Skip to main content
NOPE
In Effect Law Child Protection

EU CSAM Interim

Regulation (EU) 2021/1232 + Regulation (EU) 2024/1307 (CSAM Interim Derogation)

Temporary legal bridge allowing certain communications providers to voluntarily detect/report/remove CSAM, notwithstanding ePrivacy constraints. Extended via 2024/1307 while permanent CSAR negotiated.

Jurisdiction

European Union

Enacted

Jul 14, 2021

Effective

Aug 2, 2021

Enforcement

National data protection authorities; ePrivacy regulation enforcement varies by member state

Temporary regime; expires April 3, 2026

EUR-Lex (Consolidated)

Why It Matters

Bridge law keeping voluntary scanning alive while permanent CSAR fight continues. Expires April 2026.

At a Glance

Applies to

Social PlatformOnline PlatformGeneral Chatbot

Harms addressed

Child Exploitation

Who Must Comply

  • Providers of number-independent interpersonal communications services in EU

Obligations fall on:

Safety Provisions

  • Enables voluntary CSAM detection/reporting/removal by number-independent interpersonal communications services (NIICS)
  • Strict necessity/proportionality; GDPR still applies
  • Harmonized reporting on voluntary measures
  • Exclusion of audio communications
  • Mandatory DPIA for detection technologies
  • Compulsory human review before reporting

Compliance & Enforcement

Key Dates

Apr 3, 2026

Derogation expires (unless replaced/extended)

Penalties

Penalties vary by jurisdiction

View on map

European Union

Focus Areas

Child safety
Active safeguards required

Cite This

APA

European Union. (2021). Regulation (EU) 2021/1232 + Regulation (EU) 2024/1307 (CSAM Interim Derogation).

Related Regulations

In Effect EU

EU DSA Minors Guidelines

Commission guidelines under DSA Article 28(1) establishing measures for online platforms to protect minors, including age assurance, default privacy settings, anti-addictive design restrictions, recommender system safeguards, and protections against grooming and exploitation.

Pending EU

EU CSAR (Proposed)

Proposed permanent framework replacing interim derogation. Parliament position (Nov 2023) limits detection to known/new CSAM, excludes E2EE services. Council has not agreed General Approach.

In Effect DE

DE JuSchG §24a (KidD)

Requires providers of certain telemedia services to implement provider-side precautionary measures ("Vorsorgemaßnahmen") with regulator-facing evaluability via published BzKJ criteria.

In Effect FR

FR SREN

France's 2024 "digital space" law strengthening national digital regulation and enforcement levers via ARCOM across platform safety and integrity issues.

In Effect IE

Ireland OSMR

Establishes Coimisiún na Meán (Media Commission) with binding duties for video-sharing platforms. One of the cleaner examples of explicit self-harm/suicide/eating-disorder content duties in platform governance.

In Effect MY

Malaysia OSA

Requires licensed platforms to implement content moderation systems, child-specific safeguards, and submit Online Safety Plans. Nine categories of harmful content regulated.

All regulations Check if this applies to you

Last updated January 23, 2026. Verify against primary sources before relying on this information.