A prominent privacy organization, the Electronic Frontier Foundation, has issued a warning that a new congressional plan called the EARN IT Act would open the door for corporations to spy on everything online.
That’s “texts, DMs, messages, websites, cloud photos” and more.
The organization said the lawmakers pushing the plan include Sen. Richard Blumenthal D-Conn., and Sen. Lindsey Graham, R-S.C.
The privacy group said the plan “would pave the way for a massive new surveillance system, run by private companies, that would roll back some of the most important privacy and security features in technology used by people around the globe. It’s a framework for private actors to scan every message sent online and report violations to law enforcement.”
The organization said the bill would let each state create new internet rules – and it would remove from websites protections from liability they now enjoy under Section 230.
“The states will be allowed to pass whatever type of law they want to hold private companies liable, as long as they somehow relate their new rules to online child abuse,” the organization said.
Targeted would be certain encryption practices, and the plan describes how Amazon does not do enough scanning of its content.
“Since Amazon is the home of Amazon Web Services, host of a huge number of websites, that implies the bill’s aim is to ensure that anything hosted online gets scanned,” the report said.
It also sets up a federal commission to outline “best practices” for addressing the surging cases of online child abuse, the EFF said.
“Regardless of whether state legislatures take their lead from that commission, or from the bill’s sponsors themselves, we know where the road will end. Online service providers, even the smallest ones, will be compelled to scan user content, with government-approved software like PhotoDNA. If EARN IT supporters succeed in getting large platforms like Cloudflare and Amazon Web Services to scan, they might not even need to compel smaller websites—the government will already have access to the user data, through the platform,” the report said.
“Senators supporting the EARN IT Act say they need new tools to prosecute cases over child sexual abuse material, or CSAM. But the methods proposed by EARN IT take aim at the security and privacy of everything hosted on the internet,” the privacy group said.
“Possessing, viewing, or distributing CSAM is already written into law as an extremely serious crime, with a broad framework of existing laws seeking to eradicate it. Online service providers that have actual knowledge of an apparent or imminent violation of current laws around CSAM are required to make a report to the National Center for Missing and Exploited Children (NCMEC), a government entity which forwards reports to law enforcement agencies.”
EFF said Section 230 already does not provide protection from prosecutions for those offenses.
The organization explains its opposition, with, “It targets every individual internet user, treating us all as potential criminals who deserve to have every single message, photograph, and document scanned and checked against a government database. Since direct government surveillance would be blatantly unconstitutional and provoke public outrage, EARN IT uses tech companies—from the largest ones to the very smallest ones—as its tools.”