I think that that needs to be what I call “the dog shall not bark up the wrong tree” laws where an organization cannot spend its resources on influencing the laws that manage its conduct. You can argue that it makes sense that these people understand the problem best so they should have some input into the decision-making process. However, I think that the most they should do is present the raw data of their operations sanitized of only the sensitive information that they are required to sanitize by law and no more. Otherwise, they are just government lobbyists lobbying for their advantage.
Everything went wrong when lawmakers criminalized possession of drugs. All of this nonsense follows from a system where ordinary people are treated with suspicion and criminals are given exclusive access to a highly profitable market.
Al Capone and his ilk taught us the disastrous consequences of prohibition a century. Yet we continue making the same mistake with different substances.
They've also been good with the messaging on drugs. Colombian Drug Cartels right? If only we can go to war in South America we can fix it.
But the majority of drug use are home-grown. [1]. Take marijuana out the picture (home grown) and Oxy, Prescriptions and other (home grown) drugs prevail.
Criminalising weed is a failed policy, which thankfully is being slowly dropped.
Less impressive is that the drug machine that created the oxy crisis is more or less ignored.
yes, crime was definitely invented because of 1920’s Prohibition. But for that dark episode of history, there would be no one trying to hide illicit doings behind the curtain of encryption, and the NSA/FBI/DEA/ATF/etc would definitely not be interested in reading encrypted traffic. Because, no crime, you see, so those agencies probably wouldn’t exist.
That would be ideal. Citizens should be deciding what they view as anti-comptetitive, or reasonable defensive actions, and the FTC and the DOD should act based on those decisions. In an ideal world.
Personally, I like the work that the FTC does but even in this situation, I would like to have them be split up into an enforcement part, and a sort of think tank / brainstorming / general investigation of trends part. You can argue that I have sort of moved the problem instead of eliminating it, but I would argue that it’s both a good start and a good on-ramp for winning the game of lobbyist influence whack-a-mole.
Hmm, there should probably be some sort of guardrails in place: like these agencies can comment on the bill, but not actually influence it. Or, maybe this only applies to enforcement agencies, versus regulatory ones like the FTC.
Unless we pass an amendment to the constitution guaranteeing the right for private individuals communicate over encrypted channels, which won’t happen.
And we have to win every single time one of these bills come up. They only have to win once.
If we're really at a point where all rights must be constitutional protected the game is already lost. Rights and freedoms are meant to default to the citizen, meaning anything is legal unless it specifically violates a law on the books.
I.e. Laws and rights are meant to be subtractive rather than addative. You can remove my rights by law, short of that I can do whatever I want.
> Unless we pass an amendment to the constitution guaranteeing the right for private individuals communicate over encrypted channels, which won’t happen.
> an amendment to the constitution guaranteeing the right for private individuals communicate over encrypted channels
I understand here on HN it looks so obvious, but if you stop and think for a moment it is no natural at all.
The only natural way of having a private conversation is directly from mouth to ear. Private remote communication never existed until recent technology made it possible during the last decades.
We are in the same situation as cars, where people have been walking for millions of years but little more than a century ago we got the ability to move freely along longer distances at previously unimaginable speeds.
I'm not against private communication, as I'm not against cars, but it's just normal that new things get regulated in a society. All countries are OK with driving being regulated (get a licence, always show a readable registration plate...), so why are we shocked every time someone proposes to regulate remote conversations?
I also understand the point that encryption is either breakable by nobody or by everyone (thus the thing about only authorities being able to eavesdrop is moot), but please stop assigning to a pinnacle of modern technology the same status as a natural human right.
I don't get how the political system can work like this, we keep denying laws that are absolute dogshit. The politicians give them a makeover and try again. They only need a yes once and we need a no every time.
Makes me question democracy really, it seems fundamentally broken when the peoples voice is supressed over and over. Same stuff happens in Sweden, but with other kinds of laws.
I am not sure that the American public cares much about what has become the norm in other countries so that line doesn't really carry any weight here.
I'd argue that instead, its more that the public is so apathetic about bad-turns of law that they'll just shrug with a sigh and begrudgingly tolerate the new paradigm.
Europe besides the UK too. Don't be fooled by the EU is privacy heaven smoke and mirrors.
Just because the EU is not US doesn't mean they're not doing the same Draconian shit funded by similar or the same people.
They use the same excuses of "needing it to catch heinous crime/think of the children" and "it will only be used for criminals" but we know that's not true. We know that these laws are used against those considered adversarial to gov, including those engaging in journalism, whether they have a degree on it or not (which shouldn't be the bar to not get surveilled and treated like an authortiarian state)
> Wiewiórowski said this type of indiscriminate scanning of private communications “will always be illegal under the Charter of Fundamental Rights (and probably under several national constitutional laws as well),”
It does seem that at some point they will get the right mix of executive and congressional branches to get it done, unfortunately. They really despise not being able to surveil all of us 24/7.
This bill is a gift to the Russians and the Chinese! Now they will be able to read anyone's communications, and do you think they are going to stop encrypting their communications?
Link to the actual bill [1]. The worry is that it has some vague language that would make social media companies drop E2E encryption.
I’m definitely not a legal expert, but the proposed law specifically says:
g) Protection Of Privacy.—Nothing in this section shall be construed to require a provider to—
“(1) monitor any user, subscriber, or customer of that provider;
“(2) monitor the content of any communication of any person described in paragraph (1); or
“(3) affirmatively search, screen, or scan for facts or circumstances described in subsections (b) and (c).
It seems like the goal is to make it so that when people complain to websites about specific instances of illegal conduct, the website is not allowed to ignore the complaint.
Of course you're not "required to monitor", you're just also required not to be "deliberately blind". The combination of these is that you are required to maintain the capability to surveil users upon request (ie, no scary encryption) - and once that capability is in place, the next step is pseudo KYC and SAR functionality.
The words “deliberately blind” aren’t in the text I linked to.
I see a paragraph that says you can’t knowingly and willingly fail to make a report or you get fined. But the very next paragraph says this doesn’t mean you have to monitor anyone or screen or scan anything people write.
I’m just not seeing it. What I do see is that a bunch of internet companies really don’t like the idea of being fined a lot of money every time their customer service AI makes a mistake when categorizing a complaint about drugs, because they know their customer service AI is garbage.
Hmm, very interesting - your link to the bill's text is specifically missing the section about being "deliberately blind" to misuse (it's the 4th bullet point from this tweet, https://twitter.com/JakeLaperruque/status/167888722551627776...), and that's what people are so concerned about.
Perhaps the bill has already been updated? Or maybe the offending 4th bullet point was added later?
Call your senators and let them know you DO NOT SUPPORT THIS! It seems hokey and feels like it doesn't matter, but Senate staff really does keep track of this kind of stuff.
So, uh, what right to be secure in person and property without a warrant approved by a judge?
The US Bill of Rights was so contentious at the time and the supporters so adamant that they ended up being the first 10 amendments to our constitution. The supporters could have very well held out and either forced them to be included in the constitution or left us with the original Articles of Confederation (not the Southern State's one) but compromised. Even if the Bill of Rights were in the constitution, and not amendments, I expect they would be just as disposable.
And for what? So the DEA and CIA can continue to operate with the same privilege as the East India Company?
How does this, or the drug war, serve the average American? I do not for a second believe this provides any benefit to the average American. I do believe it will allow executive agencies privileged access to markets and information of felonious goods, likely to their benefit and not the citizens.
Imagine living in NYC, hopping on a subway car to go to work from your apartment in the Bronx, and getting stopped/searched by CBP, agents seizing your cell phone and laptop, and demanding your social media account passwords and threatening to detain you if you don't comply: https://www.theatlantic.com/technology/archive/2017/02/give-...
It's fucking insane that US citizens are now advised to make sure a family member, friend, or attorney is aware of you traveling across a US border in case you're detained.
This country just keeps slipping further and further towards fascism.
Don't forget that CBP has essentially unlimited vehicle search authority within 100 miles of federal borders.
I don't think you read your own link.
"The Fourth Amendment to the U.S. Constitution protects against arbitrary searches and seizures of people and their property, even in this expanded border area."
>The Fourth Amendment to the U.S. Constitution protects against arbitrary searches and seizures of people and their property, even in this expanded border area.
Laws differ between ports of entry and interior checkpoints.
>It's fucking insane that US citizens are now advised to make sure a family member, friend, or attorney is aware of you traveling across a US border in case you're detained.
