[HN Gopher] The EARN IT act is back, and it's more dangerous tha... ___________________________________________________________________ The EARN IT act is back, and it's more dangerous than ever Author : grappler Score : 187 points Date : 2022-02-05 18:52 UTC (4 hours ago) (HTM) web link (cyberlaw.stanford.edu) (TXT) w3m dump (cyberlaw.stanford.edu) | prepend wrote: | I wish they would address real problems like arbitrary | enforcement of TOS that damages users with no recourse. There's | no regulation for what happens when Google or Facebook or | whatever deletes or blocks an account and provides no support. | | Child abuse is serious, but not that common and this law will do | little to change that. The lack of a UCC-style law for big tech | platforms affects way more people. | | This seems like BS that will squelch small players that can't | afford to comply. And consolidate more power into a few small | firms. | ridaj wrote: | > There's no regulation for what happens when Google or | Facebook or whatever deletes or blocks an account and provides | no support. | | Yes there is, per the trade regulations you're entitled to a | refund | | . | | Wait | | I'm only partly sarcastic. If you think you're entitled to | anything provided as a free service then the problem starts | there. Do I miss the days when ISPs provided email as part of | your subscription? Then made you pay for anything over 100 Mb? | Then held your email address hostage if you wanted to switch | providers? Hell no. But I also don't think government should | force anyone to provide services to me for free. | | Edit: downvotes without replies do not help me understand where | this feeling of entitlement to a free service comes from; | insight would be appreciated. | bee_rider wrote: | The service isn't free, you pay for it with your personal | information. If they want to provide refunds by deleting our | information, that seems like a fair trade. | umbauk wrote: | Well one could argue Google and FB services are not free. | Those 2 companies are 2 of the most profitable, valuable | companies in the world. If they are providing their services | for free, how can that be? Our attention and information is | what they profit from, and that should not be undervalued. | They are certainly not providing these services to us out of | the goodness of their hearts. | c0balt wrote: | I wholeheartedly agree with your sentiment but I don't | think this will hold up in case of account deletions or | bans. | | Let say your 'attention', using the service, is used to pay | for 'goods', account/ access to service. | | How is the revenue derived fron 'attention'? By the | attention being spent on preselected content, e.g. ads, | that are choosen by the platform. One could argue that | revoking access to a service from the platform side is okay | since the attention is not being 'spent' after the removal | or ban. | | It might be feasible to expect that services, like an email | account, are not taken away abitrarly but 'just because | it's profitable' is not a sound argument. Making yourself | dependent on a platform is not the problem of the platform. | fallingknife wrote: | Squelching small players is the intent. Large institutions are | easy to exert political control over. It's hard to exert | political control over masses of individuals. It benefits the | Republican party when you get your news from FOX. It benefits | the Democratic party when you get your news from CNN. It does | not benefit the Democratic or Republican party when any | individual can broadcast their views to millions of willing | listeners on a platform like Youtube. This is why you only ever | hear about "misinformation" coming from small time players. | When CNN/FOX et al. do it (which is constantly), they get a | free pass. Both parties share an interest in monopolizing | information flow to their followers, which is why they both | support this law. | cyberlurker wrote: | No matter your opinion on the issue, the firearm lobby would | probably serve as an effective model for fighting legislation | like this on a long term basis. | bpodgursky wrote: | It would require people willing to be single-issue voters, the | way many are on abortion or firearms. | | Would anyone here switch party votes to a candidate who sided | their way on tech privacy -- even if they disagreed on other | core principles like abortion, gun rights, religion in schools, | etc? | | Maybe a few, but I'm not convinced many. | KerrAvon wrote: | The second amendment, like abortion, is a political wedge issue | used by politicians to wield against their opponents. You're | not going to replicate that with issues requiring more nuance | and that cannot be used as emotional cudgels. | jimbob45 wrote: | Graham (R-SC) | | Blumenthal (D-CT)* | | Durbin (D-IL) | | Grassley (R-IA)* | | Feinstein (D-CA) | | Cornyn (R-TX) | | Whitehouse (D-RI) | | Hawley (R-MO) | | Hirono (D-HI) | | Kennedy (D-LA)* | | Casey (D-PA) | | Blackburn (R-TN) | | Masto (D-NV)* | | Collins (R-ME) | | Hassan (D-NH)* | | Ernst (R-IA) | | Warner (D-VA) | | Hyde-Smith (R-MI) | | Murkowski (R-AK)* | | Portman (R-OH)* | | * are up for re-election this year. | | Bit of a pain to find this information really - couldn't find a | single news outlet with a list of who introduced the bill. Kinda | seems like they don't want to be known. | loteck wrote: | By all means contact and organize on Senators, it's good | practice. In my experience they are completely unresponsive to | anything smaller than the largest and most funded groups. | Still, making noise is only good. | | You may find your local house rep to be much more persuadable | and willing to listen to your educated points of view. Getting | their position stated publicly and on the record in either | direction can be very meaningful. | yareally wrote: | > Portman (R-OH)* | | He's retiring this year. Candidates running for his spot in his | party are likely to support it though | KerrAvon wrote: | Feinstein really needs to go. CA can do so much better. | eikenberry wrote: | This seems like it could have a significant upside if passed. | That it would help promote federated and peer to peer free | software systems with no centralized, commercial target to sue. | Might even require some of the current giant social networks to | pair back significantly to avoid liability. | | I'm not saying I want it to pass, just think the unintended | consequences might be interesting and even beneficial in some | ways. | bo1024 wrote: | Pretty sure the government won't view it that way. It'll be | called a loophole and crushed if it gets mainstream. This is | the country where sending an HTML GET and receiving response | 200 can be prosecuted under the CFAA. | | We need a legal environment that explicitly protects encrypted | communications, not one where they are are maybe tolerated on | the fringe. | eikenberry wrote: | This is a different battle. The government has gone after | general purpose encryption multiple times and has been beaten | back so far. And while this would definitely be a win for | that side of things it isn't the same battle and the Earn IT | Act is not about encryption in general. It is about | encryption in the context of commercial entities and their | managed content. | devwastaken wrote: | Decentralized does _not_ mean lack of liability. That 's a | marketing ploy. P2P filesharers and tor hosted sites are taken | to court on the daily because of this one little trick called | the IP address. Everything you send has your external IP. It | doesn't matter that they "can't prove it was you". Courts have | continually upheld that an IP address is grounds for either | civil discovery or further criminal investigation. And yes, the | court can absolutely compel you to unlock your full disk | encrypted MacBook/Linux/bitlocker whatever. | | The only reason people en mass can do decentralized is | _because_ of the availability of encryption, because VPN 's, | because companies and software can offer encryption. This | legislation and it's precedent would kill the decentralized | web. It's not as if Google is going to go broke - they'd be the | first to be approved and go on their merry way. | eikenberry wrote: | I said P2P, not TOR. With P2P systems you only host your own | stuff. So if they want to take someone to court it would be | the person with the illegal content on their system... IE. | who you want to go after. There is no reason to have to prove | anything. Those P2P filesharers that are taken to court are | the ones sharing the files, not just random people on the | network. | | With P2P and Federated systems (encrypted or not), the people | hosting the content are breaking the law and are the ones you | go after. Just like now (pre Earn-It), where they go after | the people posting the files to the central servers and not | the central servers themselves. | mrandish wrote: | While this bill is strongly opposed by the Internet Society, | ACLU, CDT, and EFF, the critiques I've read don't get much into | the real "why" behind this legislation continuing to be pushed so | forcefully. The pretext is, of course, "protect the children" and | more generally law-and-order with a bonus side-helping of "stop | those awful social media giants." While these justifications are | (hopefully) obvious misdirection to most, I'd like to see more | mainstream discussion about who this bill benefits and why. The | legislation 'coincidentally' achieves exactly the agenda proposed | by the "surveillance state" (ie CIA, NSA, FBI, DHS, law | enforcement lobby, state prosecutors, etc). While it doesn't | specifically prohibit public access to encryption, it seeks to | create nearly the same effect by making it legally risky for | large social media and platform companies to offer end-to-end | encryption as a