Is this the latest draft

https://data.consilium.europa.eu/doc/document/ST-10131-2025-...

This legislation appears to be aimed at "services" offered to the general public that provide encrypted messaging, particularly the facility to share URLs, images and video

This proposed legislation does not appear to contemplate internet service providers as encrypted chat/messaging service providers

It stands to reason that internet subscribers who do not use encrypted chat services offered to the public by third party intermediaries, aka middlemen, would not be affected by this legislation

The legislation imposes an obligation on encrypted chat service providers, i.e., non-parties to the communication, to scan _someone else's_ private messages

Obviously, this obligation to scan someone else's messages would not apply to internet subscribers communicating with each other peer-to-peer, i.e. it would not apply to the parties to the communication

It is interesting how HN commenters seem to assume that if this legislation were enacted, Europeans would continue to use these third party services, e.g., for planning the next revolution (the top comment is hilarious)

The legislation is only targeting "Big Tech" and wannabe Big Tech "platforms", it is not targeting encryption per se.^1 It is targeting _those companies'_ use of encryption

1. Law enforcement use of encryption is explicitly excluded

It was never a good idea to let "Big Tech" intermediate communication over the internet. These companies are not a source of "privacy". Their "business model" is based on mass surveillance. As mass surveillance data collectors, "Big Tech" is an alluring and easy target for any government, a "one-stop shop" for law enforcement. There is less need for government surveillance when "Big Tech" is doing it for them