Published: Wed 1 Apr 2026
From 3 April, the EU will become the only jurisdiction in the world where companies will not have legal certainty to search for child sexual abuse material on their platforms as Brussels lawmakers face mounting calls to take urgent action to protect children online.
Today (1 April) 246 civil society organisations across all EU Member States and beyond, working to advance children's rights and end sexual abuse, have condemned EU policymakers' failure to extend the legal framework that enabled and empowered these detection activities.
An industry letter, signed by global technology organisations and IWF Members, including DOT Europe, Aylo, Qoria, StrawberrySocial Ltd, Piccolo PTE Ltd, and Eastern Telecommunications Philippines Inc, warns that these effects will not stop at EU borders, as reduced detection and reporting in the EU will weaken global efforts to combat child sexual abuse, with consequences for children, survivors, and investigations worldwide.
Both warn that the EU, which already hosts more child sexual abuse material than any other region in the world, will see a worsening situation with consequences felt far beyond the EU's borders.
In 2024, more than half (62%) of the child sexual abuse webpages confirmed to contain child sexual abuse material by the IWF were traced to hosting services in EU countries. This is an 11-percentage point increase from the previous year, when 140,911 webpages were discovered on EU servers.
The outcry comes after a vote at the European Parliament last week where lawmakers voted not to extend a temporary law providing legal certainty for companies to use automated tools to detect child sexual abuse material within their own interpersonal communication services.
As a result of this vote, there is now uncertainty about whether systems protecting children from online sexual abuse on interpersonal communication services will be legal to operate across the EU. From this Friday (3 April), technology companies operating in the European Union will lose the clear legal basis to detect this content and prevent it from spreading.
Previously, technology companies had operated under a voluntary framework in the EU, developing privacy-preserving tools to keep child sexual abuse material off their platforms. In 2020, changes to the e-Privacy Directive created legal uncertainty about whether voluntary detection of this illegal material was permissible under EU law. A temporary law clarified that companies could continue doing the right thing while a permanent solution was negotiated. This phase of that derogation expires on 3 April.
The European Commission put forward a proposal for a permanent framework in 2022, but it became caught in a deadlock which has stalled the legislation. The child protection sector and technology companies alike are calling on lawmakers to progress negotiations on the permanent framework, warning that children will suffer if this is further delayed.
IWF CEO Kerry Smith, said: “This is a devastating failure for child protection in the EU – and globally – as proven tools for the detection of child sexual abuse material will be forced offline.
“Thanks to political gamesmanship, the EU has now opened the door for predators to target children without fear of reprisal.
“It is now even more urgent that the EU agrees on a permanent legislative framework to safeguard children on the internet.”
If you are a technology company and would like to join our call to the EU for action, please email [email protected].
A new IWF report reveals record levels of AI‑generated child sexual abuse imagery and alarming insight into how offenders are exploiting emerging technologies. The charity is urging EU lawmakers to introduce a zero‑tolerance ban on AI‑generated abuse and the tools used to create it.
