EARN IT: Privacy, Encryption, And Policing In The Information Age

You may have heard about a new bill working its way through the US congress, the EARN IT act. That’s the “Eliminating Abusive and Rampant Neglect of Interactive Technologies Act of 2020”. (What does that mean? It means someone really wanted their initials to spell out “EARN IT”.)

EARN IT is a bipartisan bill that claims to be an effort to put a dent in child exploitation online. It’s also managed to catch the attention of the EFF, Schneier, and a variety of news outlets. The overwhelming opinion has been that EARN IT is a terrible idea, will make implementing end-to-end encryption impossible, and violates the First and Fourth Amendments. How does a bill intended to combat child pornography and sex trafficking end up on the EFF bad list? It’s complicated.

First off, we have to cover the Communications Decency Act, and section 230 specifically. So let’s wind back the clock to 1996. The internet was young, but there were already flame wars. Two important court decisions had recently happened, and together they put Internet service providers in an odd place.

The first decision, Cubby vs CompuServe, was a result of a posting in a forum controlled by CompuServe. Cubby, Inc. was the target of what they considered to be defamation, and they brought a lawsuit against CompuServe for hosting the material. The court found in a summary judgement that because CompuServe was unaware of the contents of their forum, they were acting as a distributor, and not liable for the contents of the forums. This would be the equivalent of a bookstore having no liability for the contents of their books.

The other decision, Stratton Oakmont v. Prodigy, took a different path. This case also tested the liability of a service provider. In this case, because Prodigy exercised “editorial control” over bulletin board postings, it was ruled to be acting as a publisher rather than a simple distributor. As a publisher, Prodigy was liable for the postings that were allowed on their services.

These two decisions meant that a service provider took on much more liability by policing user content. Simply allowing every post would be the safer stance, but would predictably result in a terrible experience for the majority of end users. Congressmen Chris Cox and with Ron Wyden, began work on a provision to protect service providers while still allowing them to police what content would be allowed on their platform. Their work became an amendment to Title V of the Telecommunications Act of 1996. While most of the rest of Title V, the Communications Decency Act, was struck down as unconstitutional, Section 230 is still an important bit of law to this day.

Twenty-Six Words That Created the Internet

Section 230 has been called “The Twenty-Six Words That Created the Internet”. For the first time this common sense measure was written out as law: “No provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider.” The statute goes on to say that providers cannot become liable as a result of “any action voluntarily taken in good faith” to police objectionable material. Section 230 can be read as a direct response to Stratton Oakmont v. Prodigy.

These protections do have limits. Two very broad swaths of law are explicitly unaffected by section 230: intellectual property law and federal criminal law. Intellectual property is dealt with in the Digital Millennium Copyright Act (DMCA), and we’ve written about that over the years here on Hackaday.

Section 230, then, provides a very strong defense to service providers facing prosecution at the state level. This was done intentionally, as state law can vary so wildly from state to state. Internet business is fundamentally different from a brick-and-mortar establishment, and section 230 protects online services from the whims of each state.

There is an important point to make here: Even without section 230 protections, a service provider could intentionally operate as a distributor rather than a publisher. We’ll return to this idea later.


The next chapter in the section 230 story is Backpage. Originally started as an internet classifieds section, Backpage quickly became ground zero for a showdown over section 230. Backpage was a lawless place, with users openly advertising prostitution and other related services. Some of the worst stories include kidnapping and slavery and forcing minors into prostitution.

Backpage Takedown

Several states brought cases against Backpage for knowingly allowing advertisements for illegal services, many times involving human-trafficking and underage prostitutes. Section 230 was a large part of their successful defense against these cases. Backpage was finally shut down through two separate efforts. The first was state courts ruling that Backpage “materially contributed to the content of the advertisement[s]”, which goes further than the protected editorial activities set out in section 230. Backpage executives plead guilty to “conspiracy to facilitate prostitution.”

