[HN Gopher] The EARN IT act is back, and it's more dangerous tha...
___________________________________________________________________
The EARN IT act is back, and it's more dangerous than ever
Author : grappler
Score : 187 points
Date : 2022-02-05 18:52 UTC (4 hours ago)
(HTM) web link (cyberlaw.stanford.edu)
(TXT) w3m dump (cyberlaw.stanford.edu)
| prepend wrote:
| I wish they would address real problems like arbitrary
| enforcement of TOS that damages users with no recourse. There's
| no regulation for what happens when Google or Facebook or
| whatever deletes or blocks an account and provides no support.
|
| Child abuse is serious, but not that common and this law will do
| little to change that. The lack of a UCC-style law for big tech
| platforms affects way more people.
|
| This seems like BS that will squelch small players that can't
| afford to comply. And consolidate more power into a few small
| firms.
| ridaj wrote:
| > There's no regulation for what happens when Google or
| Facebook or whatever deletes or blocks an account and provides
| no support.
|
| Yes there is, per the trade regulations you're entitled to a
| refund
|
| .
|
| Wait
|
| I'm only partly sarcastic. If you think you're entitled to
| anything provided as a free service then the problem starts
| there. Do I miss the days when ISPs provided email as part of
| your subscription? Then made you pay for anything over 100 Mb?
| Then held your email address hostage if you wanted to switch
| providers? Hell no. But I also don't think government should
| force anyone to provide services to me for free.
|
| Edit: downvotes without replies do not help me understand where
| this feeling of entitlement to a free service comes from;
| insight would be appreciated.
| bee_rider wrote:
| The service isn't free, you pay for it with your personal
| information. If they want to provide refunds by deleting our
| information, that seems like a fair trade.
| umbauk wrote:
| Well one could argue Google and FB services are not free.
| Those 2 companies are 2 of the most profitable, valuable
| companies in the world. If they are providing their services
| for free, how can that be? Our attention and information is
| what they profit from, and that should not be undervalued.
| They are certainly not providing these services to us out of
| the goodness of their hearts.
| c0balt wrote:
| I wholeheartedly agree with your sentiment but I don't
| think this will hold up in case of account deletions or
| bans.
|
| Let say your 'attention', using the service, is used to pay
| for 'goods', account/ access to service.
|
| How is the revenue derived fron 'attention'? By the
| attention being spent on preselected content, e.g. ads,
| that are choosen by the platform. One could argue that
| revoking access to a service from the platform side is okay
| since the attention is not being 'spent' after the removal
| or ban.
|
| It might be feasible to expect that services, like an email
| account, are not taken away abitrarly but 'just because
| it's profitable' is not a sound argument. Making yourself
| dependent on a platform is not the problem of the platform.
| fallingknife wrote:
| Squelching small players is the intent. Large institutions are
| easy to exert political control over. It's hard to exert
| political control over masses of individuals. It benefits the
| Republican party when you get your news from FOX. It benefits
| the Democratic party when you get your news from CNN. It does
| not benefit the Democratic or Republican party when any
| individual can broadcast their views to millions of willing
| listeners on a platform like Youtube. This is why you only ever
| hear about "misinformation" coming from small time players.
| When CNN/FOX et al. do it (which is constantly), they get a
| free pass. Both parties share an interest in monopolizing
| information flow to their followers, which is why they both
| support this law.
| cyberlurker wrote:
| No matter your opinion on the issue, the firearm lobby would
| probably serve as an effective model for fighting legislation
| like this on a long term basis.
| bpodgursky wrote:
| It would require people willing to be single-issue voters, the
| way many are on abortion or firearms.
|
| Would anyone here switch party votes to a candidate who sided
| their way on tech privacy -- even if they disagreed on other
| core principles like abortion, gun rights, religion in schools,
| etc?
|
| Maybe a few, but I'm not convinced many.
| KerrAvon wrote:
| The second amendment, like abortion, is a political wedge issue
| used by politicians to wield against their opponents. You're
| not going to replicate that with issues requiring more nuance
| and that cannot be used as emotional cudgels.
