Ten days ago, Belgium quietly launched Beam — a sovereign, end-to-end encrypted messaging platform for 750,000 civil servants and military personnel. Built by state-backed Belgian Secure Communications (BSC) on the open-source Matrix protocol, it stores all data in classified Belgian data centres, restricts access to verified government users, and passed extensive ethical hacker testing without a breach.
The project traces back to the 2016 Brussels attacks, and accelerated after 135 hacking attempts per hour were detected on Belgian delegation phones during a 2019 trade mission to China.
Beam is not alone. France mandated Tchap — also Matrix-based — for all ministries and ministerial cabinets in September 2025, built jointly by DINUM and ANSSI, while keeping Olvid available for ministers who need metadata-free encryption. Both countries are investing serious resources to protect government communications from foreign surveillance and the reach of the US CLOUD Act.
The message is clear: strong encryption is essential for sovereignty.
The contradiction
At the same time, the EU has spent four years pushing the Child Sexual Abuse Regulation (CSAR), commonly known as Chat Control — a framework that would mandate the detection of illegal content in private communications, including encrypted ones.
The current mechanism under discussion is client-side scanning: analysing message content on the user’s device before it gets encrypted. This doesn’t break the encryption algorithm. It bypasses it entirely. The mathematical protection remains intact, but it’s rendered meaningless — content is intercepted at the source.
Here’s the uncomfortable technical reality: this is the same approach used by NSO Group’s Pegasus spyware. Pegasus doesn’t crack Signal’s encryption. It extracts data from the device before encryption or after decryption. Client-side scanning and state-sponsored spyware are architecturally equivalent. The difference is one has a legislative mandate.
And Belgium knows this. In August 2025, Belgium’s national position shifted to opposing Chat Control, with officials calling the bill “a monster that invades your privacy and cannot be tamed.” Yet by October, Belgium had wobbled back to “undecided.” The Council eventually reached a November 2025 compromise dropping explicit mandatory scanning — but keeping indirect pressure through “voluntary” measures and risk mitigation requirements.
To make matters more surreal: it was the Belgian EU presidency in 2024 that spent months trying to broker compromise language on Chat Control that kept mandatory scanning on the table — while BSC was simultaneously building Beam in the background.
Installing a reinforced door while leaving the window open
The EU is pursuing quantum-resistant cryptography mandates (transition by 2026–2030), NIS2, the Cyber Resilience Act — all frameworks premised on the principle that strong encryption is foundational to trust in digital infrastructure. Yet Chat Control would introduce deliberate vulnerabilities into these same systems.
It’s investing in a reinforced door while leaving the window open.
The dynamics get worse once you consider the market effects. If Chat Control passes, even in its “softer” voluntary form, it creates a race to the bottom. If WhatsApp implements client-side scanning to comply, Signal faces pressure to do the same or lose EU market access. Signal’s president Meredith Whittaker has already threatened withdrawal from Europe.
Users can’t verify whether scanning is happening or what it targets. And once the infrastructure exists, it can be quietly repurposed — hate speech detection, copyright enforcement, misinformation filtering — without any new legislation. Privacy-preserving services get punished with heavier compliance burdens for not scanning. The “voluntary” becomes the default.
The Israeli mirror
Israel offers a different but equally instructive lens. Unit 8200, the country’s elite signals intelligence unit, operates some of the world’s most sophisticated surveillance infrastructure. Its alumni founded NSO Group. Recent investigations revealed Unit 8200 storing millions of Palestinian phone calls — up to 11,500 terabytes — on Microsoft Azure servers in Europe.
Yet Israeli officials themselves rely on Signal and encrypted platforms for sensitive communications. Israel develops and exports tools to defeat encryption while depending on encryption for its own security. The asymmetry is sustainable only through the assumption that additional layers of operational security protect Israeli communications from the very tools Israel sells.
This is the fundamental lesson for European policymakers: surveillance capabilities cannot be restricted to “legitimate” targets. NSO claims to sell only to governments for counterterrorism. Yet Pegasus has been used against journalists, human rights lawyers, and political opposition across dozens of countries. The technology does not enforce its own limitations.
What this means for anyone building in Europe
For anyone building on European digital infrastructure — whether public sector, enterprise, or sovereign cloud — the contradiction creates real strategic uncertainty.
Sovereign messaging is real and accelerating. Matrix/Synapse is emerging as the de facto standard for government-grade communications. Anyone can run their own instance and get the same architecture as Beam or Tchap.
The regulatory landscape is unresolved. Trilogue negotiations continue with key dates on May 4 and June 29, 2026. The outcome will shape what “end-to-end encryption” actually means in practice across Europe.
Architecture decisions made today will be tested by policy decisions made tomorrow. If you’re designing systems that depend on encryption guarantees, you need to track CSAR as closely as NIS2 or the AI Act.
The metadata question remains underappreciated. Even with perfect content encryption, metadata — who communicates with whom, when, how often — reveals social networks, behavioural patterns, and organisational structures. True privacy requires protecting both.
The European encryption paradox won’t resolve itself through technical elegance. It’s a political contradiction that requires political resolution. The question is whether Europe will recognise that building sovereignty and undermining encryption are fundamentally incompatible — before it’s too late.
Patrick Breyer maintains the most comprehensive tracker of the Chat Control legislative process: patrick-breyer.de/en/posts/chat-control/
Beam’s official site: beam.belgium.be