clock menu more-arrow no yes

Filed under:

Utah privacy protection efforts finding broad early support but porn filtering hits a wall — again

A brief look at technology-related bills now under consideration at the 2021 Utah legislative session

Rep. Susan Pulsipher, R-South Jordan, discusses HB0072 with members of the House Public Utilities, Energy and Technology Standing Committee at the State Office Building in Salt Lake City on Wednesday, Feb. 3, 2021. The bill would establish filter requirements and enforcement mechanisms for tablets and smartphones activated in the state on or after Jan. 1, 2022.
Rep. Susan Pulsipher, R-South Jordan, discusses HB72 with members of the House Public Utilities, Energy and Technology Standing Committee at the State Office Building in Salt Lake City on Wednesday, Feb. 3, 2021. The bill would establish filter requirements and enforcement mechanisms for tablets and smartphones activated in the state on or after Jan. 1, 2022.
Steve Griffin, Deseret News

SALT LAKE CITY — For the second time in four months a proposal to compel makers of cellphones, tablets and computers to have porn filtering software installed and switched on for all sales in Utah wasn’t able to breach the wall of legislative approval.

The proposal is praised by supporters as an effective new tool to keep explicit internet content out of reach of children, but lambasted by opponents who believe the idea has constitutional issues and the potential for downstream business harm.

Rep. Susan Pulsipher, R-South Jordan, came prepared with some revisions to the idea that was reviewed and rejected at an October interim meeting of Utah lawmakers, but even with an added enacting clause that stipulates the new Utah law would only go into effect if adopted by five other states, still failed to make it to a vote on Wednesday.

Local and national voices testified on both sides of the arguments.

Chris McKenna, founder of internet safety advocacy group Protect Young Eyes, said he believes having new digital devices come with content filtering defaults switched on is a tool to help, but not replace, parenting duties.

“Do parents own particular responsibility for the devices they place in children’s hands?” McKenna asked lawmakers at a legislative committee hearing on Wednesday. “Absolutely. But large tech (companies) must own a larger share of the solution.”

Carl Szabo, vice president and general counsel of tech industry-supported public policy advocacy group NetChoice, said the proposal ran afoul of federal protections and that focusing on education was a better approach to keeping children safe from explicit and harmful content.

“The constitutional problems with this bill are numerous,” Szabo said in testimony before lawmakers. “(The U.S. Supreme Court decision in) Ashcroft v. ACLU says that this bill is unconstitutional.

“It’s like saying a car manufacturer could be held liable if someone drives the car to the store to buy pornography.”

While the House Public Utilities, Energy and Technology Committee adjourned before taking any action on Pulsipher’s porn filtering effort, the bill could still be brought back for further consideration later in the session.

Warrants for cloud searches

A proposal that would extend Fourth Amendment protections to personal information and documents stored in remote computer servers, commonly referred to as “the cloud,” was left to die on the vine at the end of last year’s session.

But a failure that was more about timing than lack of support — the bill earned unanimous House passage in the waning days of the 2020 legislative conclave but never made it to Senate consideration — looks likely to find a more successful outcome this time around.

HB87 establishes new definitions that stipulate what digital information can be accessed via a subpoena versus information, if sought by law enforcement, that will require a warrant.

Under the proposal, subscriber information held by a third-party provider, like a person’s name, how long they’ve had an account and other basic user data, could be accessed through the direction of a subpoena. But access to transactional data, documents, etc. would require the higher bar of a warrant.

According to an assessment performed last session by the American Civil Liberties Union of Utah, the bill “establishes that a person who transmits data to a third-party (like a cellphone provider or cloud-based server) maintains ownership of their data and is entitled to a reasonable expectation of privacy.”

HB87 earned unanimous approval from members of the House Judiciary Committee on Friday and makes its next stop before the full body of the House for further consideration.

New guards against personal privacy intrusion

A host of personal privacy concerns raised by Utah-based high-tech surveillance company Banjo, and its one-time multimillion-dollar contract with the state and numerous local law enforcement agencies, are being parlayed in efforts by elected officials to bolster protections for Utah residents.

On Tuesday, HB243 found support from lawmakers in an initial committee hearing and will advance to the Senate after passage by the full House body Friday morning. The bill is aiming to create a new panel of experts and a lead officer tasked with vetting government technology systems with the goal of blockading any tools that lead to personal privacy invasions.

Sponsored by House Majority Leader Rep. Francis Gibson, R-Mapleton, the proposal would create a permanent committee, housed within the state auditor’s office, that would include topic experts from the realms of internet technology, cybersecurity, law enforcement, data privacy law, data privacy technology and civil liberties law. The collected experts would be responsible for reviewing technology products and services for how they collect, assess and store personal data and information for state agencies as well as those of Utah municipal and county government operations.

Last spring, Utah Attorney General Sean Reyes announced the state had suspended use of the technology services of Park City-based Banjo after it was revealed company founder Damien Patton had past connections with a white supremacist group and was involved in a shooting at a Jewish synagogue in the early 1990s. The $21 million contract had also opened the door for dozens of local Utah law enforcement agencies to use Banjo’s services under existing preferred provider agreements.

But even before the revelations of Patton’s past became public, privacy watchdogs questioned the methods by which Banjo gathered information, whether the data was being appropriately scrubbed of personally identifying characteristics and the veracity of security measures in place to ensure access was limited to appropriate agencies and, even then, used only in specific and justified circumstances.

When imitation fails

Over a dozen states have adopted laws that make it a crime to impersonate someone on the internet with the intent of doing harm, intimidating or threatening them.

Rep. Karianne Lisonbee, R-Syracuse, is sponsoring HB239, a proposal that mirrors language from a Texas anti-impersonation statute that was adopted over a decade ago. Lisonbee cited statistics reflecting the widespread proliferation of fake and imposter profiles posted to websites and social media platforms and noted cases of digital harassment are on the rise.

While it wasn’t addressed in Thursday’s legislative committee hearing on the bill, proponents of similar legislation around the country have argued the rules can also help stem so-called “catfishing” scams where an individual assumes a fake or imposter identity to lure victims, sometimes via romantic overtures, into financial schemes.

HB239 found unanimous support from the House Judiciary Committee on Thursday and now proceeds to the full House body for further consideration.