STOP CSAM Act sparks backlash over threats to privacy and free speech

By lauraharris // 2025-06-18

Mastodon

Parler

Gab

Copy

The STOP CSAM Act of 2025 (S. 1829) significantly broadens liability for online platforms, including encrypted messaging apps, email providers and cloud services, using undefined terms like "facilitating" CSAM, which critics warn could be misapplied to privacy-focused services.
End-to-end encryption platforms could face lawsuits or criminal charges simply for providing secure communication tools, as the bill offers only limited legal defense that places the burden of proof on providers.
Lawmakers have floated client-side scanning as a solution, but security experts argue it would create dangerous surveillance tools, effectively eliminating user privacy and weakening cybersecurity.
The bill proposes a carveout from Section 230 protections for CSAM-related claims and would sunset Section 230 entirely by January 1, 2027, unless Congress enacts a replacement, risking a legal vacuum.
Platforms may resort to over-censorship to avoid liability, leading to the deletion of lawful content, suspension of user accounts and suppression of marginalized voices that rely on encrypted services for safe expression.

A newly reintroduced Senate bill, framed as a crackdown on child exploitation online, is drawing fierce criticism from privacy advocates, civil liberties groups and tech experts, who warn it could dismantle core internet protections and gut encryption-based privacy. The STOP CSAM Act of 2025 (S. 1829), which lawmakers claim is necessary to curb the distribution of child sexual abuse material (CSAM), has ignited alarm over its sweeping language and far-reaching consequences. The bill, which seeks to combat a horrific and universally condemned crime, risks causing widespread harm to the privacy and free speech of ordinary users. (Related: Big Tech leads million-dollar campaign to kill bills that are meant to keep children safe online.) Under existing federal law, online platforms are already required to report known CSAM to the National Center for Missing and Exploited Children (NCMEC), which works closely with law enforcement. But S. 1829 goes far beyond these requirements. The bill expands liability to a wide array of services – from major social media companies to encrypted messaging apps, email providers and cloud storage platforms. It introduces new civil and criminal penalties for entities that "host" or "facilitate" CSAM – terms that are not clearly defined, leaving open the possibility of abuse or overreach. Privacy-focused services that employ end-to-end encryption, a technology that prevents anyone but the sender and recipient from reading messages, would be particularly vulnerable. The bill's ambiguous language could allow prosecutors or plaintiffs to argue that simply providing encrypted communication tools constitutes "facilitation" of illegal content. Although the legislation offers a narrow legal defense, allowing services to argue in court that removing CSAM is "technologically impossible" without breaking encryption, the burden of proof lies with the accused. This exposes companies to costly litigation and would likely push many smaller providers out of the market. Security researchers have long warned against so-called client-side scanning, a potential workaround floated by some lawmakers, which involves scanning content on users' devices before it is encrypted. However, experts claimed this would effectively create surveillance tools in the hands of both governments and bad actors.

STOP CSAM could force platforms to aggressively censor content

If passed, the STOP CSAM Act could result in platforms preemptively scanning and censoring content, even when there is no evidence of wrongdoing. For many users, that means a future in which private messages are no longer truly private and where lawful speech is silenced in the name of risk reduction. Aside from dismantling core internet protections and gut encryption-based privacy, the STOP CSAM Act proposes a carveout from Section 230, the landmark law that shields platforms from liability for user-generated content. Section 230, enacted in 1996, is often described as "the 26 words that created the internet." It protects platforms from being held liable for content posted by users, such as tweets, YouTube videos, product reviews or blog comments, while allowing them to moderate harmful or offensive material in good faith. Without these protections, platforms would either censor aggressively to avoid lawsuits or severely restrict user-generated content altogether, stifling the open web. However, under the STOP CSAM Act, Section 230 of the Communications Decency Act would expire on January 1, 2027, unless Congress agrees on a replacement. By creating a new exception allowing civil lawsuits tied to CSAM-related claims, the bill opens the floodgates for litigation, even when platforms have no knowledge or control over the alleged material. If no legislative replacement is passed by then, Section 230 would simply vanish, leaving online platforms exposed to lawsuits for everything their users post – from defamatory tweets to illegal live streams to controversial opinions. "The fallout would not be limited to bad actors. Everyday users could find their posts deleted, their accounts suspended or their access to communication tools blocked; not because their content is illegal, but because platforms fear liability. For many communities, particularly those relying on encrypted services for safety, this legislation threatens not just privacy but also their ability to speak and organize online," Dan Freith wrote in his article for Reclaim the Net. Watch this video video about Meta targeting children.

This video is from the TNP (The New Prisoners) channel on Brighteon.com.

CITIZENS NEWS

STOP CSAM could force platforms to aggressively censor content

More related stories: