11 Matching Annotations
  1. Jan 2023
  2. Jun 2020
    1. The EARN IT act turns Section 230 protection into a hypocritical bargaining chip. At a high level, what the bill proposes is a system where companies have to earn Section 230 protection by following a set of designed-by-committee “best practices” that are extraordinarily unlikely to allow end-to-end encryption. Anyone who doesn’t comply with these recommendations will lose their Section 230 protection.
    2. Broadly speaking, Section 230 of the Communications Decency Act protects online platforms in the United States from legal liability for the behavior of their users. In the absence of this protection, many of the apps and services that are critical to the way the internet functions today may have never been created in the first place – or they couldn’t have been created in America.
    1. A year’s worth of cajoling back and forth has ultimately resulted in the EARN-IT bill wending its way through the U.S. system, a bill that, if passed, would see messaging services become legally responsible for the content on their platforms. While not mandating backdoors, per se, without some form of probes into message content, the argument runs that the punitive risks become unsurvivable.
    2. there’s a bill tiptoeing through the U.S. Congress that could inflict the backdoor virus that law enforcement agencies have been trying to inflict on encryption for years... The choice for tech companies comes down to weakening their own encryption and endangering the privacy and security of all their users, or foregoing protections and potentially facing liability in a wave of lawsuits.
    1. Once the platforms introduce backdoors, those arguing against such a move say, bad guys will inevitably steal the keys. Lawmakers have been clever. No mention of backdoors at all in the proposed legislation or the need to break encryption. If you transmit illegal or dangerous content, they argue, you will be held responsible. You decide how to do that. Clearly there are no options to some form of backdoor.
    1. Despite its opposition, EARN-IT is the clearest threat yet to end-to-end encryption, given this clever twist in pushing the onus onto the platforms to avoid transmitting illegal content, rather than mandating a lawful interception approach.
    2. Tiring of the privacy and safety debate, those behind EARN-IT have proposed making the platforms responsible for the content they transmit, encrypted or not. This would mean, as explained by Sophos, that tech companies “either weaken their own encryption and endanger the privacy and security of all their users, or forego protections and potentially face liability in a wave of lawsuits.”
    1. The Digital Millennium Copyright Act (DMCA) has notable safe-harbor provisions which protect Internet service providers from the consequences of their users' actions. (Similarly, the EU directive on electronic commerce provides a similar provision of "mere conduit" which, while not exactly the same, serves much the same function as the DMCA safe harbor in this instance.)