Tag Archive for: legislation

EARN IT Act & the Crusade Against Encryption

By: Jon Avidor, Jason Gershenson and Maria Samson

In the midst of a global pandemic, a contentious bill attacking encryption and heightening censorship seeks congressional approval. On March 5, 2020, several US. Senators sponsored the Eliminating Abusive and Rampant Neglect of Interactive Technologies Act (“EARN IT”), which claims to combat child sex abuse material (“CSAM”) online. The bill’s rhetoric depicts the internet as a 21st century wild west: a space full of criminals in need of policing. Ending CSAM is an utmost priority, and it deserves a solution much more pragmatic than EARN IT. This is the case of a federal official against warrant-proof encryption creating a slippery slope that overwhelmingly invades privacy and jeopardizes free speech by incentivizing social media platforms to censor their users on an unprecedented and alarming scale.

Encryption, the use of cryptographic techniques to safeguard privacy, ensures that digital exchanges of information remain secure from unintended third parties. In a world of cyberattacks and criminal hacking, strengthening encryption — not impairing it — is almost universally considered to be the path to protect individual privacy.  Like many decisions that weigh both public safety and individual security, the Government is charged with striking a balance between patrolling CSAM with surveillance and respecting privacy in communication. However, EARN IT’s slant toward oversight raises fundamental questions: Has the internet grown into a perversion of free speech to justify mass surveillance? If these platforms can censor conversations to detect crime, should they? If so, at what cost? Ultimately, the answers reveal EARN IT to be a potential ‘scorched-earth’ policy that avoidably dismantles the essential right of private communications.

EARN IT requires companies to “earn” immunity. 

While the bill does not outright ban the use of encryption, it has the effect of doing so. EARN IT proposes to create a commission called the National Commission on Online Child Exploitation Prevention (“the Commission”). United States Attorney General William Barr would lead the Commission alongside government officials and experts to draft a set of best practices. The heads of the Department of Homeland Security and the Federal Trade Commission, along with Attorney General Barr would later approve of best practices and make them official. The Commission’s constraints are not yet defined in the bill, which affords the Commission (and particularly Attorney General Barr) a concerning degree of latitude to unilaterally create rules that all social media platforms must comply with. Failure to comply would mean losing immunity under Section 230 of the Communications Decency Act (“Section 230”). Such loss of immunity would trigger numerous lawsuits, and incentivize platforms to excessively scan and monitor posted content. The content of the bill sounds ideal in theory because CSAM is abhorred without exception, but it unnecessarily comes at a great cost to social media user privacy rights.

Section 230 is a liability shield. 

Section 230, a product of the mid-90s Dot-Com Boom, is a liability shield that protects any interactive computer service. An interactive computer service (“ICS“) is essentially any digital platform where its users communicate with others. This Section 230 legislation significantly advanced the evolution of social media because it granted companies immunity from the consequences of illegal content posted by their users. Without such immunity, social media sites probably would not have evolved to be the interactive juggernauts they are today.

Nonetheless, social media platforms like Facebook or Reddit do provide reporting methods for removing illegal content.  They’re simply not held accountable by law if they fail to do so. One could say this was the best of both worlds. For instance, if you were to tweet illegal content, others could surely sue you — but they couldn’t sue Twitter for the content of your tweet. Section 230’s separation of the  ICS from the publisher was a decisive factor in the rise of social media platforms and websites that featured comments sections or messaging functions. EARN IT fundamentally modifies Section 230 because it requires platforms to earn their immunity by complying with yet-to-be-determined best practices. 

The rise of digital communications necessitated strong encryption. 

Within the last two decades, the rise of digital communications begot the advancement of strong encryption. Strong encryption is the fundamental type of privacy that fosters trust and encourages platform usage. In an increasingly insecure digital space, the EARN IT bill undermines the value of trust between platforms and their users by threatening privacy. The bill doesn’t define or specify best practices, giving the Commission an enormous amount of discretion. It also urges platforms to surveil and censor the content of its users, by burdensome manual review or over-invasive algorithm, to detect any criminal activity. Finally, EARN IT gives law enforcement backdoor access to encrypted communications, shattering our existing expectations of privacy in communications. Rather than create a method that determines whether a type of product, business model, or product design, or other factors related to the provision of an ICS would make a social media platform susceptible to the use and facilitation of CSAM, EARN IT  provides for a sweeping curtailment of encryption.

