Chat Control was first proposed in 2022, but despite several attempts by Hungary, Sweden, and others, the draft has still not made it into law. Now, the Danish presidency of the EU Council is proposing a new version of Chat Control - and one that is worse than the others that came before: If the Hungarian proposal was bad, the Danish version is even more extreme pushing for a creation of an Orwellian world. Danish Minister of Justice and chief architect of the current Chat Control proposal, Peter Hummelgaard, even said:

“We must break with the totally erroneous perception that it is everyone’s civil liberty to communicate on encrypted messaging services.”

Stop Chat Control: Fight for privacy isn’t over!

The new Chat Control proposal by Denmark would force mandatory scanning of all private communications — including secure, encrypted chats — by inserting dangerous client-side scanning into your messaging apps.

It is very telling that government and military accounts would be exempt from this privacy invasion while citizens’ and businesses’ data would be up for grabs.

But what makes this even worse is that this 2025 version doesn’t just recycle previous proposals for client-side scanning by the EU — it goes further. If passed, law enforcement all over Europe will be able to compel online communication providers to scan for “unknown” content using unreliable AI, not just for known illegal material. This risks exposing your most intimate private conversations and photos.

With all the privacy-issues we are already seeing around AI tools - just think about how Google might train its AI with all your data, how LinkedIn opted users into AI training without asking for consent - people are now actively looking into how to disable Gemini on Android, or how to turn off Meta AI on WhatsApp. And, yes, as a privacy-first email provider, we can also say that using AI in email is not a good idea.

Despite this trend - to protect ones data from aggressive AI-abuse - EU politicians want to give AI even more and deeper access into everything we do online, including scanning of encrypted messages. Instead of protecting users’ data, politicians want to create an encryption backdoor that threatens the security and privacy of everyone.

If Chat Control is passed, opaque AI algorithms will decide whether your personal messages and your private pictures will be flagged or leaked. This undermines online privacy for over 450 million EU citizens, which is something we must not accept. What’s more, a leaked German government memo confirms the Council’s own lawyers believe this draft law violates fundamental rights, weakens encryption, and is unlikely to survive in court — achieving nothing for child protection while destroying privacy for all.

Take action now

The leaked memo also reveals a dangerous development: Many countries within the EU Council that helped block Chat Control in 2024 are now wavering.

The following countries are undecided or unclear: Belgium, Germany, Greece, Italy, Latvia, Slovakia, Slovenia, and Sweden. While the Swedish government leans in favour of chat control, it needs parliamentary approval.

This is - or used to be - the blocking minority. We need to make sure that these countries continue to oppose Chat Control to stop it from becoming law.

One fact that makes Chat Control so controversial in Germany - and should be in the entire EU - is that we in Germany actually call this law “Chat Control” - not Upload Moderation, ProtectEU, or whatever name the EU Council comes up with. So follow this call on YouTube, and call this law by its real name: Chat Control.

The clock is ticking and the time to stop Chat Control is now!

• October 9: German ministers meet to discuss Chat Control.

• October 14: Danish Presidency will push for a final vote within the EU Council.

Email addresses of German politicians

Before October 9, call on decision-makers in your local governments demanding they protect encryption and reject Chat Control.

Below - and in this video on YouTube -, we outline why Germany is the deciding factor for Chat Control. If you are German, please write to the following email addresses. It is best if you use write them in your own words and with your full name instead of being anonymous to show them that they are talking to real citizens and potential voters.

➡️ Federal Ministries in general: Interior (poststelle@bmi.bund.de), Justice (poststelle@bmj.bund.de), Family (poststelle@bmfsfj.bund.de) and Digital (info@bmds.bund.de)

➡️ Federal Ministers (directly): Interior Minister Alexander Dobrindt (alexander.dobrindt@bundestag.de), Justice Minister Dr. Stefanie Hubig, Education and Family Minister Karin Prien (karin.prien@cdu-sh.de), Digital Minister Dr. Karsten Wildberger

➡️ Party Leaders of CDU, CSU, SPD: Friedrich Merz (friedrich.merz@bundestag.de), Dr. Markus Söder (markus.soeder@soeder.de), Bärbel Bas (baerbel.bas@bundestag.de) & Lars Klingbeil (lars.klingbeil@bundestag.de)

➡️ Bundestag Group Leaders: Jens Spahn (jens.spahn@bundestag.de), Dr. Matthias Miersch (matthias.miersch@bundestag.de)

➡️ Group Speakers Interior: Alexander Throm (alexander.throm@bundestag.de), Sebastian Fiedler (sebastian.fiedler@bundestag.de)

➡️ Group Speakers Digital: Ralph Brinkhaus (ralph.brinkhaus@bundestag.de.), Johannes Schätzl (johannes.schaetzl@bundestag.de)

Make Germany oppose Chat Control again!

Map of EU countries showing which countries are for, which are neutral, and which are against chat control.

Germany, under a new government since May 2025, is no longer clearly opposing Chat Control. This is a warning to everyone in favor of privacy, and must make everyone act now to turn the tide in this large EU country. The politicians point of view is particularly worrying as they seem to no longer oppose Chat Control, despite clear signs that the draft law violates human rights and will very likely be declared illegal by the German Constitutional Court for disproportional mass surveillance - which is very important to many Germans given that in our recent history mass surveillance was daily business in Eastern Germany. The approach of Chat Control looks very similar to the history of data retention legislation in Germany - which was declared illegal multiple times. But politicians kept trying, until finally agreeing on data retention that explicitly excluded emails as a means of personal communication that deserves privacy.

