Once again, several Senators appear poised to gut one of the most important laws protecting internet users - Section 230 (47 U.S.C. § 230). 

Don’t be fooled - many of Section 230’s detractors claim that this critical law only protects big tech. The reality is that Section 230 provides limited protection for all platforms, though the biggest beneficiaries are small platforms and users. Why else would some of the biggest platforms be willing to endorse a bill that guts the law? In fact, repealing Section 230 would only cement the status of Big Tech monopolies.

As EFF has said for years, Section 230 is essential to protecting individuals’ ability to speak, organize, and create online. 

Congress knew exactly what Section 230 would do – that it would lay the groundwork for speech of all kinds across the internet, on websites both small and large. And that’s exactly what has happened.  

Section 230 isn’t in conflict with American values. It upholds them in the digital world. People are able to find and create their own communities, and moderate them as they see fit. People and companies are responsible for their own speech, but (with narrow exceptions) not the speech of others. 

The law is not a shield for Big Tech. Critically, the law benefits the millions of users who don’t have the resources to build and host their own blogs, email services, or social media sites, and instead rely on services to host that speech. Section 230 also benefits thousands of small online services that host speech. Those people are being shut out as the bill sponsors pursue a dangerously misguided policy.  

If Big Tech is at the table in any future discussion for what rules should govern internet speech, EFF has no confidence that the result will protect and benefit internet users, as Section 230 does currently. If Congress is serious about rewriting the internet’s speech rules, it must spend time listening to the small services and everyday users who would be harmed should they repeal Section 230.  

Section 230 Protects Everyday Internet Users 

There’s another glaring omission in the arguments to end Section 230: how central the law is to ensuring that every person can speak online, and that Congress or the Administration does not get to define what speech is “good” and “bad”.   

Let’s start with the text of Section 230. Importantly, the law protects both online services and users. It says that “no provider or user shall be treated as the publisher” of content created by another. That's in clear agreement with most Americans’ belief that people should be held responsible for their own speech—not that of others.   

Section 230 protects individual bloggers, anyone who forwards an email, and social media users who have ever reshared or retweeted another person’s content online. Section 230 also protects individual moderators who might delete or otherwise curate others’ online content, along with anyone who provides web hosting services. 

As EFF has explained, online speech is frequently targeted with meritless lawsuits. Big Tech can afford to fight these lawsuits without Section 230. Everyday internet users, community forums, and small businesses cannot. Engine has estimated that without Section 230, many startups and small services would be inundated with costly litigation that could drive them offline. Even entirely meritless lawsuits cost thousands of dollars to fight, and often tens or hundreds of thousands of dollars.

Deleting Section 230 Will Create A Field Day For The Internet’s Worst Users  

Section 230’s detractors say that too many websites and apps have “refused” to go after “predators, drug dealers, sex traffickers, extortioners and cyberbullies,” and imagine that removing Section 230 will somehow force these services to better moderate user-generated content on their sites.  

These arguments fundamentally misunderstand Section 230. The law lets platforms decide, largely for themselves, what kind of speech they want to host, and to remove speech that doesn’t fit their own standards without penalty. 

 If lawmakers are legitimately motivated to help online services root out unlawful activity and terrible content appearing online, the last thing they should do is eliminate Section 230. The current law strongly incentivizes websites and apps, both large and small, to kick off their worst-behaving users, to remove offensive content, and in cases of illegal behavior, work with law enforcement to hold those users responsible. 

If Congress deletes Section 230, the pre-digital legal rules around distributing content would kick in. That law strongly discourages services from moderating or even knowing about user-generated content. This is because the more a service moderates user content, the more likely it is to be held liable for that content. Under that legal regime, online services will have a huge incentive to just not moderate and not look for bad behavior. This would result in the exact opposite of their goal of protecting children and adults from harmful content online.

Earlier this month, the Senate passed the TAKE IT DOWN Act (S. 146), by a voice vote. The bill is meant to speed up the removal of non-consensual intimate imagery, or NCII, including videos that imitate real people, a technology sometimes called “deepfakes.” 

Protecting victims of these heinous privacy invasions is a legitimate goal. But good intentions alone are not enough to make good policy. As currently drafted, the TAKE IT DOWN Act mandates a notice-and-takedown system that threatens free expression, user privacy, and due process, without addressing the problem it claims to solve. 

