In recent times, the US Senate Judiciary Committee had proposed an EARN IT bill, which was launched with the intention to combat online child exploitation. While the intention of the bill is appreciable, the procedures enlisted in it are turning out to be a major deal-breaker for end-to-end encryption messaging platforms such as Signal.
The bill gives law enforcement authorities to undermine end-to-end encryption and go through user chats to weed out potential child exploitation and would mean an end to legal private communication being provided widely-used by apps.
The repercussions of preventing apps from providing end-to-end encryption are far from pleasant for messaging companies and human civil liberties.
“At a time when more people than ever are benefitting from these (encryption) protections, the EARN IT bill proposed by the Senate Judiciary Committee threatens to put them at risk,” wrote Joshua Lund, Signal developer.
Lund argues that breaking end-to-end encryption could eventually make companies liable for all the content that is posted on their platforms. Once that happens, these platforms will have to pay hefty fines. Lund speculates that as once companies let go of the end-to-end encryption protection, they may potentially lose legal immunity granted to them under section 230 of the Communications Decency Act.
“Broadly speaking, Section 230 of the Communications Decency Act protects online platforms in the United States from legal liability for the behavior of their users. In the absence of this protection, many of the apps and services that are critical to the way the internet functions today may have never been created in the first place – or they couldn't have been created in America.
The EARN IT act turns Section 230 protection into a hypocritical bargaining chip. At a high level, what the bill proposes is a system where companies have to earn Section 230 protection by following a set of designed-by-committee “best practices” that are extraordinarily unlikely to allow end-to-end encryption. Anyone who doesn't comply with these recommendations will lose their Section 230 protection.”
While mega-corporations such as Facebook, offering end-to-end encryption services such as WhatsApp, can face any legal battles and shell out a fortune in fines, small platforms such as Signal aren't in a position to do so.
“Some large tech behemoths could hypothetically shoulder the enormous financial burden of handling hundreds of new lawsuits if they suddenly became responsible for the random things their users say, but it would not be possible for a small nonprofit like Signal to continue to operate within the United States. Tech companies and organizations may be forced to relocate, and new startups may choose to begin in other countries instead.”
Signal says that the US giving a green light to the EARN IT bill can end up resulting in many end-to-end encryption platforms pulling out of the country.
Highlighting the fact that revoking end-to-end encryption may not be the only solution, here's what Lund said: “If easy-to-use software like Signal somehow became inaccessible, the security of millions of Americans (including elected officials and members of the armed forces) would be negatively affected. Meanwhile, criminals would just continue to use widely available (but less convenient) software to jump through hoops and keep having encrypted conversations.”