I’m confused by
> This means on April 6, 2026, Gmail, LinkedIn, Microsoft and other Big Techs must stop scanning your private messages in the EU
It had already passed and started?
I’m confused by
> This means on April 6, 2026, Gmail, LinkedIn, Microsoft and other Big Techs must stop scanning your private messages in the EU
It had already passed and started?
> It had already passed and started?
Facebook and others have been scanning your private messages for many years already. Then someone discovered that this practice is illegal in Europe. So they passed the temporary chat control 1.0 emergency law to make it legal. The plan was to draft a chat control 2.0 law that would then be the long-term solution. But negotiations took too long and the temporary law will expire on the 4th of April (not the 6th) which means that it will be illegal again for Facebook and others to scan the private messages of European citizens without prior suspicion of any wrongdoing.
I take it facebook/meta paid no fines for doing it illegally in the first place?
My impression was that the temporary permission-granting regulation was passed before the relevant privacy law came into effect, but I didn't check the dates now.
You could probably have sued them. I'm not aware of any cases where that happened.
Of course, remember Apple championed the idea with iMessage scanning which at the time produced A LOT of discussion e.g. https://www.eff.org/deeplinks/2021/12/2021-we-told-apple-don...
Yes, voluntary Chat Control 1.0 has been running since 2021.
Well, chat control 1.0 is about making an existing practice legal, it didn't create the practice of scanning messages for know child sexual abuse material, though I don't know how long that has been going on before the legislation in 2021 passed (but probably for several years at that point, since getting a new law trough takes a while).
Something something constitutional (ish*) rights say you can't do this.
Chat Control 1 says, eh do it anyway if you want on a voluntary and temporary basis until the Courts get around to saying no.
Chat Control 2 says you have to. Until the courts finally get around to striking it down in 15 years.
Gmail and likely others have been scanning at least emails for child pornography since the 2010s.
https://eur-lex.europa.eu/eli/reg/2021/1232/oj/eng
It was possible on a voluntary basis.
What happens to the already scanned metadata?
The data that isn’t flagged from scanning is prohibited from being stored in the first place. Flagging is required to have maximum accuracy and reliability according to the state of the art. Data that was flagged is stored as long as needed to confirm (by human review) and report it. Data that isn’t confirmed must be deleted without delay.
There was an interim legislation that will expire in april.