On Chat Control.
You cannot scan everyone's private messages and still call them private.
Chat Control is the common name for the EU regulation that would require online services to search private communications for illegal material, including through client-side scanning that reads your messages on your own device before they are encrypted. We think it is the wrong answer, and we have built Elusive so that, for the strictest accounts, we could not comply even if forced.
What is actually proposed
The idea is a legal duty to detect and report certain illegal content across messaging and email. The part that matters for privacy is how. Because strong encryption means a provider cannot read the messages in transit or at rest, the proposals reach for client-side scanning: software on your own device that inspects your messages against a list before they are sealed. That is not a narrow exception to encryption. It is a camera pointed at the inside of the envelope.
Why we are against it
There is no scanner that only ever catches the guilty. Any system that inspects everyone's messages produces false accusations, and it turns every private conversation into something that is checked by default. Mass suspicion is not the same as safety.
A backdoor does not stay open for only the good people. Once a service is built to read messages it was designed not to read, that capability exists for whoever gains control of it: a future government, a hostile one, or an attacker who breaks in. You cannot build a lock that only opens for the right reasons.
It breaks the one thing that makes end-to-end mean anything. The whole point is that no one in the middle can read your mail. Scanning on the device before encryption removes exactly that guarantee, while letting a service still claim the word "encrypted." We will not play that game.
What this means for Elusive
Our answer is not a promise, it is the design. In keyfile mode we hold no copy of your key, so there is nothing on our side to scan and nothing to hand over. We will not add scanning to the code we ship to your browser or to a future app. And the parts of Elusive that are private are private because of how they are built, not because of a policy we could quietly change.
Where the law reaches metadata, the routing information we cannot avoid handling, we keep as little as we can and are working to hold even less. Where it would reach the contents of your mail, the honest position is this: we would rather not operate under a rule that forces us to break encryption than betray the people who trusted us with it.
We will be transparent about pressure
We are a small project and we cannot change EU law on our own. What we can do is be clear about where we stand and what we are asked to do. A transparency report and a warrant canary are on our plan, so that if we are ever compelled to act against these principles, the absence of a signal tells you as much as a statement could.
If you want to help
This gets decided by lawmakers, so the useful thing is to be heard by yours. Contact your MEP, and support the digital-rights groups working on it, such as European Digital Rights. Private communication is worth defending while it is still legal to have.