{"id":76948,"date":"2022-02-04T16:55:50","date_gmt":"2022-02-04T22:55:50","guid":{"rendered":"https:\/\/milesfortis.com\/?p=76948"},"modified":"2022-02-04T16:55:50","modified_gmt":"2022-02-04T22:55:50","slug":"76948","status":"publish","type":"post","link":"https:\/\/milesfortis.com\/?p=76948","title":{"rendered":""},"content":{"rendered":"

Senators Want EARN IT Bill to Scan All Online Messages.<\/a><\/p>\n

People don\u2019t want outsiders reading their private messages \u2014not their physical mail, not their texts, not their DMs, nothing. It\u2019s a clear and obvious point, but one place it doesn\u2019t seem to have reached is the U.S. Senate.<\/p>\n

A group of lawmakers led by Sen. Richard Blumenthal (D-CT) and Sen. Lindsey Graham (R-SC) have\u00a0re-introduced the EARN IT Act<\/a>, an\u00a0incredibly unpopular bill from 2020<\/a>\u00a0that was\u00a0dropped in the face of overwhelming opposition<\/a>. Let\u2019s be clear: the new EARN IT Act would pave the way for a massive new surveillance system, run by private companies, that would roll back some of the most important privacy and security features in technology used by people around the globe. It\u2019s a framework for private actors to scan every message sent online and report violations to law enforcement. And it might not stop there. The EARN IT Act could ensure that anything hosted online\u2014backups, websites, cloud photos, and more\u2014is scanned.<\/p>\n

New Internet Rules, From Juneau to Jackson<\/h3>\n

The bill empowers every U.S. state or territory to create sweeping new Internet regulations, by stripping away the critical legal protections for websites and apps that currently prevent such a free-for-all\u2014specifically, Section 230. The states will be allowed to pass whatever type of law they want to hold private companies liable, as long as they somehow relate their new rules to online child abuse.<\/p>\n

The goal is to get states to pass laws that will punish companies when they deploy end-to-end encryption, or offer other encrypted services. This includes messaging services like WhatsApp, Signal, and iMessage, as well as web hosts like Amazon Web Services. We know that EARN IT aims to spread the use of tools to scan against law enforcement databases because the bill\u2019s sponsors have said so. In a\u00a0\u201cMyths and Facts\u201d document<\/a>\u00a0distributed by the bill\u2019s proponents, it even names the government-approved software that they could mandate (PhotoDNA<\/a>, a Microsoft program with an API that reports directly to law enforcement databases).<\/p>\n

The document also attacks Amazon for not scanning enough of its content. Since Amazon is the home of Amazon Web Services, host of a huge number of websites, that implies the bill\u2019s aim is to ensure that anything hosted online gets scanned.<\/p>\n

<\/p>\n

Separately, the bill creates a 19-person federal commission, dominated by law enforcement agencies, which will lay out voluntary \u201cbest practices\u201d for attacking the problem of online child abuse. Regardless of whether state legislatures take their lead from that commission, or from the bill\u2019s sponsors themselves, we know where the road will end. Online service providers, even the smallest ones, will be compelled to scan user content, with government-approved software like PhotoDNA. If EARN IT supporters succeed in getting large platforms like Cloudflare and Amazon Web Services to scan, they might not even need to compel smaller websites\u2014the government will already have access to the user data, through the platform.<\/p>\n

A provision of the bill that purports to protect services using encryption (Section 5, Page 16) doesn\u2019t come close to getting the job done. State prosecutors or private attorneys would be able to drag an online service provider into court over accusations that their users committed crimes, then use the fact that the service chose to use encryption as evidence against them\u2014a strategy that\u2019s specifically allowed under EARN IT.<\/p>\n

It\u2019s hard to imagine anyone daring to use this supposed defense of encryption. Instead, they\u2019ll simply do what the bill sponsors are demanding\u2014break end-to-end encryption and use the government-approved scanning software. Just as bad, providers of services like backup and cloud storage who don\u2019t currently offer user-controlled encryption are even less likely to protect their users by introducing new security features, because they will risk liability under EARN IT.<\/p>\n

A Lot of Scanning, Not A Lot of Protection<\/h3>\n

Senators supporting the EARN IT Act say they need new tools to prosecute cases over child sexual abuse material, or CSAM. But the methods proposed by EARN IT take aim at the security and privacy of everything hosted on the Internet.<\/p>\n

Possessing, viewing, or distributing CSAM is already written into law as an extremely serious crime, with a broad framework of existing laws seeking to eradicate it. Online service providers that have actual knowledge of an apparent or imminent violation of current laws around CSAM are required to make a report to the National Center for Missing and Exploited Children (NCMEC), a\u00a0government entity<\/a>\u00a0which forwards reports to law enforcement agencies.<\/p>\n

