Private citizens trust large centralized platforms to store their data. Friends message each other on WhatsApp and reveal their deepest, darkest secrets. Grandma uses Facebook to share photos of her grandchildren and feels safe in the knowledge that her prized pics are only seen by the intended receiver. However, what if new legislation required that third parties, such as law enforcement, have access to all of our private conversations?
Under the guise of “preventing, reducing, and responding” to child exploitation, new legislation is being introduced to require providers like Facebook and Apple to solve the problem of encryption-while-scanning or to stop using encryption altogether. This would be a huge loss for privacy, and the folks who are backing the bill have already shown that they are against privacy.
With this bill, large social platform owners would have to develop best practices for dealing with child exploitation, and if they were found to be not adhering to these practices, they could be held criminally and financially liable. The issue? Do you know how difficult it would be to check the messages of every Facebook user to ensure that child pornography is not being shared? Very difficult… because the techniques to do it are still in R&D.
Bruce Schneier comments:
Prepare for another attack on encryption in the U.S. The EARN-IT Act purports to be about protecting children from predation, but it’s really about forcing the tech companies to break their encryption schemes:
The EARN IT Act would create a “National Commission on Online Child Sexual Exploitation Prevention” tasked with developing “best practices” for owners of Internet platforms to “prevent, reduce, and respond” to child exploitation. But far from mere recommendations, those “best practices…
Read more at Schneier on Security The EARN-IT Act