The California Privacy Protection Agency (“CPPA”) announced it will hold a special meeting on July 28, 2022 at 9 a.m. PST to discuss and potentially act on proposed federal privacy legislation, including the bipartisan American Data Protection and Privacy Act (“ADPPA”) (H.R. 8152). The ADPPA is a comprehensive data privacy bill that advanced through
U.S. AI, IoT, CAV, and Data Privacy Legislative and Regulatory Update – Second Quarter 2022
This quarterly update summarizes key federal legislative and regulatory developments in the second quarter of 2022 related to artificial intelligence (“AI”), the Internet of Things, connected and automated vehicles (“CAVs”), and data privacy, and highlights a few particularly notable developments in U.S. state legislatures. To summarize, in the second quarter of 2022, Congress and the Administration focused on addressing algorithmic bias and other AI-related risks and introduced a bipartisan federal privacy bill.
Artificial Intelligence
Federal lawmakers introduced legislation in the second quarter of 2022 aimed at addressing risks in the development and use of AI systems, in particular risks related to algorithmic bias and discrimination. Senator Michael Bennet (D-CO) introduced the Digital Platform Commission Act of 2022 (S. 4201), which would empower a new federal agency, the Federal Digital Platform Commission, to develop regulations for online platforms that facilitate interactions between consumers, as well as between consumers and entities offering goods and services. Regulations contemplated by the bill include requirements that algorithms used by online platforms “are fair, transparent, and without harmful, abusive, anticompetitive, or deceptive bias.” Although this bill does not appear to have the support to be passed in this Congress, it is emblematic of the concerns in Congress that might later lead to legislation.
Additionally, the bipartisan American Data Privacy and Protection Act (H.R. 8152), introduced by a group of lawmakers led by Representative Frank Pallone (D-NJ-6), would require “large data holders” (defined as covered entities and service providers with over $250 million in gross annual revenue that collect, process, or transfer the covered data of over five million individuals or the sensitive covered data of over 200,000 individuals) to conduct “algorithm impact assessments” on algorithms that “may cause potential harm to an individual.” These assessments would be required to provide, among other information, details about the design of the algorithm and the steps the entity is taking to mitigate harms to individuals. Separately, developers of algorithms would be required to conduct “algorithm design evaluations” that evaluate the design, structure, and inputs of the algorithm. The American Data Privacy and Protection Act is discussed in further detail in the Data Privacy section below.
IS CONGRESS ABOUT TO PASS COMPREHENSIVE PRIVACY LEGISLATION?
After years of negotiations, members of the U.S. Senate and House of Representatives have released bipartisan comprehensive privacy legislation—the American Data Privacy and Protection Act. Democrats and Republicans have put forward separate proposals in the past that have more in common than different. The two main points of disagreement that have historically stalled a comprehensive proposal are whether there should be a private right of action for privacy violations and to what extent federal laws should preempt state laws. Even though this new draft takes novel approaches to both of those issues, division continues. The chances of Congress passing privacy legislation this session or the next will turn on whether a broader consensus can be found in these two areas, especially after outside stakeholders and the business community now have an opportunity to fully engage.
Aside from the private right of action and preemption, there is general agreement on how personal information should be collected, used, and shared. For example, the main Democratic proposal, the Consumer Online Privacy Rights Act (S. 3195) introduced by Senator Maria Cantwell (D-WA), creates consumer rights to delete or correct data and port personal information. Likewise, Republicans, led by Senators Roger Wicker (R-MS) and Marsha Blackburn (R-TN), have introduced the Setting an American Framework to Ensure Data Access, Transparency, and Accountability (SAFE DATA) Act (S. 2499), which would do largely the same. The American Data Privacy and Protection Act unsurprisingly follows along these lines as well. The most notable differences between the parties’ positions have been that the Democratic proposal has a private right of action, while the Republic version has no private right and would completely preempt state law. The challenge continues to be finding a middle ground between these two approaches. In particular, whether there is a way to address concerns about repeated lawsuits and opportunities to preserve at least some ability for states to enact and enforce their own regulations.