Section 230 already does not protect online service providers from prosecutions over CSAM\u2014in fact, it doesn\u2019t protect online services from prosecution under any federal criminal law at all.<\/p>\n

Internet companies are already required to report suspected CSAM if they come across it, and they report on a massive scale. That scale already comes with a lot of mistakes. In particular, new scanning techniques used by Facebook have produced many millions of reports to law enforcement, most of them\u00a0apparently inaccurate<\/a>. Federal law enforcement has used the massive number of reports produced by this low-quality scanning to suggest there has been a huge uptick in CSAM images. Then, armed with misleading statistics, the same law enforcement groups make new demands to break encryption or, as with EARN IT, hold companies liable if they don\u2019t scan user content.<\/p>\n

Independent child protection experts aren\u2019t asking for systems to read everyone\u2019s private messages. Rather, they recognize that children\u2014particularly children who might be abused or exploited\u2014need encrypted and private messaging<\/a>\u00a0just as much as, if not more than, the rest of us. No one, including the most vulnerable among us, can have privacy or security online without strong encryption.<\/p>\n

Senate to U.S. Public: Can We Please Have a Surveillance State Now?<\/h3>\n

In their\u00a0\u201cMyths and Facts\u201d sheet<\/a>, the bill\u2019s supporters have said the quiet part out loud. Some of the document\u2019s falsehoods are breathtaking, such as the statement that internet businesses are provided \u201cblanket and unqualified immunity for sexual crimes against children.\u201d It (falsely) reassures small business owners who dare to have websites that the government-ordered scanning they will be subject to will come \u201cwithout hindering their operations or creating significant costs.\u201d And it says that using automated tools that submit images and videos to law enforcement databases is \u201cnot at odds with preserving online privacy.\u201d<\/p>\n

The Senators supporting the bill have said that their mass surveillance plans are somehow magically compatible with end-to-end encryption. That\u2019s completely false, no matter whether it\u2019s called\u00a0\u201cclient side scanning\u201d<\/a>\u00a0or another misleading new phrase.<\/p>\n

The EARN IT Act doesn\u2019t target Big Tech. It targets every individual internet user, treating us all as potential criminals who deserve to have every single message, photograph, and document scanned and checked against a government database. Since direct government surveillance would be blatantly unconstitutional and provoke public outrage, EARN IT uses tech companies\u2014from the largest ones to the very smallest ones\u2014as its tools.<\/p>\n

The strategy is to get private companies to do the dirty work of mass surveillance. This is the same tactic that the U.S. government used last year, when law enforcement agencies\u00a0tried to convince Apple to subvert its own encryption<\/a>\u00a0and scan users\u2019 photos for them. (That plan has\u00a0stalled out after overwhelming opposition<\/a>.) It\u2019s the same strategy that U.K. law enforcement is using to convince the British public to give up its privacy, having spent public money on\u00a0a laughable publicity campaign that demonizes companies that use encryption<\/a>.<\/p>\n

We won\u2019t waver in our support for privacy and security for all, and the encryption tools that support those values. This bill may be voted on by the Senate Judiciary Committee in just a few days. We\u2019ve told the U.S. Senate that we will not back down in our opposition to EARN IT. We need you to speak up as well.<\/p>\n","protected":false},"excerpt":{"rendered":"

Senators Want EARN IT Bill to Scan All Online Messages. People don\u2019t want outsiders reading their private messages \u2014not their physical mail, not their texts, not their DMs, nothing. It\u2019s a clear and obvious point, but one place it doesn\u2019t seem to have reached is the U.S. Senate. A group of lawmakers led by Sen. … Continue reading “”<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[11,9,5,24],"tags":[],"class_list":["post-76948","post","type-post","status-publish","format-standard","hentry","category-crap-for-brains","category-enemies-foreign-domestic","category-politics","category-rights"],"_links":{"self":[{"href":"https:\/\/milesfortis.com\/index.php?rest_route=\/wp\/v2\/posts\/76948","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/milesfortis.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/milesfortis.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/milesfortis.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/milesfortis.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=76948"}],"version-history":[{"count":1,"href":"https:\/\/milesfortis.com\/index.php?rest_route=\/wp\/v2\/posts\/76948\/revisions"}],"predecessor-version":[{"id":76949,"href":"https:\/\/milesfortis.com\/index.php?rest_route=\/wp\/v2\/posts\/76948\/revisions\/76949"}],"wp:attachment":[{"href":"https:\/\/milesfortis.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=76948"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/milesfortis.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=76948"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/milesfortis.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=76948"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}