Thursday, June 1, 2023
LetsAskBinu.com
  • Home
  • Cybersecurity
  • Cyber Threats
  • Hacking
  • Protection
  • Networking
  • Malware
  • Fintech
  • Internet Of Things
No Result
View All Result
LetsAskBinu.com
No Result
View All Result
Home Cybersecurity

New EARN IT Act Has Old Issues

Researcher by Researcher
May 7, 2023
in Cybersecurity
0
FBI: Election Officials in Nine States Received Phishing Emails
189
SHARES
1.5k
VIEWS
Share on FacebookShare on Twitter


The latest version of the highly controversial EARN IT Act that is in committee in the Senate right now may be a more serious threat to strong encryption than the previous versions and could force platform providers into the decision not to even offer encrypted services, lawmakers, civil liberties and technology policy advocates say.

The current iteration of the EARN IT Act is the third one and like the others, its main focus is on identifying and eliminating child exploitation material online. But as in the other versions, the current bill has language that would increase the liability for platform operators that use end-to-end encryption on their services. The bill currently is in the Senate Judiciary Committee, and experts worry that if it passes it will have a severe impact on the security of the services platform owners such as Google, Meta, and others can offer.

The crux of the issue is whether platform operators should know and be responsible for all of the content that passes through their systems.

“As introduced, EARN IT dramatically increases the risk of liability for any service that offers end-to-end encryption. Under EARN IT, the use of encryption (or the failure to weaken that encryption) cannot serve as an independent basis for liability. But EARN IT expressly permits courts to consider the use of encryption as evidence to support other claims— including under state laws with a lower mens rea requirement,” TechFreedom officials said in a letter to Judiciary Committee leaders.

In other words, under the terms of the proposed bill, platform owners would almost certainly have to know what’s on the platforms, which would essentially eliminate the use of strong encryption. A separate bill called the STOP CSAM Act has similar language,

“Current law does not immunize platforms for criminal conduct. The new bills would drastically drop that requirement so that they’re liable for negligence in civil suits. Platforms would likely have to know what’s on the platforms, so they might set up automated content analysis, which is bad, and undermine encryption,” said Cody Venzke, senior policy counsel at the ACLU.

Wyden, one of the strongest advocates for encryption and privacy on Capitol Hill, said he’s concerned that lawmakers are putting their efforts in the wrong place.

“CSAM is a problem and this bill is not the answer. The focus ought to be to help prevent kids from becoming victims in the first place, not on undermining security and privacy,” said Sen. Ron Wyden (D-Ore.), during an online event Wednesday.

“We need to pass comprehensive privacy legislation in this country. This fight has been the longest running battle since the Trojan War. The root cause of so much bad corporate behavior really is the privacy issue. Tech companies hoover up so much private data and then they misuse it.”

Other organizations worry that the EARN IT Act’s language could lead to the use of client-side scanning, which allows services to scan users’ devices for illegal material rather than doing so on the platform side.

“Notably, the bill leaves room to impose forms of ‘client- side scanning,’ which violates user privacy by sending data to law enforcement straight from user devices, before a message is encrypted. EFF has long held that client-side scanning violates the privacy promise of end-to-end encryption, even though it allows the encryption process to proceed in a narrow, limited sense,” the Electronic Frontier Foundation said in a letter to the Judiciary Committee leaders.



Source link

Related articles

Spring Framework Flaw Exploited in Mirai Malware Attacks

Threat Actors Exploit Critical Zyxel Flaw in Botnet Attacks

June 1, 2023
Cisco Acquiring Armorblox for Predictive and Generative AI Technology

Cisco Acquiring Armorblox for Predictive and Generative AI Technology

June 1, 2023
Tags: ActEarnissues
Share76Tweet47

Related Posts

Spring Framework Flaw Exploited in Mirai Malware Attacks

Threat Actors Exploit Critical Zyxel Flaw in Botnet Attacks

June 1, 2023
0

Threat actors are exploiting a critical-severity Zyxel flaw in order to add vulnerable devices to a Mirai botnet variant. While...

