The EARN IT Act: Too Important to be a Binary Issue

The EARN IT Act

The EARN IT ACT or its proper name, Eliminating Abusive and Rampant Neglect of Interactive Technologies (or EARN IT) Act, if passed, will hold the IT industry responsible for the online exploitation of children and other criminal activity.  

The bipartisan legislation, sponsored by Senators Lindsey Graham, SC, Richard Blumenthal, CT, Josh Hawley, MO, and Dianne Feinstein, CA, creates incentives in the form of liability protection with their cooperation with the law and due diligence toward fighting exploitation. 

As Senator Lindsey Graham said in the introduction, “This bill is a major first step. For the first time, you will have to earn blanket liability protection when it comes to protecting minors. Our goal is to do this in a balanced way that doesn’t overly inhibit innovation, but forcibly deals with child exploitation.”

This legislation is admirable in its desire to eradicate child exploitation and sites that harbor these images on the internet. It could give lawmakers the green light to many other activities.

Another side of the issue has surfaced, and it’s the privacy aspect of the problem. As with all legislation, privacy rights groups fear the law will be exploited for tracking all internet activity. 

The Electronic Frontier Foundation’s (EFF) website sees it as a privacy issue as well as government interference with business practices. 

An article on the site states, “(The Bill) grants sweeping powers to the Executive Branch. It opens the door for the government to require new measures to screen users’ speech and even backdoors to read your private communications—a stated goal of one of the bill’s authors.”

More than one senator agreed with that “stated goal.” 

At a recent hearing, tech company leaders from Apple and Facebook, and others were grilled about warrant-proof data encryption. Congress concluded that these companies protect terrorists, organized crime, and child abusers from criminal investigations and the proof needed to prosecute them. 

The message sent in cold words at the hearing and forwarded to tech company managers was to “get on with it” and develop warrant- compatible encryption, or congress will take up the matter and force them to do it. 

As Senator Marsha Blackburn, TN, said at the hearing, “It is troubling to me to hear you say that giving the key to law enforcement would cause a weakness in the device that would be a bad trade-off.”

Blackburn summarized the issue, “Catching criminals is never a bad trade-off.”

The EFF article points out that the new legislation would undermine Section 230 of the 1996 Communications and Decency Act, which generally states that you say or post something illegal online, the individual is responsible and not the provider, website or platform. The new bill would hold companies, providers, and websites responsible for lawsuits, civil damages, and state criminal prosecutions.

The new law would require companies to put measures in place to identify, screen user’s posts and speech broadcasted, and to also integrate back doors to gain access for investigations.

Section 230 also gives email users protection from forwarding messages without being prosecuted. Section 230 outlines many standard business practices that have been around for several years. 

Congress is essentially saying it’s for the law to catch up with innovation. 

Privacy advocates see this as a direct shell shot into the bow at the free speech protection vessel. The concern lies in the potential misuse by government officials, especially using the law in the wrong hands or wielded by a vindictive personality. See political ax to grind. 

The other side, Senator Feinstein, points out, “Technological advances have allowed the online exploitation of children to become much, much worse over recent years.” 

Feinstein further explained, “Companies must do more to combat this growing problem on their online platforms. Our bill would allow individuals to sue tech companies that don’t take proper steps to prevent online child exploitation, and it’s an important step to protect the most vulnerable among us.”

As many as 70 groups representing survivors, families, and stakeholders such as law enforcement, as well as the National Center for Missing &, Exploited Children (NCMEC), Rights4Girls, and the National Center on Sexual Exploitation support the legislation. 

Plenty of support exists for both sides of the issue. One argument is that the legislation, if passed, will break the end to end encryption used for the CIA (Confidentiality, Integrity, and Availability) security triad. 

Additional criticism from opponents accuses the government of using horrific child exploitation internet and email activity by criminals to pass legislation to spy on the public digitally. The 2020 version of the black helicopter. 

If two parties want to solve an important issue, put aside the rhetoric and solve the problem (especially when the solution has bipartisan support), then now is the time. The EARN IT Act is not a binary issue. Not on or off. The arguments are not mutually exclusive. You can have both. The government, tech companies, and advocacy groups must meet and hash out an agreement to protect children and safeguard privacy for law-abiding individuals. 

More safeguards and child protection can be accomplished and should be supported by everyone.  

At the same time, the media-savvy public should not be wary of sending an email for fear of who is reading it in a big building in the center of Washington, DC, in a dark room with people standing behind the person, looking over both shoulders. 

References:

EARN IT Act to Encourage Tech Industry to Take Online Child Sexual Exploitation Seriously

The EARN IT Act Raises Good Questions About End-to-End Encryption

Congress Must Stop the Graham-Blumenthal Anti-Security Bill

Secure Your Work Environment Today

At Control Cloud, we work with you to build an optimal, secure, remote work environment for your business. Whether it’s private, public, or a hybrid solution – we’ve got you covered.

Get Started >

Rick Bretz

Rick Bretz

Chief content and technical writer

Rick Bretz  possesses comprehensive experience in several subjects including video editing and production, radio/TV and journalism writing, videography, radio broadcasting, IT Management, Information Security and Assurance.  He also works as a Senior Cyber Security Engineer for Vulnerability Management, Service/Infrastructure Operations and Platforms Support for the government. Mr. Bretz also is a documentation and technical writer for the Veteran Administration’s Continuous Readiness in Information Security Program.  He also served in the US Army beginning in 1979, graduating from leadership schools and from Journalism, Broadcasting, Newspaper Editing and Public Affairs Supervisor courses.  He retired from the Army with many writing and broadcasting awards to accept video production and management positions.  He holds a BS degree in Information Technology with a Specialization in Security Assurance from Capella University and has a Security + Certification from CompTIA.  Mr. Bretz also writes his own blog on topics that interest him that can be reached at  pastparallelpaths.com.