The EARN IT Act continues to be pushed thru the US lawmaking gang. It wants to remove anti liability protections from platforms. It is also purportedly attempting to stop encryption.
But we must be vigilant - Professor Dan Bernstein delivered us some of the best cryptographic algorithms, amazing DNS software, unarguably the best email daemon and more, but he also delivered us a case law ruling that encryption is protected free speech[1].
Let’s not forget that. Our Bill of Rights is very strong. Thanks Professor Bernstein for proving that!
What does any of this have to do with the EARN-IT act? This all appears to be just claims about possible uses of encryption with no particular relation to the subject of the article. If these other uses of encryption you're discussing wouldn't be affected by the EARN-IT act, then they aren't relevant here.
I'm not sure how much this answers your question, but Congress put out a "EARN IT Act Myths and Facts" documents that contains the following text:
> MYTH: The EARN IT Act is simply an attempt to ban encryption.
> FACT: The EARN IT Act does not target, limit, or create liability for encryption or privacy services. In fact, in order to ensure the EARN IT Act would not be misconstrued as limiting encryption, specific protections were included in the bill to explicitly state that a court should not consider offering encryption or privacy services as an independent basis for legal liability.
EFF Deeplinks overstates as usual, harming their credibility.
EARN IT doesn't let the government scan every message (just like right now your non e2e encrypted data says isn't subject to mass scanning by government, but guarded by a warrant or your hosting provider's government bootlickiness), but merely (as the article admits) doesn't prevent the government from passing such a law in the future.
Encryption isn't illegal due to the bill. In fact encryption law itself hasn't changed. The bill gives the government the ability to compel someone to circumvent encryption (backdoors, spyware etc.) if technically feasible while acting to service a warrant.
It is much worse than banning encryption as it is silent subterfuge and forcing the hand of citizens who would otherwise just be going about their day.
Laws should be able to stop people from doing certain things but forcing people to do something they had no business doing in the first place is insane.
While I fully support strong privacy & encryption, there is absolutely no logic in this argument because it tries to build upon an unrelated hypothetical.
A stronger argument should have tried to explain how this violates the constitution:
That is probably why the FSF has published an article with the title "EARN-IT threatens encryption and therefore user freedom".
But the point that the FSF needs to focus on is that EARN-IT is bad because it limits user freedom. The fact that users may choose to use that freedom to protect themselves from criminals isn't the issue. There might be an obvious and compelling reason users need freedom or there might not be. The FSF doesn't need to care and should be against the bill regardless.
Much like how the FSF doesn't care about whether the GPL is economic or not - they think software projects should all be licensed under it (or an equivalently free license). The point isn't whether freedom is good or necessary. That is taken as a priori truth. The point the FSF advocates is whether users have it.
That's a good point that I hadn't realized. If this were to pass, they can get you on using encryption without actually charging you with any other crime. That's scary.
This is even worse than trying to regulate cryptography. The bright side is that this will probably be even less successful than past attempts to regulate cryptography, too.
I think the impact is certainly concerning, but I doubt that it's likely that most sources are currently even using E2E encryption in the first place I'm not trying to minimize this, either: the EARN IT act is a huge problem. I suppose my point is that you can't get rid of good encryption, but you can prevent US companies from using good encryption which is simply going to push people offshore.
This could even have totally perverse impacts: suppose that China can read your messages, but all you care about is that your provider is not hosted in the US?
One from Falkvinge (first hit on google), responding about as you'd expect [1], and a link to the actual law [2]. It doesn't make encryption illegal, it just makes it illegal to not produce the key on demand. You can decide which is worse.
Every time one of those moronic bills show up I wonder if they know they are making the entire US banking system and online marketplaces vulnerable to Chinese and Russian hacking.
And what is that for? Some false promise of security? People who commit real crimes will just use illegal tools and would rather be prosecuted for """illegal use of real encryption""" than for whatever they are doing
Meanwhile people who actually need it for legitimate reasons are endangered by this law
reply