EU Postpones Chat Control – Germany Prepares National DSA Rules

On November 1, 2025, the European Commission officially postponed the rollout of mass scanning of private messages for CSAM — the controversial Chat Control mechanism. This pause halted one of the EU’s most debated initiatives, but in Germany, the discussion is heating up: The Federal Ministry of Justice has announced national measures under the Digital Services Act (DSA). While Brussels takes a breather, German authorities plan to require messengers, cloud services, and corporate platforms to deploy content detection tools — from client-side scanning to metadata retention.

These measures directly impact Article 10 of the European Convention on Human Rights (confidentiality of correspondence), Article 8 of the GDPR (data protection), and Article 5 of the German Basic Law (freedom of expression). The case law of the BVerfG and CJEU demands strict proportionality: similar provisions (§ 100a StPO, TKÜV) have already been declared partially unconstitutional.

At risk are German SMEs with internal chat systems, international services with users in Germany, and open-source developers. DSA fines reach up to 6% of global annual turnover. National rules are expected to enter into force in 2026, which — according to legal experts — will trigger a wave of lawsuits in administrative courts and new cases in Karlsruhe.