Requiring platforms to verify age forces businesses to collect sensitive information in conflict with data minimization principles, the Computer & Communications Industry Association told NTIA in comments Thursday in docket 230926-0233. NTIA requested comment on risks associated with youth mental health and privacy related to social media use. CCIA urged policymakers not to adopt burdensome age-verification regulations and instead focus on passing a federal privacy law. “Any further government measures should be tailored to address specific harms and encourage participation from all stakeholders, keeping in mind who is best equipped to address the issue,” President Matt Schruers said. “Age-specific regulations that require sites to collect and maintain additional sensitive data on more users to show compliance are counterproductive.” CCIA recommended policymakers find ways to increase resources for law enforcement agencies policing crimes against children. Numbers show that convictions are lagging behind a gradual increase in reports of child sex abuse material, NetChoice said in its comments. NetChoice cited statistics from the U.S. Sentencing Commission showing that reporting of CSAM jumped 18.8% between 2021 and 2020, but the number of offenders remained flat for the previous five years. NetChoice noted that age-verification laws in California and Arkansas have been deemed “unconstitutional attempts to regulate online speech.”
U.S. Trade Representative Katherine Tai should reconsider her decision to “abandon important bipartisan digital trade proposals at the World Trade Organization,” Reps. Suzan DelBene, D-Wash., and Darin LaHood, R-Ill., wrote the USTR on Thursday (see 2311080043). DelBene and LaHood signed the letter with 36 other members of Congress, including Reps. Eric Swalwell, D-Calif.; Gregory Meeks, D-N.Y.; and Adrian Smith, R-Neb. USTR didn’t properly consult Congress before abandoning the digital trade provisions, they said. They raised concerns about China’s Digital Silk Road Initiative, which “permits censorship, surveillance, human and worker rights abuses, forced technology transfers, and data flow restrictions. The “void created” by USTR’s decision will “harm American workers, companies, security, and innovation, while benefitting our largest competitors in the digital space,” they said. USTR didn’t comment.
The FTC lacks the authority to regulate copyright matters related to AI-generated content, tech groups told the commission Thursday. In comments earlier this month, the FTC told the Copyright Office AI-generated activity may prompt FTC enforcement against unfair competition and unfair or deceptive practices (see 2311080038). None of the FTC’s authorizing statutes mentions copyright, and the CO’s statutes don’t mention FTC authority, said TechFreedom Associate Counsel Andy Jung during the FTC’s open meeting. The CO doesn’t list the FTC as one of its enforcement partners, he noted, saying the commission “has no expertise or authority related to copyright.” Chamber of Progress Legal Advocacy Counsel Jess Miers said the FTC erroneously supports a licensing framework that would hinder the free and fair use of publicly available works. Interpretation of copyright law falls within the jurisdiction of the courts, not within the scope of FTC Act Section 5 enforcement, she said. Copyright law has traditionally recognized the “fair use of intermediate copying” for activities such as search indexing and browsing, and this logically extends to AI model training, she said. Benjamin Harbakk, a game developer, urged the FTC to help content creators whose work is copied and sold without permission. AI generators can mimic and steal content, and thousands of pieces of artwork can be created in an hour or less, he said. The original creators have no recourse aside from lengthy legal processes associated with the Digital Millennium Copyright Act, he said. Chair Lina Khan didn’t address public comments on copyright but said voice-cloning scams are an agency focus. Sen. Amy Klobuchar, D-Minn., provided anecdotal evidence of scammers targeting military families with voice clones of service members. She urged the FTC and FCC to act. Voice cloning scams have the potential to get much worse, and consumers often aren’t able to decipher what’s AI-generated, said Khan: The FTC will continue working closely with its government partners to enforce against voice-cloning scams.
The Wisconsin State Assembly on Tuesday passed privacy legislation that would let state residents opt out of targeted ad-related data collection. Introduced by Rep. Shannon Zimmerman (R), AB-466 passed by voice vote and awaits Senate consideration. The bill would allow consumers to request and delete information held by social media platforms, apps and websites. It includes a 30-day right to cure. Violators face $7,500 fines per violation.
AI system operators and federal agencies must follow secure-by-design principles to ensure secure and resilient AI software development, the Cybersecurity and Infrastructure Security Agency (CISA) said Tuesday, outlining its plan to carry out President Joe Biden’s executive order on AI (see 2310300056). CISA released its Roadmap for AI, which includes agency and industry recommendations for responsible operation of AI systems. The roadmap lays out five lines of effort: using AI software to strengthen cyber defense; design assessment; government partnership on threat assessment; coordination with international partners; and AI workforce expansion.