The second effort was a federal case that accused Backpage of interstate prostitution crimes. The interstate nature of the case placed the jurisdiction squarely in federal hands, and since it related to federal criminal law, section 230 didn’t apply.


The Backpage situation led congress to revisit the section 230 question in 2017, and the “Stop Enabling Sex Traffickers Act” (SESTA) was the result. SESTA introduces a new “carve-out” to section 230. Under SESTA, section 230 no longer protects a service from state criminal prosecution if the prosecution is targeting an offense that is also illegal under certain federal laws. SESTA was opposed by Internet freedom groups like the EFF as well as libertarian voices.

It’s not hard to see the downside to SESTA: A website with more traffic than moderators will struggle to keep up with the additional moderation burden. In theory, a malicious campaign could flood a moderated service with illegal content, and any such content that wasn’t moderated could be used in a criminal or civil complaint.

On the other hand, this was already the case under section 230, but with the additional limitation that it had to be a federal criminal case. SESTA opened these cases to state level prosecution and civil cases. (This extra liability is currently being challenged in the courts on constitutional grounds.)


Now that the pertinent history has been covered, we can finally discuss EARN IT, the bill currently under consideration in congress. Before we cover the concerns raised by interested parties, let’s look at the text of the bill itself. First, the National Commission on Online Child Sexual Exploitation Prevention, a 19 member standing commission, is established. Three members of that commission come from federal agencies: The Department of Justice, Homeland Security, and the Federal Trade Commission each send one representative. The other 16 are chosen by the majority and minority leaders of the Senate and House. The representatives appointed by Congress have further listed qualifications, ranging from law enforcement to consumer privacy. The intent here seems to be to get a wide range of opinions represented on the commission.

This commission is tasked with developing and maintaining a set of “best practices” aimed at combating online exploitation. Of interest here is that at least 14 of those 19 members must approve the final guidelines in order for them to become official recommendations. Once a guideline is agreed upon a bill is to be introduced in both the House and Senate. Only once both bodies have voted the best practices into law are they in effect.

So far the bill seems reasonable. We rightly complain when politicians demonstrate their poor understanding of technology and the Internet, particularly when the legislation they produce is odorous or nonsensical as a result. A panel of experts writing best practices could be a welcome change. On the other hand, the makeup of that panel is very much slanted towards law enforcement and government representatives. More security and privacy experts would have been welcome.

The enforcement of EARN IT is where the potential problem lies. Section 6. “Earning Immunity” adds another carve-out to section 230 immunity. This is very similar to the text of SESTA, in that civil cases and State criminal cases are exemptions to the 230 protection, if the claim or charges are a violation of the federal law regarding sexual exploitation of minors.

Only if a service provider certifies that they are in compliance with the published best-practices will they still enjoy section 230 immunity as it applies to child exploitation. This is where the concerns from the EFF and others come into play. Based on existing statements from current US Attorney General William Barr, many have concluded that the best-practices document will include provisions for encryption back-doors, among other bad ideas.

Some of the criticism of the bill are based on the draft version of the bill. The current text of the bill is significantly better than the draft, specifically because the House and Senate must first ratify any guidelines before they become binding.

One of the most dire predictions I’ve seen related to EARN IT is that it will be the death of end-to-end encryption in commercial services. I am hard pressed to think of an example where end-to-end encryption could be used with a service that would also include editorial actions. As mentioned above, Section 230 isn’t required to allow a messaging service to act as a distributor instead of a publisher. Based on existing case law, Telegram and Signal should have nothing to worry about.

Final Thoughts

I was prepared to join the chorus of voices bashing EARN IT. Hopefully a more nuanced examination of the history and issues surrounding the bill has been enlightening. I would like to go on record on one issue: I am categorically opposed to the forced inclusion of encryption backdoors. If this bill passes and the “best-practices” document that emerges afterwards includes such a provision, I’ll help lead the charge to shoot it down.

