The European Union has long been debating new legislation to crack down more forcefully on online child abuse. Central to this is the so-called "Chat Control" proposal, which would require providers of chat services such as WhatsApp, Signal and Telegram to scan users' private messages for images, videos and links to child abuse material - even in end-to-end encrypted chats. This runs counter to traditional digital mail secrecy and raises much debate about the limits of privacy.
According to European Commission data, as many as 36 million reports of online sexual abuse were received by 2023, with over 100 million compromising images. Children's rights organizations are calling for strict intervention. Defence for Children, for example, believes that companies should actively track down and remove, as victims repeatedly face their trauma as long as images continue to circulate. "The Netherlands has been one of the largest hosting countries for years. Not addressing this problem is not an option," the children's rights organization told EenVandaag.
In fact, research shows that most of all child pornography in Europe is stored on Dutch servers. Hubert calls Dutch regulations on prohibited material on servers far too soft. "If there is wrong material on it, we say: remove it. And then everything is fine again. If you are found in France with the wrong kind of children's photos on your servers, then you lose your servers for the time being," he tells the NIS.
At the same time, there is strong criticism. Huib Modderkolk emphasizes in de Volkskrant that digital mail secrecy has traditionally been a fundamental civil right in the Netherlands and Europe. According to him, the plan for Chat Control represents a fundamental break with privacy traditions: citizens will have to accept that private communication will no longer be automatically protected from now on. Modderkolk warns that this change in the law is not only about tackling child abuse, but above all sets a precedent that undermines the foundation of fundamental rights. According to him, what begins as a tool against abuse can later be used broadly, structurally lowering the threshold for mass surveillance and growing distrust towards citizens.
European member states are also divided. For example, in a letter to the Lower House in late September, the Dutch government let it be known that the current proposal does not sufficiently address its concerns about the protection of fundamental rights, "particularly in the areas of privacy and confidentiality of communications and telecommunications, and the security of the digital domain." In doing so, the Netherlands joins countries that fear the law in its current form will do more harm than good.
Cyber experts such as Bert Hubert additionally point out cybersecurity risks and the danger of misuse by malicious parties. Infrastructure can be a "gold mine for hackers." There is also the risk of "false positive" reports: innocent images of ordinary citizens may end up with the authorities.
For now, the proposal has not been adopted: Germany pulled it from the agenda on Oct. 9, 2025, failing to create a majority in the EU. Still, the discussion remains current. On Oct. 14, EU justice ministers may vote on the latest proposal. After that, the plans still have to pass the European Parliament and the European Commission before leading to a final law.
