Because the internet is a strange and complicated place, the fate of your digital privacy is, at this very moment, intertwined with that of online message boards and comment sections. And things, we're sorry to report, aren't looking so hot.
At issue is the seemingly unrelated EARN IT Act. Pushed by Republican Sen. Lindsey Graham and a host of bipartisan co-sponsors, and voted on by the Senate Judiciary Committee last Thursday, the measure ostensibly aims to combat online child sexual abuse material. However, according to privacy and security experts who spoke with Mashable, the bill both directly threatens end-to-end encryption and promises to spur new and sustained online censorship by weakening Section 230 a provision of the Communication Decency Act of 1996 that protects internet providers from being held liable for their users' actions.
The devil, as it so often can be found, is in the details. That's because the newly amended version of the bill essentially gives state lawmakers the ability to regulate the internet, according to Joe Mullin, a policy analyst with the Electronic Frontier Foundation, who broke down the censorship risks posed by the measure should it become law.
"All 50 states will be able to write new Internet rules that online platforms and websites will have to follow," Mullin explained in an email. "The only limit on the new rules is that they will have to relate, in some way, to the fight against child sexual abuse. If websites don't follow the new state-level internet rules, they'll be exposed to private lawsuits and potentially state-level criminal prosecutions."
This concern is echoed by the ACLU which, in a July 1 open letter, warned that "[by] allowing states to set their own standards for platform liability for [child sexual abuse material], the amended version [of the EARN IT Act] allows states to create inappropriate standards by which platform responsibility for user-generated content should be judged."
In case that's not clear enough, earlier this month, in an open letter addressed to Democratic Sen. Diane Feinstein and Sen. Graham, EFF director of federal affairs, India McKinney, predicted that the EARN IT Act would lead to the "loss of Section 230 immunity" for online platforms. In other words, online companies could be held liable for user-generated content. This could inspire those companies to proactively discontinue offerings like message boards that we all take for granted as an indelible part of internet culture.
"Why have a comments section, or a discussion forum, or an email service, or file storage services, if you could get in big trouble for something that a user did even without your knowledge," asked Mullin. "Online platforms will hedge their risk by removing or not providing these features."
And, even though the possibility of 50 distinct state-level rules exists if the EARN IT Act becomes law, it's not like living in one relatively hands-off state would necessarily exempt you. Why would a company go to the trouble of crafting 50 different policies and releasing 50 different location-specific offerings, after all, when it could simply tailor everything to the requirements of the most restrictive state government?
WATCH: It's surprisingly easy to be more secure online
Which brings us to encryption, or, more specifically, end-to-end encryption.
End-to-end encryption is the gold standard in digital privacy. When implemented properly, it ensures that only a message's sender and intended recipient can read its contents. Basically, it means that third parties like governments, private companies, and hackers aren't reading your messages, bank statements, and doctors' notes.
The EARN IT Act, which technically is an acronym for the "Eliminating Abusive and Rampant Neglect of Interactive Technologies," has a list of co-sponsors that include many Senators long in opposition to the idea of consumer access to end-to-end encryption. In 2016, Sen. Feinstein, one such EARN IT Act co-sponsor, co-authored a bill with Republican Sen. Richard Burr that would have more or less made end-to-end encryption illegal.
The EARN IT Act may not be as explicit as previous efforts to ban end-to-end encryption, but experts insist it is likewise a threat to a technology used by companies such as Apple to protect customers' data from hackers.
When initially introduced in the Senate on March 5 of this year, the EARN IT Act directly threatened the legality of end-to-end encryption so much so, that back in April, Signal, a free and open-source, secure messaging app, published a blog post warning its ability to operate in the U.S. was at risk should the measure pass.
"The EARN IT act turns Section 230 protection into a hypocritical bargaining chip," warned Signal. "At a high level, what the bill proposes is a system where companies have to earn Section 230 protection by following a set of designed-by-committee 'best practices' that are extraordinarily unlikely to allow end-to-end encryption."
The bill was amended last week to address some of those fears, but the changes weren't enough to convince actual privacy experts. Riana Pfefferkorn, the associate director of surveillance and cybersecurity at Stanford's Center for Internet and Society, made as much clear in a July 6 blog post. She wrote that the amendment by Sen. Patrick Leahy is "not the silver bullet that some are holding it out as in terms of answering critics' concerns about how EARN IT could potentially discourage encryption and harm cybersecurity."
Mullin agrees, and cautions that the bill could result in lawmakers insisting providers scan users' devices, messages, and conversations before they are ever encrypted.
"State lawmakers could easily get around the Leahy amendment by demanding some form of 'client side scanning,'" he said, "which has been the direction of the anti-encryption forces for about a year now."
Patrick Wardle, principal security researcher at Jamf, founder of the free anti-malware service Objective-See, and ex-NSA hacker, echoed Mullin in noting that the EARN IT Act looks to be more of the same from the anti-privacy crowd.
"[This] seems just to be the latest push by the govt. for weakening encryption," he said in a Twitter direct message. "Hopefully it doesn't go anywhere."
