For quite some time, we haven’t been particularly active on the internet and social media, but that doesn’t mean we’ve disappeared. We’ve been somewhat limited by personal matters, but there’s too much going on right now for us to remain silent.

In short: we are losing privacy in slow motion. It is slipping while we look away. And unfortunately, the EU is largely to blame for this.

In the EU a plan called “chat control” is back on the table. It would force services to scan private messages. That includes even messages protected by end-to-end encryption. Critics say this turns private chat into a screening line. The plan has moved forward again this summer under the Danish presidency. A vote is talked about for mid October. Poland is one of the very few countries which oppose these regulations.

Digital rights groups and many engineers warn that client side scanning breaks the very idea of secure messaging. The EU Parliament and Council already extended a temporary rule that lets platforms scan on a voluntary basis until April 2026. Turning that into a broad mandate would be a different world. Quite a dark one. All this with “child safety” on everyone’s lips.

You can feel the public mood online. Reddit is full of worried threads from r/europe and r/privacy to r/slovakia. People see this as mass scanning and as a blow to trust in tech. This is not fringe. It is a mainstream fear among users and creators.

At the same time Google is tightening control on Android. The company will start verifying the identity of developers who share apps outside the Play Store. It says this will fight scams and malware. Play Protect already scans installs from any source in real time. These moves raise the bar for independent app distribution. They also put more gatekeeping power in one place.

Both stories point in the same direction. More scanning. More identity checks. More control over what runs on our devices. Some of this has clear safety goals. The risk is that the baseline for private life keeps shrinking. Clearly, we don’t want to sound as if we’ve put on aluminium foil hats, but the line between smart defense and hard surveillance seems to blur fast.

What worries us most is how little space this gets in day to day talk. In news feeds this topic is virtually absent. On LinkedIn, the feed is dominated by AI (and sometimes HR threads). New models. New benchmarks. Little on encryption policy or platform power. These issues decide what kind of internet we live with and pass to our kids. They deserve plain talk from both non tech folks and specialists. No jargon. No spin.

Orwell wrote “1984” as a warning, not an instruction manual.

If you care about this, read from primary sources. Then speak up. Ask your teams about encryption. Ask your vendors about on-device scanning. Ask your leaders what safeguards they back. Contact your MEP.

If you work in tech or you simply use a phone, now is the time to pay attention.

Reading materials:

• Fight Chat Control – https://fightchatcontrol.eu/
• Chat Control: The EU’s CSAM scanner proposal – https://www.patrick-breyer.de/en/posts/chat-control/
• Chat control: incompatible with fundamental rights – https://freiheitsrechte.org/en/themen/digitale-grundrechte/chatkontrolle
• The EU could be scanning your chats by October 2025 (…) – https://www.techradar.com/computing/cyber-security/the-eu-could-be-scanning-your-chats-by-october-2025-heres-everything-we-know
• A “political blackmail” – the EU Parliament is pressing for an agreement on the chat scanning bill – https://www.techradar.com/computing/cyber-security/a-political-blackmail-the-eu-parliament-is-pressing-for-new-mandatory-scanning-of-your-private-chats
• A New Era of Attacks on Encryption Is Starting to Heat Up – https://www.wired.com/story/a-new-era-of-attacks-on-encryption-is-starting-to-heat-up/
• The Internet wants to check your I.D. – https://www.newyorker.com/culture/infinite-scroll/the-internet-wants-to-check-your-id
• Chat Control 2: Can we trust the European Parliament? (automatic translation) – https://femtejuli.se/2025/07/18/chat-control-2-kan-vi-lita-pa-europaparlamentet/
• Google will require developer verification (…) – https://9to5google.com/2025/08/25/android-apps-developer-verification/

Bonus:

• Switzerland’s New Surveillance Law: A Privacy Crisis for Encrypted Services – https://pixelunion.eu/blog/switzerlands-new-surveillance-law/
• Switzerland plans surveillance worse than US – https://tuta.com/blog/switzerland-surveillance-plan

As we navigate the ever-evolving digital world, especially here in Europe, it’s crucial we stay informed. Have you heard about the EU’s new ‘ProtectEU’ strategy, announced by the European Commission? It’s making waves, and frankly, as of May 6, 2025, some of its proposals have us at the Made in Europe Association quite concerned.