This misguided bill can still be stopped in the House of Representatives. Help us speak out against it now. 

take action

"Take It Down" Has No real Safeguards  

Before this vote, EFF, along with the Center for Democracy & Technology (CDT), Authors Guild, Demand Progress Action, Fight for the Future, Freedom of the Press Foundation, New America’s Open Technology Institute, Public Knowledge, Restore The Fourth, SIECUS: Sex Ed for Social Change, TechFreedom, and Woodhull Freedom Foundation, sent a letter to the Senate, asking them to change this legislation to protect legitimate speech that is not NCII. Changes are also needed to protect users who rely on encrypted services.

The letter explains that the bill’s “takedown” provision applies to a much broader category of content—potentially any images involving intimate or sexual content at all—than the narrower NCII definitions found elsewhere in the bill. The bill contains no protections against frivolous or bad-faith takedown requests. Lawful content—including satire, journalism, and political speech—could be wrongly censored. The legislation requires that apps and websites remove content within 48 hours, meaning that online service providers, particularly smaller ones, will have to comply so quickly to avoid legal risk that they won’t be able to verify claims

This would likely lead to the use of often-inaccurate automated filters that are infamous for flagging legal content, from fair-use commentary to news reporting. Communications providers that offer users end-to-end encrypted messaging, meanwhile, may be served with notices they simply cannot comply with, given the fact that these providers cannot view the contents of messages on their platforms. Platforms may respond by abandoning encryption entirely in order to be able to monitor content—turning private conversations into surveilled spaces. 

Congress should focus on enforcing and improving the many existing civil and criminal laws that address NCII, rather than opting for a broad takedown regime that is bound to be abused. Tell your Member of Congress to oppose censorship and to oppose S. 146. 

take action

Tell the house to stop "Take it down" 

Further reading:

• EFF and allies letter opposing S. 146, the TAKE IT DOWN Act. 

Protecting people's privacy is the first step we should take to create meaningful online regulation. That's why EFF has previously expressed concerns about the American Privacy Rights Act (APRA) which, rather than set up strong protections, instead freezes consumer data privacy protections in place, preempts existing state laws, and would prevent states from creating stronger protections in the future. 

While the bill has not yet been formally introduced, subsequent discussion drafts of the bill have not addressed our concerns; in fact, they've only deepened them. So, earlier this month, EFF told Congress that it opposes APRA and signed two letters to reiterate why overriding stronger state laws—and preventing states from passing stronger laws—hurts everyone.

EFF has a clear position on this: federal privacy laws should not roll back state privacy protections. And there is no reason that we must trade strong state laws for weaker national privacy protection. Companies that collect and use data—and have worked to kill strong state privacy bills time and again— want Congress to believe a "patchwork" of state laws is unworkable for data privacy, even though existing federal privacy and civil rights laws operate as regulatory floors and do not prevent states from enacting and enforcing their own stronger statutes. In a letter opposing the preemption sections of the bill, our allies at the American Civil Liberties Union (ACLU) stated it this way: "the soundest approach to avoid the harms from preemption is to set the federal standard as a national baseline for privacy protections — and not a ceiling." Advocates from ten states signed on to the letter warning how APRA, as written, would preempt dozens of stronger state laws. These include laws protecting AI regulation in Colorado, internet privacy in Maine, healthcare and tenant privacy in New York, and biometric privacy in Illinois, just to name a handful. 

APRA would also override a California law passed to rein in data brokers and replace it with weaker protections. EFF last year joined Privacy Rights Clearinghouse (PRC) and others to support and pass the California Delete Act, which gives people an easy way to delete information held by data brokers. In a letter opposing APRA, several organizations that supported California's law highlighted ways that APRA falls short of what's already on the books in California. "By prohibiting authorized agents, omitting robust transparency and audit requirements, removing stipulated fines, and, fundamentally, preempting stronger state laws, the APRA risks leaving consumers vulnerable to ongoing privacy violations and undermining the progress made by trailblazing legislation like the California Delete Act," the letter said.

EFF continues to advocate for strong privacy legislation and encourages APRA's authors to center strong consumer protections in future drafts.

To view the coalition letter on the preemption provisions of APRA, click here: https://www.eff.org/document/aclu-letter-apra-preemption

To view the coalition letter opposing APRA because of its data broker provisions, click here: https://www.eff.org/document/prc-letter-apra-data-broker-provisions

Like the weather rapidly getting colder outside, the fight over renewing, reforming, or sunsetting the mass surveillance power of Section 702 has been put on ice until spring.

