The proposed argument for this bill is that it will help to cut down on crimes, specifically sexual child abuse. Presently, end to end encryption provides a near impenetrable means for anyone (including bad actors) to send data over the internet without fearing that someone else will get ahold of it. The bill is mostly concerned that big sites with encryption take steps to ensure that they are not being used to transmit child sexual abuse data (sites such as WhatsApp, Facebook, e-mail services, etc)
In order to understand the argument against this bill, I'm going to first need to explain something called "asymmetric encryption." This is not a comprehensive guide to how encryption and security works; rather, this is meant to be a quick and simple means of you understanding it.
Let's say I want to send you a message, but I know that a third party is always listening, and wants to use that message for nefarious purposes. It makes sense that I would send you the message in a code that that third party doesn't know. This is easy if we can meet beforehand and agree upon a code; this is difficult if we can only meet to discuss the code while someone is listening in. The solution to this is a very clever solution called "asymmetric encryption." The short version of it is this: The two parties who are communicating will have digital "keys." Each person has a private key and a public key; they use the public keys to encrypt their file, and only their private keys can decrypt it. if someone wanted to try to guess what those private keys were without knowing, it would take an extremely long time. Like, longer than the heat death of the universe long time. The encryption and decryption is ONLY happening at the local device. Your ISP, anyone monitoring your network traffic, even whoever wrote the chat app that you're using-- none of them have a means of brute forcing their way into your conversation before everyone involved is long dead.
Typically, if a bad actor wishes to access your data, they would instead try to install some sort of malware on your device to steal your public and private keys. Then, the bad actor can read your messages or even impersonate you. This is an issue, but thankfully, it's localized. If Bob Smith chooses to install NotAVirus.exe, my data is still secure (except for any conversations I had with Bob).
Now, let's get back to the bill. Presently, it doesn't mention any of this stuff. It has a section that states that a committee in Congress (which, per the bill, should be up to date on cybersecurity) will come up with "best practices" guidelines for websites to ensure that their platform is not hosting child abuse. Doesn't seem that bad, right? Except, here's the thing-- the bill also wants large tech groups to start scanning through the data they're receiving to ensure that there's no child sex abuse. Thing is, as I just explained-- with end to end encryption, that's not possible. The developer has no clue what the heck you just sent; so far as they're aware, a picture of a rainbow and a picture of a crime are just randomly assorted data. The only way to know what the heck was in that file would be decrypt it. And the only way to decrypt it would be to break end to end encryption somehow. We can't keep using the technology that's worked for so long.
Many are arguing that this would disrupt transactions such as banking (which was one of the first uses of public private key encryption). Those arguments are not really relevant; if you're sending a transaction to a company, they're already decrypting your data. If the transaction can only support things like routing numbers, then it's going to be pretty darned difficult for Congress to justify disrupting banking with the claim that someone is sending child abuse over it. Sites such as Amazon, paypal, your bank, etc. would be utterly unaffected by this.
This would primarily affect chat applications such as WhatsApp, Facebook Messenger, WeChat (assuming you wanted to use it in the States), etc. There are still implications to this.
Chiefly-- if we install a back door for the developers/government to review data, that opens up a means for a bad actor to swipe your data. Traditionally, if they wished to steal it, they had to plant malware on your device or the other person's to steal your keys. You had to be tricked into installing it. With this, hackers can attempt to access company servers to steal information. And unfortunately, it's not uncommon for those servers to be hacked.
The other issue at stake is privacy. Edward Snowden revealed to America the extent of government data collection. While this back door would ostensibly be used only for legitimate purposes, many don't believe that. In response to the classic authoritarian claim "if you've done nothing wrong, then you have nothing to fear" many of them reply, "Then why can't I see your data?" or (my favorite) "I'm not doing anything wrong when I use the toilet either, but I'd still rather you not watch." Remember when all of those celebrity nudes leaked? None of them had done anything wrong when they sent those pictures out. How would you feel if your nude pictures were reviewed by a third party? Pictures of your siblings, children, or friends?
The final argument against this: It's easy as hell for someone to make their own end-to-end encryption app. If you google "End to end encryption tutorial," you'll get millions of hits. The underlying math is very well understood and has been distributed and improved upon since the 70's. There are free packages you can download from most code repos to get ahold of end to end encryption. I don't doubt that we'd catch some pedophiles if we cracked into everyone's chats, but I also don't doubt that there would be a new (probably smaller, admittedly) darkweb of predators inside of a week using their own encryption that they didn't even have to understand all that well.
Keep in mind; this is presently conjecture. If Congress wanted to approve the bill as-is and the committee said "best practices are for sites to put up a text warning that says "don't do anything illegal"" then none of these concerns would hold water.
To summarize: The chief arguments for this bill are to help catch and curb persons who are using popular websites for the transmission of child abuse. The chief arguments against this bill are that it calls upon those platforms to review the data coming through their servers, which could be used as a backdoor for bad actors or the government to get ahold of your data without your consent.