ReportWire

Tag: Cody Venzke

  • What to know about Trump’s draft proposal to curtail state AI regulations

    [ad_1]

    President Donald Trump is considering pressuring states to stop regulating artificial intelligence in a draft executive order obtained Thursday by The Associated Press, as some in Congress also consider whether to temporarily block states from regulating AI.

    Trump and some Republicans argue that the limited regulations already enacted by states, and others that might follow, will dampen innovation and growth for the technology.

    Critics from both political parties — as well as civil liberties and consumer rights groups — worry that banning state regulation would amount to a favor for big AI companies who enjoy little to no oversight.

    While the draft executive order could change, here’s what to know about states’ AI regulations and what Trump is proposing.

    What state-level regulations exist and why

    Four states — Colorado, California, Utah and Texas — have passed laws that set some rules for AI across the private sector, according to the International Association of Privacy Professionals.

    Those laws include limiting the collection of certain personal information and requiring more transparency from companies.

    The laws are in response to AI that already pervades everyday life. The technology helps make consequential decisions for Americans, including who gets a job interview, an apartment lease, a home loan and even certain medical care. But research has shown that it can make mistakes in those decisions, including by prioritizing a particular gender or race.

    “It’s not a matter of AI makes mistakes and humans never do,” said Calli Schroeder, director of the AI & Human Rights Program at the public interest group EPIC.

    “With a human, I can say, ‘Hey, explain, how did you come to that conclusion, what factors did you consider?’” she continued. “With an AI, I can’t ask any of that, and I can’t find that out. And frankly, half the time the programmers of the AI couldn’t answer that question.”

    States’ more ambitious AI regulation proposals require private companies to provide transparency and assess the possible risks of discrimination from their AI programs.

    Beyond those more sweeping rules, many states have regulated parts of AI: barring the use of deepfakes in elections and to create nonconsensual porn, for example, or putting rules in place around the government’s own use of AI.

    What Trump and some Republicans want to do

    The draft executive order would direct federal agencies to identify burdensome state AI regulations and pressure states to not enact them, including by withholding federal funding or challenging the state laws in court.

    It would also begin a process to develop a lighter-touch regulatory framework for the whole country that would override state AI laws.

    Trump’s argument is that the patchwork of regulations across 50 states impedes AI companies’ growth, and allows China to catch up to the U.S. in the AI race. The president has also said state regulations are producing “Woke AI.”

    The draft executive order that was leaked could change and should not be taken as final, said a senior Trump administration official who requested anonymity to describe internal White House discussions.

    The official said the tentative plan is for Trump to sign the order Friday.

    Separately, House Republican leadership is already discussing a proposal to temporarily block states from regulating AI, the chamber’s majority leader, Steve Scalise, told Punchbowl News this week.

    It’s yet unclear what that proposal would look like, or which AI regulations it would override.

    TechNet, which advocates for tech companies including Google and Amazon, has previously argued that pausing state regulations would benefit smaller AI companies still getting on their feet and allow time for lawmakers develop a country-wide regulatory framework that “balances innovation with accountability.”

    Why attempts at federal regulation have failed

    Some Republicans in Congress have previously tried and failed to ban states from regulating AI.

    Part of the challenge is that opposition is coming from their party’s own ranks.

    Florida’s Republican governor, Ron DeSantis, said a federal law barring state regulation of AI was “Not acceptable” in a post on X this week.

    DeSantis argued that the move would be a “subsidy to Big Tech” and would stop states from protecting against a list of things, including “predatory applications that target children” and “online censorship of political speech.”

    A federal ban on states regulating AI is also unpopular, said Cody Venzke, senior policy council at the ACLU’s National Political Advocacy Department.

    “The American people do not want AI to be discriminatory, to be unsafe, to be hallucinatory,” he said. “So I don’t think anyone is interested in winning the AI race if it means AI that is not trustworthy.”

    [ad_2]

    Source link

  • There’s One Big Problem With the New Federal Data Privacy Bill

    There’s One Big Problem With the New Federal Data Privacy Bill

    [ad_1]

    Americans have wanted a federal privacy law for years but intensive lobbying by the tech industry and general incompetence by our federal legislators has repeatedly thwarted that desire. Well, in 2024, it’s possible that we may finally get a strong federal privacy law.

    The FTC Just Prescribed a Can of Whoop Ass on Health Data

    I’ll say it again: It’s possible. It’s also technically possible that frogs could rain from the sky over lower Manhattan, coating New Yorkers in a spring shower of amphibious guts, but is that actually likely to happen?

    The American Privacy Rights Act of 2024, recently introduced by Cathy McMorris Rodgers (R-WA) and Maria Cantwell (D-WA), would create basic digital privacy protections for Americans. The law, if enacted, would create a variety of protections and rights for consumers, including the ability to access, control, and delete information collected by companies.

    While that may sound like a good thing, there’s one aspect of the legislation that privacy advocates seem concerned about. The proposed law would eliminate potentially stronger, state-level protections that currently exist. While privacy rights groups remain cautiously optimistic about the APRA’s potential, they are also wary of its proposed preemption of state laws. If the currently proposed regulations look strong, the legislative process is just beginning and there’s no telling what the federal law may look like after what is sure to be a long, combative policymaking process.

    Here’s a quick look at what the legislation currently promises, and what privacy advocates are saying about it.

    The right to access, control, and delete

    The American Privacy Rights Act would create broad protections for Americans’ data, giving consumers the ability to access, control, and delete data covered by the legislation. The policy would give all Americans the power to request information from entities that have collected data about them. Businesses that fall under the law would need to comply with consumers’ requests within “specified timeframes,” the bill states. The bill allows certain exemptions from these mandates, including small businesses (which are defined as companies making “$40,000,000 or less in annual revenue” or that collect, process, retain, or transfer “the covered data of 200,000 or fewer individuals”), as well as governments, and “entities working on behalf of governments.”

    Data minimization

    The bill would also mandate something called “data minimization.” The idea here is to reduce the overall amount of information that companies can collect about web users. Bill backers say that companies covered by the legislative will not be able to “collect, process, retain, or transfer data beyond what is necessary, proportionate, or limited to provide or maintain a product or service requested by an individual, or provide a communication reasonably anticipated in the context of the relationship, or a permitted purpose.” Again, while that sounds good, the devil is in the details here, and it’s not totally clear yet what this sort of data minimization would look like in real life.

    What is covered data?

    The bill defines the data covered by the legislation as follows:

    …information that identifies or is linked or reasonably linkable to an individual or device. It does not include de-identified data, employee data, publicly available information, inferences made from multiple sources of publicly available information that do not meet the definition of sensitive covered data and are not combined with covered data, and information in a library, archive, or museum collection subject to specific limitations.

    Empowering the FTC

    Enforcement of the law would take place at both the federal and state levels. Most notably, the Federal Trade Commission would be tasked with developing regulations and technical specifications for a “centralized mechanism for individuals to exercise” their opt-out rights, as well as other technical issues surrounding the execution of the legislation, the bill states. At the same time, the bill gives authority to “State attorneys general, chief consumer protection officers, and other officers of a State in Federal district court” to pursue enforcement actions against companies that violate the law.

    Taking aim at the data broker industry

    The bill also targets data brokers. Under the new legislation, the FTC would be mandated to establish a data broker registry that could be used by consumers to identify which companies are brokers and to opt out of data collection by those firms. All data brokers that collect data on more than 5,000 people would be forced to re-register with the federal registry every year. At the same time, brokers would also be forced to maintain their own websites that identify them as data brokers and include a tool for consumers to opt out.

    Private right of action

    A longstanding desire for privacy advocates has been a private right of action—which is a mechanism allowing individual consumers to sue companies that have violated their rights. A number of state privacy laws have failed to include this. Under the current version of the APRA, consumers would be given a private right of action, allowing them to file litigation against companies that have demonstrably violated their digital privacy rights.

    Privacy advocates remain cautiously optimistic

    Given years of inaction on privacy policy by federal regulators, state governments have passed a number of strong privacy laws over the past decade. Some of those laws, like California’s CCPA, have been quite strong. The newly proposed federal law openly acknowledges that it would eliminate “the existing patchwork of state comprehensive data privacy laws” and establish in its place “robust enforcement mechanisms to hold violators accountable.” The fact that the APRA would pre-empt state laws worries some privacy advocates who fear the potential for a watered-down federal law. The fact that the APRA may seem strong now doesn’t mean much, since it could easily be neutered by lobbyists during the legislative process.

    Caitriona Fitzgerald, the deputy director at the Electronic Privacy Information Center, said that the federal law’s preemption of state-level regulation is only appropriate if it ends up being a strong law. “From our perspective—in an ideal world—it would not preempt state laws, it would allow states to pass stronger laws,” said Fitzgerald. “We recognize that compromise is necessary and that this is a big sticking point. If it’s going to preempt state laws, it needs to be stronger than existing state laws and regulations. We’re still evaluating the bill to determine whether that’s the case.”

    Other privacy advocates, like the Surveillance Technology Oversight Project (STOP), expressed similar concerns. “The ADPPA does offer strong privacy protections, especially data minimization rules,” said STOP Communications Director Will Owen. “But the bill falls short by preempting states from taking even stronger action, should they so choose. Worst of all, the ADPPA preempts states from enforcing protections, leaving it solely up to the U.S. executive branch, which has been fickle in enforcing Americans’ privacy rights.”

    Cody Venzke, senior policy counsel at the ACLU, said his organization remained “concerned this bill’s broad preemption of state laws will freeze our ability to respond to evolving challenges posed by technology.”

    [ad_2]

    Lucas Ropek

    Source link