In a significant move, the European Parliament has opted not to renew a critical law that allowed major technology companies to monitor their platforms for child sexual exploitation. This decision has alarmed child safety advocates and tech firms alike, who fear that the absence of this regulatory framework could lead to a surge in unreported abuse cases, similar to a notable incident in 2021 where reports fell drastically during a previous legal hiatus.
Legislative Background
The controversial law, introduced as a temporary measure in 2021, was a part of the EU’s ePrivacy Directive aimed at combating child sexual abuse material (CSAM) and other forms of exploitation online. It permitted companies to utilise automated detection technologies to scan communications for harmful content, including grooming and sextortion. However, as of 3 April, this law has expired without a vote for extension, primarily due to privacy concerns raised by some lawmakers.
The current scenario leaves tech giants in a precarious position. While they are prohibited from scanning for CSAM, they are still required under the Digital Services Act to remove illegal content from their platforms. In response, companies such as Google, Meta, Snap, and Microsoft have publicly stated their commitment to continue voluntary scanning for CSAM, expressing disappointment over the parliamentary decision.
“We are disappointed by this irresponsible failure to reach an agreement to maintain established efforts to protect children online,” they noted in a joint statement.
Implications for Child Safety
Child protection advocates have voiced serious concerns regarding the potential consequences of this legislative gap. Historical data reveals a worrying pattern; during a similar lapse in 2021, reports of child sexual abuse material from EU-based accounts to the National Center for Missing and Exploited Children (NCMEC) plummeted by 58% over a mere 18 weeks.
John Shehan, NCMEC’s vice-president, stated, “When detection tools are disrupted, we lose visibility that directly impacts our ability to find and protect child sexual abuse victims. When detection goes dark, the abuse doesn’t stop.” The figures are staggering: in 2025, NCMEC received 21.3 million reports related to child abuse, encompassing over 61.8 million images, videos, and files, with a significant proportion linked to non-US accounts.
Legal and Global Consequences
The EU’s decision is poised to have far-reaching effects beyond its borders. As many internet crimes transcend national boundaries, the lack of legal clarity could embolden offenders. For example, “sextortionists” who masquerade as romantic interests to exploit victims may find new opportunities to target minors across Europe. Shehan emphasised that “the offender can be anywhere in the world, but they could have unfettered access to minors in Europe now that there’s legal uncertainty.”
The past four years have seen intense negotiations surrounding proposed regulations to address child sexual abuse online. However, the contention primarily revolves around the obligations this law would impose on tech companies to mitigate risks on their platforms. Privacy advocates have expressed concerns that such measures could infringe on fundamental rights, labelling the scanning of messages as a form of “chat control” that risks mass surveillance and erroneous accusations.
Technology’s Role in Combatting Abuse
Despite the EU’s decision to halt scanning for child abuse material, it continues to permit voluntary technology-driven measures for detecting terrorist content, highlighting a potential inconsistency in its approach. Emily Slifer, director of policy at the non-profit Thorn, explained that the technology used to identify CSAM relies on machine learning algorithms that detect known abusive patterns without storing any personal data.
“The technology doesn’t find innocuous images; it distinguishes between abusive content and consensual material,” Slifer clarified. This nuanced approach underscores the importance of balanced legislation that prioritises both child safety and privacy rights.
Why it Matters
The EU’s decision not to extend the child protection law represents a troubling setback in the ongoing battle against online abuse. With child safety advocates warning of an imminent rise in unreported incidents, the urgency for a robust, permanent legislative framework has never been clearer. If the EU is to uphold its commitment to safeguarding children in the digital age, it must urgently initiate a comprehensive dialogue to establish effective regulations that both protect the vulnerable and respect individual privacy rights. The stakes are high, and the global implications of inaction could be dire.
