An absurdly named bill is set to form the latest attempt to create legislation requiring tech giants to provide a backdoor to encryption.
The Eliminating Abuse and Rampant Neglect of Interactive Technologies Act of 2019 (EARN IT Act) is co-sponsored by Lindsey Graham (R-SC), chairman of the Senate Judiciary Committee, and Senator Richard Blumenthal (D-CT)…
The acronym is intended to suggest that tech companies should be required to “earn” the right to Section 230 protections, which mean that companies proving communication platforms can’t be held legally liable for things posted by users.
Reuters reports that the bill seeks to impose conditions on this protection, and that providing a backdoor to encryption is believed to be one of them.
The bill threatens this key immunity unless companies comply with a set of ‘best practices,’ which will be determined by a 15-member commission led by the Attorney General […]
The sources said the US tech industry fears these ‘best practices’ will be used to condemn end-to-end encryption — a technology for privacy and security that scrambles messages so that they can be deciphered only by the sender and intended recipient. Federal law enforcement agencies have complained that such encryption hinders their investigations.
Online platforms are exempted from letting law enforcement access their encrypted networks. The proposed legislation provides a workaround to bypass that, the sources said.
Graham (pictured above) has previously criticized Apple for using strong encryption in iPhones, and suggested that the company either needs to voluntarily provide a backdoor or have one forced on it by law.
Committee chairman Senator Lindsey Graham (R-SC) warned the representatives of the tech companies, ‘You’re gonna find a way to do this or we’re going to do it for you.’
Graham didn’t appear to understand the contradictory stance he was taking, saying on the one hand that he appreciated that ‘people cannot hack into my phone’ while at the same time asking Apple to create a vulnerability that would inevitably be discovered by others and used to do just that.
Apple has persistently come under government pressure to compromise the privacy of iPhone owners, the San Bernardino, California, case being the highest-profile example, followed by the more recent Pensacola, Florida, shooting. We’ve previously outlined the arguments for Apple’s stance, both before and after the San Bernardino shooting.
Currently, the company appears to have opted for a compromise: Refusing to do anything to weaken iPhones, but deliberately using a weaker encryption method for iCloud backups. Apple doesn’t use end-to-end encryption for these, meaning it holds a key and is able to provide a copy of most data stored on an iPhone when served with a court order to do so.
FTC: We use income earning auto affiliate links. More.