US threatens to pull big tech’s immunities if child abuse isn’t curbed

The Department of Justice is proposing a set of voluntary principles that take aim at tech giants in an effort to combat online sexual abuse.

The principles are part of a fresh effort by the government to hold the tech companies accountable for the harm and abuse that happens on their platforms, amid the past two years of brewing hostilities between the government and Silicon Valley. But critics also see it as a renewed push to compel tech companies to weaken or undo their “warrant-proof” encryption efforts under the guise of preventing crime and terrorism.

U.S. Attorney General William Barr announced the proposals at the Justice Department on Thursday with international partners from the U.K., Canada, Australia and New Zealand.

The principles, built by the five countries and tech leaders — including Facebook, Google, Microsoft and Twitter — aim to incentivize internet companies and social media giants to do more to prevent child sexual abuse on their platforms.

Barr said he hopes that the principles “set new norms” across the tech industry to “make sure there’s no safe space on the internet for offenders to operate.”

The principles come ahead of anticipated bipartisan legislation to Congress — the so-called EARN IT Act, which reports say could effectively force the tech companies’ hands by threatening to pull their legal immunities for what their users post if the companies fail to aggressively clamp down on online child sexual abuse.

Sens. Lindsey Graham (R-SC) and Richard Blumenthal (D-CT) announced the legislation shortly after the Justice Department presser ended.

The bill got quick rebuke from Senate colleague, Ron Wyden (D-OR), calling the bill “deeply flawed and counterproductive bill.”

“This bill is a transparent and deeply cynical effort by a few well-connected corporations and the Trump administration to use child sexual abuse to their political advantage, the impact to free speech and the security and privacy of every single American be damned,” said Wyden.

Justice takes aim at big tech’s immunities

Barr warned that the government is “analyzing the impact” of Section 230 of the Communications Decency Act, which protects tech platforms from legal liability for content created by their users.

Under Barr, the Justice Department has taken a particular interest in dismantling Section 230. Last month, the Justice Department hosted a “workshop” on Section 230, arguing that the immunity it provides interferes with law enforcement and needs to be reexamined.

“We must also recognize the benefits that Section 230 and technology have brought to our society, and ensure that the proposed cure is not worse than the disease,” Barr said last month.

Any change to Section 230, widely regarded as the legal underpinning of all online platforms, could radically alter the landscape of the modern internet and give the government more power to control online speech. Privacy advocates view the government’s interest in wielding Section 230 as a cudgel and existential threat to the internet as we know it.

Last month, Wyden, one of Section 230’s co-authors, condemned the Trump administration’s scrutiny of the law and argued that repealing the law would not be a successful punishment for large tech companies. “… The biggest tech companies have enough lawyers and lobbyists to survive virtually any regulation Congress can concoct,” Wyden wrote. “It’s the start-ups seeking to displace Big Tech that would be hammered by the constant threat of lawsuits.”

Encryption enters the limelight

U.K. Security Minister James Brokenshire lauded the initiative’s existing six tech partners, encouraging the rest of the industry to fall in line. “It’s critical that others follow them by endorsing and acting on these principles.” The minister claimed that plans to encrypt tech platforms are “sending predators back into the darkness” and away from “artificial intelligence advances that can expose them.”

Barr also questioned if “disappearing messages or certain encryption tools appropriately balance the value of privacy against the risk of safe havens for exploitation?”

But privacy groups remain wary of legislative action, fearing that any law could ultimately force the companies to weaken or break encryption, which government officials have for years claimed helps criminals and sexual predators evade prosecution.

End-to-end encryption has become largely the norm in the past few years since the Edward Snowden revelations into the vast surveillance efforts by the U.S. and its Five Eyes partners.

Apple, Google and Facebook have made encryption standard in its products and services, a frequent frustration for investigators and prosecutors.

But last year, the Five Eyes said it would contemplate forcing the matter of encryption if tech giants wouldn’t acquiesce to the pact’s demands.

The government has called for “responsible encryption,” a backdoor-like system that allows governments to access encrypted communications and devices with a key that only it possesses. But security experts have universally panned the idea, arguing that there is no way to create a “secure backdoor” without it somehow being vulnerable to hackers.

The bill has already received heavy opposition. Facebook said that child safety is a “top priority,” but warned that the EARN IT Act would “roll back encryption, which protects everyone’s safety from hackers and criminals.”

It’s a similar anti-encryption bill to one that Sens. Dianne Feinstein (D-CA) and Richard Burr (R-NC) introduced in 2016, which would have forced tech companies to build backdoors in its systems. The bill failed.

The Electronic Frontier Foundation said the bill would “undermine the law that undergirds free speech on the internet.” Firefox browser maker Mozilla said the bill “creates problems rather than offering a solution.”

“The law enforcement community has made it clear this law is another attempt to weaken the encryption that is the bedrock of digital security,” said Heather West, Mozilla’s head of Americas policy. “Encryption ensures our information — from our sensitive financial and medical details to emails and text messages — is protected.”

“Without it, the world is a far more dangerous place,” said West.