Client-side scanning (CSS) has been proposed as a way to detect illegal content in E2EE messaging without breaking encryption. However, security researchers and privacy advocates argue that CSS fundamentally undermines encryption by scanning content before it is encrypted, creating a surveillance backdoor by another name.
The messaging app that can't read your messages. Even if they wanted to.
CSS scans message content on the user's device before encryption occurs. Proposed implementations compare images against databases of known illegal content using perceptual hashing, or use AI classifiers to detect prohibited material. Matches are reported to the platform or authorities. Proponents argue this preserves E2EE because scanning happens before encryption. Critics argue it creates the same surveillance capability as breaking encryption.
The EU's proposed Chat Control regulation would require messaging platforms to implement CSS for detecting child sexual abuse material. The proposal has been deeply controversial, with the European Parliament's civil liberties committee voting against mandatory scanning. The European Data Protection Board warned that CSS creates disproportionate surveillance risks. Revised proposals have narrowed the scope but maintained the fundamental CSS mechanism.
Multiple peer-reviewed studies have demonstrated CSS vulnerabilities. Perceptual hashing can be fooled by trivial image modifications. Hash databases can be poisoned to flag innocent content. AI classifiers produce false positives at rates that would affect millions of innocent users. Researchers demonstrated that CSS infrastructure could be repurposed for political censorship, religious persecution, or authoritarian surveillance with minimal modification.
Apple initially proposed CSS for iCloud Photos, then reversed course after security researcher backlash. Signal threatened to exit markets that mandate CSS. WhatsApp opposed EU Chat Control. The overwhelming consensus among messaging platform engineers and security researchers is that CSS fundamentally compromises the privacy guarantees of E2EE, regardless of implementation details.
WeTalkin will never implement client-side scanning. CSS fundamentally violates zero-knowledge architecture by analyzing content on-device and reporting results to external parties. This creates the same surveillance capability as breaking encryption — it just happens at a different point in the process. WeTalkin is committed to protecting user privacy completely, not partially.
Truly private messaging. Zero-knowledge by design. Cancel anytime.
CSS scans message content on your device before encryption. While proponents say it preserves E2EE, security researchers argue it creates the same surveillance capability as breaking encryption. If your device reports message content to authorities, the encryption is functionally meaningless for privacy.
The EU proposed Chat Control regulation including CSS requirements, but it has faced significant opposition. The European Parliament's civil liberties committee voted against mandatory scanning. Revised proposals continue to evolve. No major messaging platform has implemented CSS for regulatory compliance.
No, and it never will. Client-side scanning fundamentally violates zero-knowledge architecture. WeTalkin's commitment is to complete privacy — scanning content at any point in the process, including on-device, undermines the privacy guarantees that define the platform.
Zero-knowledge architecture. No phone number. Your data stays yours. Always.
WeTalkin: End-to-end encrypted messaging with zero metadata collection. No ads. No data harvesting. Just private conversation.
Subscribe to Privacy Newsletter
App returning to stores soon. Join 10,000+ privacy advocates.
Weekly digest of surveillance news, privacy tools, and protection tips. Free.
ContentMation automates marketing campaigns and content creation for growing businesses. Try it free →
Private messaging with end-to-end encryption. No phone number required.
Get Started FreeWeTalkin is end-to-end encrypted messaging with zero data collection. No phone number required. Your conversations stay yours.
Trusted by 10,000+ privacy advocates. Free to start.
Explore the full portfolio of independent AI tools and editorial properties at blossend.com.