Wardle's opposition to the EARN IT Act is notable for many reasons, and not just because he used to work for the NSA. In 2017, Wardle uncovered a malware strain that had infected hundreds of computers in the U.S. and was used to spy on unsuspecting victims through their webcams. In early 2018, an Ohio man was charged with installing the malware on thousands of computers.
That Wardle who literally helped bring to justice someone accused of an effort to "produce child pornography" opposes the EARN IT Act should be a huge tip-off that the measure isn't as straightforward as its proponents suggest.
SEE ALSO: Police used smart streetlights to surveil protesters, just as privacy groups warned
Importantly, the bill hasn't passed yet; it hasn't even been brought to the floor of the Senate for a full vote. Not even the EFF could say when or even if the bill will get a full vote.
That doesn't mean the threat it poses to both your privacy, and the internet as we know it, is any less real should it eventually become law.
Read the original here:
The anti-privacy EARN IT Act could change the internet as you know it - Mashable
- Elon Musk weighs in on the encryption wars between Telegram and Signal - Business Insider - May 15th, 2024
- Microsoft to Make BitLocker Encryption the Default in Next Windows 11 Build - ExtremeTech - May 15th, 2024
- Encryption toolkit for media makers: An introduction - Freedom of the Press Foundation - May 15th, 2024
- Which is it, RPD? Shooting, Disorderly, Or Encryption and Lies? - Rockford Scanner - May 15th, 2024
- Windows 11 Will Enable Encryption by Default During Installation - 80.lv - May 15th, 2024
- Apple and encryption services Wire and Proton have provided information on activists at the request of police - GIGAZINE - May 15th, 2024
- End-to-end encryption may be the bane of cops, but they can't close that Pandora's Box - The Register - May 6th, 2024
- Microsoft breaks VPN encryption in Windows 11 and Windows 10 - GB News - May 6th, 2024
- Marriott admits it falsely claimed for five years it was using encryption during 2018 breach - CSO Online - May 6th, 2024
- Marriott admits it wasn't using encryption before major 2018 hack - TechRadar - May 6th, 2024
- WhatsApp could leave India over encryption battle - Rest of World - May 6th, 2024
- Encryption: The Cornerstone Of Cryptocurrencies | MENAFN.COM - MENAFN.COM - May 6th, 2024
- Quantum-proofing passwords and artwork with DNA encryption - Advanced Science News - May 6th, 2024
- News: Encryption and encrypted passwords in the world of blockchain and crypto - Bitfinex - May 6th, 2024
- Banking Encryption Software Market to Reach USD 11.50 Bn by 2029, at a CAGR of 9.2 percent As Revealed In N... - WhaTech - May 6th, 2024
- ETtech Explainer: WhatsApp's standoff with Centre over end-to-end encryption - The Economic Times - May 6th, 2024
- Explained: Why WhatsApp is willing to leave India over encryption - MSN - May 6th, 2024
- The Future of End-to-End Encryption May Get Decided This Week in Nevada | TechPolicy.Press - Tech Policy Press - March 13th, 2024
- What is fully homomorphic encryption and how will it change blockchain? - Blockworks - March 13th, 2024
- Zamas homomorphic encryption tech lands it $73M on a valuation of nearly $400M - TechCrunch - March 13th, 2024
- WhatsApp encryption status might appear at the top of chats - BGR - March 13th, 2024
- TELCLOUD Teams With CyberProtonics to Add Quantum Encryption Security Technology on All POTS Line Phone ... - Business Wire - March 13th, 2024
- WhatsApp Clears Up Confusion Over Encryption With A Handy New Chat Label - Hot Hardware - March 13th, 2024
- WhatsApp Now Offers Encryption Label At The Top Of Your Chat Window: What It Means - News18 - March 13th, 2024
- WhatsApp update: An encryption indicator for chats is in the works, says report - HT Tech - March 13th, 2024
- Navigating an evolving landscape of threats and the rise of the encryption-less data breach - iTWire - March 13th, 2024
- Quantum Cryptography and Encryption Market Size, Growing Demand and Trends 2023 to 2030 - WhaTech - March 13th, 2024
- WhatsApp wants to 'show off' its end-to-end encryption feature to users - The Times of India - March 13th, 2024
- Disk Encryption Software Market Report Probes the Size, Share, Competitive Landscape and Trend Analysis - WhaTech - March 13th, 2024
- Signal President Meredith Whittaker Warns Against Encryption Threats and Tech Accountability Misuse - BNN Breaking - March 5th, 2024
- Shiba Inu Implements State-of-the-Art Encryption to Enhance Privacy & Security for Users and Developers - The Defiant - DeFi News - March 5th, 2024
- NYPD shows no sign of reversing Staten Island police radio encryption, but state legislation could change that - SILive.com - March 5th, 2024
- BitLocker encryption broken in 43 seconds with sub-$10 Raspberry Pi Pico key can be sniffed when using an ... - Tom's Hardware - February 9th, 2024
- BitLocker's Encryption Is Broken, But It's Still Not Time to Switch - MUO - MakeUseOf - February 9th, 2024
