Close

Draft bill could penalize companies for using end-to-end encryption

Sponsored Links


AP Photo/Julio Cortez

Politicians may be looking for a roundabout way to thwart end-to-end encryption. Senator Lindsey Graham is drafting a bill, the Eliminating Abusive and Rampant Neglect of Interactive Technologies (EARN IT) Act, that would modify the Communications Decency Act’s Section 230 to make companies liable in state criminal cases and civil lawsuits over child abuse and exploitation if they don’t follow practices set by a national commission. Some of would be relatively uncontroversial, such as offering parental controls and setting age limits with disclosures. However, the bill also includes requirements to “preserve, remove from view, and report” material as well as retain evidence, and there’s a concern these could be used as pretexts for punishing the use of end-to-end encryption that would make some of this data inaccessible.

The draft ask the commission to consider issues like privacy and security when establishing the practices. However, the 15-person commission would be led by the Attorney General, and current AG Barr has been a vocal opponent of end-to-end encryption. As the draft law would let Barr modify the rules without a consensus, it wouldn’t take much for him to require a backdoor and thus weaken encryption for everyone by creating a hacker-friendly vulnerability.

Riana Pfefferkorn, an Associate Director at the Stanford Center for Internet and Society, also warned that the commission wouldn’t have much oversight. She also noted that the last modification of Section 230, for FOSTA-SESTA, is facing a constitutional challenge and appears to have done more to hurt sex workers than curb sex trafficking.

This is a draft bill and isn’t guaranteed to reach the Senate Judiciary Committee as-is, let alone make it to the floor for a vote or pass both sides of Congress. Senator Richard Blumenthal was supposed to co-sponsor the bill, but there hasn’t been any sign of this so far. It does illustrate some congressional attitudes toward liability for online content, though, and suggests that Section 230 might be vulnerable in the future.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.

Comment



Comments

Share

Tweet

Share