Politics

With the EARN IT Act, big tech is boxed into a corner again

At Wednesday's hearing in Washington, the big question is: Has big tech learned from the mistakes it made arguing against FOSTA/SESTA?

Long exposure picture of the Capitol building

The EARN IT Act is a bipartisan bill that would force online companies to adhere to a set of best practices, drafted by a newly formed national commission, in order to crack down on online child sexual abuse material.

Photo: Claire Gentile via Getty Images

On Wednesday, a woman named Nicole testified to the Senate Judiciary Committee about how her child's biological father produced sexually abusive photos of their 5-year-old and shared them on the internet. Hands tightly clasped in front of her, she recounted how her child has been revictimized over the years as the images circulate, even now that the perpetrator of these crimes is behind bars.

"I have been told that, at one point, these images were the most highly traded in the world," said Nicole, who was granted anonymity by the committee.


Get what matters in tech, in your inbox every morning. Sign up for Source Code.


Nicole called on Congress to pass the EARN IT Act, a bipartisan bill that would force online companies to adhere to a set of best practices, drafted by a newly formed national commission, in order to crack down on online child sexual abuse material. If they failed to do that, they could lose legal protection under the law that enshrines the modern internet: Section 230.

"I do not understand how with all the technology available today, there are not safeguards to prevent distribution and redistribution of a child's sexually abusive images," Nicole said. "How can these images continue to be uploaded and shared, distributed for years on the internet, without companies doing anything?"

Nicole's testimony was heartbreaking — and darkly familiar.

A little more than two years ago, in September 2017, another anguished mother, Yvonne Ambrose, brought another Senate committee room to a standstill as she explained how her daughter, Desiree, who she described as "my heart, my world," was murdered after being listed by a pimp on Backpage.com. Ambrose wanted Congress to pass a bundle of laws, now known as FOSTA/SESTA, that would change Section 230 to hold online companies liable for knowingly facilitating sex trafficking.

Until that moment, few of the law's tech industry opponents — which included Facebook, Google and the lobbyists who represent them — had thought FOSTA/SESTA would pass. But Ambrose's testimony was a watershed, effectively cementing the 2018 passage of the law.

"I've never seen anything like it," one former tech industry official who was involved in the FOSTA/SESTA debate recalls, noting that from then on, tech groups' conversations on Capitol Hill got a lot harder. "We were like, 'You're opening the floodgates to civil liability. You'll break the internet and stymie free speech online.' And [lawmakers] would say, 'Yes, but what about the children?'"

As the Judiciary hearing committee got underway Wednesday, Nicole's testimony set the stage for a similar turning point for the EARN IT Act.

Once again, lobbying groups like TechNet and the Internet Association, as well as corporate giants like Facebook, have come out against the law over concerns that the commission could force online services to weaken encryption in order to secure Section 230 immunity. Once again the Internet Association sent one of its lawyers to make that case to Congress. And once again, that lawyer — this time, Elizabeth Banker — would be speaking to lawmakers who had just heard a mother tell a story no mother should ever have to tell.

"Any society that fails to protect its children, and do all that's within reason to do so, has lost their way," Sen. Lindsey Graham said in his opening remarks today. "America is not going to lose its way." Graham co-authored the bill with ranking member Dianne Feinstein, as well as senators Richard Blumenthal and Josh Hawley.

The EARN IT Act would establish the National Commission on Online Child Sexual Exploitation Prevention, a 19-member commission, tasked with creating a set of best practices for online companies to abide by with regard to stopping child sexual abuse material. Those best practices would have to be approved by 14 members of the committee and submitted to the attorney general, the secretary of homeland security, and the chairman of the Federal Trade Commission for final approval. That list would then need to be enacted by Congress. Companies would have to certify that they're following those best practices in order to retain their Section 230 immunity. Like FOSTA/SESTA before it, losing that immunity would be a significant blow to companies with millions, or billions, of users posting content every day.

The question now is whether the industry can convince lawmakers that the costs of the law outweigh the benefits. It's a debate that will test what tech companies have learned from the FOSTA/SESTA battle — and how much clout they even have left on Capitol Hill.

