Files
Abstract
The online proliferation of child sexual abuse material (CSAM),commonly referred to as child pornography, is a problem of massivescale. The National Center for Missing and Exploited Children(NCMEC), a private nonprofit specially authorized by Congress toserve as the nation’s clearinghouse for reports of CSAM imagery,works with law enforcement to locate perpetrators and victims of childsexual abuse. In 2019, NCMEC received over sixty-nine millionreports of CSAM, many of them from tech platforms like Google andFacebook.
The proliferation of CSAM online can, in part, be attributed tothe under-regulation of tech platforms. While Silicon Valley giants likeFacebook have devoted some resources to the problem, these effortsare limited and flawed. Considering both their resources and theirdirect role in spreading CSAM, tech companies—even large ones—dovery little to proactively combat child sexual abuse. That is becausethe current legal framework requires very little of them. For example,tech companies do not actually have to look for CSAM; they are onlyrequired to report CSAM to NCMEC if they become aware of it. Eventhen, the contents of these reports are optional. Moreover, section 230of the Communications Decency Act shields tech companies from mostlegal liability even when people use their services to distribute andstore CSAM. This legal protection further disincentivizes companiesfrom looking for CSAM or investing in technology that could improveexisting efforts. It is this problem that the proposed EARN IT Act—thesubject of this Note—aims to address.
The EARN IT Act would induce tech companies to actively helpdetect CSAM and enforce CSAM laws. The Act creates aCommission—appointed by Congress and chaired by the AttorneyGeneral—tasked with developing best practices for reducing thevolume of CSAM hosted on tech company servers. The Commission’sbest practices would cover everything from content moderator trainingand tip line reporting to the use of government-approved photomatching software and the contents of companies’ own terms ofservice. While the Commission’s recommendations would technicallybe voluntary, the Act strongly incentivizes compliance by strippingtech platforms of their section 230 protections, thereby exposing themto a flood of costly CSAM-related litigation. To avoid being sued,companies would effectively have no choice but to comply with theCommission’s recommendations, endorsed by the Department ofJustice, and work proactively to detect CSAM and prevent its spreadonline.
In this Note, I argue that the EARN IT Act (or similar legislation),despite its worthy goals, would implicate the Fourth Amendment inpotentially troubling ways, raising important questions about theFourth Amendment’s applicability in the age of social media. Whilethe Constitution normally does not apply to private entities, I arguethat the Act would convert tech companies into government agents—active participants in law enforcement. Their searches of user photosand videos would therefore count as government action subject to theFourth Amendment. I support this conclusion with Supreme Courtprecedent and recent case law, including a pathmarking opinion bythen-Judge Neil Gorsuch. For context, I also include a detailed lookat Facebook’s current approach to CSAM, relying on originalinterviews with three Facebook content moderators and the leadingcomputer scientist in the field. After concluding that the EARN IT Actwould implicate the Fourth Amendment by coercing tech companiesinto conducting searches for CSAM on behalf of the government, Iconsider whether such searches would actually violate the FourthAmendment. I identify two ways courts could approve of suchsearches: the “third-party doctrine,” and by analogy to drug sniffingdogs. While I conclude that the EARN IT Act is likely constitutional,its scheme raises important constitutional questions and represents amajor shift in our relationships with both tech companies and thefederal government. I therefore suggest that Congress legislate ondigital privacy more broadly.
The EARN IT Act has strong bipartisan support; if for somereason it does not pass, it is very likely that a similar bill will. PresidentJoe Biden has repeatedly expressed his desire to strip tech companiesof section 230 protections, and prominent Republicans and Democratshave echoed these sentiments. Indeed, President Trump signed a billinto law that targets section 230 in much the same way the EARN ITAct does, albeit with a focus on sex trafficking. Thus, this Note’sanalysis is relevant not just to the EARN IT Act, but to future billsaimed at CSAM and section 230.