Online privacy isn’t something to be “EARNed”
In keeping with the debate about privacy versus protection discussed in an earlier blog, we’re continuing with a slightly more in depth look at the EARN IT Act, a bipartisan bill in the United States that, on the surface, is aimed at protecting children from sexual exploitation.
Focusing on aspects of Section 230 of the Communications Decency Act, which historically has protected companies from any liability for content on their platforms,[1] this new act would remove these protections for any child sexual exploitation content. Co-authored by senators Lindsay Graham and Robert Blumenthal, the EARN IT Act proposes that companies will be required to ‘earn’ the right to protection from how their platforms are used based on ‘best practices’ designed by a National Commission on Online Child Sexual Exploitation Prevention.[2] While this seems to be a great idea to ensure companies like Facebook, Twitter and others are focusing on implementing ways to protect children from exploitation, the main cause for concern is what powers will be given to the government before a company can “earn it.”
While encryption is not expressly mentioned in the bill, the controversial idea that tied into the bill’s stated purpose “to prevent, reduce, and respond to the online sexual exploitation of children” are ways in which Attorney General William Barr could force companies to break encryption and subsequently the privacy of users, or be faced with significant legal repercussions.[3]
DragonflAI fully supports efforts to stop Child Sexual Abuse Material from being online, and firmly believes companies need to do more to protect vulnerable users, but there is no need to saddle companies with liability for what their users do while simultaneously limiting users’ privacy and freedoms. Will Cathcart, the CEO of WhatsApp, spoke out on twitter disagreeing with how, “while not directly mandating a backdoor, as written, this act would form a commission that could have the power to require services like WhatsApp to stop offering end-to-end encryption.”[4] Heads of companies that want to make sure their users can keep their conversations private are not the only ones who have an issue with the potential constitutional violations this act could enable.[5] Recently Senator Rob Dryden stated the EARN IT Act is a “Trojan horse to give Attorney General Barr and Donald Trump the power to control online speech and require government access to every aspect of Americans’ lives.”[6]
Again, the act is tied in with the idea that this bill would help protect children from online sexual exploitation, which is a laudable effort we fully support, just not necessarily in this way.
It’s clear that the online security and privacy debate has many facets, but the manner in which this bill attempts to pass into law ways our privacy can be violated by government officials and law enforcement by making it seem as though this is the only way to protect children makes us uncomfortable. Prominent Speaker Andreas Antonopoulos stated in a YouTube stream that “the old trope ‘won’t somebody think of the children’ is used constantly to degrade freedoms. I think the children will not like living under totalitarian government control.”[7] While he takes a hard line approach to this, likening the ramifications of this act to an Orwellian future, the sentiment about using children's safety as a bargaining tool to pass a bill through congress that could drastically affect the way we communicate online is somewhat disturbing.
“the old trope ‘won’t somebody think of the children’ is used constantly to degrade freedoms. I think the children will not like living under totalitarian government control.”
Advances in technology being brought forward by numerous tech companies show ways we can help protect children without needing to sacrifice citizens privacy to archaic surveillance by government, an issue that has already sparked massive global debate following the exposure of NSA and Five-Eyes global surveillance programs in 2013. Our mission at DragonflAI is to protect children online from sexual exploitation, as well as stop the proliferation of CSAM, something we firmly believe can be done without invading the privacy of those who use social networks to communicate. We have proven this with our technology that analyses and moderates content on the device without external viewing, so there is no excuse to further degrade the privacy of individuals online in this manner.
DragonflAI does not want companies to be forced to earn users privacy, but we also think they do need to take more responsibility in protecting users and find ways protection and privacy can coexist.
Sources
[1] https://www.wired.com/story/earn-it-act-sneak-attack-on-encryption/
[2] https://www.infosecurity-magazine.com/news/encryption-debate-stalls-child/
[3] https://www.eff.org/deeplinks/2020/03/earn-it-act-violates-constitution
[4] https://twitter.com/wcathcart/status/1237850609170010113
[5] https://www.eff.org/deeplinks/2020/03/earn-it-act-violates-constitution
[6] https://www.infosecurity-magazine.com/news/encryption-debate-stalls-child/
[7] https://cointelegraph.com/news/andreas-antonopoulos-earn-it-act-could-be-called-fck-you-zuckerberg