The Biden administration should follow the tech industry’s lead and fund open source software efforts to help secure critical infrastructure and improve cybersecurity, Amazon, Google and Microsoft told the White House in comments posted through Thursday. The Office of the National Cyber Director requested public comment on the government’s “long-term focus and prioritization on open-source software security.” After the Log4Shell cyber attack, Google, Microsoft and Amazon funded Alpha-Omega, a grant program for open source software foundations. The foundations examine the top 10,000 security-critical open source packages and provide funding to fix them. Their efforts were “very promising,” but sustained funding is a “future challenge,” Amazon commented. The federal government should “fund and coordinate a similar exercise to support the most critical open source dependencies on a sector-by-sector basis,” said Google. Microsoft added that funding of $500,000 for each “critical” open source software project “can provide substantial security improvements, including third-party security reviews and remediation of identified issues.”
European digital identity wallets should be available to all Europeans by 2026, European Commission officials said at a Thursday virtual technical briefing. Following the European Parliament's and EU Council's provisional agreement on the regulation, people will have access to secure, privacy-enhancing identities as part of the EU digital agenda, officials said. Some lawmakers, however, warned the wallets would give governments a blank check to monitor citizens, a charge the EC denies. The wallets will be free for all EU citizens, use will be voluntary, and they will be accepted throughout the EU, officials said. They will be security- and privacy-oriented, allowing people to control and protect their identification, personal data and digital assets, and subject to the EU general data protection regulation. Individuals will be able to use the wallets for public and private services, store and present attestations such as driver's licenses, and sign and seal documents electronically. The applications will be governed by one set of standards and will be interoperable across borders and services. The regulation is expected to be adopted by early next year and to become available in Q3-4 of 2026. The EC is working with several countries with the goal of offering the wallet sooner, officials said. While governments today are free to do what they want about tracking citizens, the wallet will bar such activities, the EC stressed. Nevertheless, German European Parliament Member Patrick Breyer, of the Group of the Greens/European Free Alliance and the Pirate Party, emailed that the measure is a "blank cheque for surveillance of citizens online" that undermines browser security: "Entrusting our digital lives to the government instead of Facebook and Google is jumping out of the frying pan into the fire."
The Biden administration withdrew its support for World Trade Organization provisions on cross-border data flows and data localization to allow flexibility for domestic policy debate, an Office of U.S. Trade Representative spokesperson said in a statement Wednesday. USTR responded after nearly 50 organizations on Tuesday asked the White House to reverse its decision to withdraw support for WTO provisions on cross-border data flows, data localization and source code. Many countries are “examining” approaches to data and source code and the impact of trade rules, said USTR: “In order to provide enough policy space for those debates to unfold, the United States has removed its support for proposals that might prejudice or hinder those domestic policy considerations. The [Joint Initiative on E-Commerce] continues to be an important initiative and the United States intends to remain an active participant in those talks.” Groups including CTA, CTIA, the U.S. Chamber of Commerce, TechNet, BSA|The Software Alliance, the Computer & Communications Industry Association and the Entertainment Software Association said Tuesday they have “profound concern” about U.S. Trade Representative Katherine Tai withdrawing support for “disciplines that protect cross-border data flows; prohibit data localization mandates; preclude discrimination against American made digital products; and safeguard sensitive source code from forced disclosure mandates that enable malicious cyberactivity.” These “core disciplines” advance U.S. innovation and competitiveness, they said. This “sudden and perplexing decision of USTR to abandon its global leadership by pulling back from negotiating key digital rules at the WTO must be revisited,” CCIA Vice President-Digital Trade Jonathan McHale said in a statement.
Social media users should share stories about how platforms like Instagram, TikTok and Snapchat are “affecting the physical and mental health of young people,” Minnesota Attorney General Keith Ellison (D) said Monday. He invited state residents to share with his office stories about social media use and addiction among young users. This “will help us understand the harm these platforms are causing so we can better stop that bad behavior moving forward,” he said, citing his bipartisan investigatory work against companies like Meta and TikTok.
FCC Commissioner Brendan Carr joined House Republicans last week in urging the U.S. to take action against TikTok and its Chinese “brainwashing” of American youth. Rep. Mike Gallagher, R-Wis., in a Free Press opinion article Wednesday continued his call for Congress to ban the popular Chinese social media app (see 2303130042). He accused TikTok of brainwashing American youth and inspiring “morally bankrupt” views of the world. Gallagher cited a Harvard/Harris poll showing 51% of Americans ages 18-24 “believe Hamas was justified in its brutal terrorist attacks on innocent Israeli citizens on October 7.” Carr posted on X Thursday, saying Gallagher is “exactly right.” The U.S. “would never allow a foreign adversary to seize control of a vital means of broadcast communication without completing a national security review that neither TikTok nor the [Chinese Communist Party] could ever pass -- the outcome should be no different here,” said Carr. On Friday, Carr reposted comments from House Commerce Committee Chair Cathy McMorris Rodgers, R-Wash., who has called for a TikTok ban in the U.S. Gallagher is “right,” she posted Friday. “TikTok is a tool of the Chinese Communist Party to spy on and manipulate Americans. It's a serious threat to our national security. Congress must act to protect Americans from the CCP’s ‘digital fentanyl.’”