Skip to main content

What is the EARN IT Act? The bill that has privacy advocates worried, explained

A proposed piece of legislation called the EARN IT Act is currently making its way through the Senate, and despite its innocuous name, the bill has drawn criticism from a variety of activist groups who warn that it could have dire consequences for the future of the internet.

To help understand what the act says and how it would affect the web if passed, here’s a quick rundown of the most important parts.

What exactly is EARN IT?

The Eliminating Abusive and Rampant Neglect of Interactive Technologies Act of 2020 (shortened to EARN IT) is a bill sponsored by Sen. Lindsey Graham (R-South Carolina) and Sen. Richard Blumenthal (D-Connecticut) designed to fight child sexual exploitation online.

The bill’s first step is to establish a National Commission on Online Child Sexual Exploitation Prevention. The commission would consist of three agency heads — the attorney general, secretary of Homeland Security, and chairman of the Federal Trade Commission — along with 16 other members chosen by the leaders of the Senate and the House of Representatives.

capitol hill twitter censorship section 230
Getty Images/Digital Trends Graphic

The commission’s role is to come up with “best practices” that internet companies should follow in regard to child sexual abuse material online. These best practices could be broad, and that’s a problem for free speech and cybersecurity activists, who worry the commission will use its broad scope to target encryption, given that Attorney General William Barr has argued in favor of government backdoors into encrypted files. Graham has criticized encryption as well.

Originally, the bill required internet companies to follow the commission’s best practices in order to “earn” the protections granted by Section 230 of the Federal Communications Act. Section 230 is a crucial law in the development of the internet as we know it, shielding internet companies from liability for content users post on their platforms.

The recently amended bill removes the “earn it” idea entirely, however. The commission’s best practices would now be voluntary, however, states would be able to bring criminal or civil charges against companies that violate them.

Why are people worried?

Despite the bill’s stated intent to crack down on child sexual abuse material, activist groups including Human Rights Watch have spoken out against the EARN IT Act. What exactly is the problem?

Critics of the bill focus on a couple issues: That the bill curbs free speech by threatening platforms’ protection under Section 230, that it won’t actually do much to protect children, and that the bill is a stealth attempt at ending end-to-end encryption.

Riana Pfefferkorn, associate director of surveillance and cybersecurity at the Stanford Center for Internet and Society, writes that the EARN IT Act is a “bait and switch” that uses widespread resentment about Section 230 to stage an attack on encryption. Pfefferkorn argues that “ encryption, particularly end-to-end encryption, is likely to be targeted as being contrary to ‘best practices’ for preventing [child sexual abuse material], because if a provider cannot “see” the contents of files on its service due to encryption, it is harder to detect [child sexual abuse material] files.”

Sen. Patrick Leahy (D-Vermont) introduced an amendment to the bill specifically to protect encryption, but according to critics, it doesn’t go far enough. Pfefferkorn says that Leahy’s amendment “essentially gives providers a defense against liability, which is less strong than the a priori immunity from liability in the first place that Section 230 currently provides.”

Encrypted Cloud
Image used with permission by copyright holder

In a statement for the Electronic Frontier Foundation (EFF), Joe Mullin said: “Sen. Leahy’s amendment prohibits holding companies liable because they use end-to-end encryption, device encryption, or other encryption services. But the bill still encourages state lawmakers to look for loopholes to undermine end-to-end encryption, such as demanding that messages be scanned on a local device, before they get encrypted and sent along to their recipient.”

According to the EFF, all 50 states would be able to craft their own laws, any of them capable of pressuring companies to weaken privacy protections like encryption. In that legal landscape, tech companies could err on the side of caution, gutting privacy protections to avoid running foul of state child sexual abuse material laws.

The American Civil Liberties Union also took a stand against the bill in an open letter to the committee, saying “these legal standards could force platforms to undermine or weaken their own encryption and privacy practices in order to avoid legal liability because plaintiffs could argue that end-to-end encryption, itself, is reckless or negligent conduct. Such liability claims could be bolstered if the advisory committee’s best practices recommend that platforms create encryption backdoors or otherwise take steps to weaken the encryption of their services.”

Sen. Ron Wyden (D-Oregon), who has advocated for digital privacy before, criticized the new version of the EARN IT Act, saying that “by allowing any individual state to set laws for internet content, this bill will create massive uncertainty, both for strong encryption and free speech online.”

What comes next?

After unanimous approval by the Senate Judiciary Committee, the next step for the bill is a debate on the floor of the Senate. Blumenthal told Politico that he and Graham want to see the Senate take up the bill this year, and that the House would be developing its own version of the bill soon.

If you have opinions or concerns about the bill, consider reaching out to your senator or representative.

Topics
Will Nicol
Former Digital Trends Contributor
Will Nicol is a Senior Writer at Digital Trends. He covers a variety of subjects, particularly emerging technologies, movies…
How to deactivate your Instagram account (or delete it)
A person holding a phone with the Instagram app open on it.

Oh, social media. Sometimes it’s just too much, folks. If you’re finding yourself in a position where shutting down your Instagram account for a period of time sounds good, Meta’s powers that be have made it pretty simple to deactivate your Instagram account. It’s also quite easy to completely delete your Instagram, although we wouldn’t recommend this latter option if you plan on returning to the platform at a later date.

Read more
How to clear cookies
A person uses a tablet with an HP laser printer in an office.

Cookies are a convenient way to experience the parts of the internet you frequently visit. One can think of these non-edible artifacts as digital breadcrumbs for info you may not want to remember every time. But when your computer is tasked with remembering too many of these trail-markers, it can really slow down your machine. Regardless of the browser you’re using, it’s a good idea to clear your cookies every once in a while.

Read more
Best Buy Memorial Day sale: early TV, laptop, and appliance deals
Digital Trends Best Buy Prime Day Deals Alt

While Memorial Day is still several days away, there are a lot of excellent early Memorial Day deals you can pick up right now from Best Buy. That includes everything from the best TVs, the best Phones, the best Air Fryers, and even the best smart home devices out there, so you have a huge variety of deals to pick from. Of course, there is an overwhelming number of options out there, which is why we've scoured Best Buy for our favorite deals in various categories and collected them all below, so be sure to check out everything in detail.

Best Best Buy Memorial Day TV Deals

Read more