What you can do: https://www.patrick-breyer.de/en/posts/messaging-and-chat-control/#WhatYouCanDo
Contact your MEP: https://www.europarl.europa.eu/meps/en/home
Edit: Article linked is from 2002 (overview of why this legislation is bad), but it is coming up for a vote on the 19th see https://www.patrick-breyer.de/en/council-to-greenlight-chat-control-take-action-now/
Aaand here’s your misunderstanding.
All messages detected by whatever algorithm/AI the provider implemented are sent to the authorities. The proposal specifically says that even if there is some doubt, the messages should be sent. Family photo or CSAM? Send it. Is it a raunchy text to a partner or might one of them be underage? Not 100% sure? Send it. The proposal is very explicit in this.
Providers are additionally required to review a subset of the messages sent over, for tweaking w.r.t. false positives. They do not do a manual review as an additional check before the messages are sent to the authorities.
If I send a letter to someone, the law forbids anyone from opening the letter if they’re not the intended recipient. E2E encryption ensures the same for digital communication. It’s why I know that Zuckerberg can’t read my messages, and neither can the people from Signal (metadata analysis is a different thing of course). But with this chat control proposal, suddenly they, as well as the authorities, would be able to read a part of the messages. This is why it’s an unacceptable breach of privacy.
Thankfully this nonsensical proposal didn’t get a majority.
Ahh, that is indeed a critical detail on the implementation not quite clear right away. To be honest I don’t trust the end-to-end encryption most of these services offer. If I want perfect privacy, I’m sticking to self hosting stuff