Senate committee advances bill that could threaten encryption, Section 230

By Mike Peterson

The U.S. Senate Judiciary Committee has advanced the controversial EARN IT bill, which would erode Section 230 protections for tech companies and could threaten the use of end-to-end encryption.

US Capitol building. Credit: Heidi Kaden

No Judiciary Committee senators opposed the bill's passage to the Senate floor. Still, several raised concerns about the legislation's potential threats to privacy and free speech, The Washington Post reported on Thursday.

The purpose of the bill is to "develop recommended best practices that providers of interactive computer services may choose to implement to prevent, reduce, and respond to the online sexual exploitation of children."

According to a fact document about EARN IT, it would create "new incentives for the tech industry to take online child exploitation seriously."

The bill would empower U.S. states and territories to create new regulations that could strip protections guaranteed under Section 230, which shields websites and platforms from liability for content posted by users.

Specifically, it creates an exemption to Section 230 for child sexual abuse material, or CSAM. In addition, it would also create a Commission to issue voluntary best practices for technology companies and online platforms to adopt.

Technologists and privacy advocates are concerned that the bill would create legal risk for businesses unless they choose to scan content hosted on cloud-based services -- including messages, photos, online backups, and more.

According to digital civil rights group the Electronic Frontier Foundation, EARN IT would "pave the way for a massive new surveillance system, run by private companies, that would roll back some of the most important privacy and security features in technology used by people around the globe."

The National Center on Sexual Exploitation, a supporter of the bill, countered the privacy and security claims, stating that online platforms have "major flaws" that would be corrected by EARN IT.

EARN IT was introduced by Sen. Lindsay Graham and Sen. Richard Blumenthal. If the name sounds familiar, it's because an earlier version of the bill was introduced in 2020 -- and subsequently dropped in the face of overwhelming opposition.

Apple, for its part, has already attempted to take a step toward scanning for CSAM material. Like the original EARN IT act, Apple's CSAM scanning system in iCloud was wildly unpopular. Apple eventually paused the plans after the pushback and promised to consult with researchers and advocacy groups. The EARN IT bill would force Apple's hand, however.

The EARN IT legislation will now move toward the Senate floor for a vote, but it isn't currently clear if the bill has the support it needs to become law, The Washington Post reported.