The internet's favorite law is under attack.

The latest blow to Section 230 of the Communications Decency Act came Wednesday, when the Department of Justice issued a list of proposals asking Congress to amend the law in ways that would make it easier to hold tech companies like Facebook and Twitter legally liable for harmful content that appears on their platforms.

Sign up for Protocol newsletters

The department's final proposal to Congress comes on the heels of a presidential executive order last month and a newly introduced bill from Missouri Sen. Josh Hawley, both of which seek to chip away at companies' Section 230 protection in cases where those companies are accused of political bias.

Unlike those measures, which have been roundly criticized even by Section 230's critics, the DOJ's proposal focuses more squarely on stripping immunity from "bad Samaritans." It would also punish encrypted platforms that are, in essence, blind to bad behavior on their platforms.

What does that mean? How would it affect the majority of tech companies? And what will happen next? Here's what you need to know:

What is a 'bad Samaritan'?

Some parts of the DOJ's proposal would affect only a small subset of tech companies, while others would have more sweeping ramifications.

The proposal first seeks to address the problem of companies claiming Section 230 immunity despite the fact that they are actively facilitating or soliciting illegal content. That includes, for instance, websites that exist for the sole purpose of hosting revenge porn or illegal gun sales. This, the DOJ argues, was never the intention of Section 230, which was written to enable "good Samaritans" to block bad behavior, but protect them when they miss things or when they take down content they shouldn't have.

The bad Samaritan exception has been promoted by some of Section 230's most prominent reformers. In a 2017 paper, Section 230 scholar and Boston University professor Danielle Citron and Benjamin Wittes, a senior fellow at the Brookings Institution, argued that "bad Samaritans" should be denied immunity and that companies should have to demonstrate they used a "reasonable standard of care" in removing violative content.

The DOJ's proposal would strip immunity from these bad Samaritans who intentionally seek out illicit content. That, of course, applies to a smaller subset of bad actors.

But the proposal would also create a carveout from immunity for instances in which companies fail to take reasonable steps against particularly egregious content, like child sexual abuse material, terrorist content and cyberstalking, all of which takes place on mainstream platforms like Facebook.

It would also strip immunity from companies in specific cases where they had "actual knowledge or notice" of content that was violating federal law and failed to remove it. This, too, could be a threat to any platform that hosts third-party content but hasn't taken action on every post that gets flagged as illicit. If enacted, this would likely lead tech platforms to take down far more content once it's been reported.

What else would the proposal do?

Two other big changes that would affect lots of companies have to do with narrowing the scope of content that tech platforms can take down without legal repercussions and increasing transparency around their decisions.

First, the DOJ is proposing that Congress define what it means to moderate content in "good faith." If the DOJ gets its way, that definition would require companies to moderate content "in accordance with plain and particular terms of service and accompanied by a reasonable explanation." This line item aims to address concerns that tech platforms are enforcing their terms unevenly and without much visibility into how the decisions get made.

Second, the DOJ also wants Congress to rewrite the part of Section 230 that enables tech companies to block "obscene, lewd, lascivious, filthy, excessively violent, harassing or otherwise objectionable" content. The DOJ would cut "otherwise objectionable" from that line and replace it with "unlawful" and "promotes terrorism." This subtle change would drastically limit the range of content that tech companies could filter without opening themselves up to liability. For instance, it could make it harder for, say, Facebook to defend its decision to take down misinformation about voting and elections, because it doesn't neatly fit into one of those other categories.

What about encryption?

The DOJ has signaled its disdain for encryption since long before current Attorney General William Barr came to office. It's fought high-profile battles against Apple in hopes of gaining access to encrypted devices used in terrorist plots. Now, the DOJ is asking Congress to strip companies of Section 230 immunity if they "purposefully blind themselves and law enforcement" to illicit material. This would mean that in order to have immunity, companies would have to ensure that law enforcement has access to potential evidence in a "comprehensible, readable and usable format." Such a requirement would throw a wrench in Facebook's plans to encrypt messaging across its entire family of apps.

Of note: When the DOJ broke out its "key takeaways" from the 28-page proposal on its website, it left this part out completely.

Who supports this?

The DOJ's proposal received widespread praise from Republicans, who have advocated for changes to Section 230 for years. Many Republicans, including Sens. Josh Hawley and Marsha Blackburn, have called for these changes due to what they perceive to be the suppression of conservative voices on tech platforms — despite the fact that conservatives often have the top-performing posts on sites like Facebook.

"These changes will modernize oversight of the Internet economy and hold giants like Google, Facebook, and Twitter accountable when they overstep as the online speech police," Blackburn said in a statement. "No longer will we let Big Tech hide behind these liability protections as a pretense to bully competitors or to suppress free speech."

The proposal also garnered support from online safety advocates, including Gretchen Peters, executive director of the Center on Illicit Network and Organized Crime. "I really believe there's a genuine effort to understand and respond to a public safety and consumer safety concern," Peters said. She added, however, that the parts of the proposal that deal with free speech, not criminal activity, are likely to "collapse under their own weight."

Who's against it?

The tech industry was quick to oppose the DOJ's plan, particularly the fact that it was so closely timed with Hawley's Senate bill.

"This is a coordinated attack by the administration against tech businesses to sidestep the First Amendment," Carl Szabo, vice president and general counsel at the tech advocacy group NetChoice, said in a statement. "The administration is weaponizing the Department of Justice and Congress to control online speech, not stop bad actors."

In a call with reporters Wednesday, following a Wall Street Journal report that suggested the DOJ's recommendations were imminent, Facebook's Vice President of Global Affairs Nick Clegg said, "Changing significantly or eliminating the balance of responsibility and provisions about liability in Section 230 would, in our view, in the end mean less speech of all kinds appearing online."

Eric Goldman, a Section 230 expert and professor at Santa Clara University School of Law, said he objects not only to the substance of the proposal, but to the process the DOJ has undertaken. Goldman points to the fact that while Section 230 prohibits the average user from successfully suing a tech platform, the DOJ does have the ability to bring enforcement action for criminal activity that takes place online. "They're the one entity in the world that is categorically free to pursue cases without encountering Section 230," Goldman said.

Goldman said the sheer number of carveouts contained in the proposal makes "Swiss cheese" of Section 230. "It would ultimately really eliminate the immunity altogether," he said.

What happens next?

Reforming Section 230 is Congress' job, and a lawmaker will have to introduce a bill that includes the reforms suggested by the DOJ in order for these proposals to proceed.

While there's significant bipartisan interest in modifying the controversial statute in some way, it's unlikely that the reforms sanctioned by the DOJ could make it through the Democratic House and Republican Senate. Most Section 230 proposals that have been introduced in Congress largely fall along party lines. That means the new legislation introduced by Hawley and four other Republican senators on Wednesday is unlikely to move this year, either.

But the DOJ's proposal represents a new front in the battle over Section 230. As Goldman points out, it is the DOJ's job to "tell us where it can't enforce the law properly." And it's Congress' job to do something about it.

Additional reporting by Emily Birnbaum.