Mediaboss Marketing

Executive Summary

Introduction

The Senate may soon consider the Eliminating Abusive and Rampant Neglect of Interactive Technologies (EARN IT) Act of 2022. On its surface, the bill would make a relatively small modification to the Section 230 of the Communications Decency Act, which is designed to put a greater onus on Big Tech to crack down on the spread of child sexual abuse material (CSAM). While a laudable goal, the bills changes threaten critical privacy protections, such as end-to-end encryption (E2EE), or mandate firms scan user communications. In isolation, this privacy tradeoff could be worth making, or at least worth debating. But the bill as currently structured would deputize platforms as partners in law enforcement in the identification and reporting of CSAM. This could make evidence obtained by the platforms inadmissible in court, as platforms would now be state actors and their searches unconstitutional under the Fourth Amendmentand thus make prosecution of CSAM criminals much more difficult.

Now that the Judiciary Committee has moved the bill out of Committee, the Senate will have the opportunity to fix the major issues still prevalent in the bill. This insight explains why the legislations reforms risk significant harm to both user privacy and law enforcement agencies as they attempt to prosecute CSAM criminals. Members should carefully consider these concerns as they consider the bill.

EARN IT Act What It Does

The EARN IT Act does two main things. First, it creates a commission with a variety of different stakeholders to develop recommended best practices for platforms to prevent, reduce, and respond to the online sexual exploitation of children. The commissions recommendations do not bind platforms to act in accordance with the best practices, and ideally would remain voluntary to guide platforms with the best steps to address CSAM. Courts may also use these guidelines in determining whether platforms adhered to necessary standards of care under relevant state laws on the issue.

Second, the bill would create an exemption to Section 230s protections for intermediary liability for claims relating to the advertisement, promotion, presentation, distribution, or solicitation of CSAM. Section 230 currently has an exemption for violations of federal criminal law, meaning existing law which makes it a federal crime to knowingly possess and share CSAM already applies to platforms such as Facebook and Twitter. For all state and federal civil claims, however, Section 230 precludes courts from treating platforms as the publisher or speaker of what users post. In practice, this means that states cannot enforce CSAM-related statutes that attempt to hold platforms as the speaker when CSAM is shared. EARN IT would extend the exemption for federal criminal enforcement to any state civil or criminal claims. Further, because EARN IT allows states to enforce their own laws, in practice it also allows states to change the legal standards for liability. This means that even if a platform doesnt know about CSAM on their service, they can be liable for users possessing and sharing the content if the state finds that a platform should have known, or even acted negligently, in identifying and reporting these materials.

Certainly, both Congress and platforms should strive to find better strategies to target the spread of CSAM. But while the EARN IT Act clearly aims to this goal, as drafted, it would have significant unintended consequences for both user privacy and the ability of law enforcement to prosecute criminals.

EARN IT Act Threatens User Privacy

Since the original bills introduction, many critics have worried that it would target user privacy features such as end-to-end encryption, which criminals can use to obtain and share CSAM without the risk of law enforcement gaining access to these communications. In the original bill, for example, adhering to the commissions recommendations would earn platforms Section 230 immunity. Attorney General Bill Barr, a noted critic of end-to-end encryption, would have had significant control over the commission and its participants. This threat led to significant outcry from public interest and privacy groups. In response to massive opposition to this approach, the drafters drastically changed the bill to its current structure and Senator Leahy introduced an amendment to alleviate concerns that offering E2EE would lead to liability.

When EARN IT was reintroduced in 2022, lawmakers changed the language again. Now the encryption provision only states that offering E2EE cannot be used as evidence to support other claims, as long as it not be an independent basis for liability. What does this mean in practice? If a claim against a platform alleges the service should have known about CSAM, plaintiffs and prosecutors could argue that offering E2EE could have contributed to the reckless behavior of the platform. The language would only protect platforms if they engaged in no other conduct that potentially supported the conclusion that the platform should have known about the CSAM.

