In 2020, members of Congress introduced a bill they said would help rid the internet of child sexual-abuse material (CSAM). The proposed legislation was called the EARN IT Act—an abbreviation for the full name, which was the Eliminating Abusive and Rampant Neglect of Interactive Technologies Act. In addition to establishing a national commission on online child sexual exploitation prevention to come up with the best practices for eliminating such content, the bill stated that any online platforms hosting child sexual-abuse material would lose the protection of Section 230 of the Communications Decency Act, which gives electronic service providers immunity from prosecution for most of the content that is posted by their users.
The bill immediately came under fire from a number of groups—including the Electronic Frontier Foundation, the Freedom of the Press Foundation, and others—who said it failed on a number of levels. For example, as Mike Masnick of Techdirt noted, Section 230 doesn’t protect electronic platforms from liability for illegal content such as child sexual-abuse material, so passing a law exempting them from that protection is redundant, and unnecessary. Critics of the bill also said it could cause online services to stop offering end-to-end encryption, used by activists and journalists around the world, because using encryption is a potential red flag for those investigating CSAM.
In the end, the bill was dropped. But it was resurrected earlier this year, reintroduced by Richard Blumenthal and Lindsey Graham (the House has revived its version as well), and many groups say the current version is as bad as the original, if not worse. The EFF said the bill would still “pave the way for a massive new surveillance system, run by private companies, that would roll back some of the most important privacy and security features in technology used by people around the globe.” The group says the act would allow “private actors to scan every message sent online and report violations to law enforcement,” and potentially allow anything hosted online—including backups, websites, cloud photos, and more—to be scanned by third parties.
Note: This was originally published as the daily newsletter for the Columbia Journalism Review, where I am the chief digital writer
Riana Pfefferkorn, a research fellow at the Stanford Internet Observatory, wrote at Stanford’s Center for Internet and Society: “Make no mistake: this was a dangerous bill two years ago, and because it’s doubled down on its anti-encryption stance, it’s even more dangerous now.” By threatening tech companies with litigation for not doing enough to fight CSAM on their services, Pfefferkorn says that EARN IT “would do a lot of damage to innocent internet users who have broken no law, and that if passed, it will result in companies “overzealously censoring lots of perfectly legal user speech just in case anything that could potentially be deemed CSAM might be lurking in there.”
Article19, an international nonprofit that supports freedom of expression, published an open letter earlier this month that it wrote to Dick Durbin and Chuck Grassley of the Senate Judiciary Committee, in which it expressed strenuous opposition to the EARN IT Act. Article19 also warned that the bill makes it more likely platforms will “engage in overbroad censorship of online speech, especially content created by diverse communities, including LGBTQ individuals, whose posts are disproportionately labeled as sexually explicit.” By opening the door to potential liability for encrypted content, Article19 says the act “would strongly disincentivise providers from providing strong encryption.”
When the original version of the bill came out, Runa Sandvik, who has worked on security for journalists while employed at the New York Times and the Freedom of the Press Foundation, noted at TechCrunch that the bill “introduces significant harm to journalists’ ability to protect their sources.” Tim Cushing, writing for Techdirt at the time, said that if you remove encryption from online networks and services, “you make it that much easier to expose journalists’ sources and snoop on their communications.” This isn’t just an existential threat but a very real one, Cushing said, given that several different administrations have tried to crack down on those who leak documents to journalists.
Here’s more on electronic privacy:
- See no evil: One problem with the EARN IT Act, says Mike Masnick, is that since it requires platforms to take action if they know of child sexual-abuse material, it could incentivize them to moderate their content even less, since that way they could claim that they didn’t know about it. “The senators seem to think that if you remove Section 230 for a type of law-violating content, that magically means that website will be liable for that content,” Masnick said. “The problem is that this is not how any of this actually works.”
- Home Office: The UK Home Office is pushing for new powers under that country’s proposed Online Safety Bill that would require internet companies to monitor for ‘legal but harmful’ user content in addition to more obviously illegal content, the Financial Times reports. If the proposals go forward, the paper says, “communications regulator Ofcom would be granted powers to demand from tech companies a higher level of proactive monitoring, rather than merely relying on their users to report abusive or offensive material.”