"If this were to pass, this would say a lot about the ability of the pro-tech interests to be able to influence legislation," said Jeff Kosseff, an assistant professor of cybersecurity law in the United States Naval Academy and author of a book on Section 230 called "The Twenty-Six Words That Created the Internet."

Before the FOSTA/SESTA fight, the tech industry had gone to war with Washington plenty, and had some luck getting its way. In 2012, another pair of bills known as SOPA/PIPA sought to crack down on online copyright infringement and inspired a wave of protests from tech companies and civil liberties groups alike. Wikipedia went dark for a day. Google blacked out its logo in solidarity. Facebook CEO Mark Zuckerberg wrote a post opposing the bills, which he said "could seriously hamper the innovation, growth and investment in new companies." Online petitions in opposition to the laws accrued millions of signatures, and groups like Fight for the Future flooded lawmakers' inboxes with emails from their constituents.

The strategy worked. Spooked by the groundswell of activism, Congress shelved the bills. "During the SOPA/PIPA fight, members were unsure of where the support for policy changes was and backed away from making the changes in that legislation," said Rick Lane, a former lobbyist for the Chamber of Commerce and 21st Century Fox, who now advocates for Section 230 reform.

Fast-forward to early 2017. The conversation around FOSTA/SESTA was getting underway, spearheaded by Sen. Rob Portman, who introduced SESTA. At the time, the tech industry was feeling emboldened by its success in the SOPA/PIPA debate. They felt confident SESTA wasn't going anywhere.

But politically, everything had changed. The 2016 presidential election gave way to a backlash against big tech that continues today, and the companies didn't fully understand yet just how strong that backlash was. "The large online services and the trade associations misunderstood how much the terrain had shifted beneath them," said Jonathan Mayer, an assistant professor of computer science at Princeton University, who was a technology adviser to California Sen. Kamala Harris during the FOSTA/SESTA negotiations. "They came into the debate really expecting to win, and not just win in the sense that the legislation wouldn't pass, but they didn't even have to bother with it."

Mayer describes that as a "quite a significant misreading of the political landscape."

"People thought that Section 230 was untouchable, that it was settled law, and lawmakers weren't going to touch the foundational law of the internet," said one former Facebook employee who was involved in the discussions. "They thought it would be a sustained PR political fight, and it would go away."

Ambrose's testimony coincided with Facebook's bombshell announcement that Russian trolls had coordinated a campaign to influence the 2016 election. Facebook had been standing strong with Google and others in opposing FOSTA/SESTA, but as the social network took a beating in the press, it changed course.

"Sheryl Sandberg and others didn't think that it was worth taking on yet another fight. It was as simple as that," said the former Facebook employee.

Facebook was able to negotiate some minor concessions, Mayer said. Shortly after, the Internet Association came out in support of the law, and in March 2018, the FOSTA/SESTA package passed the Senate with a vote of 97 to 2. Only Sen. Rand Paul and Section 230's author, Sen. Ron Wyden, voted against it. When President Donald Trump signed it into law, Ambrose was standing over his shoulder.

"They folded with FOSTA/SESTA," said Danielle Citron, a law professor at Boston University who has volunteered her expertise to both tech companies and Congress on Section 230 and online content moderation issues. "It's the wrong solution."

Last year, Citron held a meeting with members of Congress in both parties to discuss Section 230. Citron said she urged lawmakers to avoid taking a piecemeal approach to amending the law, and instead to adopt language that would require online companies to implement "reasonable" content moderation standards for a variety of online harms. Citron was joined by her colleague Mary Anne Franks, a University of Miami law professor who runs the Cyber Civil Rights Initiative, a nonprofit dedicated to stopping the spread of nonconsensual pornography.

Ultimately, Citron said, "That wasn't persuasive."

Instead, the EARN IT Act would force companies to adhere to a narrow set of standards, which Citron views as limiting. "Once you have a checklist, you end up encoding the checklist and that's all you do," Citron said. "You don't experiment."

She argues that the EARN IT solution could dissuade companies from trying new things as they try to fend off the very real threat of child sexual abuse material.