This wouldnt be a major issue in isolation, as federal law requires actual knowledge of the content, so offering E2EE wouldnt necessarily give rise to liability. Nevertheless, the bill also allows for states to bring claims under state laws that could have different standards than the current federal regime, such as recklessness. While the actual legality of the practices will depend on the facts of the case, firms will likely feel pressure to eliminate these services, regardless of the privacy benefits they provide to users.

Worse, even a fully restored Leahy amendment that made clear offering E2EE could not be used as evidence against a platform wouldnt fully protect the privacy of users. E2EE only protects the communications in transit, and not the information on users devices. Firms can employ client-side scanning to examine the contents of messages before the message is encrypted or decrypted. The Leahy amendment would only cover the encryption of messages in transit, and not on the device, itself. Again, this in isolation doesnt give rise to liability, but when states impose a lower standard than knowledge, ICS could be found liable for spreading CSAM if they do not use tools such as client-side scanning to ensure users do not share CSAM over the service.

With Congress significant focus on online privacy, including that of the EARN IT Acts cosponsors, this threat to user privacy is somewhat surprising. Encryption protects users from a variety of potential harms. Victims of domestic abuse need secure and confidential communications to speak to loved ones and access support. Journalists use encryption to protect sources. And a lack of strong protections opens the door for hostile actors to target Americans. At the same time, pedophiles can also use encryption to evade law enforcement and continue to harm children.

If the EARN IT Acts changes simply meant a tradeoff between stopping CSAM and keeping privacy protections such as encryption, then Congress and the public could have that debate. Unfortunately, as drafted, the bill would both reduce privacy protectionsand make it more difficult to prosecute CSAM criminals.

EARN IT Act Could Make Prosecution of Criminals More Difficult

Despite the best intentions of the bills authors, by effectively deputizing platforms into searching for and reporting CSAM on behalf of law enforcement, the EARN IT Act could make information obtained by platforms inadmissible in court under the Fourth Amendment.

Currently, platforms employ a wide range of tools to find and eliminate CSAM. Under federal law, when the platforms learn of CSAM, they report to the National Center for Missing and Exploited Children (NCMEC) the details so that law enforcement can find and arrest the individuals involved. These voluntary actions then lead to prosecution of the individual. Yet this regime only works as long as the platforms provide information to law enforcement voluntarily.

The Fourth Amendment protects individuals against unreasonable searches and seizures, which means that law enforcement must normally obtain a warrant to search users communications. Because platforms arent state actors, their searches do not need the same protections, and prosecutors can use any information obtained from the platform to convict the perpetrators. If a state employs a recklessness or even negligence standard for platforms to find and remove CSAM, however, and platforms are essentially coerced into monitoring communications for CSAM, courts may determine that the influence from government actors essentially makes the platforms state actors.

If courts determine that platforms are state actors, then the evidence obtained from the platforms monitoring efforts may be deemed unconstitutional. For example, an app can use a program such as PhotoDNA to automatically compare unencrypted information against a hash of material in an authoritative database. When there is a successful hit for CSAM, the app can report that to NCMEC and law enforcement can follow up to arrest the perpetrator. But if the government forces the app to scan all the communications on the device to get around the Fourth Amendment, evidence obtained by the app would be inadmissible in the actual prosecution of the case.

It is critical that the enforcement regime remains voluntary so that evidence obtained will not be barred in courtrooms. While Congress should continue to work to target CSAM online, the bills current approach would effectively coerce platforms into acting as the deputy of law enforcement and risks allowing criminals off the hook.

Conclusion

The EARN IT Act as currently drafted has significant problems that threaten the privacy of users and may make it more difficult to prosecute the criminals exploiting children online. While the goals of the bill are certainly laudable, Congress should consider amending the bill to both ensure important privacy features are protected and that platforms do not become state actors when they search for CSAM on their services.