You have always been advised to leave emergency contact information with someone when traveling abroad, and also to register with the US embassy at your destination if it's an extended stay. Most people don't bother because usually nothing happens and they come back in one piece, but who knows if some deity of the day decided that this was your turn to get fucked, after all?
This is all just long standing common sense grounded in practical reality.
The issue they always raise is that encryption that is properly implemented (along with the relevant devices that are encrypted properly) is effectively unbreakable and equals a "get out of jail free" card to the extent that it invalidates the second half of the statement (without a warrant approved by a judge) which grants lawful justification for invalidating that right/protection.
I think this is a part of what's driving the adoption of passkeys (which seem to only require biometrics) because the biometrics part invaliates the entire protection (producing your fingerprint or face is not protected, only speech/testimonial). They eliminate phishing (unlawful theats) and facillitate bypassing encryption (lawful threats), no matter how strong.
The right of the people to be secure in their persons, houses, ***PAPERS***, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.
... from a time when all communication occurred via writing upon paper.
Weirdly enough approximately 100% of the DEA's budget goes towards restricting the supply side, so this would be quite the realization for them to undertake.
...But I am starting to get sick of unencrypted Big Tech's liability shield.
It was enacted to let the nascent social media platforms survive. But they aren't startups running out of garages anymore. They are some of the richest entities on the planet, they can patrol their own platforms, but they will not patrol their own platforms out of the goodness of their hearts unless it affects their bottom line, or a law makes them fear prosecution.
>they can patrol their own platforms, but they will not patrol their own platforms out of the goodness of their hearts unless it affects their bottom line, or a law makes them fear prosecution.
We already see what happens when government delegates law enforcement to corporations: AML/ATF regulations that financial institutions have to follow. The idea is basically the same: "banks can patrol their own customers, but they will not patrol their own customers out of the goodness of their hearts unless it affects their bottom line, or a law makes them fear prosecution". The result? People getting randomly banned because some aspect of them or their transaction info contained something tangentially related to something that's sanctioned[1]. The calculus clearly favors companies being trigger-happy than not. If some Al-Qaeda transaction goes through and the media gets wind of it, they'll get fined and/or raked over the coals by regulators and legislators. The reverse happens and the most is some grumbles but you still stay in business. I fully expect the same dynamic to happen for social media companies. Anything that can vaguely be considered offensive will be taken down. Imagine the youtube demonetization debacle, but worse.
The right middle ground may be some susceptibility to court orders. E.g. Google shouldn't have to patrol files stored in Google Drive, but a court should be able to get a search warrant for a Drive or order files to be removed. YouTube shouldn't have to proactively search for ElsaGate content, but should have to comply with law enforcement orders to help law enforcement find out why it is happening.
I mean should a private company like Snapchat be making money off of fentanyl dealers? There are plenty of alternatives. I guarantee Snapchat already reports child pornographers.
So now instead of a democratically elected government writing laws and appointing people to enforce them, a private corporation will "patrol" my online interactions...
Prior to S230 providers could be shielded from liability through common carrier status. But they couldn't enjoy that protection and remove crap. For point to point services, a very hands off approach makes sense. You generally don't need to remove crap: Garbage in, Garbage out, people can ignore or locally filter what they don't want. But for public online forums a degree of moderation is required (otherwise someone can just flood it with garbage and make it useless to everyone) and generally desirable. S230 is as much about letting people moderate with immunity (both for the things their well intended efforts missed, and for harms created when their moderation goes over broad) as it is anything else.
By count most of the deplorable material that shows up on platforms is not illegal or tortious. Material which is offensive, abusive, demeaning, misleading is often lawful and it often doesn't create doesn't create substantial real liability-- except in the form that without broad brush protections like S230 people can sue over whatever frivolous thing they want anf unless you're a multi-billion dollar entity you may well be bankrupt before your inevitable win. A world without powerful liability shields is one where you can't safely irritate or offend parties with significantly more money or power than you.
And we can see that already platforms facebook, google, twitter, etc. are effectively immune already to civil suit by virtue of their size and wealth-- just look at the lack of effect litigation over their privacy breaches or shutting users out of their own data with no notice causing them grave harm. ... Or incidents like Apple & Google's wage fixing conspiracy, which while they were eventually convicted cost them less than they saved in wages. Their bad policies are in part because their size, wealth, and power make them significantly immune to public opinion.