Continue Reading IS CONGRESS ABOUT TO PASS COMPREHENSIVE PRIVACY LEGISLATION?
SECTION 230 IN A REPUBLICAN CONGRESS
Most observers expect the Republicans to take control of the House of Representatives, and possibly the Senate, in the upcoming midterm elections. While both Democrats and Republicans are likely to keep their attention on the actions of so-called “Big Tech,” this political shift should bring a renewed focus on amending Section 230 of the Communications Decency Act. Section 230, which provides platforms with immunity from liability for third-party content and content-moderation decisions, has been a target for lawmakers seeking to limit the power of large technology companies. Republicans have generally focused more on modifying Section 230, versus Democrats, who have spent more energy on using antitrust legislation to regulate those platforms.
Looking ahead, now is the time to consider policies and plans in light of a Republican-controlled Congress taking on potentially divisive issues through the lens of Section 230.
Republicans, Conservatives, and Section 230
Two trends will guide Republicans’ approach to Section 230 in the next Congress. First, as in many areas, Republicans will seek to address what they see as “woke capitalism.” New York Times columnist Ross Douthat coined the term in 2018 and defined it as a “certain kind of virtue-signaling on progressive social causes, a certain degree of performative wokeness, [that] is offered to liberalism and the activist left pre-emptively, in hopes that having corporate America take their side in the culture wars will blunt efforts to tax or regulate our new monopolies too heavily.”
Republicans are already planning a variety of legislative and oversight maneuvers meant to address corporations taking certain positions on cultural issues. Technology companies may very well be at the top of Republicans’ list.
Second, conservatives increasingly view liberals as having abandoned their commitment to free speech. For example, Republicans view the Hunter Biden laptop controversy, campus speech codes, and social media content moderation as part of a broader effort to silence and marginalize conservatives. Simply put, conservatives believe that they are now the defenders of free speech.
Continue Reading SECTION 230 IN A REPUBLICAN CONGRESS
Is the U.S. Congress Preparing a “Tech Accountability” Package?
In his State of the Union address last week, President Biden declared that he wants to: “strengthen privacy protections, ban targeted advertising to children, and demand tech companies stop collecting personal data on our children.” This statement comes just a couple of weeks after Senators Richard Blumenthal (D-CT) and Marsha Blackburn (R-TN) introduced the Kids
Is the U.S. Congress Preparing a “Tech Accountability” Package?
In his State of the Union address last week, President Biden declared that he wants to: “strengthen privacy protections, ban targeted advertising to children, and demand tech companies stop collecting personal data on our children.” This statement comes just a couple of weeks after Senators Richard Blumenthal (D-CT) and Marsha Blackburn (R-TN) introduced the Kids
U.S. Senate Judiciary Committee To Consider Legislation On Unfair Competition in App Market
While much of the Senate Judiciary Committee’s meeting next Thursday, February 3, will focus on the pending Supreme Court nomination, the Committee is still scheduled to mark up and vote on the Open App Markets Act (S. 2710)—which purports to address unfair competition in the app market. This vote follows a particularly contentious markup of
U.S. Senate Judiciary Committee To Consider Legislation On Unfair Competition in App Market
While much of the Senate Judiciary Committee’s meeting next Thursday, February 3, will focus on the pending Supreme Court nomination, the Committee is still scheduled to mark up and vote on the Open App Markets Act (S. 2710)—which purports to address unfair competition in the app market. This vote follows a particularly contentious markup of
SENATE JUDICIARY COMMITTEE VOTING ON ANTITRUST LEGISLATION
The U.S. Senate Judiciary Committee announced this week its plan to vote on the American Innovation and Choice Online Act (S. 2292), antitrust legislation that would impose obligations on certain online platforms regarding the treatment of their own goods and services relative to competing services on their platform. This will be the third antitrust bill