In the last week of legislative business before the winter break, Congress was scheduled to consider two very different proposals: H.R. 6570, the Protect Liberty and End Warrantless Surveillance Act in House Judiciary Committee (HJC); and H.R. 6611, the FISA Reform and Reauthorization Act of 2023 in the House Permanent Select Committee on Intelligence (HPSCI), to reauthorize Section 702 of the Foreign Intelligence Surveillance Act (FISA). However, as the conversation about how to consider these proposals grew heated, both bills have been pulled from the legislative calendar without being rescheduled.

TAKE ACTION

Tell Congress: Defeat HPSCI’s Horrific Surveillance Bill

The legislative authority for Section 702 was set to expire December 31, 2023, though language was added to the National Defense Authorization Act (NDAA) to extend the legislative authority of Section 702 through April 2024. It is disappointing that, despite all of the reported abuses of the Section 702 program, Congress chose to pass a reauthorization bill instead of making the necessary effort to include critical reforms. As advocates for reform, including EFF, said in a letter to Congress in late November, bypassing the discussion around reform by slipping an extension of the law into the defense authorization bill during conference demonstrates a blatant disregard for the civil liberties and civil rights of the American people.

While it is frustrating that Congress ignored the urgent need for significant Section 702 reform before the December 31 deadline, reform advocates should not lose hope. The current stalemate also means that the pro-surveillance hardliners of the intelligence community were not able to jam through their expansion of the program based on the same old scare tactics they’ve used for years. Fortunately, it seems that many members of the House and Senate have heard our message. While renewing any surveillance authority remains a complicated and complex issue, this choice is clear: we continue to urge all Members to oppose the Intelligence Committee’s bill, H.R.6611, the FISA Reform and Reauthorization Act of 2023.

Additionally, in the moments leading up to a possible floor vote, many House members (and some Senators) have made public statements calling for reform. Notably, that list includes the current House Speaker, Mike Johnson, who told Fox News that Section 702 “... was also abused by the FBI, by our own government, over almost 300,000 times between 2020 and 2021, and so the civil liberties of Americans have been jeopardized by that. It must be reformed."

So, while we are disappointed that Congress chose to leave for the holidays without enacting any of these absolutely necessary reforms, we are already making plans to continue this fight in the New Year. We are also grateful for the calls and emails from our members and supporters; these have absolutely made an impact and will be more important than ever in the fight to come. 

TAKE ACTION

Tell Congress: Defeat HPSCI’s Horrific Surveillance Bill

Earlier this week, both the House Committee on the Judiciary (HJC) and the House Permanent Select Committee on Intelligence (HPSCI) marked up two very different bills (H.R. 6570 - Protect Liberty and End Warrantless Surveillance Act in HJC, and HR 6611, the FISA Reform and Reauthorization Act of 2023 in HPSCI), both of which would reauthorize Section 702 of the Foreign Intelligence Surveillance Act (FISA)—but in very different ways. Both bills head to the House floor next week under a procedural rule called “Queen of the Hill,” where the bill with the most votes gets sent to the Senate for consideration. 

While renewing any surveillance authority remains a complicated and complex issue, this choice is clear - we urge all Members to vote NO on the Intelligence Committee’s bill, H.R.6611, the FISA Reform and Reauthorization Act of 2023.

Take action

TELL congress: Defeat this bad 702 Bill

On Nov. 16, HPSCI released a report calling for reauthorization of Section 702 with essentially superficial reforms. The bill that followed, H.R. 6611, was as bad as expected. It would renew the mass surveillance authority Section 702 for another eight years. It would create new authorities that the intelligence community has sought for years, but that have been denied by the courts. It would continue the indiscriminate collection of U.S. persons’ communications when they talk with people abroad for use by domestic law enforcement. This was not the intention of this national security program, and people on U.S. soil should not have their communications collected without a warrant because of a loophole.

As a reminder, Section 702 was designed to allow the government to warrantlessly surveil non-U.S. citizens abroad for foreign intelligence purposes. Increasingly, it’s this U.S. side of digital conversations that domestic law enforcement agencies trawl through—all without a warrant. FBI agents have been using the Section 702 databases to conduct millions of invasive searches for Americans’ communications, including those of protesters, racial justice activists, 19,000 donors to a congressional campaign, journalists, and even members of Congress. 

