Encryption under threat from EARN IT Act

padlocks on a keyboard

The ability of tech companies to offer end-to-end encryption is under threat from a proposed piece of legislation, it has emerged.

According to Reuters, which cites “two sources with knowledge of the matter”, Chairman of the Senate Judiciary Committee Lindsey Graham and Democratic Senator Richard Blumenthal are set to formally introduce a bill titled “The Eliminating Abuse and Rampant Neglect of Interactive Technologies Act of 2019” (EARN IT Act), to Congress.

RELATED RESOURCE

Digital Risk Report 2020

A global view into the impact of digital transformation on risk and security management

FREE DOWNLOAD

Overtly, the bill seeks to fight the distribution of images of child sexual abuse. However, concerns have been spreading that it could put an end to protections offered to the likes of Facebook, Google and Apple under Section 230 of the Communications Decency Act 1996.

Under this existing piece of federal legislation, certain internet companies are considered not to be the publisher or speaker of content that appears on their platforms, rendering them immune from prosecution.

The proposed bill, a discussion draft of which originally leaked to Bloomberg in late January, would seek to largely overturn Section 230 protections as law makers continue to seek ways to allow tech companies to grow while simultaneously reducing or ending the spread of hate speech, crime and extremism online.

Online platforms will instead have to agree to an as yet undefined set of “best practices”, or be liable for prosecution.

According to Reuters’ sources, U.S. tech companies are worried this could be used as a means to condemn and potentially put a stop to end-to-end encryption. Organisations operating in the technology industry, as well as privacy and human rights advocates, say this type of encryption is vital to maintaining the right to privacy and free speech. On the other hand, federal law enforcement agencies in the U.S., as well as governments and law enforcement abroad such as in the U.K., have complained strong encryption prevents them from doing their jobs properly and enables crime.

Separately, on February 19, Attorney General William Barr also took a swipe at the protections offered under Section 230, suggesting the possibility online platforms should be liable for what users post on their platforms.

Jane McCallion
Deputy Editor

Jane McCallion is ITPro's deputy editor, specializing in cloud computing, cyber security, data centers and enterprise IT infrastructure. Before becoming Deputy Editor, she held the role of Features Editor, managing a pool of freelance and internal writers, while continuing to specialise in enterprise IT infrastructure, and business strategy.

Prior to joining ITPro, Jane was a freelance business journalist writing as both Jane McCallion and Jane Bordenave for titles such as European CEO, World Finance, and Business Excellence Magazine.