- Breaking Bitlocker: Watch Microsoft's Windows disk encryption being bypassed in just 43 seconds - BetaNews - February 9th, 2024
- Microsoft BitLocker encryption hacked by a cheap off-the-shelf Raspberry Pi Pico - ReadWrite - February 9th, 2024
- Web3 Foundation Announces Grant Funding for Creation of On-Chain Randomness and Timelock Encryption ... - StartupHub.ai - February 9th, 2024
- BitLocker Gets Pi All Over It's Face As A Pico Cracks The Encryption Key - PC Perspective - February 9th, 2024
- The Dawn Of Quantum Computing In Finance: Revolutionizing Data Analysis And Encryption, According To Investor ... - Global Banking And Finance Review - February 9th, 2024
- Cryptographic storage is a secure way to store data using encryption and other security measures. - Medium - February 1st, 2024
- Senator proposes new encryption provision in bill against online child exploitation - The Record from Recorded Future News - February 1st, 2024
- Email Encryption Market is Expected to Reach US$ 20.7 Billion by 2032: IMARC Group - EIN News - February 1st, 2024
- EU: Open letter on security-cloaked threats to encryption - ARTICLE 19 - Article 19 - January 15th, 2024
- Mind Network: Revolutionizing Web3 Security and Privacy with Fully Homomorphic Encryption - BSC NEWS - January 15th, 2024
- What Is Encryption? Definition, How it Works, & Examples - eSecurityPlanet - January 7th, 2024
- What Is Encryption? - Definition, Types & More | Proofpoint US - January 7th, 2024
- Encryption, Its Algorithms And Its Future - GeeksforGeeks - January 7th, 2024
- End-to-end encryption: What it is, how it works, and why you need it - The Indian Express - January 7th, 2024
- What Is Encryption and Why It's Important for Cybersecurity - devmio - January 7th, 2024
- Quantum Quandary: Navigating the Path to Unbreakable Encryption - Security Boulevard - January 7th, 2024
- What is Encryption and how does it work? | OpenText - December 20th, 2023
- The police scanner is fading away due to the move to encryption communication - Kankakee Daily Journal - December 20th, 2023
- EAGLYS, Mitsui, and Quantinuum Partner on Hardened Encryption Keys Using Quantum Computing - Quantum Computing Report - December 20th, 2023
- Meta rolls out default end-to-end encryption for its 1 billion users. Here's what to know - The European Sting - December 20th, 2023
- Messenger finally gets end-to-end encryption by default - The Verge - December 11th, 2023
- Meta Announces End-to-End Encryption by Default in Messenger - EFF - December 11th, 2023
- Why It Took Meta 7 Years to Turn on End-to-End Encryption for All Chats - WIRED - December 11th, 2023
- Meta to expand encryption on Messenger making it similar to WhatsApp - CNBC - December 11th, 2023
- Default end-to-end encryption introduced in Messenger - SC Media - December 11th, 2023
- Meta Launches Default End-to-End Encryption for Chats and Calls on Messenger - The Hacker News - December 11th, 2023
- Encryption: It's Not About Good and Bad Guys, It's About All of Us - Center for European Policy Analysis - December 11th, 2023
- Default end-to-end encryption is finally coming to Messenger and Facebook - Popular Science - December 11th, 2023
- Lack of Encryption the Primary Reason for Sensitive Data Loss - Business Wire - December 11th, 2023
- Facebook Messenger end-to-end encryption is finally here - BGR - December 11th, 2023
- Facebook Messenger Now Uses End-to-End Encryption by Default - How-To Geek - December 11th, 2023
- What does end-to-end encryption on Facebook and Messenger mean for users? - The National - December 11th, 2023
- Meta starts adding controversial encryption to Facebook and Messenger chats - The Independent - December 11th, 2023
- The Quantum Computing Threat to Encryption and Cybersecurity - Medium - December 11th, 2023
- Meta adds end-to-end encryption to Messenger and Facebook. Details here | Mint - Mint - December 11th, 2023
- AI and Quantum Computing Threaten Encryption and Data Security - Security Boulevard - December 11th, 2023
- End-to-end encryption in Facebook Messenger will now work by default - Mezha.Media - December 11th, 2023
- Equiniti Announces Partnership with Beyond Encryption to Strengthen its Secure Digital Communications - Global Banking And Finance Review - November 17th, 2023
- Bluefin, The Payments Fintech Focused On PCI-Validated Encryption And Tokenization Technologies, Partners - Crowdfund Insider - October 27th, 2023
- Cryptography | NIST - National Institute of Standards and Technology - October 16th, 2023
- What Is Encryption? - Internet Society - October 16th, 2023
- How to Encrypt Files, Folders and Drives on Windows | TechSpot - May 3rd, 2023
- What Is Encryption, and How Does It Work? - How-To Geek - May 3rd, 2023
- What Is Encryption? | Definition + How It Works | Norton - January 30th, 2023
- What is PGP Encryption and How Does It Work? - Varonis - January 30th, 2023
- What is Encryption and How Does it Work? - TechTarget - January 22nd, 2023