The latest version of the EARN IT Act is an even bigger threat to online safety than when it was introduced in 2020.
The Internet Society calls on senators to protect strong encryption by opposing the re-introduced EARN IT Act. As written, the EARN IT Act would threaten the strong, increasingly ubiquitous, encryption that protects all Internet users—including children—in the United States.
Encryption is a critical technology that millions of Americans use to keep their information and communications secure whenever they are online; it is necessary for and inseparable from our personal and national security. In addition to safeguarding information flows online every minute of every day, strong end-to-end encryption is also an essential tool for vulnerable communities, including the LGBTQ+ community, domestic violence survivors, journalists, and many others.
This new version of the EARN IT Act includes an ineffective and inapt “carve out” for encryption. In reality, the bill targets platforms that use end-to-end encryption by increasing the risk of being sued because they offer encrypted services to protect the content and communications of their users.
In the new version of the EARN IT Act, if a platform is suspected of hosting child sexual abuse material (CSAM), its use of encryption can be used as evidence against them in court. While the use of end-to-end encryption cannot be reason alone for losing immunity under Section 230, if a provider is also unable to decrypt their users’ communications they could lose that immunity. By definition, end-to-end encryption means that the provider or any other third party is unable to decrypt the private communications of its users, making the supposed “carve out” worthless at safeguarding end-to-end encryption.
Strong encryption protects everyone on the Internet. The Internet Society strongly opposed the core tenets of the bill when it was first introduced, and we strongly oppose it today. Without encryption, all users—including children—are at risk. We hope instead to see real legislative protections for end-to-end encryption from Congress.