To the extent that the bad governance of social media sites is harmful to the public we've be better served by having more alternatives. Facebook, Twitter, etc. could survive in a world with S230, but the smaller and better curated alternatives you'd presumably like to see move over very likely couldn't.
When we look at laws like the proposed what we can see is the government trying to deputize corporations to investigate and enforce the law on their behalf. One of the drivers of this is that it throughly undermines due process: The constitution established safeguards against government search but we've figured out that we lack the same safeguards against corporations (since we've "voluntarily" handed our data over to them) and so if governments coerce corporations to search they can substantially bypass our fourth amendment rights.
> By count most of the deplorable material that shows up on platforms is not illegal or tortious.
The court case that inspired S230 was people ranting about a wall street investment firm on a Prodigy message board. Stratton Oakmont sued Prodigy for defamation and won, which was kind of the first big blow to the platform that ultimately sunk Prodigy (a really cool platform at the time, but maybe that's just rose glasses). Later the statements on the message board were pretty much shown to be factual, but the damage was done.
Imagine if dang could be personally liable for the things other people said on this message board. Imagine if Moxie Marlinspike was liable for everything anyone ever sent on Signal. Imagine you had a small blog and didn't check the comments section for a couple of days and got sued for everything you had. Sound like a good future?
> Material which is offensive, abusive, demeaning, misleading is often lawful and it often doesn't create doesn't create substantial real liability
The bits of Twitter, Facebook, and Google I am exposed to are filled with scammers, spam, and explicit threats. These posts would get you arrested shouted from a street corner in the U.S, much less if they were amplified in printed entertainment or whatever.
Even the AppStore is filled with straight up fraud.
These are only minimally culled because that is the most profitable thing to do. Spam apps and fraud create engagement and generate revenue. Moderation costs money.
230 shouldn't be repealed (that would be apocalyptic), but it needs some more holes punched through it, kinda like the existing CSAM holes.
Readit News
Al Capone and his ilk taught us the disastrous consequences of prohibition a century. Yet we continue making the same mistake with different substances.
But the majority of drug use are home-grown. [1]. Take marijuana out the picture (home grown) and Oxy, Prescriptions and other (home grown) drugs prevail.
Criminalising weed is a failed policy, which thankfully is being slowly dropped.
Less impressive is that the drug machine that created the oxy crisis is more or less ignored.
[1] https://drugabusestatistics.org/
Step 2 : prevent them from getting it
Step 3 : create an exclusive access channel
Step 4 : profit
I can think of a few instances where this model has been implemented in our society.
Dead Comment
So the FTC is barred from commenting on a competition bill? Or the DoD on a military measure?
Word out to ACLU with their Mobile Justice app. Should be on everyone's phone just in case.
And we have to win every single time one of these bills come up. They only have to win once.
Passing another amendment will accomplish nothing, it will get ignored just like the 4th one.
[1] https://en.wikipedia.org/wiki/Border_search_exception
I.e. Laws and rights are meant to be subtractive rather than addative. You can remove my rights by law, short of that I can do whatever I want.
The USA already has this. The first amendment…
I understand here on HN it looks so obvious, but if you stop and think for a moment it is no natural at all.
The only natural way of having a private conversation is directly from mouth to ear. Private remote communication never existed until recent technology made it possible during the last decades.
We are in the same situation as cars, where people have been walking for millions of years but little more than a century ago we got the ability to move freely along longer distances at previously unimaginable speeds.
I'm not against private communication, as I'm not against cars, but it's just normal that new things get regulated in a society. All countries are OK with driving being regulated (get a licence, always show a readable registration plate...), so why are we shocked every time someone proposes to regulate remote conversations?
I also understand the point that encryption is either breakable by nobody or by everyone (thus the thing about only authorities being able to eavesdrop is moot), but please stop assigning to a pinnacle of modern technology the same status as a natural human right.
The public pressure and ad campaigns _against_ these things have to be constant.
All it takes is 1 domino to fall then it becomes "well, if it is good enough for <other country>, its good enough for us!"
Makes me question democracy really, it seems fundamentally broken when the peoples voice is supressed over and over. Same stuff happens in Sweden, but with other kinds of laws.