EARN IT could have a chilling effect on free speech.

EARN IT threatens not only privacy but also free speech. To comply, social media platforms may decide to remove any content they think is either “obscene” or that may otherwise get them in legal trouble. Due to the “I know it when I see It” nature of determining “obscenity” in the context of free speech, makes it excessively difficult to adequately train people or generate algorithms to scan user content. Likewise, if people know that platforms will watch their posts, they will be less likely to use such platforms. A moderator could silence dissenting opinions because they find them distasteful. For this reason, EARN IT could have a chilling effect on free speech.

While best practices are yet to be decided, law enforcement should engage in this risk. It appears that EARN IT only seeks to expand the scope of liability to indirectly harm privacy rights and free speech, leaving CSAM prevention as the scapegoat. Like a trojan horse, EARN IT infiltrates in disguise and under the radar.

Examining the SAFE Banking Act’s Potential Impact on the Cannabis Industry

By: Jon Avidor and Liam McKillop

Last September, the Secure and Fair Enforcement Banking Act of 2019 (the “SAFE Banking Act”) garnered enough votes in the House of Representatives to pass through to the Senate. This was an important first step for a bill that cannabis-related businesses are relying on to gain access to basic financial services that are currently unavailable to them. While the bill asserts that the main purpose of providing safe harbors to depository institutions that provide financial services to state-legal cannabis-related business to be an increase in public safety by reducing the amount of cash-on-hand to be held and transported, the effects of such an enactment will be much further reaching for the entire cannabis industry.

Currently, federally chartered depository institutions will not work with legitimate businesses within the cannabis industry due to the potential enforcement of severe penalties from federal banking regulators. The cash-dominant nature of the industry provides an abundance of headaches for these businesses, from the constant security needed to protect their cash on hand, to the overwhelming administrative recordkeeping required to account for every transaction, to the ability to acquire loans from banks for the financing of real estate acquisitions instead of having to use all-cash, therefore, depleting their capital on hand. This results in cannabis-related businesses being forced to seek out the services of state-chartered banks and credit unions who are willing to work with legal cannabis businesses within their jurisdiction. However, the strict reporting requirements imposed on these state-chartered banks make these services very expensive, sometimes costing around $5,000 per month in fees just to operate a checking account.

At a high level, the SAFE Banking Act would work to provide these depository institutions with protections from various federal banking regulators (i.e., the Federal Reserve, the Bureau of Consumer Financial Protection, and the Department of the Treasury) for their provision of basic financial services to legal cannabis business. Protection from federal regulators is necessary because the capital maintained by these state-legal cannabis businesses is directly tied into various cannabis-related operations that are illegal at the federal level due to the classification of cannabis as a Schedule I drug under the Controlled Substances Act (“CSA”). These financial services include things such as operating a checking account, obtaining a loan, or setting up an employee 401-k program—all things that a “normal” business would not have to think twice about obtaining as part of their standard operations—but also services that are almost entirely unavailable to legitimate cannabis-related businesses. Advocates of the bill believe that allowing basic financial services to these cannabis-related businesses will help reduce crime and fraud throughout the industry related to both the holding of large amounts of cash and the proper record-keeping procedures associated with such. Proponents also express hope that the bill will finally lead to more consistent growth within the industry, by allowing banks to funnel money into these companies and removing one of the largest concerns of potential investors.