The biggest ramification of SESTA and EARN IT is the additional civil liability it presents. It remains to be seen how that change will play out in civil cases — it may put smaller companies and non-profits out of business due to legal costs alone.  Due to that liability, many services will implement the published guidelines, and it’s likely that some of those guidelines will have negative consequences. That said, it’s this author’s opinion that the fevered warnings about EARN IT are rather unearned at this point.

Editor’s Note from Elliot Williams

We don’t all share Jonathan’s optimistic views on the yet-undisclosed requirements that these “best practices” rules will contain. Perhaps the actual content of the law should be hammered out first? After public pressure, the act was re-written to require ratification of the best practices by Congress, but it’s still hard to tell right now what anyone is approving, and to me it still looks like a Trojan horse.

While I can’t deny that the legislation has improved since the first draft, or argue much with Jonathan’s strict reading of the law, without being able to read the “best practices” now, we can only look to the intentions of the bill’s sponsors and the structure of the drafting commission. The 19-body commission is stacked with groups that are in favor of irresponsibly weakening encryption, having tried to pass such legislation in the past, and failed.

And even if the commission were strong on protecting encryption, with Attorney General Barr holding a veto on the commission’s recommendations, it’s hard to imagine that “best practices” could emerge from the commission that don’t address his long-standing goal of introducing backdoors, under the guise of requiring editorial oversight. The best possible version of the law will never make it to Congress for approval. If we’re lucky, Congress will strike down the bad bits, but we don’t want to have to count on getting lucky.

In my opinion, if anyone has to earn the trust of the American people on encryption and privacy, it’s those behind the EARN IT legislation. And by obscuring what will eventually become the actual content of the law, I do not think they have. Democracy rests on transparency. The “best practices”, being part of the law, should be established before the law is voted on.

But that’s part of why we’re bringing this up.  Please get yourselves educated, discuss in the comments, and write letters to your Congresspeople if you feel motivated. Thanks to Jonathan for writing a great backgrounder.

40 thoughts on “EARN IT: Privacy, Encryption, And Policing In The Information Age

    1. It’s actually pretty common for regulation to be developed outside of the text of the law. Look into how the FTC develops their rules and guidelines.

      1. Yup, it’s how we ended up with a 4th branch of government, the bureaucracy. Hopefully the bill either gets struck down or the language that the House and Senate are rewired to ratify the guidelines survives in the version that passes. Otherwise, we get some more unelected bureaucrats that get to write regulations with the force of law, and Congress critters can throw up their hands and say “we didn’t do it” if the said bureaucrats write any bad regulations.

    2. That’s the difference between “regulation” and “legislation”.

      Laws are intentionally written with such wide scopes that they can be freely adapted without further democratic scrutiny to serve any purpose. People call for this sort of administration (eg. “regulated markets”) on the point that it grants the administration powers to react to any situation without having to go through lengthy voting processes that could be influenced by the people they’re trying to regulate in the first place.

      Naturally the people who advocate for more regulation are thinking of themselves for the administration, since it gives them arbitrary powers to do what they want, not what everyone else wants. The same powers in the hands of their political opposition would be unthinkable.

  1. Road to hell is paved with best intentions.

    If one government can spy on you, every government can. And script kiddies and their cat.

    Cars kill people. A lot of people. Should we ban cars?

      1. Really? Without automobiles the world you cherish would cease to exist and all of the modern conveniences that you enjoy would not exist. Data centers are not usually real close to towns and most of the main lines are not even remotely in populated areas.

        While living in a city may afford you the luxury of not using automobiles, all of the stuff you enjoy requires them to be produced and distributed.

          1. busses and trains seldom go when and where you need them unless of course you live in some large city and happy to be one of the sheeple….

    1. I don’t disagree with your concerns.

      How do we deal with cars that can kill people? We write laws and rules about how to operate them in a safe way, and then hold people accountable when they break those rules.

