For years, Brussels has been divided over how far the European Union should go to combat the spread of child sexual abuse material, or CSAM.
Privacy advocates argue that scanning private messages would amount to mass surveillance, undermining digital rights. Child safety groups, and many tech companies, say that without such tools, illicit content will spread rampantly.
That tension came to a head at the end of March, when the European Parliament voted against extending a temporary exemption that had allowed platforms to scan communications.
Since the exemption expired on April 3, tech companies have been left in legal limbo: they’re obligated to remove illegal content, but the scanning methods they rely on may now violate EU privacy rules. Several companies have said they will continue scanning regardless, even without clear legal standing.
Now, those companies are urging the EU to move quickly on a permanent child safety law — one that would introduce centralized reporting and clearer obligations, and finally resolve years of legal uncertainty.
What counts as CSAM, and how do companies remove it?
Child sexual abuse material is any content that shows a child being sexually abused or exploited according to Rainn, a sexual abuse advocacy group based in Washington D.C. CSAM is widely prevalent, with over 20.4 million cases reported in 2024 to the U.S. National Center for Missing and Exploited Children, an international clearinghouse for flagging CSAM material. In 2024, 70% of all such content globally originated in Europe, according to the Internet Watch Foundation.
Companies typically scan their platforms using a process called PhotoDNA, a form of hash matching that flags known CSAM by comparing digital fingerprints, without requiring a human to view the image.
How has the EU tried to regulate CSAM scanning?
In 2020, the Commission introduced a temporary measure allowing companies to scan for CSAM without breaching data privacy rules, but efforts to extend it failed in Parliament in March this year, with lawmakers rejecting a longer and broader exemption backed by the Commission and Council.
In 2022, the EU executive put forward a permanent framework to clarify what scanning is allowed and to establish a dedicated centre to combat child sexual abuse. But the plan has stalled, as EU institutions remain divided over how far those scanning powers should extend.
How did opposition to “chat control” gain momentum?
In 2020, digital privacy groups such as Stop Chat Control and Fight Chat Control began campaigning against scanning, arguing that exemptions to privacy rules amounted to mass surveillance. Civil society groups organized citizens to send thousands of emails to European lawmakers.
“We allowed providers to check all personal communications of all users at any time,” said MEP Birgit Sippel (S&D, DE), the rapporteur on the temporary exemption. “As a general matter, that is deeply affecting the rights of all the users, and most of them are not criminals, clearly.”
Basic user privacy is incompatible with broad scanning mandates, according to Patrick Grady, an EU policy manager at the Chamber of Progress. He said the original temporary exemption, which had more narrow mandates, was the right approach.
Where does the CSAM debate stand now?
When the exemption expired, tech companies accused the Parliament of failing to protect children. Yet firms including Snapchat, Meta, Google and Microsoft have continued to scan regardless, according to a joint letter.
Lawmakers say that’s illegal. “I’m frustrated by companies that say we decide which laws we respect, and which laws we want to ignore,” Sippel said.
Those same companies are now advocating for the EU institutions to fast-track the permanent regulation instead of reviving the rejected extension, according to Chloe Setter, Google’s head of child safety policy in Europe. Final trilogue talks are expected at the end of June, according to the Parliament’s press office.
Sign up to The Parliament's weekly newsletter
Every Friday our editorial team goes behind the headlines to offer insight and analysis on the key stories driving the EU agenda. Subscribe for free here.