So, what’s ProtectEU all about? On the surface, it’s a comprehensive plan for the 2024-2029 period, aiming to bolster the EU’s internal security against a range of threats, from organised crime to cyberattacks. A key, and rather controversial, component is its plan to prepare a “Technology Roadmap on encryption”. The stated goal? To identify and assess technological solutions that would allow law enforcement authorities to access encrypted data – think your private messages or secure files – in a “lawful manner,” all while supposedly “safeguarding cybersecurity and fundamental rights”. For those less familiar, ‘end-to-end encryption’ is the technology that keeps your digital conversations truly private, ensuring only you and the person you’re communicating with can read them; not even the service provider can get a look in.

The Big Concern: Weakening Encryption

Now, why the alarm bells from so many quarters? This idea of “lawful access” often translates into proposals for measures that could fundamentally weaken encryption. We’re talking about things like ‘backdoors’ – essentially secret keys that bypass security – or ‘client-side scanning,’ where your messages could be scanned for certain content on your device before they even get encrypted and sent. Sounds a bit intrusive, doesn’t it?

Well, a significant number of civil society organizations, academics, technologists, and human rights advocates certainly think so. They argue, and we at the Made in Europe Association agree, that attempting to create ‘safe’ backdoors or ‘privacy-preserving’ client-side scanning is technically unfeasible. Experts have long warned that any system designed to bypass encryption inherently creates vulnerabilities that can be exploited by anyone – not just the intended ‘good guys,’ but also cybercriminals and even hostile state actors, posing severe risks to everyone’s digital safety. Indeed, the European Court of Human Rights has explicitly stated that introducing backdoors to weaken encryption could enable widespread surveillance and be exploited by criminal networks, deeming such a risk disproportionate.

Why This Matters for Europe (and You!)

In these times of considerable geopolitical uncertainty, including the shifting sands of US politics and ongoing global economic competition, strengthening Europe’s digital sovereignty is more critical than ever. We need robust, secure digital infrastructure, ideally built and championed by European innovators. Initiatives that propose weakening encryption, however, could achieve the precise opposite. They risk not only compromising individual privacy but also making our entire digital ecosystem more vulnerable, undermining trust in European technology at a time when we need to bolster it. How can we aim for genuine digital leadership if the very tools that ensure our online security and data privacy are deliberately compromised?

The Open Letter Against ProtectEU’s Encryption Plans

This isn’t just an isolated concern. Tuta, a European secure email provider, recently highlighted an open letter on their blog, addressed to Ms. Henna Virkkunen, the EU’s Executive Vice-President for Tech Sovereignty, Security and Democracy. This letter is signed by an impressive coalition of civil society organizations, scientists, researchers, and other experts specializing in human rights and technology.

Key points from the open letter include:

• Threat to fundamental rights & security: The plan for a Technology Roadmap on encryption to enable law enforcement access to encrypted data is seen as a significant risk.
• Technically impossible to do safely: There’s a wide scientific consensus that providing ‘exceptional access’ without creating vulnerabilities exploitable by malicious actors and authoritarian regimes is not possible.
• Flawed solutions: Proposals like client-side scanning are not truly privacy-preserving; they can enable bulk surveillance and increase the risk of security breaches.
• Encryption must be strong: The letter emphasizes that strong, end-to-end encryption is crucial for safeguarding human rights and ensuring a secure digital infrastructure across Europe.
  The signatories also call for meaningful participation in the development of this Technology Roadmap, requesting seats at the table for independent experts to ensure solutions are evidence-based and respectful of fundamental rights.

Our Stance and A Call to You

Here at the Made in Europe Association, we stand firmly with these critics. We believe that strong encryption is a cornerstone of a secure, free, and innovative digital Europe. Efforts to undermine it, even with the stated aim of lawful access, are technically fraught and could have far-reaching negative consequences for our continent’s digital security infrastructure and our citizens’ fundamental rights. In an era where digital threats are escalating and Europe’s digital autonomy is paramount, pursuing policies that weaken our defences seems counterproductive.

We strongly encourage you to delve deeper. You can find the full open letter and Tuta’s insightful analysis on their blog here. Educate yourselves on the implications.

What are your thoughts on this delicate balance between security and privacy? How should Europe navigate these challenges to protect both its citizens and its digital future? We’d love to hear your views in the comments below.