While US Focuses on Corona, New Bill Threatens to End All Encrypted Apps

With all media eyes focused on the COVID-19 crisis, a bill that threatens to end the era of encrypted messaging is being proposed in the Senate.

The EARN IT Act (Eliminating Abusive and Rampant Neglect of Interactive Technologies) is a bipartisan effort to combat child sexual abuse material (CSAM) online.

Introduced by Senators Lindsey Graham and Richard Blumenthal, the legislation would create a National Commission on Online Child Exploitation Prevention. The duty of the commission would be to set up “best practices” for tech companies to prevent child sexual exploitation.

Those “best practices” are yet to be determined. The commission would be composed of government and law enforcement officials, legal and technology experts, representatives from tech companies and former child exploitation victims.

The term “earn it” comes from the fact that, under the bill, tech companies would have to “earn” their exemption from liability which is now allowed to them under Section 230 of the U.S. Communications Decency Act.

Currently, under that exemption, tech companies generally have immunity from legal liability for how people use their platforms.

Under the EARN IT legislation, companies will have to “earn” this exemption by showing the commission that they are following the “best practices” possible to keep CSAM off their platforms.

As Associate Law Professor Alan Z. Rozenshtein explains,

“Because encryption can stymie attempts to prevent, investigate and prosecute child-exploitation offenses—and because Attorney General William Barr has criticized encryption on these grounds—internet-freedom advocates strongly criticized the draft as an attack on encryption.”

Wired Magazine called the legislation a “sneak attack on encryption,” and clarified why:

“Companies might not be able to earn their liability exemption while offering end-to-end encrypted services. This would put them in the position of either having to accept liability, undermine the protection of end-to-end encryption by adding a backdoor for law enforcement access, or avoid end-to-end encryption altogether.”

Proponents of EARN IT claim that the bill is a necessary pathway to fighting child pornography and exploitation online, as Rozenshtein writes,

“This is an issue with serious but uncertain costs and benefits on both sides [however] … the best thing to do is to build a good decision-making process by which to address the issue, and then to trust that this process will lead to the best decision that could reasonably be made amid immense complexity and uncertainty. That’s the most we can ever hope for when addressing hard policy problems in a democracy.” 

Those challenging the EARN IT Act argue that the bill is too far-reaching, and raises serious free speech and privacy concerns.

Others fear EARN IT gives the government broad and undefined powers that might eventually result in scanning the public’s online message — not to mention violate the right to privacy from unreasonable government searches guaranteed by the Fourth Amendment.

The EARN IT Act is a sneak attack on encryption and would have devastating effects on the privacy of everyone — especially journalists and whistleblowers. https://t.co/fMfzlO2EuG

— Freedom of the Press (@FreedomofPress) March 6, 2020

As Riana Pfefferkorn, associate director of surveillance and cybersecurity at the Stanford Center for Internet and Society, notes:

“[W]hile it’s certainly a necessary, urgent, and desirable goal to combat the scourge of online child exploitation, there are still limits on what tech companies should do.

“Stepping up to fight CSAM should not mean wholesale converting their services into even more powerful surveillance tools for law enforcement than they already are.”

The New America’s Open Technology Institute, as part of a coalition of 25 civil society organizations, sent a letter to Senators Graham and Blumenthal, along with members of the Senate and House Judiciary Committees. The letter expressed severe opposition to the EARN IT Act, adding that the legislation could:

• Raise serious concerns about violation of First Amendment rights
• Make it more difficult to combat the sexual exploitation of children online by jeopardizing the admissibility of evidence in child sexual abuse material cases, because it raises serious questions under the Fourth Amendment
• Risk national security and privacy by threatening encryption

Questions to Evaluate the EARN IT Act

1. Is disrupting pedophile networks worth potentially eliminating all online privacy?
2. To what extent is privacy already compromised due to the Patriot Act and classified NSA collection programs?
3. Wouldn’t criminal networks simply adapt, thus devastating the privacy of millions of Americans for nothing?
4. How could a “back door” to encrypted communications be hacked or leveraged by domestic and foreign government interests?

EDITORS NOTE: This Clarion Project column is republished with permission. © All rights reserved.

---