Regulation to Prevent and Combat Child Sexual Abuse (CSAR), has been under discussion in Brussels for over three years. It would require messaging and hosting providers to deploy scanning technologies capable of detecting both known and unknown child sexual abuse material (CSAM). While the Danish EU Council Presidency has made the regulation a top priority, Germany’s intervention highlights deep fractures among member states.
During the committee session, a representative of the Federal Ministry of the Interior acknowledged the alarming scale of online child exploitation and the need for a unified European legal framework. However, she stressed that Berlin cannot endorse any plan that mandates breaking end-to-end encryption, signaling a direct rejection of one of the most contentious aspects of the draft. Instead, Germany will work toward a compromise that protects both child safety and private communications.
The Ministry of Justice took an even firmer privacy-oriented stance, warning that the proposals amount to “severe intrusions” into citizens’ rights. Officials pointed to existing case law from the Court of Justice of the European Union (CJEU), which has consistently struck down indiscriminate data retention measures. They argued that any regulation enabling widespread scanning of private messages would likely collapse under judicial review unless it strictly respects proportionality and necessity.
Germany’s position comes just days after more than 500 cryptographers and security researchers from 34 countries publicly denounced the regulation as technically unworkable and democratically dangerous. The scientists warned that mandatory client-side scanning would turn every smartphone into a surveillance device, riddled with exploitable vulnerabilities and prone to high rates of false positives.
For the EU, the stakes are high. Fourteen member states, including Denmark, France, and Spain, back the proposal, but a blocking minority is forming with Austria, Belgium, the Netherlands, and Finland already opposed. Germany’s refusal to compromise on encryption could tip the balance when ministers vote on October 14.
The political pressure is amplified by the looming expiry of the EU’s interim regulation on CSAM, which provides a temporary framework for providers to detect abusive material. Without agreement on CSAR, the EU risks losing even these limited measures. Still, Berlin has made it clear that protecting private communications is non-negotiable, even under intense pressure to expand surveillance powers.
Until the legislative outcome is known, Europeans concerned about privacy should continue using services with transparent commitments to end-to-end encryption and avoid platforms that cannot guarantee data confidentiality.
Leave a Reply