I'd argue that instead, its more that the public is so apathetic about bad-turns of law that they'll just shrug with a sigh and begrudgingly tolerate the new paradigm.
Just because the EU is not US doesn't mean they're not doing the same Draconian shit funded by similar or the same people.
They use the same excuses of "needing it to catch heinous crime/think of the children" and "it will only be used for criminals" but we know that's not true. We know that these laws are used against those considered adversarial to gov, including those engaging in journalism, whether they have a degree on it or not (which shouldn't be the bar to not get surveilled and treated like an authortiarian state)
https://www.euractiv.com/section/law-enforcement/news/eu-wat...
> Wiewiórowski said this type of indiscriminate scanning of private communications “will always be illegal under the Charter of Fundamental Rights (and probably under several national constitutional laws as well),”
https://edps.europa.eu/system/files/2022-07/22-07-28_edpb-ed...
https://www.patrick-breyer.de/en/summary-of-statement-by-the...
https://www.patrick-breyer.de/en/leaked-eu-council-legal-ana...
See also the repeated ECJ decisions against IP retention.
I’m definitely not a legal expert, but the proposed law specifically says:
g) Protection Of Privacy.—Nothing in this section shall be construed to require a provider to—
“(1) monitor any user, subscriber, or customer of that provider;
“(2) monitor the content of any communication of any person described in paragraph (1); or
“(3) affirmatively search, screen, or scan for facts or circumstances described in subsections (b) and (c).
It seems like the goal is to make it so that when people complain to websites about specific instances of illegal conduct, the website is not allowed to ignore the complaint.
[1] https://www.congress.gov/bill/118th-congress/senate-bill/108...
I see a paragraph that says you can’t knowingly and willingly fail to make a report or you get fined. But the very next paragraph says this doesn’t mean you have to monitor anyone or screen or scan anything people write.
I’m just not seeing it. What I do see is that a bunch of internet companies really don’t like the idea of being fined a lot of money every time their customer service AI makes a mistake when categorizing a complaint about drugs, because they know their customer service AI is garbage.
Perhaps the bill has already been updated? Or maybe the offending 4th bullet point was added later?
Cosponsors: - Sen. Shaheen, Jeanne [D-NH]
- Sen. Durbin, Richard J. [D-IL]
- Sen. Grassley, Chuck [R-IA]
- Sen. Klobuchar, Amy [D-MN]
- Sen. Young, Todd [R-IN]
Call your senators and let them know you DO NOT SUPPORT THIS! It seems hokey and feels like it doesn't matter, but Senate staff really does keep track of this kind of stuff.
The US Bill of Rights was so contentious at the time and the supporters so adamant that they ended up being the first 10 amendments to our constitution. The supporters could have very well held out and either forced them to be included in the constitution or left us with the original Articles of Confederation (not the Southern State's one) but compromised. Even if the Bill of Rights were in the constitution, and not amendments, I expect they would be just as disposable. And for what? So the DEA and CIA can continue to operate with the same privilege as the East India Company?
How does this, or the drug war, serve the average American? I do not for a second believe this provides any benefit to the average American. I do believe it will allow executive agencies privileged access to markets and information of felonious goods, likely to their benefit and not the citizens.
Two thirds of the US population live within that zone.
https://www.aclu.org/know-your-rights/border-zone
Imagine living in NYC, hopping on a subway car to go to work from your apartment in the Bronx, and getting stopped/searched by CBP, agents seizing your cell phone and laptop, and demanding your social media account passwords and threatening to detain you if you don't comply: https://www.theatlantic.com/technology/archive/2017/02/give-...
https://www.wired.com/2017/02/guide-getting-past-customs-dig...
It's fucking insane that US citizens are now advised to make sure a family member, friend, or attorney is aware of you traveling across a US border in case you're detained.
This country just keeps slipping further and further towards fascism.
I don't think you read your own link.
"The Fourth Amendment to the U.S. Constitution protects against arbitrary searches and seizures of people and their property, even in this expanded border area."
Laws differ between ports of entry and interior checkpoints.
You have always been advised to leave emergency contact information with someone when traveling abroad, and also to register with the US embassy at your destination if it's an extended stay. Most people don't bother because usually nothing happens and they come back in one piece, but who knows if some deity of the day decided that this was your turn to get fucked, after all?
