Sen. Ron Wyden, an influential voice on privacy and security issues on Capitol HIll, said Thursday that the EARN IT Act is a “horrendous effort” that could not only limit free speech online and curtail the use of strong encryption, but also set the stage for individual states to create their own laws regulating Internet use.
The proposed bill’s stated purpose is to prevent the publishing and spread of child exploitation material by forcing platform providers to conform with a set of yet-to-be-determined best practices for finding and removing exploitation material. Those best practices would be set by a commission headed by the attorney general and including the heads of several federal agencies. Any platform providers who do not conform to the best practices would be in danger of losing their immunity from wiretapping under Section 230 of the Communications Decency Act. The bill, first introduced in March, was amended significantly in July before it was approved by the Senate Judiciary Committee and one of the changes would give states the ability to regulate online content individually.
Wyden (D-Ore.) has been a critic of the EARN IT Act since its introduction and said Thursday that the amended bill not only threatens the use of encryption by requiring providers to be able to identify and remove abusive material from encrypted services, but also would open the floodgates for state regulation.
“This is a horrendous effort that would roll back free speech and freedom online. The idea of letting states regulate the Internet will create a tidal wave of uncertainty and lawsuits,” Wyden said during an event sponsored by Fight for the Future.
“Allowing any individual state to set laws for Internet content creates enormous uncertainty and a flood of state laws that could raise Fourth Amendment concerns. That seems to me be pretty bizarre, even by Washington, D.C., standards.”
The main concern among privacy advocates and civil liberties groups is the effect it will have on the use of strong encryption. Because of the way the bill is written, platform providers such as Facebook or WhatsApp that run encrypted messaging services, would be required to implement a method for finding abusive material in those services. In essence, that would require compromising the security and confidentiality of those systems by backdooring the encryption in some way.
In a letter to members of the Senate before the Judiciary Committee vote in early July, the American Civil Liberties Union expressed concern about the threat to strong encryption posed by the bill.
“Under the amended EARN IT Act, platforms would be subject to state criminal and civil liability for negligent or reckless publishing of CSAM. These legal standards could force platforms to undermine or weaken their own encryption and privacy practices in order to avoid legal liability because plaintiffs could argue that end-to-end encryption, itself, is reckless or negligent conduct,” the letter said.
The bill is now on the Senate legislative calendar.