On 9 July 2026, the European Parliament adopted a legislative resolution approving the Council's position at first reading on a temporary derogation from the ePrivacy Directive, but with two amendments that explicitly exclude end-to-end encrypted communications from the regulation's scope. The resolution, based on a text tabled by unidentified authors, inserts a new subparagraph (Amendment 26) specifying that the derogation shall not apply to interpersonal communications protected by end-to-end encryption, and a new standalone paragraph (Amendment 30) stating that the entire regulation does not apply to such communications. These amendments represent a fundamental challenge to the regulation's premise, prioritising the preservation of encryption over the use of scanning technologies to combat online child sexual abuse.

The temporary derogation, originally proposed by the European Commission, would allow providers of number-independent interpersonal communications services to process personal and other data for the purpose of detecting child sexual abuse material online. The Council adopted its position at first reading on an unspecified date, and the Parliament's resolution now formally endorses that position with the encryption carve-out. The amendments, if enacted, would prevent any detection order or voluntary scanning measure under the derogation from targeting content protected by end-to-end encryption, regardless of the purpose. This creates a clear trade-off: while it safeguards privacy and encryption integrity—benefiting users and technology providers who prioritise secure communications—it may limit the effectiveness of measures aimed at protecting children from online exploitation, a concern for law enforcement and child protection organisations. The regulation now awaits final adoption by the Council, which must accept the Parliament's amendments for the text to become law.

← Atlas › News › Digital & Communication