Senate bill crafted with DEA targets end-to-end encryption, requires online companies to report drug activity

thejml@lemm.ee to Technology@beehaw.org – 78 points –
Senate bill crafted with DEA targets end-to-end encryption, requires online companies to report drug activity
therecord.media

A bill requiring social media companies, encrypted communications providers and other online services to report drug activity on their platforms to the U.S. Drug Enforcement Administration (DEA) advanced to the Senate floor Thursday, alarming privacy advocates who say the legislation turns the companies into de facto drug enforcement agents and exposes many of them to liability for providing end-to-end encryption.

14

Warrants are required for U.S. Mail. Likewise, the government should not have warrantless access to all electronic communication. It's an outrageous position.

Could this bill be the result of the recent court decision blocking gov work with social media companies?

I would not be surprised if the DEA was already working with tech companies and this bill is to get around the court and make the collaboration legal.

This doesn't target E2EE - that's the whole point of E2EE. It does target everyone else, though.

It does though, by holding them accountable if they "on purpose" blind themselves. Which is E2EE

So you can only trust a) open source or b) safe countries. Which is basically already the situation.

So you can only trust a) open source or b) safe countries. Which is basically already the situation.

It does though, by holding them accountable if they "on purpose" blind themselves. Which is E2EE

Except there are specific exclusions in the bill to address this. Hell, the three paragraphs before the one mentioning "deliberately blinding" are all dedicated to explaining why it doesn't apply to end-to-end encryption.

The only way you could think this bill targets end-to-end encryption is if you only read the terrible headline and didn't bother to read the actual bill. Before you freak out about paragraph 4, be sure to look at paragraphs 1-3.

That's doesn't sound like a 4th amendment violation or anything.

Not only does this bill not have anything to do with searches or seizures by the government, it goes out of its way not to require cloud providers to perform any searches of their own. Where are you seeing a 4th amendment violation?