That's one of several arguments the Internet Association laid out in its prepared remarks Wednesday. "This process would have a severe chilling effect on legitimate investment and innovation — if product design decisions can be second guessed by a Commission, every investment decision in a new online service will be clouded with uncertainty," the remarks read.

The Internet Association also argued that the EARN IT Act is on constitutionally shaky ground. Not only could it be construed as a First Amendment violation, because the government would be telling companies what they can and can't publish, it might also be vulnerable to a Fourth Amendment challenge, which prohibits unreasonable search and seizure. The Internet Association argues that the EARN IT Act could turn companies into de facto "agents of the government" because of how they're required to monitor for child sexual abuse material, a service companies like Facebook already provide willingly. The final draft of the Act addresses this issue head on, stating the law shouldn't be construed as requiring "a provider of an interactive computer service to search, screen or scan for instances of online child sexual exploitation."

But the Internet Association's approach this time isn't all oppositional. In a sign tech giants may have learned their lesson from the FOSTA/SESTA debate, the group's prepared remarks explain what companies like Google and Microsoft are already doing to combat child sexual abuse material using image hashing tools. And they lay out legislative steps they would support in combating the scourge, including appropriating resources to law enforcement officials who are already empowered to prosecute these cases under Section 230. (Sen. Wyden has said he plans to propose legislation to this effect).

In her opening remarks, the Internet Association's lawyer, Banker, appeared to choke back tears as she discussed the indelible mark that reviewing child sex abuse material through her work has left on her.

During the FOSTA/SESTA debate, Mayer said, this type of conciliatory approach was entirely missing. "They weren't giving the best version of their own argument," Mayer said. "I have to imagine that industry has learned some lessons."

It's also made some key hiring decisions. In the fall, Google hired Mark Isakowitz to lead its D.C. policy shop. Prior to taking on the role, Isakowitz was chief of staff to none other than SESTA sponsor Sen. Portman.

But it's not clear what the industry has gained from this shift. The EARN IT Act still opens up the possibility that an administration interested in weakening encryption — as the last several have been — could make Section 230 immunity dependent upon building a backdoor for law enforcement. If that weren't at least part of the goal of the bill, Mayer said, its authors could easily write in language to allay those concerns. But they haven't.


Get in touch with us: Share information securely with Protocol via encrypted Signal or WhatsApp message, at 415-214-4715 or through our anonymous SecureDrop.


In some ways, the task ahead of the tech industry is tougher because of the encryption element. Not only do tech giants have to defend their legal immunity, despite the volume of criminal activity on their platforms, they also have to defend their decision to encrypt those platforms, making that criminal activity inaccessible to both the companies and to law enforcement.

"Facebook is talking about end-to-end encryption which means they go blind," Sen Graham said, later adding, "We're not going to go blind and let this abuse go forward in the name of any other freedom."

Mayer said these new dynamics, coupled with Silicon Valley's waning reputation, suggest that even if tech giants did learn a lesson from the FOSTA/SESTA fight, it might be too late. "It may be there isn't much political maneuvering room left for them," he said.

Fintech

Judge Zia Faruqui is trying to teach you crypto, one ‘SNL’ reference at a time

His decisions on major cryptocurrency cases have quoted "The Big Lebowski," "SNL," and "Dr. Strangelove." That’s because he wants you — yes, you — to read them.

The ways Zia Faruqui (right) has weighed on cases that have come before him can give lawyers clues as to what legal frameworks will pass muster.

Photo: Carolyn Van Houten/The Washington Post via Getty Images

“Cryptocurrency and related software analytics tools are ‘The wave of the future, Dude. One hundred percent electronic.’”

That’s not a quote from "The Big Lebowski" — at least, not directly. It’s a quote from a Washington, D.C., district court memorandum opinion on the role cryptocurrency analytics tools can play in government investigations. The author is Magistrate Judge Zia Faruqui.

Keep Reading Show less
Veronica Irwin

Veronica Irwin (@vronirwin) is a San Francisco-based reporter at Protocol covering fintech. Previously she was at the San Francisco Examiner, covering tech from a hyper-local angle. Before that, her byline was featured in SF Weekly, The Nation, Techworker, Ms. Magazine and The Frisc.

