Anti-Encryption Bill Passes U.S. Senate Judiciary Committee

Anti-Encryption Bill Passes U.S. Senate Judiciary Committee
Photo: Pool, Getty Images

The controversial anti-encryption bill masquerading as a child safety initiative known as the EARN IT Act refuses to die. A new version of the bill recently clawed its way out of a warm, shallow grave and passed the Senate Judiciary Committee on a voice vote on Thursday. Now, the reintroduced bill will head to the Senate floor.

The bill, as advertised, would remove some long-held Section 230 protections. In particular, it would mean that a company can be found legally liable for child sexual abuse material (or CSAM) that’s uploaded to their systems by third parties. Those in favour of the bill claim removing these protections will force internet companies to take a more active role in identifying and reporting the real problem of CSAM material. If passed by both houses of Congress, the bill could potentially open these companies up to a flurry of lawsuits. Democratic Senator Richard Blumenthal, who co-sponsored the bill with Republican Senator and Trump lackey Lindsey Graham, claimed the bill “is very simply about whether tech companies should be held responsible for their complicity in the sexual abuse & exploitation of children.”

But that description only tells one, deceptively limited side of the story. Civil liberty and digital rights groups have spoken out in droves against the bill, claiming it would roll back privacy protections for internet users and incentivise internet companies to engage in dangerous levels of surveillance and censorship far exceeding the purview of CSAM material.

“Let’s be clear,” the Electronic Frontier Foundation said in a statement, “The new EARN IT Act would pave the way for a massive new surveillance system, run by private companies, that would roll back some of the most important privacy and security features in technology used by people around the globe.” The bill could also have huge implications for the end-to-end encryption systems which have become more common in major messaging services.

The bill’s whittling away of privacy protections could potentially affect everyone but poses a particularly powerful threat to the LGBTQ community whose posts are disproportionately mislabeled as sexual content. The EARN IT act, critics warn, would potentially follow in the footsteps of previous Trump-era Section 230 changes FOSTA-SESTA, which had a significant negative impact on the LGBTQ community and sex workers.

“The EARN IT Act is one of the most poorly conceived and dangerous pieces of Internet legislation I have seen in my entire career, and that’s saying a lot,” Fight for the Future’s Director, Evan Greer said in a statement

In an interview with the Washington Post, Blumenthal said the zombie EARN IT Act would prevent encryption from being the “sole evidence” of a providers’ liability for CSAM material but added the bill would not offer total exemption encryption either. Blumenthal reportedly referred to encryption exemption as a “get-out-of-jail-free card.” In other words, Blumenthal is saying that a company can’t be sued over CSAM just because they use encryption but he’s admitting that companies won’t be able to claim that their inability to see into encrypted communications exempts them from liability. OK.

Somewhat reassuringly, the new bill may still undergo some changes before it’s voted on in the Senate according to Centre for Democracy & Technology CEO Alexandra Reeve Givens, who said a collection of senators, including Democrats Cory Booker and Republican Mike Lee voiced concerns and urged changes to the bill.

Concerned internet users have made their opinion about the EARN IT Act clear. A petition opposing the bill was recently uploaded by the digital rights group Fight for the Future and has amassed nearly 600,000 signatures at the time of writing. Meanwhile, more than 60 organisations including the Centre for Democracy and Technology, the ACLU, and Access Now, jointly sent a letter to senators Dick Durbin and Chuck Grassley.

“By opening providers up to significantly expanded liability, the bill would make it far riskier for platforms to host user-generated content,” the organisations wrote. “Those liability threats could cause providers to stop hosting user content altogether. On the other hand, providers that do continue to host users generated content would potentially have more of an incentive to engage in overbroad censorship of online speech,” particularly of LGBTQ users. And while EARN IT proponents continually fall back on the bill’s supposed boon for child safety online, rights groups argue the bill would actually make it more difficult to protect children.

The last time lawmakers attempted to push through several versions of the EARN IT act back in 2020 but failed after facing similar pushback from privacy groups. At the time, privacy-preserving companies like Singal threatened to simply cease operating in the U.S. if the law was passed.