- Apple plans: After announcing last August that it planned to scan users’ phones for photos that might fit the definition of child sexual-abuse material, a move that received widespread criticism from a number of privacy groups, Apple said it was taking some time to reconsider this plan, and subsequently removed any mention of it from its website, according to MacRumors. However, an Apple spokesman said in December that despite removing any mention of the feature, its “plans for CSAM detection have not changed,” and that scanning of content on users’ phones will be rolled out in the near future.
Other notable stories:
- Mark Zuckerberg, CEO of Meta (formerly Facebook), announced Wednesday in a blog post that he has appointed Nick Clegg, the former deputy prime minister of Britain, to be the company’s president of global affairs. Clegg joined Facebook in 2018 as vice-president of global affairs and communications. Zuckerberg said that Clegg would be responsible for all policy matters, “including how we interact with governments as they consider adopting new policies and regulations, as well as how we make the case publicly for our products and our work.” One British politician said: “If Nick Clegg is the answer, you know you’re in trouble.”
- The judge that rejected Sarah Palin’s lawsuit against the New York Times did so before the jury had reached its decision in the case, but he allowed them to keep deliberating so that their verdict could be considered in any appeal. According to Bloomberg, several jurors found out about his decision before they reached their own because they got pop-up notifications on their smartphones. A clerk reportedly informed the judge that “at most three” jurors knew his ruling before they delivered their verdict, although all three claimed that the news did not influence their decision to find the Times not guilty.
- Britain’s Supreme Court dismissed an appeal by Bloomberg on Wednesday in a landmark privacy case. “The judges ruled that a person under criminal investigation has a reasonable expectation of privacy until they are actually charged with a crime,” Reuters reported. “Bloomberg reported in 2016 that a U.S. citizen who worked for a regional division of a listed company operating overseas had been interviewed by a UK law enforcement body as part of an investigation into allegations of fraud, bribery and corruption at the company.”
- Phelim Kine writes for Politico about the potential security risks inherent in Otter.ai, a popular tool many journalists use to transcribe interviews. “Even savvy, skeptical journalists who take robust efforts to protect sources have found themselves in the thrall of Otter, a transcription app powered by artificial intelligence, and which has virtually eliminated the once-painstaking task of writing up interview notes,” writes Kine. “That’s an overlooked vulnerability that puts data and sources at risk, say experts.”
- Markus Dohle, the chief executive of Penguin Random House, will personally donate at least $500,000 to the free-speech organization PEN America in an effort to combat book banning in the United States, according to a report from the New York Times on Wednesday. “Dohle said in an interview that he hoped others would follow suit, donating to the newly created Dohle Book Defense Fund, which will provide support to communities where books are being challenged.” Raised in Germany after World War II, Dohle said he grew up aware of “the dark times and the dark history of the country.”
- Caleb Pershan writes for CJR about Project Veritas, which recently lost a court case involving the New York Times. “A New York State appeals court stayed an order that had kept the Times from publishing certain material about Project Veritas,” Pershan writes. “First Amendment advocates and a group of sixty-three media organizations that joined a legal brief on behalf of the Times had decried the unusual order as an unconstitutional example of prior restraint, a form of censorship before the fact.”
- Ken Kurson, who was the editor of the New York Observer when it was owned by Jared Kushner, pleaded guilty Wednesday to cyberstalking charges in New York state, according to the Associated Press. “Manhattan prosecutors said they will withdraw Ken Kurson’s misdemeanor counts of attempted computer trespass and attempted eavesdropping in a year if he performs 100 hours of community service and stays out of trouble,” the wire service reported. Kurson was charged in a similar federal case for hacking his wife’s online accounts and sending threatening messages, but was pardoned by Donald Trump.
- According to a report in The Guardian, Rupert Murdoch’s publishing arm, News UK, is considering turning some of the photos, cartoons, and front pages from its newspapers–the Times and the Sun–into non-fungible tokens or NFTs, which allow users to buy digital works using cryptocurrency and the blockchain. Under the plan, “tens of thousands of physical images, such as exclusive pictures of the Queen, to front pages such as ‘It’s The Sun Wot Won it!’, to Freddie Starr Ate My Hamster, could be given a lucrative second life as exclusive digital collectibles the public could buy and trade,” the Guardian said.