View original post here:
Unintended Consequences of the EARN IT Act - AAF - American Action Forum

In 2016, a rape survivor voluntarily provided her DNA to San Francisco law enforcement officers so that her attacker might be brought to justice. Five years later, the sample she provided led police to connect her to an unrelated burglary, according to San Francisco district attorney Chesa Boudin. The woman faced a felony property charge, but Boudin dropped the case, saying the use of her DNA was a violation of her Fourth Amendment right against unreasonable searches and seizures.

The incident could deter survivors of sexual assault from coming forward if they think their DNA could be used to implicate them in a future crime. It also raises legal and ethical questions about the broader law enforcement use of genetic evidence. We should encourage survivors to come forwardnot collect evidence to use against them in the future. This practice treats victims like evidence, not human beings, Boudin said in a February 14 statement.

More than 300,000 people were raped or sexually assaulted in 2020, according to the Department of Justices 2020 Criminal Victimization Report. Yet less than 23 percent of those assaults were reported to police, down nearly 34 percent from 2019. Many survivors are also reluctant to undergo a forensic exam, also known as a rape kit, out of fear or shame. During the exam, a nurse collects biological evidence that may contain DNA from the assailant, such as blood, hair, saliva, and skin cells. Survivors may also be asked to provide a sample of their own DNA as a reference to determine if genetic material found at the crime scene belongs to them or someone else.

Sexual assault victims subject themselves to this very invasive exam for one purpose, and that is to identify their assailant, says Camille Cooper, vice president of public policy at RAINN, the Rape, Abuse & Incest National Network, a nonprofit that aims to prevent sexual assault and help survivors. Any use of their DNA for any other purpose is wholly inappropriate and unethical.

And yet, theres currently no uniform practice regarding what crime labs do with reference DNA samples after testing. Federal law does prohibit police from uploading victims DNA profiles to a national database known as the Combined DNA Index System, or CODIS, which is maintained by the FBI. CODIS is used to link violent crimes like homicides and sexual assaults to known offenders and has strict rules for what kind of profiles can be submitted. It contains DNA collected from crime scenes, from people arrested for or convicted of felonies, and to a lesser extent, from unidentified remains. People who are released from custody or found not guilty can petition to have their information removed from CODIS.

But some local police departments operate their own DNA databases outside the purview of CODIS. Most states dont have laws limiting the kinds of DNA samples that can be stored in them. Police departments around the country have, over time, developed these separate databases that are largely unregulated, says Andrea Roth, a law professor at the University of California, Berkeley who specializes in forensic science and has researched these databases.

Continued here:
A Rape Survivor Gave Police Her DNA. They Linked Her to Another Crime - WIRED

It seems to me that police officers are unfairly targeting those who live on the street in their personal property. Enforcing parking codes does not result in a significant, if any, increase in public safety. And, as a court recently ruled at least in regard to utilizing chalk marks on tires it is illegal and a violation of the Fourth Amendment of the Constitution of this Great Nation.

The Sixth Circuit Court of Appeals in Taylor v. City of Saginaw recently determined that the chalking of car tires in order to enforce parking regulations constitutes a violation of the law as an illegal search. Now, I used to do parking enforcement in Portland chalking isnt the only way to track how long a vehicle has been parked in one area. A LPR (license plate reader) system may also be used.

Yet by the logic of the court, wouldnt this kind of system also fall under the classification of an illegal, unwarranted search? Searches on homes in regard to municipal codes may be conducted without a warrant if they meet reasonable regulatory or administrative standards, but the court stated that this isnt a free-for-all for civil officers. Homeowners are given a chance for pre-compliance review, while vehicle owners often do not have that same luxury. Therefore, exceptions to the rule do not apply and vehicles cannot be searched without warrant.

There is simply no reason to force people who dont have a home to constantly be on the move. Nor is there any reason to add insult to injury with unnecessary fines, which likely wont be paid anyway. And finally, it is ridiculous to impound someones shelter. It is a waste of resources and time, in my humble opinion, to pursue such ventures when funds could be redirected and better spent finding real solutions.