      1. This law seems utterly unable to actually do anything about the problems it claims to be about, and more like yet another attempt to just meddle with encryption in a mildly roundabout way.

        1. It’s perhaps unfair of me to say “utterly unable”, since maaaaybe they could do something good. But this really seems more like a roundabout trojan-horsey way to impose restrictions on end to end encryption.

      1. You’ve drank the kool aid about autonomous cars being safer than humans. Not even remotely true. It’s a PR lie these companies concoct with deviously flawed studies, p-hacking, and laundering nearly all machine error through the human “backup driver,” thus being able to rebrand it as more human error.

        We are ages from truly autonomous cars being remotely viable, and even further from them being safer. That last two or three percent of that problem will be orders of magnitude harder than the wimpy little lane-keeping gizmos they currently have (that still consistently fail more per mile than human drivers). Humans deserve more credit. Don’t just buy their marketing and hype about machines just automatically being safer by their very nature. There’s no reason to believe that. Robots aren’t immortal or infallible, especially AI black boxes lazily hacked together by Alphabet and the rest of those ghouls.

  2. The Senators who introduced the Bill. Ur welcome.

    Lindsey Graham R-SC
    Senator Richard Blumenthal D-CT
    Senator Kevin Cramer R-ND
    Senator Dianne Feinstein D-C
    Senator Josh Hawley R-MO
    Senator Doug Jones D-AL
    Senator Robert P. Casey D-PA
    Senator Sheldon Whitehouse D-RI
    Senator Richard J. Durbin D-IL
    Senator Joni Ernst R-IA

  3. Aside from having a detrimental effect on the online affairs of billions of innocent/uninvolved people, this act will do precisely nothing to solve the real world problems it claims to combat. It’s all optics and cosmetics. It may even reduce enforcement rates of actual physical crimes. It’s saying “Hey, criminals, go and make yourselves much harder to find.”. It might look good for a year or two, with CLAIMS of higher prosecutions but that will be a bunch of newly created crimes, the majority of which may be the unwary of the new regs, not the real old foul crimes that we should actually be stopping.

    Presumably, the current status quo is that officers know where to find this stuff online, infiltrate the “community” gather enough evidence on suppliers to get a judge to sign off on subpoenas and warrants to involved service providers, to fully connect said criminals by metadata, then physical enforcement should find enough evidence to convict for prison terms that satisfy the public (Or the political ambitions of the DA, whatever) …. now some bright spark is saying, “I know, let’s make criminals re-evaluate the perceived safety in numbers thing and go almost totally dark online, using offshore servers in countries we can’t even get interpol co-operation with, and things will be magically better.” Law enforcement is thinking this will shorten the process, it can do nothing but lengthen and make it tougher and more expensive to proved but for a few cases of the very uninformed and very stupid.

  4. It is reasonable to say that a service on the internet should follow the laws of where it is hosted. (This is though creating tons of fun loop holes.)

    It is also reasonable to say that a service on the internet should follow the laws of where its users are. (Kinda fixes some of the loopholes of the first, but introduces administration problems for the service…)

    To a degree, it is reasonable to asses that a website is responsible for minimizing illegal content on their site to what is reasonably within their ability. (Fixes some of the flaws of the prior assessment.)

    To a degree, we could just ask everyone to make their websites only accessible to countries that the website actually complies with. But then making one’s website accessible to a country is literally the same as saying that one takes responsibility for the content therein. So not really a solution for a lot of websites hosting user content…

    Simply stated, just like copy right laws weren’t made for Joe average. Laws about the internet is equally muddy for anyone looking to make something on the internet. Some things are more or less a standard across the world, like copy right infringement laws that are mostly upheld to “similar” standards in a large portion of the world. But in terms of content, what is illegal in one country might be a norm in another.

    In the end, the internet will likely remain a wild west for a long time into the future. One can’t really require that the whole world should follow one’s own laws. And there is laws about what can and can’t be hosted on it all over the world. In essence, whatever one posts is likely a criminal offence somewhere or another.

