The EARN IT Act is dangerous. It threatens speech on the internet and tech companies' ability to provide secure communications for their users. There may not be anything about encryption in the dry text of the bill, but the threat is there all the same. No one knows what "best practices" the law will demand from online services, but the bill's focus on child porn strongly suggests any platform that "allows" this information to be transmitted using encrypted communications will be targeted by the government.
Bill Barr and Chris Wray have made it clear encryption is the enemy. Both have advocated for encryption backdoors, even if they're both too cowardly to use that term. No one thinks the government and service providers shouldn't do all they can to prevent the sharing of child porn, but undermining encryption isn't the solution. It may shield some child porn producers and consumers from detection, but the government's efforts in this area show encryption hasn't posed much of a problem to investigators and prosecutors.
Encryption protects people who aren't criminals. As Runa Sundvik explains for TechCrunch, targeting encryption via the EARN IT Act also threatens some of the foremost beneficiaries of the First Amendment: journalists.
[T]echnology experts warn the bill not only fails to meet the challenge, it creates new problems of its own. My job is to enable journalists to do their work securely — to communicate with others, research sensitive stories and publish hard-hitting news. This bill introduces significant harm to journalists’ ability to protect their sources.
Strip communications platforms of their encryption and you make it that much easier to expose journalists' sources and snoop on their communications. This isn't an existential threat. It's an actual threat. The FBI has spied on journalists and several successive presidential administrations have made rooting out leakers a priority.
But it does more than harm journalists. It also harms the people they're trying to reach: readers. Encryption protects readers who visit news sites utilizing HTTPS. That's almost all of them at this point. This ensures their connection is shielded from people trying to snoop on their web activity. More importantly, it ensures the sites they reach are legit and the content originating from the journalists the site says it is.
If EARN IT becomes law, whistleblowers and other sources will see their secure options disappear. Tor, Signal, etc. will be considered nothing more than aiders and abettors of criminal activity. Anything secured by encryption will be treated as a virtual dead drop for criminal content.
Protecting children from exploitation is important. But the tradeoff legislators are demanding isn't actually a tradeoff. The American public will receive no net benefit from this tangential attack on encryption. Very often we're first informed about serious government misconduct by journalists. Destroying this outlet works out well for the government so often exposed as untrustworthy, but it does nothing for the governed.
