Skip to main content
NOPE
In Effect Law Child Protection Moderate Relevance

EU CSAM Interim

Regulation (EU) 2021/1232 + Regulation (EU) 2024/1307 (CSAM Interim Derogation)

Temporary legal bridge allowing certain communications providers to voluntarily detect/report/remove CSAM, notwithstanding ePrivacy constraints. Extended via 2024/1307 while permanent CSAR negotiated.

Jurisdiction

European Union

EU

Enacted

Unknown

Effective

Unknown

Enforcement

Not specified

Temporary regime; expires April 3, 2026

Who Must Comply

This law applies to:

  • Providers of number-independent interpersonal communications services in EU

Who bears obligations:

DeveloperDeployer

This regulation places direct obligations on deployers (organizations using AI systems).

Safety Provisions

  • Enables voluntary CSAM detection/reporting/removal by number-independent interpersonal communications services (NIICS)
  • Strict necessity/proportionality; GDPR still applies
  • Harmonized reporting on voluntary measures
  • Exclusion of audio communications
  • Mandatory DPIA for detection technologies
  • Compulsory human review before reporting

Compliance Timeline

Apr 3, 2026

Derogation expires (unless replaced/extended)

Quick Facts

Binding
Yes
Mental Health Focus
No
Child Safety Focus
Yes
Algorithmic Scope
No

Why It Matters

Bridge law keeping voluntary scanning alive while permanent CSAR fight continues. Expires April 2026.

What You Need to Comply

For voluntary CSAM detection: documented legal basis + safeguards, DPIA, human review, plan for derogation expiration.

NOPE can help

Cite This

APA

European Union. (n.d.). Regulation (EU) 2021/1232 + Regulation (EU) 2024/1307 (CSAM Interim Derogation). Retrieved from https://nope.net/regs/eu-csam-interim-derogation

BibTeX

@misc{eu_csam_interim_derogation,
  title = {Regulation (EU) 2021/1232 + Regulation (EU) 2024/1307 (CSAM Interim Derogation)},
  author = {European Union},
  year = {n.d.},
  url = {https://nope.net/regs/eu-csam-interim-derogation}
}

Related Regulations

Pending EU Child Protection

EU CSAR (Proposed)

Proposed permanent framework replacing interim derogation. Parliament position (Nov 2023) limits detection to known/new CSAM, excludes E2EE services. Council has not agreed General Approach.

In Effect EU Online Safety

DSA

Comprehensive platform regulation with tiered obligations. VLOPs (45M+ EU users) face systemic risk assessments, algorithmic transparency, and independent audits.

In Effect DE Child Protection

DE JuSchG §24a (KidD)

Requires providers of certain telemedia services to implement provider-side precautionary measures ("Vorsorgemaßnahmen") with regulator-facing evaluability via published BzKJ criteria.

Enacted US-AR Child Protection

AR HB 1071

Amends Arkansas publicity rights law to explicitly include AI-generated reproductions of voice and likeness. Covers simulated voices and 3D generation.

In Effect IE Online Safety

Ireland OSMR

Establishes Coimisiún na Meán (Media Commission) with binding duties for video-sharing platforms. One of the cleaner examples of explicit self-harm/suicide/eating-disorder content duties in platform governance.

In Effect FR Online Safety

FR SREN

France's 2024 "digital space" law strengthening national digital regulation and enforcement levers via ARCOM across platform safety and integrity issues.

Back to all regulations Check if this applies to you