    1. “It is also reasonable to say that a service on the internet should follow the laws of where its users are.”

      I disagree with that and instead believe that it should follow the law where its owners/operators are. I don’t personally believe for example that Reddit should have to follow sharia law because they have uses in Iran.

  5. There is ZERO earmarks for training staff, techniques or for any staff.

    It litterally sets up a committee that is non-elected and is unconstitutional… ANYTHING they say Congress MUST pass. The bill is a utter nightmare and full insanity.

    Basically if you bribe the correct people your platform/publisher can get away with murder and exploitation.

    If you attempt to defend free speech, jokes and memes, humor and satire with the 1st Amendment? your company will be hacked and have CP uploaded just to destroy you for your thought crime.

    They will make victims of all u.s. citizens online. And domestic and foreign criminals will be happily running pgp and tails/tor servers.

    For everyone “hopeful” when had the government ever taken the time to do something thoughtful that protected its citizens.

    Or do they just do slap jobs… I think you already know, they would if they could remove curtains, blinds and locks from everything they can.

  6. Ugh, the old “think of the children!” excuse. They deploy this completely cynically. Closing down backpage and stuff has exclusively harmed sex workers, not helped them. They just want to keep ratcheting up the panopticon functions of the internet and telecom. They want more avenues of public surveillance and control. That’s it.

    This is no different. It’s a way to spy on people, disguised with a shallow and obvious ploy to push it through using a lever they know will always work because of its emotional impact on public opinion. They’re taking advantage of trafficked children in order to advance their own pet agendas. It’s beyond revolting. These legislators and lobbyists are craven and evil.

    Here’s a quick reminder that TOR and Signal were funded and developed by US intelligence agencies for covert communication. It’s not a conspiracy theory, it’s just a recorded and verifiable fact. They have known for a long time that child abusers and other criminals use those platforms en masse, but they need them for cover since it wouldn’t work as an untraceable network for spies if the only users were those same spies. That would obviously blow their cover. So they have knowingly tolerated child abuse and sex trafficking for years. They do not care, full stop. This is a pure power grab, dressed up in the thinnest disguise as something that would help the most vulnerable. When will we stop believing this crap?

    Ah well, not like anything the public wants actually gets addressed in this tin-pot rigged democracy anyway. It’s only about what special interest groups and the military want now. Look at the popular support vs. special interest support of any given bill and it’s illustrated so clearly that there is no longer any denying it. This system has been captured completely. And our public is fully indoctrinated with this silly idea that electoralism is not just the best but the ONLY mechanism of systemic change and redress of grievances. So all they have to do is break elections, which they thoroughly have. This hybrid corporate-political establishment has trapped and neutered popular politics, and now they can do whatever they want with only symbolic resistance. Which is easily swept away with lazy PR campaigns. Our culture has become almost post-Soviet in its cynicism and apathy towards corruption.

      1. Well… Shouldn’t speak so soon :( great depressions tend to be both extremely dangerous and motivational politically. I’m not normally a doomsayer, but I think people often discount the possibility that big changes might occur sooner than we’d believe. It’s that normalcy instinct. Conditions tend to seem static and eternal until they aren’t.

  7. Can two individuals communicate across the internet, and transfer data both directions in such a way that no government spy agencies on planet earth can EVER decipher their messages – yes.

    Will this bill help do what is claimed – nope, 100% waste of energy.

    1. I don’t know if that’s necessarily true in a theoretical or practical sense. It’s still kind of up for debate. Ciphers tend to be cracked through new technology, immense resources, or clever people finding holes in them that even experts had never predicted. If a message can be understood by its intended recipient, then there may always be a way for an unintended recipient to duplicate that process. Ciphers are an arms race, constantly being cracked and reinforced in a cycle that grows more and more expensive and esoteric with time. This naturally guarantees that common people will always be at a disadvantage versus corporate or state actors. It’s kind of their tool, and as we all know you can’t dismantle the master’s house with the master’s tools.

