On 19 May 2023, the European Parliament's rapporteur Javier Zarzalejos published a draft report on the controversial Commission proposal for a regulation of the European Parliament and of the Council laying down rules to prevent and combat child sexual abuse (COM (2022) 0209 → eucrim 2/2022, 91-92). Zarzalejos did not propose any substantial changes and wholly welcomed the European Commission’s proposal. He supports the approach based on the assessment conducted by each provider of the risks of their services being misused for the purpose of child sexual abuse. Zarzalejos pointed out that the set of safeguards introduced in the proposal and the EDPB-EDPS Joint Opinion 04/2022 represented a major contribution to his assessment. Furthermore, he advocated the controversial possibility for providers to process metadata that can detect suspicious patterns of behaviour, even in the case of end-to-end encryption. The report endorsed the creation of the EU Centre on Child Sexual Abuse and proposed setting up a Victims’ Consultation Forum in order to strengthen the position of victims.

Meanwhile, the European Parliament's Research Service raised concerns about the privacy and technical implications of the draft law in a complementary impact assessment published in April 2023. The study concluded that the overall effectiveness of the proposal is expected to be limited due to several factors. For example, perpetrators who wish to continue their activities without being targeted by the measure introduced by the proposal are likely to resort to the dark and deep web, where identification is more difficult. The analysis also calls into question end-to-end encryption, because there is currently no technological solution that would allow for scanning of the confidential communications required by warrants without jeopardizing end-to-end encryption. The evaluation also made clear that the proposal would interfere with Articles 7 and 8 of the EU Charter of Fundamental Rights by violating the prohibition of general data retention and the prohibition of general surveillance obligations. While the proposal would generally benefit the protection of children, it would interfere with the fundamental rights of service users, which would not be justified. These criticisms echo those voiced by civil society and, more recently, by the German Bar Association.