This approach is highly questionable, and we must not allow politicians to get away with it.

So back to Chat Control: In 2024, the legal experts of the EU Parliament’s Scientific Service concluded in a study on the legality of Chat Control:

“When weighing the fundamental rights affected by the measures of the CSA proposal, it can be established that the CSA proposal would violate Articles 7 and 8 of the Charter of Fundamental Rights with regard to users.”

According to the legal services of the EU, the CSAR proposal’s parts on client-side scanning are disproportionate and contrary to fundamental rights.

This leads to the major Chat Control criticism: The EU CSA Regulation is illegal under EU law.

”To us, it is a paradox that the German government has granted us €1.5 million to develop a drive solution with post-quantum encryption, and now EU politicians want to destroy this high level of security again with Chat Control. If Chat Control passes, we as an encrypted provider have two options: sue to fight for people’s privacy, or leave the EU. A third possibility – undermining the end-to-end encryption of Tuta Mail – is not an option for us. So we’d go with option one because everyone deserves privacy. We will not stand by while the EU destroys encryption.”

EU Commission’s conflicting statements

The EU Commission, however, rejects the arguments of the opponents and claims that you can protect and scan chats at the same time - however, giving no evidence on how this should be done.

At the same time, another fact within the draft law makes it clear that Chat Control is a surveillance tool: Non-public communication services, for example the military services, are to be exempted. This is to protect “confidential information, including classified information.”

States do not want Chat Control for their own communications, but the chats of others should be monitored.

Criticism of Chat Control

1. Chat control may be illegal

The core problem of CSAR is the following: scanning the communications of unsuspected persons en masse without cause is disproportionate and contrary to fundamental rights.

In May 2022, the European Commission proposed to introduce mandatory requirements for all chat, messaging and email services, even when providing end-to-end encryption, to scan messages for illegal child sexual abuse material (CSAM). But since their publication, the proposed measures are criticized across Europe as these could lead to the de facto “permanent surveillance of all interpersonal communications”.

The EU Charter of Fundamental Rights guarantees the right to privacy for all people living in the European Union. Consequently, the EU legal advisors have concluded that European Chat Control proposals which would require tech companies to scan private and encrypted messages for child abuse material (CSAM) are in breach with EU law.

The controversial EU law will enable governments to serve “detection orders” on technology companies, requiring them to scan private messages and emails for “indicators of child abuse”. This could undermine encrypted communications, which is criticized by security experts as well as privacy advocates as being general and indiscriminate mass surveillance. In addition, one must remember that the German Federal Constitutional Court has even declared data retention illegal in Germany for being “disproportionate”.

It is highly likely that the CSA Regulation - should it become law - would be declared illegal by the European Court of Justice (ECJ) as well. The requirement for companies such as WhatsApp, Signal and others to scan every message - even when encrypted - for child abuse material infringes people’s right to privacy, which is in conflict with the EU Charter of Fundamental Rights.

2. Lobbying from AI companies

In September 2023 a new research was published that threw a very different light on Chat Control - and who would really benefit if all Europeans would be monitored 24/7 on the internet.

Next to Ashton Kutcher and his organization Thorn, a long list of organizations, AI companies and law enforcement are lobbying pro Chat Control in Brussels. The research for example exposes the WeProtect Global Alliance as a government-affiliated institution that is closely linked to ex-diplomat Douglas Griffiths and his Oak Foundation. The latter has invested more than 24 million US dollars in lobbying for Chat Control since 2019, for example via the Ecpat network, the Brave organization and the PR agency Purpose.

The research “confirms our worst fears,” said Diego Naranjo, head of policy at civil rights organization European Digital Rights (EDRi). “The most criticized European law on technology in the last decade is the product of lobbying by private companies and law enforcement.” EU commissioner, Ylva Johansson, ignored “science and civil society” and proposed a law to “legalize mass surveillance and break encryption,” he said. “Child protection is being abused here as a door-opener for an infrastructure for mass surveillance without any reason,” complains Konstantin Macher of the data protection association Digitalcourage.

3. Mostly criticized EU law ever

According to the non-profit organization EDRi an “unprecedentedly broad range of stakeholders have raised concerns that despite its important aims, the measures proposed in the draft EU Child Sexual Abuse Regulation are fundamentally incompatible with human rights”.

EDRi has published an impressive collection of 69 opposing voices from EU politicians, EU member states, tech companies and even child protection experts explaining why Chat Control must fail.

It also published an open letter signed by over 80 NGOs adding to the voice of almost 500 scientists and ~90 organizations explaining why we must fight for privacy in Europe.

No matter how politicians try to convince the public: Scanning our private messages for child sexual abuse material is mass surveillance. We must never allow this.

We at Tuta won’t accept Chat Control

At Tuta we are freedom fighters: We are at the forefront of the privacy revolution by offering everyone around the world a private email account.

Should the CSA Regulation continue to move forward in its current form, we would be willing to defend people’s right to privacy in court as we have done so before in Germany.

We put your privacy and security first, our code for Tuta’s automatic end-to-end encryption is publicly available, published as open source. We would never undermine our privacy promise or our encryption.

Our position remains firm: We will do whatever it takes to ensure your right to privacy.