| jimbob45 wrote:
| Graham (R-SC)
|
| Blumenthal (D-CT)*
|
| Durbin (D-IL)
|
| Grassley (R-IA)*
|
| Feinstein (D-CA)
|
| Cornyn (R-TX)
|
| Whitehouse (D-RI)
|
| Hawley (R-MO)
|
| Hirono (D-HI)
|
| Kennedy (D-LA)*
|
| Casey (D-PA)
|
| Blackburn (R-TN)
|
| Masto (D-NV)*
|
| Collins (R-ME)
|
| Hassan (D-NH)*
|
| Ernst (R-IA)
|
| Warner (D-VA)
|
| Hyde-Smith (R-MI)
|
| Murkowski (R-AK)*
|
| Portman (R-OH)*
|
| * are up for re-election this year.
|
| Bit of a pain to find this information really - couldn't find a
| single news outlet with a list of who introduced the bill. Kinda
| seems like they don't want to be known.
| loteck wrote:
| By all means contact and organize on Senators, it's good
| practice. In my experience they are completely unresponsive to
| anything smaller than the largest and most funded groups.
| Still, making noise is only good.
|
| You may find your local house rep to be much more persuadable
| and willing to listen to your educated points of view. Getting
| their position stated publicly and on the record in either
| direction can be very meaningful.
| yareally wrote:
| > Portman (R-OH)*
|
| He's retiring this year. Candidates running for his spot in his
| party are likely to support it though
| KerrAvon wrote:
| Feinstein really needs to go. CA can do so much better.
| eikenberry wrote:
| This seems like it could have a significant upside if passed.
| That it would help promote federated and peer to peer free
| software systems with no centralized, commercial target to sue.
| Might even require some of the current giant social networks to
| pair back significantly to avoid liability.
|
| I'm not saying I want it to pass, just think the unintended
| consequences might be interesting and even beneficial in some
| ways.
| bo1024 wrote:
| Pretty sure the government won't view it that way. It'll be
| called a loophole and crushed if it gets mainstream. This is
| the country where sending an HTML GET and receiving response
| 200 can be prosecuted under the CFAA.
|
| We need a legal environment that explicitly protects encrypted
| communications, not one where they are are maybe tolerated on
| the fringe.
| eikenberry wrote:
| This is a different battle. The government has gone after
| general purpose encryption multiple times and has been beaten
| back so far. And while this would definitely be a win for
| that side of things it isn't the same battle and the Earn IT
| Act is not about encryption in general. It is about
| encryption in the context of commercial entities and their
| managed content.
| devwastaken wrote:
| Decentralized does _not_ mean lack of liability. That 's a
| marketing ploy. P2P filesharers and tor hosted sites are taken
| to court on the daily because of this one little trick called
| the IP address. Everything you send has your external IP. It
| doesn't matter that they "can't prove it was you". Courts have
| continually upheld that an IP address is grounds for either
| civil discovery or further criminal investigation. And yes, the
| court can absolutely compel you to unlock your full disk
| encrypted MacBook/Linux/bitlocker whatever.
|
| The only reason people en mass can do decentralized is
| _because_ of the availability of encryption, because VPN 's,
| because companies and software can offer encryption. This
| legislation and it's precedent would kill the decentralized
| web. It's not as if Google is going to go broke - they'd be the
| first to be approved and go on their merry way.
| eikenberry wrote:
| I said P2P, not TOR. With P2P systems you only host your own
| stuff. So if they want to take someone to court it would be
| the person with the illegal content on their system... IE.
| who you want to go after. There is no reason to have to prove
| anything. Those P2P filesharers that are taken to court are
| the ones sharing the files, not just random people on the
| network.
|
| With P2P and Federated systems (encrypted or not), the people
| hosting the content are breaking the law and are the ones you
| go after. Just like now (pre Earn-It), where they go after
| the people posting the files to the central servers and not
| the central servers themselves.
| mrandish wrote:
| While this bill is strongly opposed by the Internet Society,
| ACLU, CDT, and EFF, the critiques I've read don't get much into
| the real "why" behind this legislation continuing to be pushed so
| forcefully. The pretext is, of course, "protect the children" and
| more generally law-and-order with a bonus side-helping of "stop
| those awful social media giants." While these justifications are
| (hopefully) obvious misdirection to most, I'd like to see more
| mainstream discussion about who this bill benefits and why. The
| legislation 'coincidentally' achieves exactly the agenda proposed
| by the "surveillance state" (ie CIA, NSA, FBI, DHS, law
| enforcement lobby, state prosecutors, etc). While it doesn't
| specifically prohibit public access to encryption, it seeks to
| create nearly the same effect by making it legally risky for
| large social media and platform companies to offer end-to-end
| encryption as a default to law-abiding citizens. It's no accident
| that almost every version of the bill creates this exposure to
| essentially bottomless legal liability for platforms offering
| secure communications.
|
| Frankly, this scares the crap out of me. These people seem
| incapable of understanding the existential threat to free society
| and democracy posed by limiting _everyone 's_ ability to
| communicate private thoughts. While not explicitly outlawing
| untappable communications, it's much easier to identify _who_ is
| choosing to use end-to-end encryption when it 's not the typical
| default. This will ultimately put all of us who care about secure
| communications under default suspicion, whether our interest in
| private comms is a moral ideal, political principle or simply
| proper technical architecture and data hygiene. In today's multi-
| national environment of nation-state, criminal and privateer (NSO
| etc) threat actors, insecure communications over Internet
| infrastructure should only be seen as an ill-advised risky
| behavior or a technical bug.
| PaulDavisThe1st wrote:
| Ending Section 230, incrementally or all in one go, has been
| increasingly on the minds of politicians (mostly but not
| exclusively conservative ones) for some time now. There's a lot
| more to EARN IT than just that, but some of them will vote for
| anything that increases the liability exposure of anyone
| hosting anything online.
| judge2020 wrote:
| All section 230 does is make it so that "platforms" can
| remove posts it doesn't like without needing to assume
| liability for every other posts. Unless they think Twitter is
| going to hire a few million employees to screen every post,
| Twitter and the rest would simply turn off the platform to
| anyone who isn't verified or doesn't otherwise sign a waiver
| releasing twitter of that liability (which was possible
| before CDA, as well, but nobody wanted to introduce that sort
| of barrier to social media/forums back then).
| judge2020 wrote:
| > These people seem incapable of understanding the existential
| threat to free society and democracy posed by limiting
| everyone's ability to communicate private thoughts.
|
| Democracy only directly benefits the people, not those in
| power. The only difference between a democracy and a
| dictatorship in terms of leaders keeping key supporters happy
| (the people vs. just those that hold office and control the
| military) is that democracies tend to employ more creative
| people with society-enhancing goals, thus driving technology
| forward and maybe even extending our lifetimes (via better
| healthcare).
| kragen wrote:
| > _These people seem incapable of understanding the existential
| threat to free society and democracy posed by limiting_
| everyone's _ability to communicate private thoughts._
|
| The existential threat this bill poses to free society and
| democracy is exactly why they're supporting it. It's not some
| accidental side effect.
|
| They're opposed to the existence of free society and democracy
| because it limits government power, which means letting
| criminals and terrorists run free. They want the police to have
| all the power they can get because, as far as they're
| concerned, they're the good guys, and giving the good guys more
| power helps them win against the bad guys.
|
| Free society means limited government, and the only way for the
| government to be in favor of that is for the government to vote
| against its own interests. That requires the people in the
| government to identify more strongly with the people living
| under the government than with the government itself. This is
| precarious at the best of times. Why would the governing party
| want to make it easy to organize dissenting political parties
| and alternative centers of power? Power might fall into the
| wrong hands.
|
| I know that sounds sarcastic, but try to see it from their
| perspective, even if you don't agree with it.
| treis wrote:
| We had a free society and democracy before the internet.
| pixl97 wrote:
| There were many attempts by the same people to monitor
| phone and mail communications.
| ocdtrekkie wrote:
| > While this bill is strongly opposed by the Internet Society,
| ACLU, CDT, and EFF,
|
| It's worth noting that the companies destroying democracy that
| this bill regulates (Google, Facebook, etc.) are major donors
| to all of these organizations.
| wbsss4412 wrote:
| Seems the world isn't all black and white.
|
| It's not like those companies have "destroy democracy" as
| their mission.
| ideashower wrote:
| And Mozilla Corporation's entire business model is built on
| Google's financial support. Does that make Mozilla's (or the
| ACLU etc.) work inherently suspect or anti-democratic?
| E2EEd wrote:
| MZLA is building tbird for profit
| TameAntelope wrote:
| None of those companies are destroying democracy, that's
| needless hyperbole...
