EPIC Offers Its Support Of The EARN IT Act; Thinks It Can Separate Undermining Section 230 From Undermining Encryption
from the it-really-shouldn't-be-supporting-either dept
As the EARN IT Act moves forward -- with all of its Section 230 and encryption-threatening appendages still intact -- we're getting some very interesting responses from tech companies that have benefitted from Section 230 and/or rely on strong encryption.
The goal may be noble -- the protection of children from sexual abuse -- but those noble goals are just a crowd-pleasing dodge. It's an assault on both Section 230 and strong encryption that's being pushed with an anti-child porn narrative, one that makes it very difficult for legislators to oppose. To vote against EARN IT, supporters will misleadingly claim, is to vote for the spread of child porn, so it's going to be tough to find lawmakers willing to push back.
Attorney General Bill Barr wants encryption broken. If it means American citizens are less protected, so be it… just as long as the FBI can get into a few more locked devices or accounts. Plenty of people in the administration seem to feel Section 230 has to go, if only to make it easier to sue platforms for perceived slights.
Entities that used to be allied against Section 230 reform and encryption-breaking are now for it. The Electronic Privacy Information Center wants to do both somehow. It has sent a letter [PDF] in support of the EARN IT Act that is pure cognitive dissonance. EPIC claims it wants to see Section 230 reformed but somehow keep this "reform" from threatening the encryption of end-to-end communications. How it imagines this law will achieve both aims is nearly impossible to discern.
The letter says Section 230 must be reformed, but for something much lower on the "for the children" list.
EPIC also supports efforts to reform Section 230. In the case Herrick v, Grindr, EPIC provided an amicus brief for the Second circuit in which we explained that the “Internet has changed since Congress passed the [Communication Decency Act] in 1996. Advanced social media platform did not exist when Congress enacted the law.” We objected to a lower court interpretation of section 230, which found that “online platforms bear no responsibility for the harassment and abuse their systems enable. If they chose not to respond to the exposure of personal information or intimate images, to threats of violence, to verbal and psychological abuse, there is nothing a victim can do to intervene.” As we explained, “Congress never intended § 230 to create such a system.”
We all can agree platforms need to handle things like harassment better. But there's no clear way to make it better, not when you're moderating millions (Twitter) or billions (Facebook) of users. Attacking the law that allows them to engage in moderation without fear of reprisal isn't going to make things better. It's either going to result in platforms refusing to moderate at all or -- in the case of smaller competitors -- just deciding it's not profitable to do business in the United States.
EPIC knows the EARN IT Act also threatens the use of end-to-end encryption. If the "best practices" handed down by law to address the spread of child porn include forcing platforms to break encryption to view message content, encryption gets weaker and opponents of encryption like Bill Barr and FBI Director Chris Wray get what they want: encryption that doesn't protect anyone.
EPIC thinks it can back the EARN IT Act and keep encryption intact.
[F]or companies that actually provide end-to-end encryption we would caution against recommendations that diminish user privacy and security. Strong encryption is critical for network security. The Act correctly identifies “data security and privacy” as relevant considerations in developing best practices. The Act also requires that the Commission include two experts who have “current experience in matters related to constitutional law, consumer protection, or privacy” as well as two experts in “computer science or software engineering related to matters of cryptography, data security, or artificial intelligence in a non-governmental capacity.” The Act should make end-to-end encryption a “Relevant Consideration” under Section 4(a)(4).
Providing end-to-end encryption protects users, promotes commerce, and ensures cybersecurity. EPIC recommends that the EARN IT Act make clear that liability should not be imposed for a secure end-to-end encrypted communications system that safeguards the security and privacy of users.
That's all well and good, but we're not going to get a law that undermines Section 230 while protecting encryption. It will undermine both. That's the goal of the legislation. Doing everything you can to prevent the distribution of child porn means cracking open encrypted messages to view their contents. Platforms are doing all they can to prevent this, but forcing them to undermine encryption makes millions of people not distributing child porn less secure. It's pretty screwed up to run an organization interested in protecting the privacy of internet users when you're throwing your support behind a bill that threatens to make everyone's conversations less private.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: earn it, encryption, section 230
Companies: epic
Reader Comments
Subscribe: RSS
View by: Time | Thread
That commission you place so much value on
Let's see. nineteen members, with the bulk of them demonstrably pro passage and only (according to EPIC four who might be opposed, depending on whether their selection is done responsibly or not) seems to be a bit unbalanced. Since the purpose of government is to represent the people, letting a commission that is biased in favor of the government (who want more power, absolutely) rather than the people they work for is terribly inappropriate. But then they want cover for when they try to force this bill down our throats...the Commission said it was OK! The Commission said 'best practice' is to turn all your conversations over to our 'very nice' and 'on your side' law enforcement community, for your 'safety' and to 'protect the children' (who we won't do anything else to protect, as demonstrated by our own behavior from before FOSTA was enacted and since).
