The EARN IT Act was unanimously passed, 22-0, on July 2nd in the Senate Judiciary Committee. The “Eliminating Abusive and Rampant Neglect of Interactive Technologies Act of 202” or “Earn It,” is a piece of legislation aiming to crack down on child pornography on the internet.
The act was proposed in late June by Lindsey Graham (R-SC) and Richard Blumenthal (D-CT). The earlier version sought to provide federal protection to companies that jumped through a series of hoops. These new steps included gaining access to encrypted communications for law enforcement. Entities that did not satisfy those requirements could be sued if their network or servers contained harmful depictions of sexually abusive material.
The older bill was harshly criticized for a perceived attack against encryption methods widely used by consumers, companies, and others who value their private conversations. Though the bill was amended to remove the previously debated sections, it now allows tech companies to be sued by individual states instead of facing federal repercussions.
The widely-used encrypted messaging app Signal announced that if the EARN IT bill passes into law, it will be forced to relocate from the US.
What would this mean to everyday consumers? An example from CNET.com puts it well. “If child sexual abuse material is sent through an encrypted messaging platform, like WhatsApp, for example, states will be able to sue them and hold the company responsible for being unable to moderate those messages.” For the uninformed, encryption ensures that only the sender and receiver of a message can read it. Third parties, including WhatsApp, are unable to read such communications.
Because each state has its own standards for holding platforms responsible for sexually exploitive materials, this could lead to a confusing situation. An acceptable level of oversight in one state may not be enough for another, potentially opening WhatsApp up to legal action.
Encryption Under Attack
While the EARN IT authors have stated they are not attacking encryption directly, an anti-encryption bill is currently being debated. The Lawful Access to Encrypted Data Act would require companies to build encryption backdoors to all services. In late June, Lindsey Graham stated his intentions.
“My position is clear: After law enforcement obtains the necessary court authorizations, they should be able to retrieve information to assist in their investigations.”
This new bill is dressed up as a way to battle terrorism and create a safer environment for US citizens, but “safety” measures have been distorted in the past. The Patriot Act was initially intended to protect the US against future terrorist attacks following 9/11. It is now being used domestically to gain warrantless access to individuals’ internet searches.
If encryption comes under attack, it could impact the blockchain space as well. All blockchains and cryptocurrencies rely on some level of encryption as part of their software code. The current media storm over the COVID-19 pandemic has allowed these government initiatives to go mostly unreported.