WASHINGTON D.C.  Today, Sens. Lindsey Graham (R-SC) and Richard Blumenthal (D-CT) introduced legislation that would force operators websites, messaging services and other tools for sharing images and videos to do more to combat the spread of child sexual abuse material (CSAM). The “Eliminating Abusive and Rampant Neglect of Interactive Technologies Act of 2019” — the “EARN IT Act of 2019” — would “lay[] out best practices for companies to maintain immunity from CSAM statutes and bolster[] enforcement if they choose not to comply with such practices.” Specifically, the bill requires tech companies to “earn” back their protection from civil lawsuits under Section 230 of the Communications Decency Act by complying with nominally voluntary “best practices” developed by an expert commission convened, and controlled by, the Attorney General.

This bill won’t remedy chronic under-funding of CSAM enforcement,” warned Berin Szóka, President of TechFreedom. “Despite pleas that federal prosecutors are under-resourced, Congress has spent half as much money on state and local CSAM enforcement as it allocated back in 2008, and the Attorney General has failed to exercise his existing authority to empower state and local prosecutors to enforce federal CSAM laws. Instead of increasing funding, the Trump administration actually has raided the cybercrime budget to pay for immigration enforcement. DOJ has failed to issue three of the last five biennial reports on CSAM enforcement since 2008, and the two reports it did issue failed to include crucial data, such as trade in CSAM images.”

The EARN IT Act could actually make law enforcement’s job significantly harder by ending today’s close cooperation between law enforcement and tech companies,” continued Szóka. “Child protection advocates are frustrated that current law leaves it up to companies to decide how to report CSAM to NCMEC, the clearinghouse created to intermediate between tech companies and law enforcement. But Congress consciously chose to make this system voluntary for a good reason: compelling companies to handle reports in specific ways risks converting them into ‘government actors’ for Fourth Amendment purposes. That would mean courts would have to issue a warrant before nominally private companies could ‘search’ private communications. The EARN IT Act’s Rube-Goldberg-esque structure reflects a calculated attempt to circumvent the Fourth Amendment by dressing up what will effectively be legal mandates as mere ‘best practices.’ There’s good reason to think courts will see through this sham. If they do, today’s largely effective system for policing CSAM will come crashing down overnight — and those convicted of generating, disseminating and consuming CSAM could walk free.”

Perversely, the EARN IT Act makes it easier to sue websites than people who actually create and disseminate CSAM,” explained Szóka. “Facing potentially staggering civil liability means website providers will have no choice but to comply with the Commission’s nominally voluntary ‘best practices.’”

The EARN IT Act would thus allow the Attorney General force companies to compromise the security of their products and the privacy of law-abiding users,” concluded Szóka. “For nearly three decades, U.S. law enforcement and intelligence agencies have been trying to restrict the private sector’s use of encryption. In 2011, Congress considered requiring tech companies to retain extensive logs of user activity, but abandoned the idea after a popular backlash. Courts have repeatedly blocked efforts to mandate age-verification online because it restricts anonymous speech. But the EARN IT Act would give DOJ a short-cut, presenting Congress with de facto legal mandates that lawmakers would never pass on their own. This goes far, far beyond addressing the shortcomings of today’s system of handling CSAM. It would mean giving a blank check to law enforcement to ban strong encryption, require extensive data retention, age-gate users, and much, much more.”

A letter we sent today to the Senate Judiciary Committee explains our concerns in detail.


See more of our work on free speech and Section 230 on our website, including:

  • Our post DOJ Section 230 Workshop blog posts on Techdirt: Part I, Part II, Part III
  • Our op-ed in The Washington Examiner: “Lindsey Graham’s new bill would end the internet as we know it”
  • Our op-ed in Morning Consult: “Bill Barr Declares War on the Internet as We Know It”
  • Our blogpost on techdirt breaking down the Graham’s bill language; Twitter thread on the Graham bill
  • Coalition letter by 27 civil society organizations and 53 academics a set of seven principles to guide conversation about amending Section 230 of the Communications Decency Act of 1996
  • Our statement on Sen. Hawley’s proposed legislation on regulating the Internet
  • Our op-ed “Some conservatives need a First Amendment refresher”
  • Our letter to AG Session “DOJ Inquiry re Tech Companies Bias is Misguided”
  • President Berin Szóka’s testimony before the House Judiciary Committee on the filtering practices of social media platforms
  • Our statement on the passage of SESTA
  • Our statement on the takedown of Backpage and its implications for Section 230 and recent sex trafficking legislation
  • Tech Policy Podcast #251: SESTA/FOSTA Hurts Victims It Aims to Protect