Additionally, the HPSCI bill authorizes the use of this unaccountable and out-of-control mass surveillance program as a new way of vetting asylum seekers by sifting through their digital communications. According to a newly released Foreign Intelligence Surveillance Court (FISC) opinion, the government has sought some version of this authority for years, but was repeatedly denied it, only receiving court approval for the first time this year. Because the court opinion is so heavily redacted, it is impossible to know the current scope of immigration- and visa-related querying, or what broader proposal the intelligence agencies originally sought. 

This new authority proposes to give immigration services the ability to audit entire communication histories before deciding whether an immigrant can enter the country. This is a particularly problematic situation that could cost someone entrance to the United States based on, for instance, their own or a friend’s political opinions—as happened to a Palestinian Harvard student when his social media account was reviewed when coming to the U.S. to start his semester.

The HPSCI bill also includes a call “to define Electronic Communication Service Provider to include equipment.” Earlier this year, the FISA Court of Review released a highly redacted opinion documenting a fight over the government's attempt to subject an unknown company to Section 702 surveillance. However, the court agreed that under the circumstances the company did not qualify as an "electronic communication service provider" under the law. Now, the HPSCI bill would expand that definition to include a much broader range of providers, including those who merely provide hardware through which people communicate on the Internet. Even without knowing the details of the secret court fight, this represents an ominous expansion of 702's scope, which the committee introduced without any explanation or debate of its necessity. 

By contrast, the House Judiciary Committee bill, H.R. 6570, the Protect Liberty and End Warrantless Surveillance Act, would actually address a major problem with Section 702 by banning warrantless backdoor searches of Section 702 databases for Americans’ communications. This bill would also prohibit law enforcement from purchasing Americans’ data that they would otherwise need a warrant to obtain, a practice that circumvents core constitutional protections. Importantly, this bill would also renew this authority for only three more years, giving Congress another opportunity to revisit how the reforms are implemented and to make further changes if the government is still abusing the program.

EFF has long fought for significant changes to Section 702. By the government’s own numbers, violations are still occurring at a rate of more than 4,000 per year. Our government, with the FBI in the lead, has come to treat Section 702—enacted by Congress for the surveillance of foreigners on foreign soil —as a domestic surveillance program of Americans. This simply cannot be allowed to continue. While we will continue to push for further reforms to Section 702, we urge all members to reject the HPSCI bill.

Hit the button below to tell your elected officials to vote against this bill:

Take action

TELL congress: Defeat this bad 702 Bill

With Section 702 of the Foreign Intelligence Surveillance Act (FISA) set to expire at the end of the year, Congress is considering whether to reauthorize the law and if so, whether to make any necessary amendments to the invasive surveillance authority. 

While Section 702 was first sold as a tool necessary to stop foreign terrorists, it has since become clear that the government uses the communications it collects under this law as a domestic intelligence source. The program was intended to collect communications of people outside of the United States, but because we live in an increasingly globalized world, the government retains a massive trove of communications between people overseas on U.S. persons. Increasingly, it’s this U.S. side of digital conversations that are being routinely sifted through by domestic law enforcement agencies—all without a warrant. 

The congressional authorization for Section 702 expires in December 2023, and it’s in light of the current administration’s attempts to renew this authority that we demand that Congress must not reauthorize Section 702 without reforms. It’s more necessary than ever to pass reforms that prevent longstanding and widespread abuses of the program and that advance due process for everyone who communicates online.

U.S. Senators Ron Wyden, and Sen. Mike Lee, with cosponsors Senators Tammy Baldwin, Steve Daines, Mazie Hirono, Cynthia Lummis, Jon Tester, Elizabeth Warren, and Edward Markey, along with Representatives Zoe Lofren, Warren Davidson have introduced the Government Surveillance Reform Act that would reauthorize Section 702 with many of these important safeguards in place.

EFF supports this bill and encourages Congress to implement these critical measures:

Government Queries of Section 702 Databases

Under the Fourth Amendment, when the FBI or other law enforcement entity wants to search your emails, it must convince a judge there’s reason to believe your emails will contain evidence of a crime. But because of the way the NSA implements Section 702, communications from innocent Americans are routinely collected and stored in government databases, which are accessible to the FBI, the CIA, and the National Counterterrorism Center.

So instead of having to get a warrant to collect this data, it’s already in government servers. And the government currently decides for itself whether it can look through (“query”) its databases for Americans’ communications—decisions which it regularly makes incorrectly, even according to the Foreign Intelligence Surveillance Court. Requiring a judge to examine the government’s claims when it wants to query its Section 702 databases for Americans’ communications isn’t just a matter of standards: it’s about ensuring government officials don’t get to decide themselves whether they can compromise Americans’ privacy in their most sensitive and intimate communications.

