Chat Control on hold, Europe's Eastern flank remains passive

Patrick Breyer, former Member of the European Parliament and a key figure in protecting Europeans from privacy vulnerabilities through CSAM scanning (also known as "Chat Control"), announced today that the German Government has finally decided not to back the proposed CSAM regulation.

Patrick Breyer writes that this "blocks the required majority in the EU Council, derailing the plan to pass the surveillance law next week". It was initially planned that Interior Ministers would adopt a joint position on October 14, 2025.

This is a significant victory for European privacy advocates and citizens, thanks to Patrick Breyer and numerous privacy advocates who engaged in communicating the issues with the proposed regulation to policymakers, and who enabled regular citizens to contact their countries’ representatives easily and effectively, as was done by the FightChatControl platform.

Central and Eastern Europe and CSAR: who's who?

As an Eastern European, I’m naturally very interested in what the Central and Eastern European countries have to say about the proposed CSAM regulation.

Our citizens are exposed to scams, as well as social engineering from our unfriendly neighbor. One would expect politicians to remain concerned about the privacy of individuals’ communications, among other things.

The need for law enforcement agencies to combat predators online is understandable, but this goal must go hand in hand with assessing proportionality, privacy rights, and possible unintended consequences for citizens' security.

As explained by the FightChatControl platform, so far, only four CEE countries - Estonia, the Czech Republic, Slovenia, and Poland - stand firmly against CSAR. Poland deserves praise because its position against CSAR hasn’t changed, even though the government has.

Two countries - Latvia and Slovakia - seem to have changed their positions and are now “undecided.”

Bulgaria, Croatia, Hungary, Romania, and Lithuania remain in favor, although Lithuania’s Minister of the Interior, Vladislav Kondratovic, commented in late September that the previous position is “under review” on Lithuanian National Radio. Lithuanian association "Unicorns Lithuania" has also urged local politicians to oppose the current draft of CSAR, urging them to "defend the integrity of encryption as a strategic interest for the digital security and economies of Lithuania and all of Europe."

Deep-rooted problems in CEE digital affairs

Since the CSAR falls under the competence of the Ministries of Interior, the importance of these Ministries' engagement with other Ministries that have a say in digital policy is crucial.

Too often, interministerial communication is incomplete: more sparse than exemplary. Much like the various DGs in Brussels, local ministries are reluctant to step on each other’s toes and do not oppose a position when the lead ministry strongly favors it.

Another issue is the flawed communication between Permanent Representation Offices in Brussels and the Capitals. CEE bureaucracies tend to be leaner, and therefore Capitals rely on the expertise of attaches based in Brussels. Ultimately, one or two individuals can significantly influence the direction of the entire country.

Last but certainly not least: negligence by design when it comes to European affairs. Defense, finance, and foreign affairs, as well as select sectors that are crucial to local industries’ interests, remain at the top of CEE Member States’ agendas, while digital policy is often a fifth wheel, with even attachés in Brussels having to seek external confirmation of the country’s position rather than simply communicating the political course set at home.

CSAR is merely a reflection of a deep-rooted problem: similar issues have occurred with other digital policy matters in the past, and they are likely to recur in the future unless CEE countries invest more in their representation in Brussels and allocate more resources to navigating EU digital policy.