SALT LAKE CITY — Working to control the massive distribution of child sexual abuse imagery on the internet — without trouncing on the very protections that keep the internet an open forum — is proving to be an uphill task for federal lawmakers.
Materials related to online child sexual abuse grew by more than 50% in the past year with the National Center for Missing and Exploited Children reporting nearly 70 million videos and images on the internet, according to a February New York Times report.
Last week the U.S. Senate Judiciary Committee voted unanimously to move a proposal, the Eliminating Abusive and Rampant Neglect of Interactive Technologies Act of 2020, or EARN IT Act, to the full Senate for consideration. But the proposed legislation has been under near constant scrutiny and revision as the bill, according to civil rights groups and open internet advocates, proposes legal changes that could create a chilling effect on the openness of digital communication tools and the platforms that host them.
Sen. Mike Lee, R-Utah, sits on the Judiciary Committee and voted to support the proposal last week, even as two amendments to the bill in his name went undiscussed by the committee. Lee called the continued proliferation of child sexual abuse materials a “scourge on our society” and said he would support the bill moving to the full body, even though he had reservations about potential, negative downstream impacts of the proposed changes.
Lee said the legislation could lead to an untenable hodgepodge of state regulatory responses and also shared his concerns that the proposal, if adopted, could undermine one of the most essential pieces of federal code when it comes to protecting free speech in the digital realm.
“We can’t base a federal protection on a patchwork quilt of inconsistent state laws that may be at odds with each other,” Lee told committee members. “That ... might allow for the most aggressive states to set the standard required for a particular service provider.
“This would essentially do the work of ending Section 230 protections entirely.”
The protections expressed in Section 230 of the Communications Decency Act of 1996 are widely believed to be the basis on which social media and internet communications companies have been able to survive and flourish. It reads, in part, “No provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider.”
The clause shields platforms from legal liability for content created by users, however it does not provide blanket immunity. While protections extend to most civil lawsuits and state criminal law, it does not shield against enforcement of federal criminal laws. Industry watchers have characterized the rule as the very basis on which the modern internet was built and have noted without this rule, that version of the internet would simply not exist.
An earlier version of the EARN IT Act proposed a mechanism that would have compelled online platforms to “earn” liability protections by following yet-to-be-constructed best practices from a commission of nonelected participants that would include some partisan political appointees. The bill also provided no hindrance to future requirements for platforms to build digital “back doors” to allow law enforcement access to private, encrypted communications.
The retooled proposal that the Judiciary Committee passed included a modification to the proposed, 19-member commission to instead function as an advisory panel and, through an adopted amendment from Democratic Vermont Sen. Patrick Leahy, established that a platform or provider cannot be held liable just for having end-to-end encryption functions.
The American Civil Liberties Union has railed against the potential impacts of the EARN IT Act on privacy protections and civil rights.
In a blog post, ACLU senior legislative counsel Kate Ruane noted that there are already tools in place to pursue criminal prosecutions of those who generate and/or distribute child sexual abuse material and points to the bill’s failure to address associated root issues.
“To be clear, child sexual exploitation is a serious problem that Congress should address,” Ruane wrote. “But this bill is not a solution. For one thing, the existing law does not protect platforms from liability for federal crimes like child sexual exploitation.
“Also, the bill does not at all tackle known deficiencies in our response to this problem. For instance, it provides no assistance for prevention programs and makes no attempt to address the root causes of the problem. Rather than provide measured solutions that would protect children, the EARN IT Act instead needlessly threatens our privacy and online speech rights.”
Nonprofit civil rights and internet free speech advocates Electronic Freedom Foundation said while revisions and amendments made prior to the Judiciary Committee’s vote on the bill addressed some issues, the revised proposal was still problematic and still a likely threat to privacy protections.
“It’s certainly an improvement, but we’re still concerned that the amended bill could be used to attack encryption,” wrote foundation policy analyst Joe Mullin in a blog post. “Sen. Leahy’s amendment prohibits holding companies liable because they use ‘end-to-end encryption, device encryption, or other encryption services.’ But the bill still encourages state lawmakers to look for loopholes to undermine end-to-end encryption, such as demanding that messages be scanned on a local device before they get encrypted and sent along to their recipient.
“We think that would violate the spirit of Sen. Leahy’s amendment, but the bill opens the door for that question to be litigated over and over in courts across the country.”
Sen. Richard Blumenthal, D-Conn., characterized the bill as “tailored” and “targeted” and said the protections provided to high-tech companies by Section 230 in the mid-’90s are no longer appropriate.
“There’s no reason for these platforms to have blanket immunity,” Blumenthal said. “A shield against any accountability that is not enjoyed by any other industry in the same way, that’s Section 230. It was appropriate perhaps in this breadth and magnitude at one point in the internet’s history, but no longer.”
And while Facebook, Google and other providers have mechanisms in place to screen for child sexual abuse materials and last year reported tens of millions of incidents to law enforcement, Blumenthal said the EARN IT Act legislation is aiming at tech platforms that are “knowingly” distributing these materials.
“The Leahy amendment ... clarifies that encryption is compatible and consistent with this targeted approach to provide incentives for the tech companies to police their platforms,” Blumenthal said. “That’s what we’re doing. Imposing accountability for platforms that knowingly enable this distribution of filth and misery.
“It is not a meat ax executive order that endangers free speech, it is targeted to help the victims and survivors of this absolutely hideous and insidious torture, rape, exploitation that haunts these survivors for decades, for their whole lifetimes after it initially appears. That is the nature of the internet.”
The EARN IT Act currently awaits further action from the full Senate.