default to law-abiding citizens. It's no accident | that almost every version of the bill creates this exposure to | essentially bottomless legal liability for platforms offering | secure communications. | | Frankly, this scares the crap out of me. These people seem | incapable of understanding the existential threat to free society | and democracy posed by limiting _everyone 's_ ability to | communicate private thoughts. While not explicitly outlawing | untappable communications, it's much easier to identify _who_ is | choosing to use end-to-end encryption when it 's not the typical | default. This will ultimately put all of us who care about secure | communications under default suspicion, whether our interest in | private comms is a moral ideal, political principle or simply | proper technical architecture and data hygiene. In today's multi- | national environment of nation-state, criminal and privateer (NSO | etc) threat actors, insecure communications over Internet | infrastructure should only be seen as an ill-advised risky | behavior or a technical bug. | PaulDavisThe1st wrote: | Ending Section 230, incrementally or all in one go, has been | increasingly on the minds of politicians (mostly but not | exclusively conservative ones) for some time now. There's a lot | more to EARN IT than just that, but some of them will vote for | anything that increases the liability exposure of anyone | hosting anything online. | judge2020 wrote: | All section 230 does is make it so that "platforms" can | remove posts it doesn't like without needing to assume | liability for every other posts. Unless they think Twitter is | going to hire a few million employees to screen every post, | Twitter and the rest would simply turn off the platform to | anyone who isn't verified or doesn't otherwise sign a waiver | releasing twitter of that liability (which was possible | before CDA, as well, but nobody wanted to introduce that sort | of barrier to social media/forums back then). | judge2020 wrote: | > These people seem incapable of understanding the existential | threat to free society and democracy posed by limiting | everyone's ability to communicate private thoughts. | | Democracy only directly benefits the people, not those in | power. The only difference between a democracy and a | dictatorship in terms of leaders keeping key supporters happy | (the people vs. just those that hold office and control the | military) is that democracies tend to employ more creative | people with society-enhancing goals, thus driving technology | forward and maybe even extending our lifetimes (via better | healthcare). | kragen wrote: | > _These people seem incapable of understanding the existential | threat to free society and democracy posed by limiting_ | everyone's _ability to communicate private thoughts._ | | The existential threat this bill poses to free society and | democracy is exactly why they're supporting it. It's not some | accidental side effect. | | They're opposed to the existence of free society and democracy | because it limits government power, which means letting | criminals and terrorists run free. They want the police to have | all the power they can get because, as far as they're | concerned, they're the good guys, and giving the good guys more | power helps them win against the bad guys. | | Free society means limited government, and the only way for the | government to be in favor of that is for the government to vote | against its own interests. That requires the people in the | government to identify more strongly with the people living | under the government than with the government itself. This is | precarious at the best of times. Why would the governing party | want to make it easy to organize dissenting political parties | and alternative centers of power? Power might fall into the | wrong hands. | | I know that sounds sarcastic, but try to see it from their | perspective, even if you don't agree with it. | treis wrote: | We had a free society and democracy before the internet. | pixl97 wrote: | There were many attempts by the same people to monitor | phone and mail communications. | ocdtrekkie wrote: | > While this bill is strongly opposed by the Internet Society, | ACLU, CDT, and EFF, | | It's worth noting that the companies destroying democracy that | this bill regulates (Google, Facebook, etc.) are major donors | to all of these organizations. | wbsss4412 wrote: | Seems the world isn't all black and white. | | It's not like those companies have "destroy democracy" as | their mission. | ideashower wrote: | And Mozilla Corporation's entire business model is built on | Google's financial support. Does that make Mozilla's (or the | ACLU etc.) work inherently suspect or anti-democratic? | E2EEd wrote: | MZLA is building tbird for profit | TameAntelope wrote: | None of those companies are destroying democracy, that's | needless hyperbole... | ocdtrekkie wrote: | I disagree. Social media has played a huge part in the | radicalization of various groups and allowed anti- | democratic views to spread. The companies mentioned here | have an outsized part in that because they prioritize | engagement at all costs, which pushes people down rabbit | holes of increasingly extreme views. | jjulius wrote: | "See, we donate to these organizations, we're not _that_ bad, | promise! " | E2EEd wrote: | E2EE is offered to all users, whether or not they are law- | abiding. More precise is to say that E2EE is offered to users | who are primarily law-abiding. | | Your points are well-heard, even by those in the IC. What isn't | occurring, is a good-faith discussion on solving the issues | faced by law enforcement and the IC related to the growing | entropy of E2EE wielded at scale by folks, a large subset of | whom are engaging in criminal behavior. I strongly believe that | fighting this issue with a hard-line no compromise response | will result in an undesirable outcome for your agenda. | | I am not a fan of kneecapped cybersecurity in consumer | endpoints, which is the elephant in the room. It's a compromise | borne of the E2EE entropy problem, intentional or not. I don't | support unchecked recoverable encryption in any centralized | fashion, nor do I support covert backdoors or skeleton keys. | | Unfortunately, too many folks defend their position from | libertarian ideals, a position which does have a technical | justification. It just misses the bigger picture - that most | folks in govt are just doing their job. A compromise will seek | to enable those doing their job correctly while preventing | abuses with technological means. | | Telling the govt "too bad, you can't stop math" will backfire. | The law can be used to force tech companies to literally stop | doing math at scale. | mrandish wrote: | > What isn't occurring, is a good-faith discussion on solving | the issues faced by law enforcement and the IC | | Public policy orgs like EFF etc have proposed modifications | to limit the most disastrous elements of this proposal but to | the extent those proposals fix or limit the 'accidental' | limitless liability for communications platforms, they are | met only with disingenuous cries of "think of the children." | I think it's pretty clear the lack of "good-faith discussion" | lies with the people who've never openly acknowledged what | all this is _really_ about. | | > even by those in the IC. | | Hopefully the intelligence community, as opposed to the | domestic law enforcement agencies, already understands how | dangerous this legislation could be for U.S. national | interests. The unintended consequences won't stop at social | media. Platforms of all kinds will react to the liability | exposure or merely the possibility of it. With other nations | imposing their own in-country data requirements on trans- | national platforms how many platforms (or their upstream | technology providers) will maintain a separate insecure | version for domestic tapping and a robustly secure version | for international use? Just like our own backdoors being used | against us, we've already seen how this kind of thing has a | way of undermining our own security. Short-sighted | bureaucrats are playing with fire here. | | > too many folks defend their position from libertarian | ideals | | I don't see how this is tied to uniquely libertarian ideals. | The 4th amendment prohibition on government search of | citizen's "papers and property" isn't some aspirational ideal | or partisan political viewpoint - it's always been at the | very core of the nation. It's also been continuously endorsed | by both liberal and conservative supreme courts for hundreds | of years. | | > that most folks in govt are just doing their job. | | To the extent their actions violate or undermine the | constitution, it's no longer "law enforcement". Sadly, quite | the opposite. If the law is the 'operating system', then the | constitution is the 'secure kernel' - the last line of | defense against threats capable of undermining the integrity | of the entire system. From day one in the 1700s, the | constitution has _always_ made the job of law enforcement | MUCH harder. That 's not a bug. It's "As Designed" and perma- | marked by the original designers (and the maintainers in | SCOTUS) as "Won't Fix". Hell, it goes beyond just a feature - | limiting the power of what the government is allowed to do is | the explicitly stated purpose of the thing. | | It's always been well understood, as well as taught in | elementary school, that the unique freedoms the country was | founded on came with a cost - and that sometimes that cost | would be high, but... preserving these freedoms, including | making things harder on law enforcement (and potentially | easier on criminals), was worth the cost. | iamstupidsimple wrote: | > Telling the govt "too bad, you can't stop math" will | backfire. The law can be used to force tech companies to | literally stop doing math at scale. | | There is no practical scenario where those who want to use | e2e will not have that capability. Even if technology | companies are totally banned from producing it domestically, | it's trivial for foreign companies to provide the e2e | software and supply it over the internet. | bbarnett wrote: | Until that becomes illegal. After all, torrent indexes are | illegal, and they aren't directly pirating anything. | | Thus, supporting an end around, can be attacked as well.. | bradleyjg wrote: | Law enforcement and IC are starting with the assumption that | they are entitled to the best access they've ever had. Yes, | things are going dark that they had access to 20 years ago, | but 20 years before that they didn't have access because most | of the conversations were happening face to face. At that | point they needed to rely on traditional boots on the ground | police/intelligence work instead of electronic backdoors. Why | is it impossible for them to go back to doing things that | way? | [deleted] | bitL wrote: | Maybe those people absolutely understand the implications for | free society. What if there was a power transfer on the | background, over many years, unnoticed, and the winning group | now doesn't want any disruptions coming from encrypted | communication in the future? | SturgeonsLaw wrote: | These assholes just keep trying and trying until they get their | way. At least it's good to see there's some actual pushback in | the United States. Here in Australia, this sort of legislation | has bipartisan support, it gets rubberstamped and passed on a | Friday evening before a public holiday with the media staying | silent. | | Keep fighting against these bills, or else you'll get a | government that happily runs roughshod over your civil liberties | like ours. | [deleted] | Arubis wrote: | Of course they do. They know the equation: we have to win every | time; they only have to win once. | matheusmoreira wrote: | Yeah. Maybe there should be a law that makes it illegal to | attempt to ban encryption. | loteck wrote: | The 3 Techdirt links in the article are especially helpful for | catching up. | | EARN IT is another skirmish in the 30+ year old Crypto Wars. For | those who care about defending privacy and encryption, exhaustion | is not an option. | | Power-hungry governments must be viewed similarly to an APT in | this context. They are following their very nature, and they will | never stop inventing new approaches. | | There is no other option except to stay organized and always | ready to engage. | uejfiweun wrote: | It seems like this Stanford page has clearly taken a side on the | issue. Does anyone have a link to a solid unbiased discussion of | the pros and cons of this? It's got bipartisan support, so | clearly there are legitimate arguments in favor of these changes, | would be interested to hear what they are. | wbsss4412 wrote: | Are there any issues that come up in Washington that _don't_ | have have legitimate arguments for them, regardless of the | status of their partisan support? | | The "pros" are fairly straightforward, mass data collection | makes it easier for law enforcement to do their jobs, or, at | least, that's their opinion. | fallingknife wrote: | > It's got bipartisan support, so clearly there are legitimate | arguments | | That doesn't follow. The worst laws passed (e.g. the Patriot | Act) tend to have bipartisan support. | [deleted] | uoaei wrote: | > It's got bipartisan support, so clearly there are legitimate | arguments in favor of these changes | | I don't see how the conclusion follows from the premise. | | It doesn't seem appropriate to assume that politicians are | acting in good faith dialectical fashion, based on literally | every observation we've ever made of their actions vs their | rhetoric. | loteck wrote: | Let's have no fear to face down our opponents' claims. Senators | pushing this bill laid down their claims in a document [0], and | everyone should put on their critical thinking caps and grapple | with it. | | [0] | https://www.documentcloud.org/documents/21194217-earn_it_act... | uejfiweun wrote: | Thank you, something like this is exactly what I was looking | for. Balances out nicely with the original posted link. | loteck wrote: | There's likely to be strong bipartisan opponents to this | bill in the Senate as well. Their issues are likely aligned | with another senator's response. | | https://www.wyden.senate.gov/news/press-releases/wyden-on- | re... | kweingar wrote: | The main concern I have is the technological/administrative | burden put on smaller platforms, which would cause further | consolidation of the web. | | What obligations this would impose on an operator of a small web | forum? ___________________________________________________________________ (page generated 2022-02-05 23:00 UTC)