In development. RVNT is pre-release — not yet security-audited. Source code, public builds, and the iOS / App Store release aren’t available yet. See the roadmap →

2026-04-09 · 8 min read · RVNT Team law policy

The EU Just Let Chat Control Expire — For Now

chat-controleuclient-side-scanningencryption-lawcsam-regulation

For years, a single phrase has hung over every conversation about private messaging in Europe: Chat Control. It is the nickname for a set of EU rules that would have message and email providers scan the contents of private communications in the name of detecting child sexual abuse material. To the people who build encrypted systems, it has always represented the same threat in different drafts — the demand that someone, somewhere, be able to read what you send.

On 26 March 2026, that demand lost a vote.

What the Parliament actually did

The European Parliament voted 311 against, 228 in favour, with 92 abstentions to reject extending the temporary regulation that had permitted this scanning. With no extension, the legal basis expired on 3 April 2026.

It’s worth being precise about which law this was, because “Chat Control” has come to mean two different things and the distinction matters enormously.

What expired was the interim ePrivacy derogation — Regulation (EU) 2021/1232, sometimes called “Chat Control 1.0.” It was a temporary carve-out from Europe’s privacy rules that let providers voluntarily scan private messages for abuse material. Under it, companies like Meta, Google, and Microsoft could run three kinds of scanning: hash-matching against databases of known illegal images and videos, automated analysis of unknown images and video, and automated analysis of the text of private chats. The derogation was the legal permission slip that made all of that lawful. As of 3 April, that permission slip is gone.

“Indiscriminate mass scanning of our private messages must finally give way to truly effective and targeted child protection that respects fundamental rights,” said Patrick Breyer, the former MEP who has been among the most persistent critics of the proposals.

Why “scanning” and “encryption” cannot coexist

To understand why privacy and security researchers treat this as more than a privacy nicety, you have to understand what scanning a message actually requires.

End-to-end encryption means exactly one thing: only the sender and the intended recipient can read the message. Not the network. Not the provider. Not a government with a subpoena to the provider, because the provider has nothing readable to hand over. That property is the whole product.

Now insert a requirement that the message be scanned for prohibited content. There are only two places that scan can happen:

  1. On the server, after the provider can read the message — which means the message wasn’t end-to-end encrypted at all. The provider has a plaintext copy. The guarantee is gone.
  2. On your device, before the message is encrypted and sent. This is client-side scanning (CSS): your own phone inspects your message against a list and reports matches before sealing the envelope.

Client-side scanning is sometimes sold as “encryption-friendly” because the message is still encrypted in transit. That framing is a sleight of hand. If your device is compelled to inspect and report on your messages before sending them, you have a surveillance system with an encrypted pipe bolted to the back of it. The wiretap simply moved from the wire into your pocket. And once that machinery exists — a mandated scanner with an updatable list of what to look for — the only thing standing between “known abuse images” and “anything a government wants flagged” is the contents of the list. Lists change.

Without CSS:   [you] --encrypt--> ……… --decrypt--> [them]
                       (no one in the middle can read it)

With CSS:      [you] --SCAN--> --encrypt--> ……… --decrypt--> [them]

                   reports matches before the envelope is sealed

This is why a vote against mandated scanning is, functionally, a vote for end-to-end encryption to keep meaning what it says.

This is a reprieve, not a victory

We are not going to tell you Europe just settled the encryption question. It didn’t.

What expired was the voluntary derogation. Running in parallel is the permanent CSAM Regulation — the “Chat Control 2.0” that has been negotiated and renegotiated for years — and those trilogue negotiations between the Parliament, the Council, and the Commission are still ongoing. Earlier in March, the Parliament staked out a position that any future scanning must be targeted and tied to a judicial authorization rather than applied indiscriminately to everyone. That is a far better position than blanket scanning. It is not the same as the threat being gone.

The pressure that produced these proposals — the genuine, serious problem of child exploitation, and the political appeal of “we made the companies do something” — has not gone anywhere. Detection-order powers, mandatory age checks, and the recurring temptation to mandate scanning “but only for the bad content” will be back in the next draft, as they have been in every previous one. A lapse is the system pausing, not the system deciding.

For the longer history of how these proposals work and why technologists keep sounding the alarm, see our explainer, EU Chat Control, Explained.

Where RVNT stands

RVNT’s design predates this vote and does not depend on it. There is no version of RVNT that can comply with a scanning mandate by flipping a server-side switch, because there is no server in the content path to flip. Messages are end-to-end encrypted between devices with a hybrid post-quantum handshake and the Double Ratchet, and the protocol has no provision for a third party — including us — to read them.

We want to be honest about what that does and doesn’t mean against the law:

  • There is no operator to compel. A law that orders “providers” to scan presumes a provider sitting on readable messages. A peer-to-peer network with no central message store has no such party. That is a structural answer, not a legal loophole — the capability the law would conscript does not exist in the system.
  • Client-side scanning would have to be put there. The only way to scan an RVNT message is to compromise the endpoint — to mandate scanning code inside the app or the operating system itself. That is precisely the fight CSS proposals are really about, and it is a fight over your device, not over a company’s servers.
  • Open source is the verification. Because RVNT is open source under AGPLv3, you can check that no scanning hook exists, rather than trusting a compliance statement. A backdoor in open code is a backdoor anyone can find.

The honest limit

Encryption is a technical fact; jurisdiction is a legal one, and they don’t always meet on equal terms. A government that cannot read your messages can still pursue other levers: pressure on app stores to delist non-compliant apps, mandates aimed at operating-system vendors to scan beneath every app, age-verification regimes that erode anonymity for everyone, or simple network-level blocking. We’ve seen states reach for exactly these tools elsewhere. The math protecting your message is not the same as the freedom to install the app that uses it, and we won’t pretend otherwise.

What 26 March establishes is narrower but real: in the EU, indiscriminate mass scanning of private messages currently has no legal home. That is worth defending, and it is worth understanding precisely — including the part where the permanent regulation is still being written.

Don’t take our reading of it on faith. The roll-call vote is public, the regulation text is public, and so is our code. Verify all three.

Keep reading

All posts →