- cross-posted to:
- hackernews@derp.foo
- technews@radiation.party
A bill requiring social media companies, encrypted communications providers and other online services to report drug activity on their platforms to the U.S. Drug Enforcement Administration (DEA) advanced to the Senate floor Thursday, alarming privacy advocates who say the legislation turns the companies into de facto drug enforcement agents and exposes many of them to liability for providing end-to-end encryption.
You must log in or register to comment.
Warrants are required for U.S. Mail. Likewise, the government should not have warrantless access to all electronic communication. It’s an outrageous position.
Could this bill be the result of the recent court decision blocking gov work with social media companies?
I would not be surprised if the DEA was already working with tech companies and this bill is to get around the court and make the collaboration legal.
The only way you could think this bill targets end-to-end encryption is if you only read the terrible headline and didn’t bother to read the actual bill. Before you freak out about paragraph 4, be sure to look at paragraphs 1-3.
That’s doesn’t sound like a 4th amendment violation or anything.
Not only does this bill not have anything to do with searches or seizures by the government, it goes out of its way not to require cloud providers to perform any searches of their own. Where are you seeing a 4th amendment violation?
This doesn’t target E2EE - that’s the whole point of E2EE. It does target everyone else, though.
It does though, by holding them accountable if they “on purpose” blind themselves. Which is E2EE
So you can only trust a) open source or b) safe countries. Which is basically already the situation.
So you can only trust a) open source or b) safe countries. Which is basically already the situation.
It does though, by holding them accountable if they “on purpose” blind themselves. Which is E2EE
Except there are specific exclusions in the bill to address this. Hell, the three paragraphs before the one mentioning “deliberately blinding” are all dedicated to explaining why it doesn’t apply to end-to-end encryption.
Here is the exert from the bill - so long as the provider does not deliberately blind itself to those violations. Sadly this would target E2EE specifically as they can say by providing a way to blind the traffic, they are held accountable.