| ocdtrekkie wrote:
| I disagree. Social media has played a huge part in the
| radicalization of various groups and allowed anti-
| democratic views to spread. The companies mentioned here
| have an outsized part in that because they prioritize
| engagement at all costs, which pushes people down rabbit
| holes of increasingly extreme views.
| jjulius wrote:
| "See, we donate to these organizations, we're not _that_ bad,
| promise! "
| E2EEd wrote:
| E2EE is offered to all users, whether or not they are law-
| abiding. More precise is to say that E2EE is offered to users
| who are primarily law-abiding.
|
| Your points are well-heard, even by those in the IC. What isn't
| occurring, is a good-faith discussion on solving the issues
| faced by law enforcement and the IC related to the growing
| entropy of E2EE wielded at scale by folks, a large subset of
| whom are engaging in criminal behavior. I strongly believe that
| fighting this issue with a hard-line no compromise response
| will result in an undesirable outcome for your agenda.
|
| I am not a fan of kneecapped cybersecurity in consumer
| endpoints, which is the elephant in the room. It's a compromise
| borne of the E2EE entropy problem, intentional or not. I don't
| support unchecked recoverable encryption in any centralized
| fashion, nor do I support covert backdoors or skeleton keys.
|
| Unfortunately, too many folks defend their position from
| libertarian ideals, a position which does have a technical
| justification. It just misses the bigger picture - that most
| folks in govt are just doing their job. A compromise will seek
| to enable those doing their job correctly while preventing
| abuses with technological means.
|
| Telling the govt "too bad, you can't stop math" will backfire.
| The law can be used to force tech companies to literally stop
| doing math at scale.
| mrandish wrote:
| > What isn't occurring, is a good-faith discussion on solving
| the issues faced by law enforcement and the IC
|
| Public policy orgs like EFF etc have proposed modifications
| to limit the most disastrous elements of this proposal but to
| the extent those proposals fix or limit the 'accidental'
| limitless liability for communications platforms, they are
| met only with disingenuous cries of "think of the children."
| I think it's pretty clear the lack of "good-faith discussion"
| lies with the people who've never openly acknowledged what
| all this is _really_ about.
|
| > even by those in the IC.
|
| Hopefully the intelligence community, as opposed to the
| domestic law enforcement agencies, already understands how
| dangerous this legislation could be for U.S. national
| interests. The unintended consequences won't stop at social
| media. Platforms of all kinds will react to the liability
| exposure or merely the possibility of it. With other nations
| imposing their own in-country data requirements on trans-
| national platforms how many platforms (or their upstream
| technology providers) will maintain a separate insecure
| version for domestic tapping and a robustly secure version
| for international use? Just like our own backdoors being used
| against us, we've already seen how this kind of thing has a
| way of undermining our own security. Short-sighted
| bureaucrats are playing with fire here.
|
| > too many folks defend their position from libertarian
| ideals
|
| I don't see how this is tied to uniquely libertarian ideals.
| The 4th amendment prohibition on government search of
| citizen's "papers and property" isn't some aspirational ideal
| or partisan political viewpoint - it's always been at the
| very core of the nation. It's also been continuously endorsed
| by both liberal and conservative supreme courts for hundreds
| of years.
|
| > that most folks in govt are just doing their job.
|
| To the extent their actions violate or undermine the
| constitution, it's no longer "law enforcement". Sadly, quite
| the opposite. If the law is the 'operating system', then the
| constitution is the 'secure kernel' - the last line of
| defense against threats capable of undermining the integrity
| of the entire system. From day one in the 1700s, the
| constitution has _always_ made the job of law enforcement
| MUCH harder. That 's not a bug. It's "As Designed" and perma-
| marked by the original designers (and the maintainers in
| SCOTUS) as "Won't Fix". Hell, it goes beyond just a feature -
| limiting the power of what the government is allowed to do is
| the explicitly stated purpose of the thing.
|
| It's always been well understood, as well as taught in
| elementary school, that the unique freedoms the country was
| founded on came with a cost - and that sometimes that cost
| would be high, but... preserving these freedoms, including
| making things harder on law enforcement (and potentially
| easier on criminals), was worth the cost.
| iamstupidsimple wrote:
| > Telling the govt "too bad, you can't stop math" will
| backfire. The law can be used to force tech companies to
| literally stop doing math at scale.
