Legal challenges will likely immediately follow law’s passage, experts said.
Everyone expects that the Take It Down Act—which requires platforms to remove both real and artificial intelligence-generated non-consensual intimate imagery (NCII) within 48 hours of victims’ reports—will likely pass a vote in the House of Representatives tonight.
After that, it goes to Donald Trump’s desk, where the president has confirmed that he will promptly sign it into law, joining first lady Melania Trump in strongly campaigning for its swift passing. Victims-turned-advocates, many of them children, similarly pushed lawmakers to take urgent action to protect a growing number of victims from the increasing risks of being repeatedly targeted in fake sexualized images or revenge porn that experts say can quickly spread widely online.
Digital privacy experts tried to raise some concerns, warning that the law seemed overly broad and could trigger widespread censorship online. Given such a short window to comply, platforms will likely remove some content that may not be NCII, the Electronic Frontier Foundation (EFF) warned. And even more troublingly, the law does not explicitly exempt encrypted messages, which could potentially encourage platforms to one day break encryption due to the liability threat. Also, it seemed likely that the removal process could be abused by people who hope platforms will automatically remove any reported content, especially after Trump admitted that he would use the law to censor his enemies.
None of that feedback mattered, the EFF’s assistant director of federal affairs, Maddie Daly, told Ars. Lawmakers accepted no amendments in their rush to get the bill to Trump’s desk. There was “immense pressure,” Daly said, “to quickly pass this bill without full consideration.” Because of the rush, Daly suggested that the Take It Down Act still has “gaping flaws.”
While the tech law is expected to achieve the rare feat of getting through Congress at what experts told Ars was a record pace, both supporters and critics also expect that the law will just as promptly be challenged in courts.
Supporters have suggested that any litigation exposing flaws could result in amendments. They’re simultaneously bracing for that backlash, while preparing for the win ahead of the vote tonight and hoping that the law can survive any subsequent legal attacks mostly intact.
Experts disagree on encryption threats
In a press conference hosted by the nonprofit Americans for Responsible Innovation, Slade Bond—who serves as chair of public policy for the law firm Cuneo Gilbert & LaDuca, LLP—advocated for the law passing, warning, “we should not let caution be the enemy of progress.”
Bond joined other supporters in suggesting that apparent threats to encryption or online speech are “far-fetched.”
On his side was Encode’s vice president of public policy, Adam Billen, who pushed back on the claim that companies might break encryption due to the law’s vague text.
Billen predicted that “most encrypted content” wouldn’t be threatened with takedowns—supposedly including private or direct messages—because he argued that the law explicitly covers content that is published (and, importantly, not just distributed) on services that provide a “forum for specifically user generated content.”
“In our mind, encryption simply just is not a question under this bill, and we have explicitly opposed other legislation that would explicitly break encryption,” Billen said.
That may be one way of reading the law, but Daly told Ars that the EFF’s lawyers had a different take.
“We just don’t agree with that reading,” she said. “As drafted, what will likely pass the floor tonight is absolutely a threat to encryption. There are exemptions for email services, but direct messages, cloud storage, these are not exempted.”
Instead, she suggested that lawmakers jammed the law through without weighing amendments that might have explicitly shielded encryption or prevented politicized censorship.
At the supporters’ press conference, Columbia Law School professor Tim Wu suggested that, for lawmakers facing a public vote, opposing the bill became “totally untenable” because “there’s such obvious harm” and “such a visceral problem with fake porn, particularly of minors.”
Supporter calls privacy fears “hypothetical”
Stefan Turkheimer, vice president of public policy for the anti-sexual abuse organization RAINN, agreed with Wu that the growing problem required immediate regulatory action. While various reports have indicated for the past year that the amount of AI-generated NCII is rising, Turkheimer suggested that all statistics are severely undercounting and outdated as he noted that RAINN’s hotline reports are “doubling” monthly for this kind of abuse.
Coming up for a final vote amid an uptick in abuse reports, the Take It Down Act seeks to address harms that most people find “patently offensive,” Turkheimer said, suggesting it was the kind of bill that “can only get killed in the dark.”
However, Turkheimer was the only supporter at the press conference who indicated that texting may be part of the problem that the law could potentially address, perhaps justifying critics’ concerns. He thinks deterring victims’ harm is more important than weighing critics’ fears of censorship or other privacy risks.
“This is a real harm that a lot of people are experiencing, that every single time that they get a text message or they go on the Internet, they may see themselves in a non-consensual image,” Turkheimer said. “That is the real problem, and we’re balancing” that against “sort of a hypothetical problem on the other end, which is that some people’s speech might be affected.”
Remedying text-based abuse could become a privacy problem, an EFF blog suggested, since communications providers “may be served with notices they simply cannot comply with, given the fact that these providers cannot view the contents of messages on their platforms. Platforms may respond by abandoning encryption entirely in order to be able to monitor content—turning private conversations into surveilled spaces.”
That’s why Daly told Ars that the EFF “is very concerned about the effects of Take It Down,” viewing it as a “massive privacy violation.”
“Congress should protect victims of NCII, but we don’t think that Take It Down is the way to do this or that it will actually protect victims,” Daly said.
Further, the potential for politicians to weaponize the takedown system to censor criticism should not be ignored, the EFF warned in another blog. “There are no penalties whatsoever to dissuade a requester from simply insisting that content is NCII,” the blog noted, urging Congress to instead “focus on enforcing and improving the many existing civil and criminal laws that address NCII, rather than opting for a broad takedown regime.”
“Non-consensual intimate imagery is a serious problem that deserves serious consideration, not a hastily drafted, overbroad bill that sweeps in legal, protected speech,” the EFF said.
That call largely fell on deaf ears. Once the law passes, the EFF will continue recommending encrypted services as a reliable means to protect user privacy, Daly said, but remains concerned about the unintended consequences of the law’s vague encryption language.
Although Bond said that precedent is on supporters’ side—arguing “the Supreme Court has been abundantly clear for decades that the First Amendment is not a shield for the type of content that the Take It Down Act is designed to address,” like sharing child sexual abuse materials or engaging in sextortion—Daly said that the EFF remains optimistic that courts will intervene to prevent critics’ worst fears.
“We expect to see challenges to this,” Daly said. “I don’t think this will pass muster.”
Ashley is a senior policy reporter for Ars Technica, dedicated to tracking social impacts of emerging policies and new technologies. She is a Chicago-based journalist with 20 years of experience.
