European Union member states have failed to reach an agreement on a proposed regulation that would have allowed monitoring of private online messages to detect child sexual abuse, prompting officials to postpone the measure indefinitely.
The controversial proposal, introduced by the European Commission three years ago, would have required technology companies to scan private communications and report suspected cases of child exploitation to law enforcement. Critics said the plan would amount to mass surveillance and violate the right to privacy.
Some politicians welcomed the decision to delay the measure, arguing it would have opened the door to large-scale monitoring of conversations on social media and other platforms. Still, they acknowledged that online child exploitation remains a growing and urgent problem.
“We’re often afraid to let our children go outside alone, but we don’t realise that sitting safely in their room, they may face even greater dangers online,” said Agnė Bilotaitė, a member of Lithuania’s conservative Homeland Union–Christian Democrats (TS-LKD) and chair of a parliamentary working group on combating child abuse.
Cybersecurity experts warned that the proposed system would have effectively monitored every message and image shared online.
“It would create what we call a ‘policeman system’, meaning every word, deleted message or image would be checked by automated and even manual tools before being sent to law enforcement,” said Linas Bukauskas, head of the Cybersecurity Laboratory at Vilnius University.
Opponents also raised privacy concerns about the potential for artificial intelligence to flag ordinary family exchanges as suspicious.
“If a mother sends a photo of a child to the father, AI might automatically flag it as inappropriate, leading to message surveillance,” said European Commissioner Virginijus Sinkevičius. “There would be no real privacy left – even doctors and patients communicate this way.”
The European Council had been expected to vote on the regulation this week, but the decision was postponed indefinitely after several member states withdrew their support.
“Germany’s government said it cannot agree to a system that would mean monitoring all private conversations, as that would interfere with communication privacy,” said Member of the European Parliament Paulius Saudargas.
Lithuania remains among the countries supporting the proposal.
“Children’s safety and investment in tools to protect them should be a priority,” Bilotaitė said. “Even if this issue stalls at the European level, I hope Lithuania will move forward nationally.”
It remains unclear whether the proposal will return to the EU agenda. However, member states agree that improving child safety online must remain a focus.
Separately, the European Parliament’s committee is considering another proposal – introducing age limits for social media access, potentially restricting platforms to users aged 16 and older, with mandatory age verification.
“The user’s age should be properly verified – not just by clicking a confirmation box,” Saudargas said.
“We need users to identify themselves so that a person pretending to be ‘Matt13’ isn’t actually a 50-year-old man,” added Sinkevičius.
Cybersecurity experts say such age verification could be technologically feasible if users confirmed their identity with official documents while keeping the data private.
“If children authenticate themselves with an ID without sharing the data with third parties – for example, if a gaming server only knows the user is a minor – that could be enough,” Bukauskas said.
For now, questions remain over how such a system would work, what the appropriate age limit should be, and whether such restrictions should be imposed at the EU level or left to national governments.
Newsletter
Every Friday morning.