|
| There is no practical scenario where those who want to use
| e2e will not have that capability. Even if technology
| companies are totally banned from producing it domestically,
| it's trivial for foreign companies to provide the e2e
| software and supply it over the internet.
| bbarnett wrote:
| Until that becomes illegal. After all, torrent indexes are
| illegal, and they aren't directly pirating anything.
|
| Thus, supporting an end around, can be attacked as well..
| bradleyjg wrote:
| Law enforcement and IC are starting with the assumption that
| they are entitled to the best access they've ever had. Yes,
| things are going dark that they had access to 20 years ago,
| but 20 years before that they didn't have access because most
| of the conversations were happening face to face. At that
| point they needed to rely on traditional boots on the ground
| police/intelligence work instead of electronic backdoors. Why
| is it impossible for them to go back to doing things that
| way?
| [deleted]
| bitL wrote:
| Maybe those people absolutely understand the implications for
| free society. What if there was a power transfer on the
| background, over many years, unnoticed, and the winning group
| now doesn't want any disruptions coming from encrypted
| communication in the future?
| SturgeonsLaw wrote:
| These assholes just keep trying and trying until they get their
| way. At least it's good to see there's some actual pushback in
| the United States. Here in Australia, this sort of legislation
| has bipartisan support, it gets rubberstamped and passed on a
| Friday evening before a public holiday with the media staying
| silent.
|
| Keep fighting against these bills, or else you'll get a
| government that happily runs roughshod over your civil liberties
| like ours.
| [deleted]
| Arubis wrote:
| Of course they do. They know the equation: we have to win every
| time; they only have to win once.
| matheusmoreira wrote:
| Yeah. Maybe there should be a law that makes it illegal to
| attempt to ban encryption.
| loteck wrote:
| The 3 Techdirt links in the article are especially helpful for
| catching up.
|
| EARN IT is another skirmish in the 30+ year old Crypto Wars. For
| those who care about defending privacy and encryption, exhaustion
| is not an option.
|
| Power-hungry governments must be viewed similarly to an APT in
| this context. They are following their very nature, and they will
| never stop inventing new approaches.
|
| There is no other option except to stay organized and always
| ready to engage.
| uejfiweun wrote:
| It seems like this Stanford page has clearly taken a side on the
| issue. Does anyone have a link to a solid unbiased discussion of
| the pros and cons of this? It's got bipartisan support, so
| clearly there are legitimate arguments in favor of these changes,
| would be interested to hear what they are.
| wbsss4412 wrote:
| Are there any issues that come up in Washington that _don't_
| have have legitimate arguments for them, regardless of the
| status of their partisan support?
|
| The "pros" are fairly straightforward, mass data collection
| makes it easier for law enforcement to do their jobs, or, at
| least, that's their opinion.
| fallingknife wrote:
| > It's got bipartisan support, so clearly there are legitimate
| arguments
|
| That doesn't follow. The worst laws passed (e.g. the Patriot
| Act) tend to have bipartisan support.
| [deleted]
| uoaei wrote:
| > It's got bipartisan support, so clearly there are legitimate
| arguments in favor of these changes
|
| I don't see how the conclusion follows from the premise.
|
| It doesn't seem appropriate to assume that politicians are
| acting in good faith dialectical fashion, based on literally
| every observation we've ever made of their actions vs their
| rhetoric.
| loteck wrote:
| Let's have no fear to face down our opponents' claims. Senators
| pushing this bill laid down their claims in a document [0], and
| everyone should put on their critical thinking caps and grapple
| with it.
|
| [0]
| https://www.documentcloud.org/documents/21194217-earn_it_act...
| uejfiweun wrote:
| Thank you, something like this is exactly what I was looking
| for. Balances out nicely with the original posted link.
| loteck wrote:
| There's likely to be strong bipartisan opponents to this
| bill in the Senate as well. Their issues are likely aligned
| with another senator's response.
|
| https://www.wyden.senate.gov/news/press-releases/wyden-on-
| re...
| kweingar wrote:
| The main concern I have is the technological/administrative
| burden put on smaller platforms, which would cause further
| consolidation of the web.
|
| What obligations this would impose on an operator of a small web
| forum?
___________________________________________________________________
(page generated 2022-02-05 23:00 UTC)