Germany’s ruling Christian Democratic Union (CDU) has come out against the European Union’s attempt to break end-to-end encryption via its proposed “chat control” law.
Under the Danish presidency of the EU Council, the highly controversial chat control law is being pushed as a way to combat child sexual abuse material (CSAM) online but it is widely seen as a mass surveillance tool and a threat to the right on privacy.
Civil society organisations have been campaigning against chat control and have intensified their efforts ahead of an expected vote in the European Council on October 14.
This has led to Germany’s CDU/Christian Social Union (CSU) parliamentary group to come out against chat control.
“We as the CDU/CSU parliamentary group in the Bundestag are against the control of chats without cause. That would be like opening all the letters as a precaution and seeing if there is anything forbidden in them.
“That is not possible, that will not happen with us”, chairman of the CDU/CSU parliamentary group Jens Spahn said in a press conference yesterday.
He did add that online child abuse was a big problem that needed to be combated at the European level.
“In the end, the regulation that is planned at the European level must succeed in effectively protecting children without endangering the security and confidentiality of individual communication,” Spahn said.
Great news and big win for privacy in the EU! 🇪🇺🇩🇪
Germany’s ruling CDU/CSU party made it clear today: there will be no chat control – as pushed for by other EU countries – with this German government. https://t.co/mhxGo60izq
— Patrick Hansen (@paddi_hansen) October 7, 2025
Germany is seen as a key vote on chat control in the EU to secure the required majority to enact the legislation.
There is a huge amount of child abuse material online and authorities want be able to detect, remove and prevent the spread of such content.
The EU wants to require online platforms such as messaging apps, social media and email services to scan all users’ private communications, including messages, images and videos.
This could in effect end any form of online privacy as it would work via mass surveillance using automated tools and AI to detect known or new illegal content in private chats and uploads.
Alex Linton, President of the Session Technology Foundation told Brussels Signal, “If Chat Control passes, messaging platforms will need to choose between leaving Europe or punching a hole in their encryption — ultimately leaving Europeans without access to encrypted messaging.”
The Session Technology Foundation is a Swiss organisation dedicated to promoting digital innovation and digital rights
Linton continued: “Fundamentally, client-side scanning places a backdoor on people’s phones and computers so that information can be extracted at will, introducing a new and existential threat to people’s privacy and security.
“In essence, chat control proposes that everyone in Europe should install malware on their device.
“It is obvious that a technology which functions similarly to a computer virus will not improve the safety of citizens in the European Union. In reality, end-to-end encryption is an essential technology for protecting people online, and undermining encryption is unacceptable compromise when our aim is to foster safer online spaces.
“Additionally, embedded AI technologies are already creating new and existential risks for people’s privacy and security. AIs integrated into operating systems, browsers, and other applications go largely unchecked as they access and process information, creating new challenges when it comes to protecting people’s privacy and security.
“To introduce client-side scanning now would be a tremendous act of self-sabotage which would put the European Union’s cybersecurity at risk during a pivotal moment,” Linton concluded.
A study of popular messaging apps by Surfshark, a cybersecurity provider, showed 90 per cent use end-to-end encryption.
Of the 10 most popular messaging apps, nine offer that: Telegram, QQ, WhatsApp, WeChat, Messenger by Meta Platforms, Rakuten Viber Messenger, LINE, Signal, and Apple Messages.
Discord is the only app among those studied that does not provide end-to-end encryption for text-based messages.
“Having end-to-end encryption for communication and other digital services is just essential hygiene. Without it, all other efforts by apps to protect user privacy and security become largely meaningless,” said Vytautas Kaziukonis, CEO of Surfshark.
“Proposals to introduce message scanning would inevitably create vulnerabilities that malicious actors could exploit. There is no such thing as partial encryption: Either it is intact, or it is broken.
“Therefore, weakening encryption risks undermining trust in Europe’s digital infrastructure and setting a dangerous global precedent,” Kaziukonis concluded.
