Why are supposedly pro-choice Senators supporting bills that would make it harder for abortion seekers to communicate privately? asks Riana Pfefferkorn, a research scholar at the Stanford Internet Observatory.
Senate Judiciary Committee chair Dick Durbin (D-IL) recently highlighted the crucial role of digital privacy in Americans’ access to abortion care. During an April 26 hearing about the devastating impact on Americans’ reproductive rights of the Supreme Court’s June 2022 decision to overturn Roe v. Wade, Sen. Durbin rightly noted that without robust privacy protections, abortion seekers leave a digital trail that can be used against them in states that have criminalized abortion.
So why are he and his fellow committee Democrats aiding the GOP’s assault on abortion by supporting bills that threaten Americans’ ability to communicate privately about abortion care?
Two bills introduced last month would expand online services’ potential liability for child safety offenses by their users: the EARN IT Act, co-sponsored by Sen. Richard Blumenthal (D-CT) and Sen. Lindsey Graham (R-SC), and Sen. Durbin’s own STOP CSAM Act. It’s already a federal crime if a service knowingly hosts child sex abuse material (CSAM, also known as “child pornography”). Under these new bills, when certain crimes against children occur on their services, tech companies could also be sued civilly by victims or charged by prosecutors at the state level.
These bills threaten Americans’ communication privacy by using the specter of potentially ruinous liability to disincentivize online services from offering end-to-end encryption, a widely-used technology that protects our digital communications. In encrypted apps like WhatsApp, iMessage, and FaceTime, messages and calls are encoded so that they’re decipherable only by the intended participants in a conversation. This makes encryption a vital tool for safeguarding sensitive communications including financial transactions, national security correspondence, attorney-client conversations, and so on.
However, because encrypted services can’t read their users’ conversations or wiretap them for law enforcement, some members of Congress are concerned that criminals use encryption to hide their conversations. To that end, while neither bill overtly bans encryption, EARN IT and STOP CSAM both contain language that could let courts hold encrypted services liable for their users’ child safety offenses, which can be harder to detect in encrypted environments than unencrypted ones.
The bills’ potential to penalize encrypted services is no accident, as their sponsors have made clear: Sen. Blumenthal previously refused to amend EARN IT to avoid negatively impacting encryption, claiming he didn’t want encryption to be a “get-out-of-jail-free card” for tech companies. More recently, Sen. Durbin’s comments at a February hearing framed end-to-end encryption as an impediment to protecting children’s safety.
The thing is, there’s no way to make an end-to-end encrypted service that allows the detection only of malicious communications while keeping innocuous ones unreadable by outside eyes. That’s been the consensus of computer security experts for the last quarter-century. If Congress passes a law that induces encrypted services to remove or weaken their end-to-end encryption for fear of liability, that will affect everyone who uses these apps.
That includes someone trying to get an abortion in post-Roe America. For abortion providers, abortion seekers, and those who want to offer a helping hand, the ability to communicate privately and securely has never been more crucial. And using encryption is the best way to do that.
Encryption helps everyone involved in abortion care protect themselves. From law enforcement and prosecutors in states that have criminalized abortion. From anti-abortion activists motivated to hack into the communications of reproductive health clinics. From tech company employees who’d like to sift through users’ messages, looking for someone they can turn in for a bounty.
To show that Democratic lawmakers really care about Americans’ abortion rights, they should embrace encrypted apps and encourage people to use them when discussing abortion care. Instead, it’s two Democrats who are leading the offensive against encryption in the Senate. Having just discussed digital privacy’s importance to post-Roe abortion access last Wednesday, Sen. Durbin’s committee is now considering bills that would harm digital privacy unless significant amendments are made.
The last time the committee voted on EARN IT, before the Supreme Court overturned Roe, every single Democrat voted yes. Now it’s 2023 and Roe has fallen – and yet at today’s hearing, they all voted yes again. Encouragingly, though, several members (including one Republican) raised the need to amend the bill to better protect encryption, with Sen. Alex Padilla (D-CA) noting encryption’s importance to abortion access and recalling last week’s hearing on that topic. What remains to be seen is whether today’s supportive comments about encryption will be translated into effective language in future versions of the EARN IT and STOP CSAM bills.
Abortion shouldn’t be a crime. Neither should protecting users’ digital privacy. By pushing to make it easier for criminal investigators to access Americans’ private communications, Sens. Durbin and Blumenthal – and every Democrat who joined them while staying silent about privacy – are carrying water for the GOP’s war on Americans’ reproductive rights. Lawmakers can’t have it both ways: You simply cannot be both pro-choice and anti-encryption.
Riana Pfefferkorn is a Research Scholar at the Stanford Internet Observatory. She investigates the U.S. and other governments’ policies and practices for forcing decryption and/or influencing the security design of online platforms and services, devices, and products, both via technical means and through the courts and legislatures. Riana also studies novel forms of electronic surveillance and data access by U.S. law enforcement and their impact on civil liberties. Previously, Riana was the Associate Director of Surveillance and Cybersecurity at the Stanford Center for Internet and Society, where she remains an affiliate. Prior to joining Stanford, she was an associate in the Internet Strategy & Litigation group at the law firm of Wilson Sonsini Goodrich & Rosati, and a law clerk to the Honorable Bruce J. McGiverin of the U.S. District Court for the District of Puerto Rico. During law school, she interned for the Honorable Stephen Reinhardt of the U.S. Court of Appeals for the Ninth Circuit. Riana has spoken at various legal and security conferences, including Black Hat and DEF CON’s Crypto & Privacy Village. She is frequently quoted in the press, including the New York Times, the Washington Post, and NPR. Riana is a graduate of the University of Washington School of Law and Whitman College.