Bringing encryption restrictions in through the back door
Bringing encryption restrictions in through the back door
Legislation recently proposed in the US Senate is ostensibly meant to combat "child sexual abuse material" (CSAM), but it does not actually do much to combat that horrible problem. Its target, instead, is the encryption of user communications, which the legislation—tellingly—never mentions. The Eliminating Abusive and Rampant Neglect of Interactive Technologies Act of 2020, EARN IT for short, is an attempt to force online service providers (e.g. Facebook, Google, etc.) to follow a set of "best practices" determined by a commission, to combat the scourge of CSAM; the composition of that commission makes it clear that end-to-end encryption will not be one of those practices, but companies that do not follow the best practices will lose liability protection for their users' actions. It is, in brief, an attempt to force providers to either abandon true end-to-end encryption or face ruinous lawsuits—all without "seeming" to be about encryption at all.