      I’m not necessarily claiming that somebody is going to brute force the strongest encryption any time soon, but it’s the edges of the system that are most vulnerable. And may always be. People who think they have perfect opsec are usually fooling themselves.

      1. I deliberately never mentioned anything about key length or key distribution or encryption algorithm. but the key distribution can happen in the physical world securely, was generated from a true random source and has the same size as the data to be distributed, then what I said is technically true. It is a hack, but it is technically true.

  8. I’m with the editor on this – the whole bill should be shot down. It’s a blatant attempt to get something in so that the gov can monitor everyone, and weaken security ie it has nothing to do with kids.

    There was a comment on Bruce’s blog that I though summarized it quite well https://www.schneier.com/blog/archives/2020/03/the_earn-it_act.html#c6807486 – ie there is already federal law – not subject to section 230 – that covers what they say this Act is supposed to be doing. Therefore, that’s not what they are ACTUALLY trying to do..

    The USA used to be a shining light f freedom, then your gov started recording every phone call, then every internet request, and then other laws like this one… I’d ask why did you let it happen but I can see we (Aus) are on the same slope – what do you do when both major parties support something stupid?

  9. ” If this bill passes and the “best-practices” document that emerges afterwards includes such a provision, I’ll help lead the charge to shoot it down.”

    What? Is that like opposing the elimination of Net Neutrality rules after the fact? It doesn’t work. What is lost is lost. Once people realize that after the bill is passed they can still get their cat videos and porn you will never get enough support to undo the damage. You have to tackle these things right away at the beginning. That’s why no preliminary versions of these so called best practices have been released. It’s not because they have no idea what they intend to put in there.

    What I don’t understand is how you can give the politicians any benefit of the doubt? What makes you think they actually care about the things they claim this bill is supposed to do? They would never have been able to get their partys’ support and been elected to office without being sociopaths. They don’t actually care about that stuff. More than half of them are probably notches on Jeffery Eppstein’s headboard.

    This is about controlling the internet on behalf of the giant media corporations that bought their candidates way into power. That is all it has ever been. Given the history of internet law in the US it seems that there has been a constant effort almost since the beginning here in the US to destroy the internet as we know it. Just look at the laws restricting encryption that we had during the Clinton administration. They practically tried to strangle the internet as a baby! More recently we have SOPA, ACTA, unwarranted wire-tapping and the tearing down of Net Neutrality.

    None of this should be any surprise. If you are old enough think back to the mid 1990s when the world first started becoming aware of the internet. Look at the things that Al Gore and others who were actually involved in opening up the ArpaNet actually had to say. They didn’t believe that an open internet could actually grow into the all encompassing thing that it is today. They didn’t think that an open internet could provide enough content to take on entrenched big media or that companies would build up it’s bandwidth to this extent.

    The internet was a mistake. It was only supposed to wet our appetites and then be replaced by a supposedly more capable but much more top-down content service which they called the Information Superhighway. They still want that one back and have not given up.

  10. we have many great paralells in history…
    … i am starting to think that it should be manditory for politicians to study ancient Rome… so many bad ideas, so much proof that they are terrible, and yet we repeat them over, and over, and over, and over……

  11. This is very interesting and concerning for many reasons. I cannot help but laugh when someone says “they want this so they can listen to our phones calls, read our emails, or spy on us”. When I hear that my question is what makes you think anyone would be interested in listening to your phones calls, reading your emails, texts, and so on? Let’s be honest, most people that say that aren’t communicating anything in any way that their neighbor would want to know much less the government. You aren’t as interesting or important as you think you are. That includes me as well. If you think about how many texts and phone calls are made per day in the USA, how many humans would it take to monitor all of it for one day? I’ve heard it is something like 1 million people x 1 million hours to complete that task for just one day in America due to the traffic we have in 24 hours. The point is it will not ever happen.

