Senator Blumenthal, After Years Of Denial, Admits He's Targeting Encryption With EARN IT

from the he-just-came-out-and-said-it dept

Senator Richard Blumenthal has now admitted that EARN IT is targeting encryption, something he denied for two years, and then just out and said it.

Since the very beginning many of us have pointed out that the EARN IT Act will undermine encryption (as well as other parts of the internet). Senator Richard Blumenthal, the lead sponsor on the bill, has insisted over and over again that the bill has nothing to do with encryption. Right after the original bill came out, when people called this out, Blumenthal flat out said “this bill says nothing about encryption” and later claimed that “Big Tech is using encryption as a subterfuge to oppose this bill.”

That’s been his line ever since — insisting the bill has nothing to do with encryption. And to “show” that it wasn’t about encryption, back in 2020, he agreed to a very weak amendment from Senator Leahy that had some language about encryption, even though as we pointed out at the time, that amendment still created a problem for encryption.

The newest version of EARN IT replaced Leahy’s already weak amendment with one that is a more direct attack on encryption. But it has allowed slimy “anti-porn” groups like NCOSE to falsely claim that it has “dealt with the concerns about encryption.” Except, as we detailed, the language of the bill now makes encryption a liability for any web service, as it explicitly says that use of encryption can be used as evidence that a website does not properly deal with child sexual abuse material.

But still, through it all, Blumenthal kept lying through his teeth, insisting that the bill wasn’t targeting encryption. Until yesterday when he finally admitted it straight up to Washington Post reporter Cat Zakrzewski. In her larger story about EARN IT, I’m not sure why Zakrewski buried this point all the way down near the bottom, because this is the story. Blumenthal is asked about the encryption bit and he admits that the bill is targeting encryption:

Blumenthal said in an interview that lawmakers incorporated these concerns into revisions, which prevent the implementation of encryption from being the sole evidence of a company?s liability for child porn. But he said lawmakers wouldn?t offer a blanket exemption to using encryption as evidence arguing companies might use it as a ?get-out-of-jail-free card.?

In other words, he knows that the bill targets encryption despite two whole years of blatant denials. To go from “this bill makes no mention of encryption” to “we don’t want companies using encryption as a ‘get-out-of-jail-free card'” is an admission that this bill is absolutely about encryption. And if that’s the case, why have their been no hearings about the impact this would have on encryption and national security? Because, that seems like a key point that should be discussed, especially with Blumenthal admitting this thing that he denied for two whole years.

During today’s markup, Blumenthal also made some nonsense comments about encryption:

The treatment of encryption in this statute is the result of hours, days, of consultation involving the very wise and significant counsel from Sen. Leahy who offered the original encryption amendment and said at the time that his amendment would not protect tech companies for being held liable for doing anything that would give rise to liability today for using encryption to further illegal activity. That’s the key distinction here. Doesn’t prohibit the use of encryption, doesn’t create liability for using encryption, but the misuse of encryption to further illegal activity is what gives rise to liability here.

This is, beyond being nonsense word salad, just utterly ridiculous. No one ever said the bill “prohibited” encryption, but that it would make it a massive liability. And he’s absolutely wrong that it “doesn’t create liability for using encryption” because it literally does exactly that in saying that encryption can be used as evidence of liability.

The claim that it’s only the “misuse of encryption” shows that Senator Blumenthal (1) has no clue what he’s talking about and (2) needs to hire staffers who actually do understand this stuff, because that’s not how this works. Once you say it’s the “misuse of encryption” you’ve sunk encryption. Because now every lawsuit will just claim that any use of encryption is misuse and the end result is that you need to go through a massive litigation process to determine if your use of encryption is okay or not.

That’s the whole reason why things like Section 230 are important, because they avoid having every company have to spend over a million dollars to prove that the technical decision they made were okay and not a “misuse.” But now if they have to spent a million dollars every time someone sues them for their use of encryption, then it makes it ridiculously costly — and risky — to use encryption.

