Every so often, a government puts forward a bill that threatens our privacy on the internet. One of these is the American EARN IT bill, which caused discontent amongst privacy enthusiasts due to potentially making privacy a thing of the past.
Let’s explore what the EARN IT bill is, what it’s trying to achieve, and why you should care.
What Is the EARN IT Bill?
The Eliminating Abusive and Rampant Neglect of Interactive Technologies Act of 2020 (EARN IT Act of 2020) is the new bill to tackle abusive content online. The bill’s acronym is not a coincidence; the initial idea was that websites had to “earn” protection by obeying the government’s guidance.
The “protection” in question is section 230 of the Communications Decency Act. If a business wants this protection, they have to allow the installation of a governmental backdoor on their systems. If they allow it, they’re protected; however, if they don’t, someone can sue them into bankruptcy.
Two relatively vague terms are fundamental to understanding the EARN IT bill: “section 230” and “governmental backdoor.” As such, before we can discuss what the EARN IT bill means for the internet, let’s explore what these terms mean and understand why they’re essential.
What Is “Section 230?”
Section 230 of the Communications Decency Act is titled “Protection for private blocking and screening of offensive material.” This is an important section of the act, as it allows websites to promote free speech without getting into trouble.
Section 230 aims to separate the people making statements on a website from the host of said website. For example, imagine if a website owner installed a forum that they hosted themselves. They leave for a few days and come back to find that some rogue users posted illegal content on the forum.
If this case ends up going to the courts, it’s not inherently clear who here was in the wrong. Was it the host, as they let the content sit there unmoderated? Or is it the user, who posted illegal content in the first place?
Fortunately, section 230 answers the problem for us. It states that, when illegal content finds its way onto a website, the original poster is in trouble:
(1) Treatment of publisher or speaker
No provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider.
This is the protection that the original EARN IT bill had companies “earn.” If they complied, content produced on their website was the uploader’s responsibility. If they didn’t, they could be treated as a publisher of illegal content and subsequently sued.
What Is a “Governmental Backdoor?”
You’ll usually see the term “backdoor” in shady or criminal activity. It’s an entry point in a system that skirts around the defenses and allows for unfettered entry.
Backdoors can either be planned in advance or created by hackers. For the former, a company develops devices with a pre-made backdoor that others can use for spying. Huawei came under fire about backdoors in their devices in 2019, which caused friction over the idea of letting Huawei set up 5G in other countries.
Hackers can also set up backdoors for themselves. They infect a system with malware which then “opens up a passageway” for rogue connections to enter through.
In the case of the EARN IT bill, it would ask for businesses to create a backdoor for the government to use. If the government believes that a user posts illegal content, they can use the backdoor to view encrypted information and identify the culprit.
The Current History of the EARN IT Bill
The EARN IT bill you’ll see today is different from the original copy. As such, let’s look at what it initially said and how it has evolved.
The Original EARN IT Bill
When the EARN IT bill first appeared, it didn’t inspire much confidence in privacy advocates. EFF reported on the bill when it came out, noting its dangerous elements.
In the original bill, the government appoints 19 people as a commission for the internet. These people would work with the National Center for Missing and Exploited Children (NCMEC) to draw up a list of “best practices.”
Then, the government would ask businesses to comply with these practices. If they do, the government can then establish a backdoor to read encrypted messages for law enforcement purposes. Because the company allowed the government to look at their user’s messages, it has “earned” the right for protection under section 230.
If the business does not, the government declares that they haven’t earned the right to use section 230. As such, if someone does post illegal content on the website, the site’s owner comes under fire.
The Revised EARN IT Bill
Fortunately, the original bill underwent some changes to make it less stern; however, it still poses a threat to your privacy online.
As EFF reports again, this new bill doesn’t have the “earn it or lose it” aspect of the original draft. Instead, the new bill will weaken section 230 so that if websites host child abuse imagery, law enforcement can take the host to court. It also scraps the 19-person committee and gives their powers to state legislature.
As such, instead of demanding businesses to “comply or die,” each state will have its own laws as to how to tackle child abuse imagery. At the very least, someone can sue a website hosting these images, even if the host didn’t post the pictures themselves.
Arguments For and Against the EARN IT Bill
As you might expect, the bill’s existence has caused major debate. The new revised version has its supporters and critics, who put forward their arguments for and against EARN IT.
Arguments For the EARN IT Bill
Support for EARN IT comes from governmental sources, as well as anti-child abuse organizations. Currently, law enforcement finds it hard to take down abusive images online. They can’t tackle the host, because section 230 protects them; however, they can’t get information on the original poster due to encryption.
These groups hope that EARN IT gives law enforcement more power to get rid of child abuse imagery. If a state allows it, the law can monitor encrypted data directly. At the very least, websites that host abusive content lose protection under section 230, thus prompting web hosts to be diligent about what users post on their websites.
Arguments Against the EARN IT Bill
Critics, however, don’t believe that the ultimate goal for EARN IT is to prevent child abuse imagery online. They believe the government is actually targeting a major thorn in their side: encryption.
Encryption is the government’s worst nightmare. It allows people to say and post whatever they please without governments tracking their every action. As such, privacy advocates watch closely for any potential “encryption buster” bills disguised as something else.
Privacy advocates argue that the EARN IT bill won’t do much to catch criminals. The posters will likely use VPNs and encryption services of their own, which makes it extremely hard to track them. As such, advocates believe the main goal for EARN IT is to weaken encryption and allow the government to see what everyone is posting.
How the EARN IT Bill Will Affect Your Privacy
How this bill will affect you depends on the laws that each state will set. For instance, some will demand that websites have a backdoor for law enforcement. If this happens, the government can monitor your communications as you use the website.
This also affects you even if you’re not in the US. For example, if you visit an American website, there’s a chance that the government can monitor your data. As such, if the EARN IT bill passes, it may force privacy advocates around the world to adopt measures such as the Tor Browser.
Keeping Your Privacy Online
With the new EARN IT bill making its way through government, it poses a threat to those who want privacy on the internet. Even if it does pass, you can still protect yourself using a VPN or the Tor Browser.
If you do decide to take control of your privacy, be sure to read these top tips for using the Tor Browser.
Image Credit: Proxima Studio/Shutterstock
Read the full article: What Is the EARN IT Bill and How Will It Affect Digital Privacy?