    Do we agree or not that sexual predators to include those engaged in the production or distribution of child pornography should be arrested and locked up forever? Im assuming your answer is a resounding yes. My answer is hell yes and your reply to this will be interesting. Pretend we all agree and those people should be arrested, tied to a tree, and left for dead. If those people use the TOR browser, a VPN, and end to end encryption apps what do you propose law enforcement should do to catch them? Remember a warrant for anything is based off of probable cause aka evidence. In this scenario the evidence is an image or video. If the images and videos are exchanged in a form of communication that is impossible to breach how will these sick predators be brought to justice?

    Privacy – I believe that no one to include a state or federal government can or should be allowed to compel a provider of a service using end to end encryption to provide the key to the side door. That defeats the purpose of encryption. I would like to see a process where law enforcement could provide a probable cause warrant to one of these providers for certain crimes (child exploitation, kidnapping, terrorism) and that the provider hand over the information IF the crime fits into that narrow window. If the provider does it then the integrity of their system is maintained. But wait! If the provider can get the data then it isn’t secured you moron! I can hear your words before you type them haha. I agree with the statement you have yet to write but will no doubt. My question to you is this…..if someone kidnaps a child and uses one of these encrypted apps what would you do as the person charged with finding that child? If someone is producing child pornography what would you do to intercept the images, put them in jail, and save those children being subjected to stuff you cannot imagine? The questions I asked are real and they are asked every day. I’m anxious to hear some ideas.

    Security is paramount and we should never give up one ounce of our civil liberties. We all know once you do you will never get it back. That leads to what do we do as a law abiding society to detect, arrest, and incarcerate those among us that exploit the future of this nation? The scale of what I’m referring to is greater than you can even comprehend. Its like counting to infinity. Those children belong to someone. What would you say if one of them was your child? There is no easy answer. Can we remove a little bit of security to catch predators? Probably not because once the keys are in hand all the doors will get opened. This is a tough one. I am not in favor of EARNIT. I am in favor of finding a way to allow law enforcement to detect and arrest those that exploit children. How that would happen is beyond me.

    1. “When I hear that my question is what makes you think anyone would be interested in listening to your phones calls, reading your emails, texts, and so on?”

      No reasonable person thinks that “they” have human beings monitoring every piece of communication. For most it’s just meta data, who you communicated with and when. Nobody is looking at it, it’s just archived and index for future use. Whatever that use may be. Have you never heard that the average person commits x number of crimes per day without knowing it? The law is complicated and if someone with access to that kind of data wanted to use it against you they probably could. Of course, with millions of average people’s information in the database the odds of “them” targeting average you are pretty much zero. But if you ever did get the wrong kind of attention from the wrong person…

      More importantly however is that not everyone is an average, boring target. If everyone’s being monitored then that includes more “important” people. How do you have a democracy when the incumbents can monitor every communication any new candidate makes?

      “. If those people use the TOR browser, a VPN, and end to end encryption apps what do you propose law enforcement should do to catch them?”

      All the same things they did before they had the internet. I think people are so used to using the internet to find everything that they forget there are other ways.

      Do you think somebody at the post office opened every envelope looking for kiddie pics? I’m sure the local drug store would turn someone in who tried to get kiddie porn developed but home, hobbyist development equipment was always a thing. Was there a backdoor built into every piece of film processing equipment? Did the police never catch offenders before they could do it on a computer?

      They will catch them on tips. They will catch them when teachers, neighbors, relatives, etc.. look into troubled children. They will catch them when they make mistakes. They will catch more when they interrogate the ones they catch first.

      They will not catch them all but they never will catch them all regardless how many civil liberties are given up. The world is too big and too cruel for that.

Leave a Reply

Please be kind and respectful to help make the comments section excellent. (Comment Policy)

This site uses Akismet to reduce spam. Learn how your comment data is processed.