Despite the fact that the European exemption (called Chat Control 1.0) allowing blanket scanning of private messages expired on 3 April, some companies are continuing the practice, according to their statements. MEP Markéta Gregorová has therefore lodged formal complaints with both the Office for Personal Data Protection (OPPD) and the Czech Telecommunications Office (CTU). In her view, this is a clear violation of the ePrivacy Directive and the General Data Protection Regulation (GDPR).

The exemption from the ePrivacy Directive, which allowed platforms to scan the content of chats and emails, has lapsed after MEPs refused to allow it to continue. As of 4 April, any blanket intervention in the confidentiality of communications lacks legal backing. Despite this, the big platforms (Microsoft, Meta, Snap and Google) have announced that they will continue their „proactive measures“. It is to them that the complaint is directed.

"The exception is over, but the tech giants pretend as if nothing has happened and continue to search the messages of millions of Europeans. This is totally unacceptable. Since there is no longer a legal framework to justify such a massive invasion of privacy, every second of such scanning is illegal. I therefore call on the supervisory authorities to investigate and stop these practices immediately,“ said Gregor, who has advocated for the end of Chat Control 1.0.

„We cannot allow private corporations to play police and judge in one, without any basis in law. The blanket scanning of billions of items directly contradicts the case law of the CJEU, which clearly states that surveillance must be targeted at specific suspects, limited in time and subject to judicial review. None of this is happening now,“ Gregorová explained.

"The audacity of each platform is outrageous. On what basis do they even dare to spy on millions of people just because they are on the internet after ChatControl 1.0? Instead of sweeping their own doorsteps and taking real steps to make not only children, but all users of their services safer, they are just abusing their position. They are just confirming that safety was never the point and the Pirates' work is certainly not over," doplnil poslanec Ivan Bartoš.

"It's okay to want to be safe on the internet, but does anyone feel safer with a stalker outside their window? Hardly. A similar situation is happening in the online space. When someone is controlling and using people's personal information online, even though they have no legal basis for doing so, it's not about safety, it's about their own benefits.,” added the MP. Michaela Moricová.

In her complaint, Pirate MEP Gregorová also argues that the GDPR has been violated. Companies often refer to „public interest“ or „legitimate interest“. However, according to case law, this is legally untenable for commercial entities in the case of blanket monitoring of communications.

„The fight against crime is the task of the state and the police under the supervision of independent courts, not the algorithm of Google or Meta. If we tolerate big companies ignoring expiring laws and continuing to snoop on our news, we are resigning ourselves to the basic principles of the rule of law. I hope that the OCC and the CTU will react quickly and clearly define the boundaries that these platforms must not cross,“ adds Gregorová.

Each platform can be fined up to four percent of its global turnover for violating GDPR. This would exceed €7 billion in the case of Meta alone. Violations of the Privacy Directive are dealt with by Member States individually. In the Czech Republic, the fine can be up to CZK 10 million.

pirati.cz/gnews.cz - GH