:quality(85):upscale()/2026/03/16/901/n/1922398/7098afdb69b86a52587585.46389067_.jpg)
:quality(85):upscale()/2025/08/14/650/n/1922283/470aeb83689df49cdc1bb6.14084110_.jpg)
:quality(85):upscale()/2023/10/03/668/n/1922283/1f15c8a9651c2d209e5eb5.32783075_.jpg)
:quality(85):upscale()/2025/09/09/891/n/1922283/7222624268c08ccba1c9a3.01436482_.png)
:quality(85):upscale()/2023/09/18/918/n/1922398/a1136b676508baddc752f5.20098216_.jpg)
.jpg?#)
Tech firms enter legal limbo over child abuse scanning
BRUSSELS — Technology companies in Europe face a cliff edge on Saturday, as a law allowing them to scan online messages for child abuse material expires.
But while scanning becomes illegal, tech firms aren’t likely to stop the practice just yet.
A temporary European Union legislation has allowed companies — including Meta, Google, Microsoft and Snapchat — to voluntarily scan their services for child sexual abuse material (CSAM). Law enforcement officials have described the process as “vital” to crack down on child abuse. But the regime ran out on April 3, and EU legislators last month failed to agree on the terms to extend it.
The reactions to the political deadlock have been furious: European home affairs commissioner Magnus Brunner said it was “hard to understand,” and child rights group the Internet Watch Foundation called it an “abject political failure.”
Despite the lack of a legal fix, tech firms could very well continue to scan for child sexual abuse.
Google, Meta, Microsoft and Snapchat’s parent company Snap said in a joint statement late on Friday that they “will continue to take voluntary action” to scan messages. “We call on EU institutions to conclude negotiations on a regulatory framework as a matter of urgency,” the tech companies said.
One senior industry official involved in decisions on scanning, granted anonymity because they’re not authorized to speak publicly, said their view is that, though the end of the law makes the legal picture murky, it does not make it unlawful to scan.
Firms faced a similar gap in 2020, when they fell without a legal basis to scan for content. All companies scanning for CSAM, with the exception of Meta, said they did not stop scanning at that time.
A Microsoft lobbyist in February said the previous legal vacuum “did not stop Microsoft from continuing voluntary detection,” in an email to lawmakers seen by POLITICO.
If tech firms continue their scanning, they would be in breach of EU law, officials have warned. Four commissioners wrote in March that, without the law, providers will be in violation of the e-Privacy Directive when scanning for child sexual abuse material online.
“Without a legal basis, companies are no longer allowed to proactively detect child sexual abuse in private communications,” Commission spokesperson Guillaume Mercier said in a statement.
According to Markéta Gregorová, a Czech member of the European Parliament with the Greens group who has criticized the scanning regime for being too broad and invasive, “we know that some companies kept scanning during the previous legal gap … We need to remain vigilant.”
Ellen O’Regan contributed reporting.
This article has been updated.
