How the situation is developing around the possible introduction of restrictions on end-to-end encryption: an overview of events

[Brother]

Something went wrong​

In the spring, the author of the article talked about the proposed amendments to section 230 of the US federal communications law. They are planned to be introduced with the help of EARNITA or EARN IT Act'a - stands for "Eliminating Abusive and Rampant Neglect of Interactive Technologies Act".

In simple terms, the “act” is intended to toughen the liability of companies that own web services, social networks, media and any other Internet resources for content distributed by users and various offenses, for example, against the legitimate interests of children and their representatives.

In the first versions of the document, the focus was on the procedure for checking the filtering algorithms used on the side of the sites to identify and combat suspicious content. The requirements for such an audit were to be formulated by a special commission headed by the US Attorney General, and for its passage - the bill guaranteed companies immunity from prosecution for illegal actions of third parties. (By the way, the current edition of the 230th section of the federal law provides for such protection by default.)

By October, the commission's role in the amendments had diminished, and states had more authority to regulate content moderation “rules”. The bill was submitted to senators and congressmen for consideration, and the Internet business was temporarily left in a state of uncertainty.

At the time of the release of our first material on the topic, which triggered a discussion of more than three hundred comments, the expert community drew attention to the excessive nature of the changes and possible side effects from the adoption of the document in this form ...

In the first case, it was about the fact that the practice of detecting user offenses already exists. A significant number of sites, social networks and content platforms have introduced content moderation algorithms for a long time. In fact, they fulfill the requirements of the "original" version of EARNITA, but of course they are not ready to respond to the requests of individual states.

Concerns were raised by the prospect of a total restriction on end-to-end encryption. Plus - a request from the intelligence services of several countries to embed backdoors.
The situation around the last moment is developing in parallel with the discussion of the "act". Over the past ten years, more and more examples of such experiments at the level of individual states have appeared - in Germany they have been engaged in them since 2011.

From posts to chats​

Banning end-to-end encryption has been discussed for years. But some countries - like Australia - are proactive. There business two years ago were obliged to provide the keys to the special services.

In turn, in the UK, the topic has been promoted since 2017, and last year, the local Government Communications Center (GCHQ) even suggested introducing “invisible interlocutors into suspicious” chats and calls. The initiative was followed by a sharp reaction from IT companies, but the UK only increased the pressure and recently used international leverage in the form of the so-called "Five Eyes" alliance, which includes the same Australia, Canada, New Zealand and the United States.

The Allies signed a joint end-to-end encryption communiqué with India and Japan, both of which reaffirmed their commitment to become full members of the alliance as soon as possible. Interestingly, the press paid the most attention to the possible consequences for Facebook and Apple, but did not emphasize the fact that in the future, regulation will apply to absolutely all Internet companies.

What's next​

The joint statement of the "Five Eyes" has no legislative status, so the IT sector and the public can simply ignore it. On the other hand, this year there were many exposing publications of NSA surveillance programs, but did anyone draw conclusions based on them regarding the prospects for adopting something like the EARN IT Act, which implies mass filtering (and responsibility) of content, but already on the side of companies - time will tell.