The European Union is pushing a dangerous surveillance law called “Chat Control” that would force tech companies to scan everyone’s private messages — even those protected by end-to-end encryption.
This proposal would force tech companies to use “client-side scanning” — so your private messages, photos, and files could be read before you send them, opening the door for hackers, corporations, and governments to spy on your data.
If passed, Chat Control won’t just weaken privacy — it will change the way we live online. Private conversations would no longer be private. Trust, security, and freedom on the internet would vanish.
The Mozilla community is urgently calling on EU policymakers to:
- Protect encryption: Ensure that end-to-end encrypted services are fully excluded from any broad detection requirements.
- Defend online security: Reject all measures that weaken encryption, violate the integrity of our devices or create new vulnerabilities in digital services.
- Rely on expertise: Consult independent experts — cryptographers, child protection specialists, and fundamental rights advocates — to design solutions that are both technically sound and proportionate.
Sign Mozilla Foundation’s petition today to tell the EU: Drop Chat Control. Defend encryption. Protect our digital future.
Where does my country stand on the EU “Chat Control” proposal?
Check this map to see where your country stands: fightchatcontrol.eu
Each EU country has taken a different stance — and the debate is shifting fast. Some governments oppose it, some are undecided, and others are pushing hard to pass it.
No matter your government’s position right now, adding your voice will help protect our right to private communications. Members of the European Parliament (MEPs) and national ministers will decide this law. Contact your representatives today and tell them: protect encryption, reject client-side scanning, and defend our rights online.
What is “client-side scanning” (CSS)?
Client-side scanning means your messages, photos, or files are scanned on your device before they’re encrypted.
Client-side scanning (CSS) is often promoted as a child safety measure — but in reality, it undermines the very promise of encryption. Detection tools, especially those meant to identify “unknown” content, are error-prone and create new security vulnerabilities.
Even if scanning starts with one type of content (like CSAM), it sets a dangerous precedent: the scope can easily be expanded to monitor other kinds of conversations. And once encryption is weakened, the risks multiply — hackers can steal sensitive data, abusers can track vulnerable people, and authoritarian regimes can spy on journalists, activists, and citizens.
CSS doesn’t make people safer. It makes everyone less secure.
Which encrypted apps and products would be impacted?
If passed, Chat Control would apply to messaging and storage services operating in the EU — even those using end-to-end encryption.
Apps like WhatsApp, Signal, Telegram, iMessage, and Messenger, plus cloud services like iCloud, Google Drive, and Microsoft OneDrive, could all be forced to scan your private messages, photos, and files before they’re sent or stored.
That means no matter which service you use, your conversations and data could be opened up to surveillance.