EARN It Act is ostensibly a bill to prevent sexual exploitation of children online, but critics say it could end internet privacy and encryption features GovTrack.us Follow Apr 8 · 4 min read

Sen. Lindsey Graham (R-SC)

A potential list of legally binding but to-be-determined “best practices” for internet companies could include almost anything.

Context

If somebody uses an open online platform such as Facebook, Craigslist, or Reddit to post illegal material such as child pornography, is the platform itself legally liable? Since the enactment of the Telecommunications Act of 1996, the answer has been no.

The person or user who posted the material can — and should — be found criminally guilty, but not the website itself. (Unless the actual primary activity of the website was trafficking in this illegal material, most prominently Backpage.com which was shut down by the federal government in 2018.)

The legal logic of the 1996 law was to protect First Amendment free speech rights. If websites had to face economic repercussions such as a fine for every illegal message posted on their platform, many might choose to limit the quantity or types of messages users could post instead.

The National Center for Missing and Exploited Children’s CyberTipline received reports of 69.1 million image or video files related to child sexual exploitation in 2019 alone.

What the bill does

The Eliminating Abusive and Rampant Neglect of Interactive Technologies (EARN IT) Act would change websites’ liability for sexually exploitative content for children, from the current “presumed innocent” standard to having to “earn” their protection from legal repercussions for illegal content posted on their platforms.

A 19-member commission would also be created to craft a list of “best practices” on the issue, including the Attorney General, Secretary of Homeland Security, Chair of the Federal Trade Commission, and four members each appointed by the top Republican and Democrat in both the House and Senate.

But critics worry that unlike most political commissions — which hold a few meetings, maybe issue a report of recommendations at the end, and then are never heard from again — this commission would actually hold far more power. Their list of best practices would be legally binding, and websites could only earn legal protection from if they comply.

The list of the best practices has not yet been finalized; the bill would have to be enacted, then the commission’s members appointed, then the list of best practices determined. But if all of those steps are completed, privacy advocates particularly worry that one new “best practice” requirement would be abandoning encryption, the technology underlying much of current internet privacy. Attorney General William Barr has advocated ending encryption.

It was introduced in the Senate on March 5 as bill number S. 3398, by Sen. Lindsey Graham (R-SC).

What supporters say

Supporters argue the bill provides a bulwark against an increasing problem of the digital era, especially as today’s children and teenagers spent so much of their existence online.

“This bill [would] ensure tech companies are using best business practices to prevent child exploitation online,” Sen. Graham said in a press release. “This bill is a major first step. For the first time, you will have to earn blanket liability protection when it comes to protecting minors. Our goal is to do this in a balanced way that doesn’t overly inhibit innovation, but forcibly deals with child exploitation.”

“The internet is infested with stomach-churning images of children who have been brutally assaulted and exploited, and who are forced to endure a lifetime of pain after these photographs and videos are circulated online,” cosponsor Sen. Richard Blumenthal (D-CT) said in the same press release. “Simply put, tech companies need to do better.”

“Tech companies have an extraordinary special safeguard against legal liability, but that unique protection comes with a responsibility. Companies that fail to comport with basic standards that protect children from exploitation have betrayed the public trust granted them by this special exemption,” Sen. Blumenthal continued. “Online platforms’ near complete immunity from legal responsibility is a privilege — they have to earn it — and that’s what our bipartisan bill requires.”

What opponents say

Opponents counter that the bill is a Trojan horse, actually designed to undermine popular privacy protections such as encryption.

“The bill purports to deal with the very serious issue of child exploitation online, but it offers no meaningful solutions,” the Electronic Frontier Foundation (EFF) Action Center says. “It doesn’t help organizations that support victims. It doesn’t equip law enforcement agencies with resources to investigate claims of child exploitation or training in how to use online platforms to catch perpetrators.”

“Rather, the bill’s authors have used defending children as the shrewd pretense for an attack on our free speech and security online,” the EFF continues. The seemingly-innocuous task force’s ostensible “recommendations” would actually have legal force, potentially including allowing backdoors for encryption.

Odds of passage

The bill has attracted 10 bipartisan Senate cosponsors: six Democrats and four Republicans. It awaits a potential vote in the Senate Judiciary Committee, where it’s been cosponsored by both the top Republican Sen. Graham and the top Democrat Sen. Dianne Feinstein (D-CA).

This article was written by GovTrack Insider staff writer Jesse Rifkin.

Like our analyses? Want more? Support our work!