Encryption under threat from EARN IT Act
The proposed legislation could be formally introduced in the coming weeks
The ability of tech companies to offer end-to-end encryption is under threat from a proposed piece of legislation, it has emerged.
According to Reuters, which cites “two sources with knowledge of the matter”, Chairman of the Senate Judiciary Committee Lindsey Graham and Democratic Senator Richard Blumenthal are set to formally introduce a bill titled “The Eliminating Abuse and Rampant Neglect of Interactive Technologies Act of 2019” (EARN IT Act), to Congress.
Digital Risk Report 2020
A global view into the impact of digital transformation on risk and security managementDownload now
Overtly, the bill seeks to fight the distribution of images of child sexual abuse. However, concerns have been spreading that it could put an end to protections offered to the likes of Facebook, Google and Apple under Section 230 of the Communications Decency Act 1996.
Under this existing piece of federal legislation, certain internet companies are considered not to be the publisher or speaker of content that appears on their platforms, rendering them immune from prosecution.
The proposed bill, a discussion draft of which originally leaked to Bloomberg in late January, would seek to largely overturn Section 230 protections as law makers continue to seek ways to allow tech companies to grow while simultaneously reducing or ending the spread of hate speech, crime and extremism online.
Online platforms will instead have to agree to an as yet undefined set of “best practices”, or be liable for prosecution.
According to Reuters’ sources, U.S. tech companies are worried this could be used as a means to condemn and potentially put a stop to end-to-end encryption. Organisations operating in the technology industry, as well as privacy and human rights advocates, say this type of encryption is vital to maintaining the right to privacy and free speech. On the other hand, federal law enforcement agencies in the U.S., as well as governments and law enforcement abroad such as in the U.K., have complained strong encryption prevents them from doing their jobs properly and enables crime.
Separately, on February 19, Attorney General William Barr also took a swipe at the protections offered under Section 230, suggesting the possibility online platforms should be liable for what users post on their platforms.
The complete guide to changing your phone system provider
Optimise your phone system for better business resultsDownload now
Simplify cluster security at scale
Centralised secrets management across hybrid, multi-cloud environmentsDownload now
The endpoint as a key element of your security infrastructure
Threats to endpoints in a world of remote workingDownload now
2021 state of IT asset management report
The role of IT asset management for maximising technology investmentsDownload now