European Union: European Parliament rejected proposal to extend Regulation (EU) 2021/1232 on derogation from ePrivacy Directive until 2028

On 26 March 2026, the European Parliament rejected the proposal to extend Regulation (EU) 2021/1232 on derogation from the ePrivacy Directive until 2028. This regulation sets out interim rules on data processing for the purpose of combating online child sexual abuse material (CSAM). The regulation would have temporarily derogated from the ePrivacy Directive, enabling providers of online communication services to voluntarily detect, report, and remove CSAM. The Commission proposed extending this interim framework, due to expire on 3 April 2026, until 3 April 2028. The European Parliament adopted an alternative extension proposal on 11 March 2026 to extend the deadline until 3 August 2027.