FTC Bureau on Data Abuse
- On September 15, the House Energy and Commerce Committee moved forward on its portion of the Build Back Better Act. Included within their portion of the bill is a provision to provide the Federal Trade Commission with $1 billion to create a new bureau dedicated to stopping unfair and deceptive acts and practices related to privacy violations, data security incidents, identity theft, and data abuses.
- The provision represents a significant increase in the commission’s resources. FTC’s current annual budget is $330 million.
- The commission’s consumer protection bureau has far fewer people specifically tasked with privacy and data security issues than do comparable agencies in other countries — a gap that House Consumer Protection and Commerce Subcommittee Chair Jan Schakowsky (D-IL) called “shocking” in 2019. (PoliticoPro)
- The subtitle can be found here: Subtitle O: Budget Reconciliation Legislative Recommendations Relating to FTC Privacy Enforcement
Politico Tech Summit
- Politico hosted a “At a Digital Crossroads: Washington and Silicon Valley” tech summit on September 15. Politico’s takeaways included:
- Self-regulation isn’t going to cut it. According to lawmakers and advocates, no amount of defensive efforts by the tech industry is going to save companies from impending government intervention. “One of the things I like to say to the companies is … ‘If you’re willing to do it yourself, then why are you opposed to putting it into law?” said Sen. Amy Klobuchar (D-MN), chair of the Senate Judiciary antitrust subcommittee.
- Lawmakers and agencies are betting big that this is the time to make change. Nearly every panel included mention of policymakers’ bullishness on the legislative vehicles currently moving through Congress with major tech provisions. (Politico)
- There are a number of amendments submitted to H.R. 4350 National Defense Authorization Act for Fiscal Year 2022 that would affect emerging technologies. Among them include:
- Amendment #182: Amendment from Congressman Steven Horsford (D-NV) would authorize the Secretary of Defense to carry out a pilot program to establish data libraries containing data sets relevant to the development of artificial intelligence software and technology and to allow private companies to access such data libraries for the purposes of developing artificial intelligence models and other technical software solutions.
- Amendment #288: Amendment from Congressmen Patrick McHenry (R-NC) and Stephen Lynch (D-MA) would direct the SEC and CFTC to establish a working group on digital assets.
- Amendment #665: Amendment from Congressman Tony Gonzales (R-TX) and over 30 other Members would establish the National Digital Reserve Corps, a program within GSA that would allow private sector tech talent to work for the federal government for 30 days per calendar year to take on short term digital, cybersecurity, and AI projects. Reservists would report to GSA, who would then detail them to executive agencies as needed.
- The House Rules Committee is expected to consider the bill on Monday, September 20.
- The NDAA for Fiscal Year 2021, passed into law on January 1, 2021, included key provisions in emerging technologies such as the creation of the new National Artificial Intelligence Initiative Office to be led by the White House, instructions to the Pentagon to take steps to ensure the AI technologies it acquires are developed in an ethically and responsibly-sourced manner, and instructions to the National Institute of Standards and Technology to develop an AI Risk Management Framework. The NDAA of 2021 also included a provision to develop the National Research Cloud to make computational resources and robust data sets publicly available to researchers. (see Stanford HAI)
Around the Agencies
FTC Health Data Breach Notification
- In a 3-2 vote on September 15, the Federal Trade Commission agreed on a new policy statement affirming that health apps and connected devices that collect or use consumers’ health information must comply with the Health Breach Notification Rule, which requires that they notify consumers and others when their health data is breached.
- “While this Rule imposes some measure of accountability on tech firms that abuse our personal information, a more fundamental problem is the commodification of sensitive health information, where companies can use this data to feed behavioral ads or power user analytics,” said FTC Chair Lina M. Khan. “Given the growing prevalence of surveillance-based advertising, the Commission should be scrutinizing what data is being collected in the first place and whether particular types of business models create incentives that necessarily place users at risk.”
