EARN IT Act: Will the New Law Disrupt Encryption and Censor the Internet?
This March, the so-called EARN IT Act (Eliminating Abusive and Rampant Neglect for Interactive Technologies Act) was filed in U.S. Senate. Aside from the fact that someone really wanted its acronym to spell “earn it,” nothing about the bill is clear so far.
While its proponents believe that the bill will enable law enforcement to efficiently tackle sexual exploitation of minors online, including child porn and child trafficking, the naysayers believe it undermines the freedom of speech and threatens information security online.
For now, the bill has not yet been passed and is being viewed by the Justice committee led by EARN IT Act’s co-author Senator Graham.
Privacy is your right. So is encryption.
The EARN IT Act must be rejected. https://t.co/3WSzq7p6tf
— The Tor Project (@torproject) April 8, 2020
ForkLog asked AURUM partner Sergei Ostrovski and lawyer Sergei Lashin about the legal implications of the law and the connection between censorship and protecting children from sexual abuse.
The Current State of Affairs
To kick the conversation off, let us establish who is responsible for the content on the Internet? The user who creates content? The person who publishes this content? Or a platform where content is published and made public?
There is no single answer to these questions. Each specific case or category of cases has to be evaluated separately, since the legislation of different countries in this area varies. For some cases and categories of content, there may be even special rules or exceptions.
In this article, we will talk about the rules that apply in the United States. Since it is the United States where the majority of the most visited online platforms are located, and the U.S. market is key for most instant messengers, changes in American law can have a huge impact on the situation in the industry and on users around the world.
The current version of the US Communications Act states that a provider of “interactive computer services” cannot be considered the author or publisher of “user generated content.” A Web platform, such as Facebook or Telegram, is not responsible for content published by its users, provided that the platform itself was not directly involved in the creation or publication of such content.
There are also two exceptions when the above exclusion of liability does not apply: when the legislation on the privacy of digital communication or the laws pertaining to human trafficking are violated.
What EARN IT Act Is All About
The EARN IT Act introduces another exception when providers of “interactive computer services” (or “platforms” for convenience) may be held liable under criminal law for user-posted content, in particular in cases connected to sexual exploitation of children.
The Act also introduces the so-called “safe harbor,” which allows the platform to get an exemption from liability if it has implemented “best practices.”
Best practices are a set of rules and techniques designed to combat the distribution of content that violates legislation prohibiting the sexual exploitation of children. The actual guidelines of best practices will be developed after the adoption of the act with the participation of the Attorney General.
This implies that the platform must earn this immunity to liability, which also refers to the name of the act, “earn it.” To do this, the platform will have to fulfill all the requirements outlined in best practices, and then submit an application of compliance with best practices to the Office of the Prosecutor General signed by one of the company’s officers.
Providing false information in such an application may result in criminal liability, including imprisonment for up to two years.
In our opinion, this act is not exactly about ramping up the censorship machine, in the sense in which we are used to talking about it. Additional bans on any type of content or information are not being introduced. Legislation to protect children from sexual exploitation already exists and the idea of combating the sexual exploitation of children is hardly disputed by anyone.
Despite this, some public concerns may still be justified. Opponents of the act believe that its adoption is a slippery slope and that we may see more stringent restrictions in the future.
Although the act itself does not say a word about encryption or control of information, best practices that must be approved after its adoption may require platforms to create backdoors and other mechanisms to gain access to private messaging history or encrypted data.
Opponents of the act also say that the law violates the U.S. Constitution, in particular, the First Amendment.
The text of the act contains section 9, which states that nothing in the text of the bill should be construed as a requirement for platforms to screen or search for cases of sexual exploitation of children on the Internet. But even so, some experts believe that best practices can actually force platforms to conduct such screening to avoid liability.
In our opinion, a more realistic risk is that best practices may force platforms to provide government agencies with the means to search for and detect cases of sexual exploitation of children on the Internet, which may involve providing access to information, including non-public information.
Technology giants presently have stepped up their lobbying activities and are taking decisive action against the adoption of the act. For example, the popular Signal messenger, whose reputation and marketing strategy is largely based on the protection of user privacy, has announced its departure from the United States if the EARN IT Act is adopted.
We will follow the events around the act and report on the new developments.
Subscribe to our Newsletter<
- Data Brokers: How Law Enforcement Rely on Inaccurate Data to Supplement Investigations
- Messenger App Steals User Data and Hacks Their Devices, ESET Research
- What Prompted Sudden Truce Between Telegram and Russian Watchdogs: Main Theories
- Hacker Group Targeting Fintech Companies and Personal Data Has Been Under Radar For Years, NOD32 Developer Finds
- Former Yahoo! Engineer Who Hacked 6,000 Email Accounts Looking for Sexually Explicit Media Avoids Jail
- Antifa Threatened With Extremist Status: No Longer Thinks Bitcoin Is an Alt-Right Currency Antifa and BLM Will Make Bitcoin Edgy Again
- Secure Identity Expert Explains How Cryptography Gives Us Power Over Personal Data
- Telegram User Data From Earlier Leaks Found on Dark Web, Contact Import Feature Is to Blame