Yesterday the European Parliament voted, under an urgency procedure, to bring Chat Control back after it had already been rejected - 331 members voted for the urgency and 304 against - and that means the same law, the same scanning of every private message sent in Europe, rewritten as a new file carrying the content the Parliament had already thrown out, is now heading to a second reading where I do not believe it can realistically be stopped.
The reason I say it cannot be stopped is the way a second reading works, because to reject the Council's position you need an absolute majority of every MEP who holds a seat, which is 361 votes rather than a majority of the members who happen to be in the chamber, and a majority of 361 against this file has not been reached once in the five years it has been fought over. It is even less likely to be reached now, because the vote has been scheduled for the day the Parliament rises for the summer when a large number of members have already gone home, and I do not accept for a moment that the timing of that is an accident.
I have fought this law as Chat Control I and again as Chat Control II, and I have fought it as a survivor of child sexual abuse who told his story nearly fifteen years ago, testimony that put my abusers, and the abusers of more than twenty other boys from my school, in prison. I would never have found the courage to tell that story without private, confidential, encrypted communication, and the convictions that followed would never have happened, so when the members who voted yesterday tell you they are doing this to protect children, understand that I am one of the children they claim to protect and I am telling you they are doing the opposite of protecting us.
What Chat Control is, and why it keeps coming back
Chat Control is a proposal to scan the private communications of everyone in Europe on the theory that somewhere in the hundreds of billions of messages we send every day there might be an image of child abuse worth finding, and it has come back to the Parliament in two forms. The first was the ePrivacy derogation, which asked providers to scan "voluntarily", and the second was the CSA Regulation, which went further and reached for detection orders that would force scanning into the apps we use to keep a message private, and forcing scanning into those apps means breaking the encryption that protects all of us, including journalists and their sources, lawyers and their clients, and survivors who are too frightened to call a helpline from a phone they cannot trust.
The Parliament rejected it, and it was right to, because the Court of Justice has said repeatedly that any interference with a fundamental right has to be necessary and proportionate, and there is nothing proportionate about putting an entire continent under suspicionless surveillance to look for material that, by the time there is an image to scan, records a crime that has already happened. Detection happens after the fact. By the time there is anything to detect, the child in that image has already been raped, and I use that word on purpose because "abuse" softens what is actually done to us, and scanning the private messages of half a billion people does nothing for that child except drive the trade that harmed them further underground where it becomes harder to find.
The manoeuvre being used to bring the law back is the part that made me sit down and write this. A proposal the Parliament rejected, which had expired, is being reintroduced with the same content as though it were a brand new file, and it is being pushed through under urgency in order to avoid a fresh opinion from the European Data Protection Supervisor and the fundamental-rights impact assessment that any honest legislature would insist on before doing something this serious. There is nothing sudden about the danger, and the urgency exists only to escape that scrutiny, and the people driving it know that perfectly well.
The President's role, which should worry you whatever you think about privacy
The urgency procedure that carried yesterday did not reach the agenda on its own, because it is there through the office of the President of the Parliament, used to override the rejection the Parliament had already delivered. The President is supposed to be the neutral chair of the chamber, the one office that does not take a side, and here it has been used to force a second attempt at a law the members had already refused, timed to the one week in the year when the numbers needed to stop it cannot be assembled. If the presidency can take a proposal the Parliament has democratically rejected, wait, reissue it with the same wording, and push it back through under an urgency that removes the independent scrutiny and lands it on the day everybody leaves, then the Parliament's own decisions can be reversed by the chair whenever a losing majority decides not to accept the result. And by the convention that the President does not vote in these divisions, the one person who did the most to bring this back will appear in the record as having taken no position at all.
I pulled their records
I decided I had listened to enough people tell me this is about protecting children when they have never once sat across a table from one of us, so I pulled the full voting history of this Parliament together with the public register of every meeting these members have held with lobbyists, and I put the two together.