It is a wonder what the Electronic Privacy Information Center thinks they will win with this bill. I mean really, I wonder what do they think they will win?
[ link to this | view in chronology ]
The favor of William Barr and Chris Wray.
[ link to this | view in chronology ]
Have these supporters even realized what could happen? Every time you give anyone a new tool to weaponize against any person, company or corporation, they fight like hell to ensure they don't lose those new weapons.
This is going to eventually backfire, in spectacular fashion against those supporters of this ACT after it's used, spectacularly against THEM.
This is going to result in thousands, millions of websites being shut down and/or sued, or both. How many privately owned websites rely on fanart, fan fiction and whatnot that could be shut down because of shit like this?
[ link to this | view in chronology ]
A general rule of life: When a government entity wants more power, fight it tooth and nail. Once you give that power up, you will never get it back.
[ link to this | view in chronology ]
Re:
How likely is this bill to pass and when do you think it will come up to vote?
[ link to this | view in chronology ]
shakes head in shame
I feel like this is them trying to get out in front of this. Possibly to try and preserve E2E encryption and get on the commission but spoiler alert, they won't. This commission will most definitely consider any kind of strong encryption to be a "Worst Practice" as it's make-up is heavily biased in favor of LE and EPIC makes the mistaken assumption these experts will vote as a bloc when that's not likely to be the case as with such a lopsided LE presence on the committee and the AG being one of those, they're most likely to just vote in favor of anything out of pressure.
That's assuming they get any who are actually pro-security. They can easily appoint those whose views align with the commission.
[ link to this | view in chronology ]
Are you sure about that? Did your brief include a statement from Cox and Wyden confirming this wasn't their intent?
[ link to this | view in chronology ]
This tool has been widely used and abused for so long, it's a wonder it still works. This proves that people don't learn, which means this form of democracy doesn't either.
That's the weakness of democracy: it relies on people being educated enough to choose well when they are asked. (Elections, polls and surveys.) If the people are kept ignorant and under-educated, they won't be able to make good choices, be it for their own good or the general good.
Just let people understand that this bill does nothing to actually fight child exploitation and only uses this as a prop to advance the agenda of an always power-hungry government and there would be no support for it. All these companies and individuals come out as supporters for the easy PR win it gets them, which wouldn't be one if the bill was properly known for the power grab it is rather than the child exploitation fix it isn't.
[ link to this | view in chronology ]
Re:
At least they're only claiming that the law will (try to) stop the pictures, not the exploitation.
[ link to this | view in chronology ]
dear whats it..
Dear politics..\
Do you have a 5th grader handy, thats learned computers??
ASK them the problem.
Wouldnt we be better served created a Encrypted Environment FOR THE KIDS..
it would be much easier to do, and would beat NET NANNY at anything it does.
The only problem THEN would be keeping the corps out of trying to Brainwash the kids..
[ link to this | view in chronology ]
Well right now it seems the bill has not garnered much support on Capitol Hill yet with congress being preoccupied with the coronavirus so its not likely to come up to vote anytime soon or atleast before the election.
[ link to this | view in chronology ]
Re:
Vriska1 shut up
[ link to this | view in chronology ]
Re: Re:
Huh?
[ link to this | view in chronology ]
https://www.nationofchange.org/2020/03/17/us-internet-bill-is-a-sneak-attack-on-encryption-while-pub lic-focuses-on-coronavirus/
"Commission is to develop recommended best practices that providers of interactive computer services may choose to implement to prevent, reduce, and respond to the online sexual exploitation of children, including the enticement, grooming, sex trafficking, and sexual abuse of children and the proliferation of online child sexual abuse material."
Pro lifer ation??
WHERE??? is it that bad?? has this added to the Current standard availability of Child abuse(Child abuse??).
[ link to this | view in chronology ]
Must be a curse or something
What is it with the name EPIC and anti-public behavior...
[ link to this | view in chronology ]
Child abuse??
NOT letting your child on the internet??
[ link to this | view in chronology ]
EPIC is NOT a supporter of Section 230
The assumption in this piece is that EPIC supports section 230, but you would not think that if you went back to read its amicus brief supporting Herrick against Grindr
An excerpt:
"The question is whether Section 230 allows internet platforms, such as Grindr, to ignore rampant abuse, harassment, and impersonation directed toward the users of its services. The § 230 immunity provision targets defamation claims against a “publisher or speaker,” not abuse or harassment claims against a service provider.4 Without an ability to force platforms to take down malicious fake profiles, victims may be subjected to ongoing psychological, social, and financial harm. In the physical world, potential liability and injunctive actions require
businesses and individuals to prevent abusive behavior. There is no justification for treating online platforms differently."
[ link to this | view in chronology ]
EPIC Trash
And this is why I'll never install, let alone buy, anything from the Epic(ally horrendous) store.
[ link to this | view in chronology ]