So, Blumenthal is either too stupid to understand how all of this actually works, or as he seems to have admitted to the reporter despite two years of denial, he doesn’t believe companies should be allowed to use encryption.

EARN IT is an attack on encryption, full stop. Senator Blumenthal has finally admitted that, and anyone who believes in basic privacy and security should take notice.

Oh, and as a side note, remember back in 2020 when Blumenthal flipped out at Zoom for not offering full end-to-end encryption? Under this bill, Zoom would be at risk either way. Blumenthal is threatening them if they use encryption and if they don’t. It’s almost as if Richard Blumenthal doesn’t know what he’s talking about regarding encryption.

Filed Under: , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Senator Blumenthal, After Years Of Denial, Admits He's Targeting Encryption With EARN IT”

Subscribe: RSS Leave a comment
Jojo (profile) says:

Re: Re:

Jeez, with that attitude, you’re essentially allowing Earn It to pass.

Not to say that it’s not okay to worry shitless, because it is. This was highly expected that Earn It would pass out of committee, but there is a silver lining to it. The bill was voted out of committee unanimously, but There were legit concerns raised by five senators, four Democrats and a Republican. If they are true to their word, then that means that Earn It could face a slowdown of momentum, giving more time for the opposition to strengthen. Plus Blumenthal made a fatal mistake of admitting that Earn It is an attack on encryption, which he might as well thrown in the smoking gun before a judge. His words would be used against him. This is all hypothetical, but there is room for hope.

This comment has been deemed insightful by the community.
Anonymous Coward says:

Something I feel deserves more attension

They said (Gram and Blumy) at the markup that while this bill they claim doesn’t impose a scanning mandate THE NEXT BILL THEY PROPOSE WILL BE.

They are going to propose a bill to MANDATE scanning. Shows how little they care about our rights.

Anonymous Coward says:

Re: Something I feel deserves more attension

They really, truly, think the CSAM problem is ‘simple’ to fix, but Big Tech is being obstinate out of greed and need to be threatened with bigger and bigger sticks until they finally Nerd Harder and just push that big red ‘fix it’ button they know they have.

Same with political hacking, misinformation, copyright, racism and ‘x’-ophobia, etc., etc., etc….

That One Guy (profile) says:

Re: Re: Something I feel deserves more attension

They really, truly, think the CSAM problem is ‘simple’ to fix, but Big Tech is being obstinate out of greed and need to be threatened with bigger and bigger sticks until they finally Nerd Harder and just push that big red ‘fix it’ button they know they have.

As Bluegrass Geek noted above they(the politicians) don’t actually care about CSAM and are just using it for their own ends so they simply assume that the tech platforms are the same, the difference is that tech platforms and the companies running them actually do care about cracking down on CSAM in a meaningful manner.

Garry Bass says:

Ok now what

Ok let’s say it goes through. All I hear is freight. Do we stop using the internet. Is there anyway around the EARN IT Act to keep are data private. How about VPN that are located in other countries? I remember hearing SIGNAL the message service would pull out of America if the EARN IT Act passed.

There must be apps we can use to avoid the EARN IT Act and keep are information secure should it pass. Any ideas???

That One Guy (profile) says:

Apply the same logic to anything else

‘Our law isn’t an attack on free speech, it’s only going after irresponsible speech, that being anything someone I don’t like says.’

‘We’re not trying to undermine privacy, we’re only going after those that misuse it by keeping us from being able to see everything they say and do.’

Or for one that would strike a little closer to home to half of those they’re trying to sell this lie to…

‘Our law doesn’t threaten gun ownership, we’re just going after irresponsible gun owners, any responsible gun owner will have nothing to worry about because gun ownership will only be a factor if any other charge are also brought against a person.’

Anonymous Coward says:

let’s stop this from happening and start another war, against our own people, companies and allies! this is exactly what went on in 1930s-40s Germany and look where that took the world! what right has any government got to encroach on privacy and freedomj when you’re supposed to be a modern, up-to-date nation that believes in FREEDOM??

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...