At the foot of this piece you will find every one of the 415 MEPs who did not oppose Chat Control yesterday - the 331 who voted for the urgency, the 11 who abstained, and the 73 who did not turn up to vote at all - and for each of them you can see how they have voted across fifteen of the defining fundamental-rights fights of this mandate, from the earlier Chat Control votes to the mass transfer of your travel data and the biometric surveillance written into the Migration Pact, and you can see, meeting by meeting, which organisations have had their ear. Click any name to open their full record.
Who they actually work for
The meeting data is not ambiguous. Of all 415 of these members, only 120 have met a single civil-society or digital-rights organisation in the whole period I examined, meaning the groups who actually argue for your privacy and warn that this law breaks encryption for everyone, and the remaining 295 have not sat down with that side of the argument even once. Against that, of the 331 who voted to bring the law back, 104 have taken meetings with industry - the large technology companies, the telecoms, the adtech brokers and the professional child-safety lobby that has campaigned for this scanning for years - and have taken no meeting at all with a civil-society voice on the other side. One member has met the large technology companies forty-four times. Another has met the scanning lobby seven times and big technology twenty-seven times, and then voted exactly the way that lobby wanted.
The organisations that front this law in public, the ones whose names get raised in the chamber to make anyone who opposes it sound as though they do not care about children, turn out to have spent years in the offices of the same MEPs who then carried it, while the technologists and the lawyers and the survivors telling those members that it does not work and cannot be lawful were not getting through the door. When a member has heard from Thorn and ECPAT and the Internet Watch Foundation and every trade body big technology can fund, and has never once heard from the people who would have told them the truth, the record of who they met explains the vote.
The ones who never even listened
There are members here who sat with the technology industry and the scanning lobby and could not find a single hour, across years in office, to hear from one organisation defending the privacy of the people who elected them, and those members deserve to be named for it. They arranged their diaries so that the case for your rights was never put to them at all, because the only people they ever met were the ones who profit from taking those rights away, and to my mind that is worse than hearing the argument and voting against it anyway.
For those members there is, to use a phrase you will recognise, a special place in hell - the ones who will vote to scan your messages and your children's messages and your doctor's messages, who will tell you to your face that they did it to keep children safe, and who never in all their time in Brussels and Strasbourg gave five minutes to a single person who could have told them the truth about what they were voting for. You will find them in the table, and I would encourage you to find the ones who represent you and to remember their names when they next ask for your vote.
This does not end tomorrow
I have no illusions about the vote - the date was chosen precisely so the numbers to stop it could not be found, and the law will very probably pass, but every one of these votes is on the public record, so every name below goes into the run-up to the next European elections with its voting history and its meeting history attached, so that the people these members were elected to serve can decide whether someone who spent this mandate working for business deserves to be sent back.
If you have a few minutes before the vote, write to your MEPs, because you can find every address at fightchatcontrol.eu, and tell them plainly that you can see how they have voted and who they have been meeting, because they are counting on you not paying attention.
I was abused, I ran one of the first online support groups for survivors, I worked with law enforcement around the world tracking down the people who produce and trade this material, and I have written twice, twenty-seven years apart, on how to actually fight it, and the answer has never once been to spy on everyone. Do not let them take confidential communication away from the next child who needs it in order to speak - I needed it as a child, and without it I would not be here to write any of this.
The 415
- Rights — out of the 15 defining fundamental-rights votes this mandate (the earlier Chat Control votes, the mass transfer of travel/PNR data, the Migration Pact's biometric surveillance and others), how many the MEP failed to defend rights on — voting against, abstaining, or not voting. Higher is worse.
- Vote — the MEP's position on the Chat Control urgency vote.
- Lobbying — logged meetings with big-tech, pro-scanning and civil-society organisations.
- Click any row for the MEP's full record.
| Name | Country | Group | Vote | Rights | Lobbying |
|---|
