STOP CSAM Act of 2025

If you use social media, messaging apps, or cloud storage, the companies behind those services would face major new obligations to detect, report, and remove child sexual abuse material (CSAM) under this bill — the House companion to S-1829 in the Senate. Providers would have 60 days to report CSAM to the national CyberTipline, with criminal fines up to $1 million and civil penalties up to $250,000 for knowingly failing to do so. A new provision makes it a federal crime for platforms to intentionally host CSAM or knowingly facilitate child sexual exploitation, with fines up to $5 million if someone is harmed. Victims would gain the right to sue platforms and app stores directly — with no statute of limitations and liquidated damages of $300,000 — and the bill explicitly says Section 230 (the law that normally shields tech companies from liability for user content) cannot be used as a defense. On encryption, the bill states that offering end-to-end encryption cannot by itself be grounds for liability, but evidence about a platform's use of encryption could still be introduced in court to show intent or planning — a nuance that digital privacy advocates have flagged as a potential pressure point against encrypted messaging services. The bill's definition of covered platforms is broad — it uses the same legal definition as Section 230 itself, which could sweep in small websites, open-source projects, and messaging apps alongside major tech companies. The bill also strengthens privacy protections for child victims and witnesses in federal court proceedings and creates a trustee system to manage restitution payments on behalf of minors.

• Overrides Section 230 and allows encryption choices to be used as evidence in court, which could pressure platforms to weaken encrypted messaging for all users — not just those involved in CSAM.