EARN IT Act Amendments Could Shift Section 230 Protection from DOJ Guideline Compliance to Post Hoc Enforcement Regime

DOJ-seal-300x300It has been a little more than a month since the Department of Justice (DOJ) made their formal recommendations to lawmakers on how to limit the scope of the broad immunity given to interactive computer service companies, i.e., social media and tech companies, under Section 230 of the Communications Decency Act of 1996. Originally, the drafters of the Eliminating Abusive and Rampant Neglect of Interactive Technologies Act of 2020 (EARN IT Act) led by Sen. Lindsey Graham intended to comply with the DOJ’s request by structuring the bill as a series of amendments to Section 230 that would turn the legal shield into an incentive-based protection. Essentially mirroring category one of the DOJ report, the original incentive system of the EARN IT Act would have meant that an interactive computer service company would only receive Section 230 immunity from civil liability for illicit content posted by a site’s users if the company took affirmative steps to ensure that its site was not facilitating the dissemination of child sex abuse materials.

However, the bill was significantly amended by the Senate Judiciary Committee before being sent to the Senate floor on July 2 for an upcoming vote. Now, should the EARN IT Act pass as amended, it will create three carve-outs to Section 230 immunity for civil and criminal actions representing a shift in the act from an incentive-based system to a post hoc enforcement and regulatory regime. The recent amendments are carve-outs to the broad immunity currently afforded by Section 230 and would allow the following types of actions to be brought against interactive computer service companies:

  1. Private civil action under 18 U.S.C. §2255. This amendment would provide a civil remedy counterpart to existing federal statues criminalizing child sexual abuse materials. Section 2255, as amended, gives a plaintiff standing in federal court to bring a suit against an interactive computer service company and sets forth the types of damages available for a successful claim (actual or liquidated, punitive, attorney’s fees, and other costs).
  2. State criminal prosecution. This amendment specifically enables state attorneys general and prosecutors to bring criminal charges against an interactive computer service company under state laws regarding the “advertisement, promotion, presentation, distribution, or solicitation of child sexual abuse materials, as defined in 18 U.S.C. 225(8).”
  3. Private civil action under state laws. Similar to the first amendment, this amendment enables any injured person to bring a claim under state laws against an interactive computer service company if it involves the “advertisement, promotion, presentation, distribution, or solicitation of child sexual abuse materials, as defined in 18 U.S.C. §225(8).”

Carving out these sorts of civil and criminal actions from the protections of Section 230 will likely create significant new risks for social media and tech companies. Currently, many social media companies set age requirements to use their platform, ban user accounts and IP addresses associated with illicit behavior, have internal systems for reporting abuse, and perform automated queries for monitoring suspicious behavior. Under the DOJ compliance standard initially set forth in the EARN IT Act, these safeguards would have been a complete bar to any claim. Now, under the proposed amendments, even if a company were to utilize all of these tools to prevent the sharing of child sexual abuse materials, it may not be enough to prevent the company from being sued or criminally prosecuted should the safeguards fail to catch the presentation of child sexual abuse materials. Additionally, the amended act has the potential to result in uneven application or rules and regulations by switching to a largely state law-based enforcement regime. State laws involving child sexual abuse materials can vary drastically by jurisdiction, so companies will need to be aware of the risks presented in each state in which they may be sued or criminally prosecuted.

Will this shift to a post hoc enforcement regime yield beneficial results? That is the issue that the Senate will hopefully take up as the EARN IT Act moves to the Senate floor. Critics have raised several key concerns, including potential negative impacts on free speech, privacy, encryption measures, and compliance efforts. As to the issue of increased liability for interactive computer service companies, Gaurav Laroia, Free Press Action senior policy counsel, recently argued that, “[t]he drafters of this bill obviously want to address real harm from abusive materials, but the amended bill creates an enormous opening for state-level liability. Even as amended today, it invites states to begin passing all sorts of laws under the guise of protecting against abuse, but replicating the problems with the original EARN IT Act’s text.”