We're always interested in hearing about news in our community. Send us your news, photos, and videos and let us know what's going on!

The World's Latest E-Edition

View our 2-22-22 E-edition right here!

The World's Latest E-Edition

Success! An email has been sent to with a link to confirm list signup.

Error! There was an error processing your request.

' + this.content + '

See the original post:
Letter: Targeting the homeless | Letters | theworldlink.com - Coos Bay World

It used to be privacy was largely the domain of constitutional law and patient health care law: the Fourth Amendment, and then the Fourteenth Amendment, and the Health Insurance Portability and Accountability Act (HIPAA). Today, privacy is the practice of navigating the state-by-state patchwork of data security laws and regulations, subject matter specific privacy laws, and a number of federal rules stuck in there for good measure. Dealing with health-related information? Look to HIPAA. Biometric information? Illinois has a law for that. Financial information? Look to the Gramm-Leach-Bliley Act (GLBA). Antitrust, of course, has lumbered along for over one-and-a-quarter centuries based largely on two federal statutes. At first blush, antitrust and privacy would seemingly have little to do with one another, each content to operate in their respective spheres.

Originally Published in "The Privacy and Antitrust Paradox in the Age of Data," Cybersecurity Law Report - February 2022.

Please see full Publication below for more information.

View post:
The Privacy and Antitrust Paradox in the Age of Data - JD Supra

Ed Mullins, the former head of the New York Police Department's Sergeants Benevolent Association (SBA), has been charged with defrauding his own union of hundreds of thousands of dollars, which he spent on expensive meals, luxury items, and even a relative's college tuition.

Mullins, 60, a controversial figure with a reputation for excusing terrible behavior from the police and publicly lamenting about the decriminalization of marijuana, resigned in October following an FBI raid on the SBA office and Mullins' home. He had been the president of the union for 20 years. At that time, sources told the New York Post that Mullins was being investigated for possibly misappropriating union funds.

On Wednesday, the Department of Justice revealed that was indeed the case. According to the complaint filed by U.S. Attorney Damian Williams with the U.S. District Court of the Southern District of New York, Mullins for the past five years was allegedly "submitting false and inflated expense reports to the SBA, seeking reimbursement for those bills as legitimate SBA expenditures when in fact they were not." From that, he managed to collect hundreds of thousands of dollars that his union membersincluding 13,000 fellow officers, both active and retiredhad paid in dues.

According to the complaint, the fraud all started when the vice president retired in 2017. The treasurer took responsibility for approving Mullins' expense reports and reportedly didn't bother to scrutinize them or even request receipts from Mullins. When Mullins submitted his reports, he would jack up the amounts charged. Just one example provided in the complaint states that he changed a $45.92 charge from a wine bar to $845.92. The complaint notes that Mullins in 2018 added this treasurer (who is not named in the complaint) to his slate for his reelection.

Mullins faces one federal count of wire fraud, which comes with a maximum 20-year sentence (though he will most likely not receive the maximum sentence if convicted).

Mullins, of course, is entitled to due process and the presumption of innocence until he is convicted. But, ironically, Mullins was a quite public and vocal opponent of this. He once tweeted out an attack on New York City's Civilian Complaint Review Board, calling them a "disgrace." He was offended by a tweet that simply acknowledged that the Fourth Amendment protected Americans from unreasonable searches and seizures and encouraged New Yorkers to file a complaint if this right was violated. Mullins complained on Twitter in 2018 that he might get into trouble if he tried to arrest a guy smoking marijuana at a subway entrance, so he didn'tand he shouldn't have arrested the guy anywaybecause New York City had long since decriminalized marijuana possession.

According to The New York Times, Mullins surrendered to police Wednesday morning and was released on a $250,000 bond. That seems awfully high for a nonviolent crime. Maybe he would benefit from some federal bail reform? Oh, right. He hates bail reform too.

Continued here:
Former NYPD Union President Charged With Stealing Hundreds of Thousands of Dollars of Members' Dues - Reason