The financial technology transformation is driving competition, creating consumer choice, and shaping the future of finance. Hear from seven fintech leaders who are reshaping the future of finance, and join the inaugural Financial Technology Association Fintech Summit to learn more.

Keep Reading Show less
FTA
The Financial Technology Association (FTA) represents industry leaders shaping the future of finance. We champion the power of technology-centered financial services and advocate for the modernization of financial regulation to support inclusion and responsible innovation.
Enterprise

AWS CEO: The cloud isn’t just about technology

As AWS preps for its annual re:Invent conference, Adam Selipsky talks product strategy, support for hybrid environments, and the value of the cloud in uncertain economic times.

Photo: Noah Berger/Getty Images for Amazon Web Services

AWS is gearing up for re:Invent, its annual cloud computing conference where announcements this year are expected to focus on its end-to-end data strategy and delivering new industry-specific services.

It will be the second re:Invent with CEO Adam Selipsky as leader of the industry’s largest cloud provider after his return last year to AWS from data visualization company Tableau Software.

Keep Reading Show less
Donna Goodison

Donna Goodison (@dgoodison) is Protocol's senior reporter focusing on enterprise infrastructure technology, from the 'Big 3' cloud computing providers to data centers. She previously covered the public cloud at CRN after 15 years as a business reporter for the Boston Herald. Based in Massachusetts, she also has worked as a Boston Globe freelancer, business reporter at the Boston Business Journal and real estate reporter at Banker & Tradesman after toiling at weekly newspapers.

Image: Protocol

We launched Protocol in February 2020 to cover the evolving power center of tech. It is with deep sadness that just under three years later, we are winding down the publication.

As of today, we will not publish any more stories. All of our newsletters, apart from our flagship, Source Code, will no longer be sent. Source Code will be published and sent for the next few weeks, but it will also close down in December.

Keep Reading Show less
Bennett Richardson

Bennett Richardson ( @bennettrich) is the president of Protocol. Prior to joining Protocol in 2019, Bennett was executive director of global strategic partnerships at POLITICO, where he led strategic growth efforts including POLITICO's European expansion in Brussels and POLITICO's creative agency POLITICO Focus during his six years with the company. Prior to POLITICO, Bennett was co-founder and CMO of Hinge, the mobile dating company recently acquired by Match Group. Bennett began his career in digital and social brand marketing working with major brands across tech, energy, and health care at leading marketing and communications agencies including Edelman and GMMB. Bennett is originally from Portland, Maine, and received his bachelor's degree from Colgate University.

Enterprise

Why large enterprises struggle to find suitable platforms for MLops

As companies expand their use of AI beyond running just a few machine learning models, and as larger enterprises go from deploying hundreds of models to thousands and even millions of models, ML practitioners say that they have yet to find what they need from prepackaged MLops systems.

As companies expand their use of AI beyond running just a few machine learning models, ML practitioners say that they have yet to find what they need from prepackaged MLops systems.

Photo: artpartner-images via Getty Images

On any given day, Lily AI runs hundreds of machine learning models using computer vision and natural language processing that are customized for its retail and ecommerce clients to make website product recommendations, forecast demand, and plan merchandising. But this spring when the company was in the market for a machine learning operations platform to manage its expanding model roster, it wasn’t easy to find a suitable off-the-shelf system that could handle such a large number of models in deployment while also meeting other criteria.

Some MLops platforms are not well-suited for maintaining even more than 10 machine learning models when it comes to keeping track of data, navigating their user interfaces, or reporting capabilities, Matthew Nokleby, machine learning manager for Lily AI’s product intelligence team, told Protocol earlier this year. “The duct tape starts to show,” he said.

Keep Reading Show less
Kate Kaye

Kate Kaye is an award-winning multimedia reporter digging deep and telling print, digital and audio stories. She covers AI and data for Protocol. Her reporting on AI and tech ethics issues has been published in OneZero, Fast Company, MIT Technology Review, CityLab, Ad Age and Digiday and heard on NPR. Kate is the creator of RedTailMedia.org and is the author of "Campaign '08: A Turning Point for Digital Media," a book about how the 2008 presidential campaigns used digital media and data.

Latest Stories
Bulletins