July 10, 2026 ChainGPT

EU Revives Chat Control with E2EE Exemption — Crypto Warns Client‑Side Scans Expose Wallet Keys

EU Revives Chat Control with E2EE Exemption — Crypto Warns Client‑Side Scans Expose Wallet Keys
The European Parliament has resurrected a controversial temporary regime that lets tech companies voluntarily scan private chats for child sexual abuse material (CSAM) — but with a crucial carve‑out for end‑to‑end encrypted communications. What happened - On July 9, Parliament voted on an extension of the temporary “Chat Control 1.0” framework, which had expired in April while a permanent system was being negotiated. The extension would allow online services to detect, remove and report suspected CSAM until 2028. - A motion to reject the Council’s position received 314 votes in favor, 276 against and 17 abstentions. Because an absolute majority of 361 votes was required to block the proposal, the attempt to reject failed and the Council’s position advanced. - Parliament also adopted an amendment explicitly excluding communications protected by end‑to‑end encryption (E2EE) from the scanning framework. That amendment passed 369–236–6. The text specifies the exemption applies to communications “to which end‑to‑end encryption is, has been or will be applied.” Why the E2EE carve‑out matters Supporters of the temporary rules argue the framework gives platforms legal cover to identify and report abusive material. Privacy advocates and encryption proponents warned that broad scanning risks exposing private communications of innocent users. By exempting E2EE messages, Parliament aimed to protect chats that cannot be read by providers or third parties while in transit. Still, the law permits voluntary scanning of non‑E2EE communications. Crypto industry reaction and security risks The vote has significant resonance in the crypto world. Wallets, seed phrases, recovery phrases and session keys often rely on device security and encrypted services. Blockchain groups and security experts warned that client‑side scanning — which inspects content on a device before it is encrypted — could open new attack vectors: - Client‑side scanning could expose wallet seed phrases, private keys and other sensitive data if scanning tools gain access to files or messages on users’ devices. - Attackers might target widely deployed scanning software as a new single point of failure. - Open‑source wallet and dApp developers could face compliance burdens even if they do not control the underlying networks. The International Association for Trusted Blockchain Applications flagged these risks; Ethereum co‑founder Vitalik Buterin also criticized the move publicly ahead of the vote. Political reaction Pirate Party MEP Markéta Gregorová called the result “a bittersweet victory,” noting that protecting encryption was a priority while lamenting that voluntary mass scanning was allowed to pass. Next steps The amended proposal will return to the Council of the European Union, which can either accept Parliament’s changes or reject them and reopen negotiations. This temporary framework is separate from the broader proposed regulation often dubbed “Chat Control 2.0,” whose talks are expected to resume in September. Key outstanding disputes include whether detection should target specific suspected users or be applied more widely across services, and how to combat abusive content without undermining encryption. The law has not yet completed the EU legislative process — the Council’s response will decide whether this extension, with its E2EE exemption, becomes reality or is sent back for further bargaining. Read more AI-generated news on: undefined/news