Companies shouldn’t be forced to turn over sensitive data to competitors and European governments under the threat of massive fines authorized under the EU’s Data Act, the U.S. Chamber of Commerce said Wednesday. EU officials reached agreement on the Data Act Tuesday. European Commissioner for Internal Market Thierry Breton called it a “milestone in reshaping the digital space.” The chamber cited concerns about the legislation’s impact on competition, investment and innovation. “We urge EU policymakers to engage in dialogue with stakeholders, including American businesses, as the Act is finalized and implemented,” said Sean Heather, senior vice president-international regulatory affairs and antitrust.

The U.S. should avoid the EU's “overly prescriptive” approach to regulating AI (see 2306140039), the Computer & Communications Industry Association said Tuesday, releasing a white paper with regulatory recommendations. Congress and various agencies are exploring how to use existing and potential authorities to avoid risks of the technology (see 2306230060). CCIA agreed that. by “establishing clear guidelines and standards for transparency and accountability, regulation can help address concerns related to privacy, bias, and accountability.” But CCIA said an approach like the EU’s AI Act “may hamper the development of the next generation of AI technologies.” CCIA “hopes this paper will serve as a guide for policymakers to craft rules that maximize the benefits of AI while reducing the potential risks,” said Senior Counsel-Innovation Policy Josh Landau. “With smart regulation and governance, the United States can continue to lead the world in AI innovation.”

The CEOs of Google, Microsoft, Apple and OpenAI met with President Joe Biden and India Prime Minister Narendra Modi at the White House Friday, as the administration continues its push to regulate AI (see 2305250037). Google's Sundar Pichai, Microsoft's Satya Nadella, Apple's Tim Cook and OpenAI's Sam Altman met with senior officials from both countries to discuss innovation, investment and manufacturing. Commerce Secretary Gina Raimondo, National Economic Council Director Lael Brainard, National Security Adviser Ajit Doval and NASA Administrator Bill Nelson were among U.S. participants. Biden told attendees the U.S. and India are developing new technology that will change the world, and the government needs the executives' help to "build guardrails around emerging technologies” so they're "trustworthy, secure and uphold our shared values in human rights.” Modi spoke briefly in Hindi after the president’s remarks. Biden and Modi issued a joint statement with a commitment to develop and promote regulations that “facilitate greater technology sharing, co-development, and co-production opportunities between U.S. and Indian industry, government, and academic institutions.” Altman, Microsoft President Brad Smith and IBM Chief Privacy and Trust Officer Christina Montgomery have urged Congress to regulate the emerging technology. Senate Majority Leader Chuck Schumer, D-N.Y., is leading a series of Senate briefings and meetings in hopes of reaching agreement on comprehensive legislation (see 2306210065). Sens. Ed Markey, D-Mass., and Gary Peters, D-Mich., in a letter announced Friday, asked the GAO to assess the potential harms of generative AI. The agency told us it’s likely to accept the request, though a formal review is pending.

NIST is launching a public working group on the risks and opportunities of generative AI, Commerce Secretary Gina Raimondo announced Thursday. The working group will consist of volunteers with expertise in the public and private sector, NIST said. The group will build on NIST’s AI Risk Management Framework and address challenges from AI technology that generates “content, such as code, text, images, videos and music.” Applications to join the working group are due July 9. The group “will help provide essential guidance for those organizations that are developing, deploying and using generative AI, and who have a responsibility to ensure its trustworthiness,” said Raimondo.

Online marketplaces need to follow a new law that starting June 27 requires verification of high-volume, third-party sellers of consumer goods, the FTC said Tuesday. The Integrity, Notification and Fairness in Online Retail Marketplaces for Consumers (Inform) Act defines a high-volume seller as someone who has made 200 or more sales in a 12-month period, worth $5,000 or more. Introduced by House Consumer Protection Subcommittee Chair Gus Bilirakis, R-Fla., and ranking member Jan Schakowsky, D-Ill., the Inform Act is meant to protect consumers from counterfeit, unsafe and stolen goods on platforms like Amazon and e-Bay. Senate Judiciary Committee Chairman Dick Durbin, D-Ill., introduced companion legislation with Sen. Bill Cassidy, R-La. The FTC “will enforce the act to the fullest extent possible and will collaborate with our state partners to hold online marketplaces accountable,” Consumer Protection Bureau Director Samuel Levine said Tuesday. The agency sent letters to 50 online platforms.