Cisco Acquiring Armorblox for Predictive and Generative AI Technology

Cisco Acquiring Armorblox for Predictive and Generative AI Technology

June 1, 2023
0

Cisco on Wednesday announced that it’s acquiring California-based cybersecurity firm Armorblox for its artificial intelligence (AI) technology. Armorblox specializes in...

8 best practices for securing your Mac from hackers in 2023

8 best practices for securing your Mac from hackers in 2023

June 1, 2023
0

Best practices for securing your Mac against potential hacks and security vulnerabilities include enabling the firewall, using strong passwords and...

ZuoRAT Malware Found Hitting Home Routers

New SeroXen RAT Emerges | Decipher

June 1, 2023
0

Security researchers are tracking a new fileless RAT named SeroXen that has the capability to evade many EDR systems and...

Sentra Raises $30 Million for DSPM Technology

Chrome 114 Released With 18 Security Fixes

May 31, 2023
0

Google this week announced the release of Chrome 114 to the stable channel with a total of 18 security fixes...

Load More
  • Trending
  • Comments
  • Latest
This Week in Fintech: TFT Bi-Weekly News Roundup 08/02

This Week in Fintech: TFT Bi-Weekly News Roundup 15/03

March 15, 2022
QNAP Escalation Vulnerability Let Attackers Gain Administrator Privileges

QNAP Escalation Vulnerability Let Attackers Gain Administrator Privileges

March 15, 2022
Supply chain efficiency starts with securing port operations

Supply chain efficiency starts with securing port operations

March 15, 2022
A first look at threat intelligence and threat hunting tools

A first look at threat intelligence and threat hunting tools

March 15, 2022
Beware! Facebook accounts being hijacked via Messenger prize phishing chats

Beware! Facebook accounts being hijacked via Messenger prize phishing chats

0
Shoulder surfing: Watch out for eagle‑eyed snoopers peeking at your phone

Shoulder surfing: Watch out for eagle‑eyed snoopers peeking at your phone

0
Remote work causing security issues for system and IT administrators

Remote work causing security issues for system and IT administrators

0
Elementor WordPress plugin has a gaping security hole – update now – Naked Security

Elementor WordPress plugin has a gaping security hole – update now – Naked Security

0
Spring Framework Flaw Exploited in Mirai Malware Attacks

Threat Actors Exploit Critical Zyxel Flaw in Botnet Attacks

June 1, 2023
All eyes on APIs: Top 3 API security risks and how to mitigate them

All eyes on APIs: Top 3 API security risks and how to mitigate them

June 1, 2023
Cisco Acquiring Armorblox for Predictive and Generative AI Technology

Cisco Acquiring Armorblox for Predictive and Generative AI Technology

June 1, 2023
This Week in Fintech: TFT Bi-Weekly News Roundup 08/02

This Week in Fintech: TFT Bi-Weekly News Roundup /

June 1, 2023

Recent Posts

Spring Framework Flaw Exploited in Mirai Malware Attacks

Threat Actors Exploit Critical Zyxel Flaw in Botnet Attacks

June 1, 2023
All eyes on APIs: Top 3 API security risks and how to mitigate them

All eyes on APIs: Top 3 API security risks and how to mitigate them

June 1, 2023
Cisco Acquiring Armorblox for Predictive and Generative AI Technology

Cisco Acquiring Armorblox for Predictive and Generative AI Technology

June 1, 2023

Categories

  • Cyber Threats
  • Cybersecurity
  • Fintech
  • Hacking
  • Internet Of Things
  • LetsAskBinuBlogs
  • Malware
  • Networking
  • Protection

Tags

Access attack Attacks banking BiWeekly bug Cisco cloud code critical Cybersecurity Data Digital exploited financial Fintech Flaw flaws Google Group Hackers Krebs Latest launches malware Microsoft million Network News open patches Payments platform Ransomware RoundUp security Software Stories TFT Threat Top vulnerabilities vulnerability warns Week

© 2022 Lets Ask Binu All Rights Reserved

No Result
View All Result
  • Home
  • Cybersecurity
  • Cyber Threats
  • Hacking
  • Protection
  • Networking
  • Malware
  • Fintech
  • Internet Of Things

© 2022 Lets Ask Binu All Rights Reserved