Things are escalating quickly. Despite the need to address the growing concerns of Americans, Washington D.C. and the surveillance deep state are moving to spy on them by quietly pushing a totalitarian act of legislation.
The bipartisan supported bill, called the EARN IT bill, is sponsored by Senators Lindsay Graham (R-SC) and Richard Blumenthal (D-CT).
This incredibly Draconian bill seeks to end what little privacy we have left online. As the Electronic Frontier Foundation reports, it will strip Section 230 protections away from any website that doesn’t follow a list of “best practices,” meaning those sites can be sued into bankruptcy.
The “best practices” list will be created by a government commission, headed by Attorney General Barr, who has made it very clear he would like to ban encryption, and guarantee law enforcement “legal access” to any digital message.
The authors of the bill were surreptitious in crafting its text, carefully avoiding any usage of the word “encryption” in an apparent effort to trick Americans into thinking it’s harmless.
And, last week, Blumenthal was quick to point this out — which was likely planned from the beginning.
“This bill says nothing about encryption,” Sen. Blumenthal said at Thursday’s hearing on the bill.
“Have you found a word in this bill about encryption?” he asked one witness. But the folks at EFF warn that this is a deceptive ploy.
It’s true that the bill’s authors avoided using that word. But they did propose legislation that enables an all-out assault on encryption. It would create a 19-person commission that’s completely controlled by the Attorney General and law enforcement agencies.
And, at the hearing, a Vice-President at the National Center for Missing and Exploited Children (NCMEC) made it clear [PDF] what he wants the best practices to be.
NCMEC believes online services should be made to screen their messages for material that NCMEC considers abusive; use screening technology approved by NCMEC and law enforcement; report what they find in the messages to NCMEC; and be held legally responsible for the content of messages sent by others.
You can’t have an Internet where messages are screened en masse, and also have end-to-end encryption any more than you can create backdoors that can only be used by the good guys.
The two are mutually exclusive. Concepts like “client-side scanning” aren’t a clever route around this; such scanning is just another way to break end-to-end encryption. Either the message remains private to everyone but its recipients, or it’s available to others.
The 19-person draft commission isn’t any better than the 15-person commission envisioned in an early draft of the bill. It’s completely dominated by law enforcement and allied groups like NCMEC.
Not only will those groups have a majority of votes on the commission, but the bill gives Attorney General Barr the power to veto or approve the list of best practices.
Even if other commission members do disagree with law enforcement, Barr’s veto power will put him in a position to strongarm them.
If we look at how the surveillance state abuses other regulations like this one, we can bet on seeing a level of online surveillance like never before.
It will allow law enforcement tools to erode online privacy and punish those whom with they may disagree.
If this bill passes and law enforcement gets their way with breaking encryption, as Joe Mullin points out, “authoritarian regimes around the world will rejoice, as they have the ability to add their own types of mandatory scanning, not just for child sexual abuse material but for self-expression that those governments want to suppress.”
When the government fears your privacy, that government no longer has your best interests in mind.