However, as noted above, the passing of the bill through the Democratic-controlled House was simply just the first step, and the cannabis industry is anxiously awaiting a potential showdown in the Republican-controlled Senate. While there was not much doubt about the bill’s ability to pass through the House, concerns which loomed large about opponents within the Senate putting up a fight or using stall-tactics to prevent a vote have come to light. Currently, the bill is in a holding period, as it was referred to the Committee on Banking, Housing, and Urban Affairs after being received in the Senate. In December 2019, Mike Crapo (R-Idaho) the Chairman of that Committee had this to say in a statement expressing his lack of support for the SAFE Banking Act: “Significant concerns remain that the [bill] does not address the high-level potency of marijuana, marketing tactics to children, lack of research on marijuana’s effects, and the need to prevent bad actors and cartels from using the banks to disguise ill-gotten cash to launder money into the financial system.”  This statement echoes the concerns of most opponents who believe that the bill is just a partial solution and any real fix to the banking issues that plague the industry not come without a re-scheduling of the drug under the CSA.

While it seems unlikely that a final resolution for the bill will be reached in the near future, the steps taken thus far can still be viewed as a positive for the cannabis industry. The bill making it through the House was a monumental step, and even if voted down in the Senate, it has still laid the necessary groundwork for future relevant legislation. The bill has also worked to spark awareness and conversation around the extremely restrictive financial constraints which the legal cannabis industry currently faces. While actual victories are always better than moral victories, any and all forward progress is important to the long term stability sought throughout the industry

Sexual Harassment Law

New Sexual Harassment Prevention Laws Are in Effect in New York

By: Jon Avidor and Kristen Kennedy

On April 12, 2018, Andrew Cuomo, the governor of New York, signed into law the most comprehensive anti-sexual harassment legislation in the country. Following a public comment period, on October 1, the New York State Department of Labor issued a final model sexual harassment policy, trainings, and guidance for employers to comply with the new legislation, which went into effect on October 9. All employers in New York will now be required to comply with a list of requirements which includes the following:

  • Adopt the state’s model sexual harassment policy and trainings, or establish a sexual harassment prevention policy that meets or exceeds the standard set by Section 201-G of the New York State Labor Law
  • Provide employees with a complaint form for reporting sexual harassment
  • Make the sexual harassment policy available to all employees in writing or electronically, in a language they understand, and make it publicly available
  • Hold annual sexual harassment prevention training, which must be interactive and meet the standards established by Section 201-G, for all employees by October 9, 2019; new employees should ideally be trained “as soon as possible”
  • State contractors will be required to affirm that they have an anti-sexual harassment policy in place and that all employees have been trained in sexual harassment prevention

Additionally, Section 296-d of the New York State Human Rights Law now protects non-employees such as contractors, subcontractors, vendors, consultants or others providing services from sexual harassment in the workplace. Employers who know or should have known that sexual harassment was taking place and failed to take immediate action to prevent it may be found liable for such harassment.

The New York State Civil Practice Law & Rules contain two major updates to anti-sexual harassment measures. First, under Section 5003-B, employers are no longer authorized to include nondisclosure clauses in settlement agreements or other resolutions of sexual harassment claims that would prevent the disclosure of the underlying facts and circumstances to the claim or action, unless confidentiality is preferred by the plaintiff. Second, under Section 7515, employers with four or more employees are barred from requiring mandatory binding arbitration to resolve sexual harassment claims, and mandates that such provisions will be rendered null and void. Both of these provisions became effective as of July 11, 2018.

New York City employers are required to go beyond what the new state legislation requires, as Mayor Bill de Blasio signed the Stop Sexual Harassment in NYC Act into effect on May 9. Both the city and state regulations require annual anti-sexual harassment training. However, this act expands sexual harassment protections under the city’s Human Rights Law, requiring city agencies to assess workplace risk factors for sexual harassment and report on sexual harassment incidents, and mandating that contractors and subcontractors applying for city contracts must disclose their anti-sexual harassment policies.

Policies combating workplace sexual harassment have long been a best practice implemented by major employers, in the interest of worker protection and insulation from lawsuits. New York joins several other states including Delaware, California, Connecticut, and Maine in mandating that all employers must now take proactive measures to prevent sexual harassment, and companies should take all necessary steps to ensure their full compliance with these new laws.

***

We would like to thank our intern, Kristen Kennedy for her contribution to this article.