This is all just long standing common sense grounded in practical reality.
I think this is a part of what's driving the adoption of passkeys (which seem to only require biometrics) because the biometrics part invaliates the entire protection (producing your fingerprint or face is not protected, only speech/testimonial). They eliminate phishing (unlawful theats) and facillitate bypassing encryption (lawful threats), no matter how strong.
... from a time when all communication occurred via writing upon paper.
https://www.brookings.edu/articles/chinas-role-in-the-fentan...
...But I am starting to get sick of unencrypted Big Tech's liability shield.
It was enacted to let the nascent social media platforms survive. But they aren't startups running out of garages anymore. They are some of the richest entities on the planet, they can patrol their own platforms, but they will not patrol their own platforms out of the goodness of their hearts unless it affects their bottom line, or a law makes them fear prosecution.
We already see what happens when government delegates law enforcement to corporations: AML/ATF regulations that financial institutions have to follow. The idea is basically the same: "banks can patrol their own customers, but they will not patrol their own customers out of the goodness of their hearts unless it affects their bottom line, or a law makes them fear prosecution". The result? People getting randomly banned because some aspect of them or their transaction info contained something tangentially related to something that's sanctioned[1]. The calculus clearly favors companies being trigger-happy than not. If some Al-Qaeda transaction goes through and the media gets wind of it, they'll get fined and/or raked over the coals by regulators and legislators. The reverse happens and the most is some grumbles but you still stay in business. I fully expect the same dynamic to happen for social media companies. Anything that can vaguely be considered offensive will be taken down. Imagine the youtube demonetization debacle, but worse.
[1] eg. https://news.ycombinator.com/item?id=35337210, or https://news.ycombinator.com/item?id=24450828
By count most of the deplorable material that shows up on platforms is not illegal or tortious. Material which is offensive, abusive, demeaning, misleading is often lawful and it often doesn't create doesn't create substantial real liability-- except in the form that without broad brush protections like S230 people can sue over whatever frivolous thing they want anf unless you're a multi-billion dollar entity you may well be bankrupt before your inevitable win. A world without powerful liability shields is one where you can't safely irritate or offend parties with significantly more money or power than you.
And we can see that already platforms facebook, google, twitter, etc. are effectively immune already to civil suit by virtue of their size and wealth-- just look at the lack of effect litigation over their privacy breaches or shutting users out of their own data with no notice causing them grave harm. ... Or incidents like Apple & Google's wage fixing conspiracy, which while they were eventually convicted cost them less than they saved in wages. Their bad policies are in part because their size, wealth, and power make them significantly immune to public opinion.
To the extent that the bad governance of social media sites is harmful to the public we've be better served by having more alternatives. Facebook, Twitter, etc. could survive in a world with S230, but the smaller and better curated alternatives you'd presumably like to see move over very likely couldn't.
When we look at laws like the proposed what we can see is the government trying to deputize corporations to investigate and enforce the law on their behalf. One of the drivers of this is that it throughly undermines due process: The constitution established safeguards against government search but we've figured out that we lack the same safeguards against corporations (since we've "voluntarily" handed our data over to them) and so if governments coerce corporations to search they can substantially bypass our fourth amendment rights.
The court case that inspired S230 was people ranting about a wall street investment firm on a Prodigy message board. Stratton Oakmont sued Prodigy for defamation and won, which was kind of the first big blow to the platform that ultimately sunk Prodigy (a really cool platform at the time, but maybe that's just rose glasses). Later the statements on the message board were pretty much shown to be factual, but the damage was done.
Imagine if dang could be personally liable for the things other people said on this message board. Imagine if Moxie Marlinspike was liable for everything anyone ever sent on Signal. Imagine you had a small blog and didn't check the comments section for a couple of days and got sued for everything you had. Sound like a good future?
The bits of Twitter, Facebook, and Google I am exposed to are filled with scammers, spam, and explicit threats. These posts would get you arrested shouted from a street corner in the U.S, much less if they were amplified in printed entertainment or whatever.
Even the AppStore is filled with straight up fraud.
These are only minimally culled because that is the most profitable thing to do. Spam apps and fraud create engagement and generate revenue. Moderation costs money.
230 shouldn't be repealed (that would be apocalyptic), but it needs some more holes punched through it, kinda like the existing CSAM holes.