- Under the new rule, any company offering health apps or connected devices that collect personal health data must notify consumers if their data has been compromised. The definition of “data breach” includes cybersecurity intrusion and unauthorized access to personal data, including the sharing of information without an individual’s permission. The FTC said it will “vigorously” enforce fines of $43,792 per violation per day. (TechCrunch)
SEC Request for Information on Use of Data Analytics and AI in Digital Customer Engagement
- The upcoming September 27 deadline is approaching for submitting comments to the Securities and Exchange Commission request for information and public comment on the use of digital engagement practices by broker-dealers and investment advisers. These tools include behavioral prompts, differential marketing, game-like features (commonly referred to as gamification), and other design elements or features designed to engage with retail investors on digital platforms (e.g., websites, portals, and applications), as well as the analytical and technological tools and methods (collectively called digital engagement practices (DEPs)). (SEC)
- “We’re at a transformational time. I really believe data analytics and AI can bring a lot of positives, but it means we should look back and think about what does this mean for user interface, user engagement, fairness and bias,” said SEC Commissioner Gary Gensler. “What does it mean about rules written in an earlier era?” (Reuters)
Institute of Standards and Technology (NIST), Department of Commerce: National Artificial Intelligence Advisory Committee Nominations
- Nominations to serve on the inaugural National Artificial Intelligence Advisory Committee and the Subcommittee on Artificial Intelligence and Law Enforcement are being collected by NIST until October 25.
Proposals Affecting Cryptocurrency Making Their Way Through Congress
- H.R. 3684: Infrastructure Investment and Jobs Act
- There are several notable provisions affecting cryptocurrencies in the Senate-passed infrastructure legislation expected to be voted on in the House on September 27.
- Broker Reporting: Digital asset brokers would be required to collect identifying information from cryptocurrency users and report their annual activity to the IRS. The controversial provision defines broker as “any person who (for consideration) is responsible for regularly providing any service effectuating transfers of digital assets on behalf of another person.” If enacted, these reporting requirements would become effective for transactions entered into after December 31, 2022.
Cash Payments: The bill would add digital assets to the reporting requirements under IRC Section 6050I, which requires any person conducting a business who receives over $10,000 in a single or in related transactions to file a Form 8300 to report the name, address, and tax identification number of the person from whom the cash was received, the amount of cash received, and the date and nature of the transaction.
- Digital Asset Definition: A digital asset is defined in the bill as “any digital representation of value which is recorded on a cryptographically secured distributed ledger or any similar technology as specified by the Secretary.”
- Build Back Better Act (Reconciliation)
- Wash Sale Rule: Included within the offset title of the House Ways and Means Committee’s portion of the Build Back Better Act reconciliation package is an expansion of the current wash sale rule to include digital assets, commodities, and foreign currencies. Section-by-Section, Legislative Text, JCT Description. The wash sale rule disallows losses incurred from the sale or disposition of stock or securities when a taxpayer acquires substantially identical stock or securities within 30 days before or after the disposition of the original stock or securities. The rule is intended to prevent taxpayers from creating artificial losses when their economic positions have not meaningfully changed. The committee’s legislative text proposes replacing the term “stock or securities” wherever it appears in section 1091 with the term “specified assets.” In regard to cryptocurrencies, the plan defines specified assets as any digital representation of value that is recorded on a cryptographically secured distributed ledger or any similar technology as specified by the Treasury secretary. The amendments would apply to sales and other dispositions after December 31, 2021. (Tax Notes)
Senator Hassan Letter to Agencies on Cryptocurrency Exchange Know Your Customer Rules
- Senator Maggie Hassan (D-NH), a member of the Senate Homeland Security and Governmental Affairs Committee, sent a letter to multiple agencies, including the Justice Department, the Department of Homeland Security, the Internal Revenue Service, the Securities and Exchange Commission, and the Treasury Department’s Financial Crimes Enforcement Network, raising concerns about the use of cryptocurrency in cyberattacks and as a means of payment for ransomware. Hassan calls for robust Know Your Customer (KYC) requirements for cryptocurrency exchanges, cryptocurrency kiosks, and OTC cryptocurrency trading desks. The letter requests information on the agencies’ current authorities and any necessary additional authorities Congress could grant.
Senator Toomey Request for Public Comment
- The September 27 deadline is quickly approaching for public comments on the request from Senate Banking Committee Ranking Member Pat Toomey (R-PA) for ideas and legislative proposals from the public to ensure federal law supports the development of emerging cryptocurrency and open blockchain network technologies while continuing to protect crypto investors. Senator Toomey stated he intends to use the responses in forming legislation that clarifies ambiguity around how existing laws, especially in the tax and securities realms, may apply to cryptocurrencies.