Russian cyber hackers exploited several federal agencies through a file transfer vulnerability, Cybersecurity and Infrastructure Security Agency Director Jen Easterly told reporters Thursday. This isn’t a campaign “like SolarWinds that presents a systemic risk to our national security or our nation’s networks,” she said, but CISA is working with the FBI and others to “understand prevalence within federal agencies.” The Department of Energy was reportedly one of the agencies affected. The FTC wasn't hit, an agency official said Friday. The FCC didn’t comment. At this point, CISA believes threat actors are “only stealing information that is being stored on the file transfer application at the precise time that the intrusion occurs,” she said. Based on conversations with the Joint Cyber Defense Collaborative, “these intrusions are not being leveraged to gain broader access, to gain persistence into targeted systems, or to steal specific high value information -- in sum, as we understand it, this attack is largely an opportunistic one,” she said. CISA isn’t aware of the attackers threatening to “extort or release any data stolen from U.S. government agencies.” CISA issued a joint cybersecurity advisory with the FBI June 7, recommending protective measures against Russia’s CL0P Ransomware Gang. The cyber group has been trying to exploit a “vulnerability in Progress Software's managed file transfer solution, known as MOVEit, to steal data from underlying MOVEit Transfer databases,” she said. CISA is working with the FBI, Progress Software and federal partners to understand the extent of the intrusions. “At this time, we are not tracking any significant impacts to the federal civilian executive branch (.gov) enterprise but are continuing to work with our partners on this issue,” said Easterly. House Commerce Committee Chair Cathy McMorris Rodgers, R-Wash., and ranking member Frank Pallone, D-N.J., are seeking briefings from DOE and federal officials to understand the “severity of the attack,” they said Friday: “The wide scale nature of this attack underscores the importance of bolstering the ability of industry specific federal agencies to secure America’s critical infrastructure and respond to complex attacks.”

Uber and Lyft said they're committed to safety after a bipartisan group of senators wrote the companies with concerns about human trafficking of minors (see 2306140065). Uber has partnered with experts to “provide drivers with education on how to spot the signs of human trafficking and report it,” the company said Wednesday in a statement. “Our dedicated Public Safety Team stands ready to assist law enforcement however we can with investigations.” Teen accounts have features for parental supervision and safety, including PIN verification, trip tracking for parents and access to an Uber safety line, the company said. Unaccompanied minors aren’t permitted in Lyft vehicles. The company said it has “developed safety features for ridesharing that go beyond anything that previously existed for other transportation options. These include professionally administered background checks, in-app photos of drivers and their vehicles, real-time ride tracking, 24/7 support, the ability to share your ETA, and more."

Legislation introduced Wednesday for regulating artificial intelligence shows some lawmakers are “more keen” to regulate than to “understand” the technology, NetChoice said in a statement Thursday. Sens. Josh Hawley, R-Mo., and Richard Blumenthal, D-Conn., introduced the No Section 230 Immunity for AI Act Wednesday, as expected (see 2306090046). The legislation clarifies that Communications Decency Act Section 230 doesn’t apply to claims based on generative AI activity, “ensuring consumers have the tools they need to protect themselves from harmful content produced by the latest advancements in AI technology,” Hawley’s office said. Said NetChoice Vice President Carl Szabo: “The bill would jeopardize important tools like autocorrect, content recommendations and search engines. Lawmakers shouldn’t rush to release regulations before seriously engaging with the history and functionality of AI tools, many of which have been publicly available for years."

Congress shouldn’t reauthorize Foreign Intelligence Surveillance Act Section 702 “without substantial reforms” to surveillance authorities, consumer advocates told the Senate Judiciary Committee Monday. The committee plans an oversight hearing Tuesday with officials from DOJ, FBI, CIA, National Security Agency and the Office of the Director of National Intelligence (ODNI). Section 702 is to expire in December. Groups signing the statement Monday included the Center for Democracy & Technology, American Civil Liberties Union, Americans for Prosperity, Demand Progress, Electronic Frontier Foundation, Electronic Privacy Information Center, Fight for the Future and TechFreedom. DOJ and the ODNI released declassified documents in May detailing the latest evidence of unauthorized surveillance of Americans related to FISA authority (see 2305190067).

ICANN is the “central venue supporting an open, accessible, and unfragmented Internet,” NTIA Administrator Alan Davidson told the organization’s Governmental Advisory Committee Monday. Speaking at the ICANN Policy Forum in Washington, D.C., he encouraged “all governments” to engage with the GAC to ensure the multistakeholder process continues to “succeed.” ICANN relies on NTIA for access to domain name registration information (see 2112170062). “When we come together with expert stakeholders to solve problems collectively, we enable that better world of connection,” said Davidson. “This is why the ICANN community must continue to fulfill the policy development role for the Internet’s global naming and numbering systems.”