Zoom should publicly state it won’t use user data to train its AI, Fight for the Future said Tuesday in a new petition. Zoom’s reported interest in using user data for machine learning and AI models is “terrible” for user privacy because it shows the company is more interested in profit than protecting user data, the organization said. Fight for the Future raised concerns about Zoom’s “hurried response” to backlash over its recent terms of service update. Zoom “claims that it will not use audio or video data from calls for training AI without user consent, but this still does not line up with the Terms of Service, and the process for gaining consent is unclear and could expose users to abuse,” said Fight for the Future. The company didn’t comment.

An executive order expected from President Joe Biden on AI should make the White House’s AI Bill of Rights binding U.S. policy for federal agencies and contractors, advocates said in a letter Thursday. Signees included Public Knowledge, Public Citizen, the NAACP, the Center for American Progress, the Leadership Conference on Civil and Human Rights and the Center for Democracy & Technology. Adopting the AI Bill of Rights will ensure AI systems used by government, contractors and vendors are safe and don’t perpetuate or exacerbate bias, the groups said.

Applications for the next round of new generic top-level domain names (gTLDs) could be accepted starting in the second quarter of 2026, ICANN said Monday. Board members accepted a plan setting out how ICANN intends to roll out new domains, including the various stages of implementation, costs and a timeline. The next round "will focus on diversity and inclusivity of the Domain Name System," including universal acceptance of new gTLDS and creating more internationalized domains. The round will also include the applicant support system aimed at providing financial and non-financial assistance to qualified applicants, helping to lower barriers for potential gTLD seekers. ICANN said it will develop a separate technical evaluation program to test potential Registry Service Providers. The organization is hoping to launch the process around April 2026, but said that timeline could slip if several open issues haven't been resolved and possible risks addressed in time.

President Joe Biden will nominate a former National Security Agency official to be the national cyber director, the White House announced Tuesday. The nomination of Harry Coker was sent to the Senate. Chris Inglis, who was appointed in 2021, left in February. Coker was NSA’s executive director from 2017 to 2019.

Amazon, Google, Meta, Microsoft and OpenAI agreed on voluntary measures to ensure AI develops in a “safe, secure and transparent” manner, the White House announced Friday. The companies agreed to internal and external security testing and to share information with industry, government and researchers to ensure products are safe before they’re released to the public, the administration said. Anthropic and Inflection also agreed on the measures. The agreement outlines commitments to cybersecurity investment and third-party examinations of AI vulnerabilities. The companies committed to developing mechanisms to inform the public when content is AI-generated, and researching societal risks in order to avoid “harmful bias and discrimination.” The commitments build on the National Institute of Standards and Technology’s AI Risk Management Framework and the Office of Science and Technology Policy’s Blueprint for an AI Bill of Rights, Microsoft President Brad Smith said. Senate Majority Leader Chuck Schumer, D-N.Y., said Congress “will continue working closely with the Biden administration and our bipartisan colleagues to build upon their actions and pass the legislation that’s needed.” Senate Intelligence Committee Chairman Mark Warner, D-Va., said voluntary commitments are a good step, but Congress needs to regulate: “While we often hear AI vendors talk about their commitment to security and safety, we have repeatedly seen the expedited release of products that are exploitable, prone to generating unreliable outputs, and susceptible to misuse.”

California is doing an “investigative sweep” into how companies are complying with the California Consumer Privacy Act, Attorney General Rob Bonta (D) announced Friday. His office sent letters to “large California employers” requesting compliance information. His office listed a series of business obligations under the CCPA: “[P]roviding notice of privacy practices and fulfilling consumer requests to exercise their rights to access, delete, and opt out of the sale and sharing of personal information.” He said he looks forward to “timely” responses from companies about complying with legal obligations.

The FTC finalized a $7.8 million settlement with online therapy provider BetterHelp over claims it improperly shared user health data with Facebook and Snapchat (see 2303020045), the agency announced Friday. The commission voted 3-0 to finalize the complaint after gathering public feedback.

AI poses threats to safety, privacy and equality, the White House said Thursday after Vice President Kamala Harris met with consumer protection, labor and civil rights officials on AI. Policymakers don’t have a “false choice” between advancing AI innovation and protecting consumers, she said. White House Office of Science and Technology Policy Director Arati Prabhakar, Domestic Policy Adviser Neera Tanden and Gender Policy Council Director Jennifer Klein attended the meeting. Others attending included Center for Democracy and Technology CEO Alexandra Reeve Givens, AFL-CIO President Liz Shuler, National Fair Housing Alliance CEO Lisa Rice and AARP CEO Jo Ann Jenkins.

A federal civilian agency alerted the Cybersecurity and Infrastructure Security Agency about a recent Chinese cyberattack against Microsoft email accounts, federal officials told reporters Wednesday in a conference call. Microsoft reported Tuesday that Chinese attackers gained access to some 25 organizations including government agencies and individual consumer accounts. The attack started May 15, and Microsoft was alerted to the activity June 16. The hackers gained access “by using forged authentication tokens to access user email using an acquired Microsoft account (MSA) consumer signing key,” Microsoft said. Those tokens have since been blocked. CISA and the FBI issued a joint advisory on the attack Wednesday. The federal agency, which officials declined to identify, noticed unexpected activity on its Microsoft 365 network, a senior CISA official told reporters. The attackers accessed a “limited amount” of Microsoft Outlook data, the official said. The intrusion shouldn’t be compared to the SolarWinds supply chain attack, an FBI official said, calling it a much “narrower” attack. Officials declined to state an exact number of victims in the Microsoft attack. The Senate Intelligence Community is “closely monitoring” the breach, Chairman Mark Warner, D-Va., said Wednesday. “It’s clear [China] is steadily improving its cyber collection capabilities directed against the U.S. and our allies,” said Warner. “Close coordination between the U.S. government and the private sector will be critical to countering this threat.”

FTC records suggest progressive groups harassed and tried to intimidate Democratic Commissioner Alvaro Bedoya after he disagreed on policy matters with Democratic Chair Lina Khan, House Commerce Committee Chair Cathy McMorris Rodgers, R-Wash., wrote the agency Wednesday with House Innovation Subcommittee Chairman Gus Bilirakis, R-Fla. Rodgers and Bilirakis announced an investigation of “left-wing influence and intimidation” at the FTC, providing texts among a progressive activist, Bedoya and Bedoya’s office. The Republicans' letter suggested Khan may have coordinated with groups to pressure Bedoya. The agency denied the allegation but said it will work with the committee on its oversight requests. Khan isn’t “involved in any effort by outside groups to influence commissioners,” a spokesperson said. Bedoya “brings great integrity and intellect to the Commission and is a valuable contributor to our mission to protect fair competition and American consumers." The FTC claimed in early May Meta violated its consent decree with the agency and sought to ban monetization of kids’ data at the company (see 2305030059). Bedoya issued a statement saying there are “limits to the Commission’s order modification authority.” In this case, “the relevant question is not what I would support as a matter of policy,” he said. According to the committee, Bedoya submitted ex-parte communications June 16 directed at him in May. The letter cites text messages from Dan Geldon, an antitrust consultant and former chief of staff to Sen. Elizabeth Warren, D-Mass. A text from Geldon described Bedoya’s statement as “insanely at odds with representations” he made during his Senate confirmation. In another message Geldon wrote: “Very telling that you don’t even respond to text messages now that you don’t need help getting confirmed.” A Bedoya staffer responded Bedoya was barred from communicating about matters of administrative proceeding.