The Government Surveillance Reform Act would prohibit warrantless queries of information collected under Section 702 to find communications or certain information of or about U.S. persons or persons located in the United States. Importantly, this prohibition would also include geolocation information, web browsing, and internet search history.

Holding the Government Accountable

A cornerstone of our legal system is that if someone—including the government—violates your rights, you can use the courts to hold them accountable if you can show that you were affected, i.e. that you have standing.

But, in multiple cases, courts interpreting an evidentiary provision in FISA have prevented Americans who alleged injuries from Section 702 surveillance from obtaining judicial review of the surveillance’s legality. The effect is a one-way ratchet that has “created a broad national-security exception to the Constitution that allows all Americans to be spied upon by their government while denying them any viable means of challenging that spying.”

Section 210 of the Government Surveillance Reform Act would change this. This provision says that if a U.S. person has a reasonable basis to believe that their rights have been, are being, or imminently will be violated, they have suffered an “injury in fact” and they have standing to bring their case. It also clarifies that courts should follow FISA’s provision for introducing and weighing evidence of surveillance. These are critical protections in preventing government overreach, and Congress should not reauthorize Section 702 without this provision.

Criminal Notice

Another important safeguard in the American legal system is the right of defendants in criminal cases to know how the evidence against them was obtained and to challenge the legality of how it was collected.

Under FISA as written, the government must disclose when it intends to use evidence it has collected under Section 702 in criminal prosecutions. But in the fifteen years since Congress enacted Section 702, the government has only provided notice to eleven criminal defendants of such intent—and has provided notice to zero defendants in the last five years.

Section 204 of the Government Surveillance Reform Act would clarify that the government is required to notify defendants whenever it would not have had any evidence “but for” Section 702 or other FISA surveillance. This is a common-sense rule, and Congress cannot reauthorize Section 702 without clarifying the government’s duty to disclose evidence collected under Section 702.

Government Surveillance Reform Act

Section 702 expires in December 2023, and Congress should not renew this program without serious consideration of the past abuses of the program and without writing in robust safeguards.

EFF applauds the Government Surveillance Reform Act, which recognizes the need to make these vital reforms, and many more, to Section 702. Requiring court approval of government queries for Americans’ communications in Section 702 databases, allowing Americans who have suffered injuries from Section 702 surveillance to use the evidentiary provisions FISA sets forth, and strengthening the government’s duties to provide notice when using data resulting from Section 702 surveillance in criminal prosecutions must serve as priorities for Congress as it considers reauthorizing Section 702.

Take action

TELL congress: End 702 Absent serious reforms

Earlier this week, EFF joined the ACLU and 59 partner organizations to send a letter to Senate Majority Leader Chuck Schumer urging the Senate to reject the STOP CSAM Act. This bill threatens encrypted communications and free speech online, and would actively harm LGBTQ+ people, people seeking reproductive care, and many others. EFF has consistently opposed this legislation. This bill has unacceptable consequences for free speech, privacy, and security that will affect how we connect, communicate, and organize.

TAKE ACTION

TELL CONGRESS NOT TO OUTLAW ENCRYPTED APPS

The STOP CSAM Act, as amended, would lead to censorship of First Amendment protected speech, including speech about reproductive health, sexual orientation and gender identity, and personal experiences related to gender, sex, and sexuality. Even today, without this bill, platforms regularly remove content that has vague ties to sex or sexuality for fear of liability. This would only increase if STOP CSAM incentivized apps and websites to exercise a heavier hand at content moderation.

If enacted, the STOP CSAM Act will also make it more difficult to communicate using end-to-end encryption. End-to-end encrypted communications cannot be read by anyone but the sender or recipient — that means authoritarian governments, malicious third parties, and the platforms themselves can’ read user messages. Offering encrypted services could open apps and websites up to liability, because a court could find that end-to-end encryption services are likely to be used for CSAM, and that merely offering them is reckless.

Congress should not pass this law, which will undermine security and free speech online. Existing law already requires online service providers who have actual knowledge of CSAM on their platforms to report that content to the National Center for Missing and Exploited Children (NCMEC), a quasi-government entity that works closely  with law enforcement agencies. Congress and the FTC have many tools already at their disposal to tackle CSAM, some of which are not used.