This quarterly update summarizes key federal legislative and regulatory developments in the first quarter of 2022 related to artificial intelligence (“AI”), the Internet of Things (“IoT”), connected and automated vehicles (“CAVs”), and data privacy, and highlights a few particularly notable developments in the States.  In the first quarter of 2022, Congress and the Administration focused on required assessments and funding for AI, restrictions on targeted advertising using personal data collected from individuals and connected devices, creating rules to enhance CAV safety, and children’s privacy topics.

Artificial Intelligence

Members of Congress introduced legislation that would expand federal oversight over the use of AI in certain decision-making processes, as well as legislation that would increase resources for AI-related research and development.  For example, this quarter, Senator Ron Wyden (D-OR) introduced the Algorithmic Accountability Act of 2022 (S. 3572), which would create a Federal Trade Commission (“FTC”) Bureau of Technology and would direct the FTC to promulgate regulations requiring covered entities to (1) perform impact assessments on deployments of any “automated decision system” (defined as any system, software, or process, including those derived from AI, the result of which serves as a basis for human judgment) used to make a critical decision (defined broadly as a decision or judgment that has “any legal, material, or similarly significant effect on a consumer’s life” related to the cost or availability of certain topics such as education, utilities and transportation, financial service, healthcare, or “any other service” that is established through rulemaking) and (2) submit summary reports of those impact assessments to the FTC.  Only Democrats, however, have cosponsored the bill.  In a closely divided Congress, it will remain difficult to move any legislation without bipartisan support.  What that dynamic in mind, negotiations are likely to continue throughout this Congress in an attempt to reach a bipartisan agreement on the use of AI, particularly as it relates to advertisement targeting using algorithms.

Additionally, Congress has focused on efforts to increase AI funding.  For example, the America COMPETES Act of 2022 (H.R. 4521), which passed the House this quarter, incorporates the AI-related provisions of several other bills introduced in the last year that aim to increase support for AI research.  The House and the Senate are expected to conference on the COMPETES Act and the United States Innovation and Competition Act of 2021 (S. 1260), which will result in compromise legislation.  These funding provisions are expected to be part of the final bill.

Internet of Things

Federal lawmakers have introduced legislation addressing the intersection between connected devices and targeted advertising.  For example, Senator Cory Booker (D-NJ) and Representative Anna Eshoo (D-CA-18) introduced the Banning Surveillance Advertising Act of 2022 (S. 3520; H.R. 6416) this quarter, which would prohibit “advertising facilitators” (defined as a person that receives monetary consideration “or any other thing of value” to disseminate an advertisement, and collects or processes personal information to disseminate an advertisement) from using personal data to target advertisements to individuals or a connected device associated with the individual.  The bill would provide the FTC with rulemaking authority, and the FTC would be empowered to enforce violations through its Section 5 authority.

Additionally, this quarter, federal regulators continued to engage with IoT-related policy across the federal government, particularly in the Federal Communications Commission (“FCC”) and the National Institute of Standards and Technology (“NIST”).  For example, the FCC on January 10, 2022 announced a commitment of $361,037,156.16 million to support 802 schools and 49 libraries as part of its Emergency Connectivity Fund.  The schools and libraries are approved to receive nearly 654,000 connected devices and more than 313,000 broadband connections.  Relatedly, consistent with its obligations under Executive Order 14028 on “Improving the Nation’s Cybersecurity,” NIST published a whitepaper in coordination with the FTC and other agencies to initiate cybersecurity labeling pilot programs that will enable consumers to make informed decisions about IoT products.  The whitepaper provides recommendations on consumer IoT product label criteria, label design and consumer education considerations, and conformity assessment considerations.  Specifically, the whitepaper recommends coupling a binary label (a “seal of approval” type of label indicating a product has met a baseline standard) with additional information accessible online for interested consumers.

Connected and Autonomous Vehicles

The Department of Transportation (“DOT”) continued to engage on issues related to CAVs, particularly by (i) releasing a first-of-its-kind final rule amending the Federal Motor Vehicle Safety Standards (“FMVSSs”) to account for automated driving systems and (ii) seeking input on the projects and issues that should be considered by the Non-Traditional Emerging Transportation Technology (“NETT”) Council, a newly established entity under Section 25008 of the Infrastructure Investment and Jobs Act:

  • In March 2022, the DOT’s National Highway Traffic and Safety Administration (“NHTSA”) issued a final rule which amends the occupant protection FMVSSs to account for vehicles that are equipped with Automated Driving Systems (“ADS”) and do not contemplate traditional manual controls associated with human drivers. Inapplicable or inaccurate terminology such as “driver’s seat” and “steering wheel” is adjusted with the overarching goal of resolving any ambiguities stemming from applying the FMVSSs to ADS-equipped vehicles.  Lastly, the final rule amends the standards in order to maintain the level of safety that is currently provided to occupants in traditionally-designed vehicles.
  • The DOT is seeking public comments in connection with the NETT Council, an internal DOT body tasked with identifying and resolving jurisdictional and regulatory gaps that hinder the deployment of emerging technology such as autonomous vehicles, hyperloop, and other such innovations.  The DOT posted a Request for Comments (“RFC”) to the Federal Register to seek input on the types of projects, issues, and topics that should be considered by the NETT Council, with the comment period ending on April 8, 2022.

Federal lawmakers also engaged on CAV-related issues. The House Transportation and Infrastructure subcommittee held a hearing in early February, “The Road Ahead for Automated Vehicles,” in which experts, labor leaders, and industry representatives highlighted the need to increase consumer trust in CAVs and called for a national framework to facilitate the safe deployment of CAVs.

On February 28, 2022, the California Public Utilities Commission (“CPUC”) issued its first “Drivered Deployment” permits to Cruise LLC and Waymo LLC, allowing for passenger service in CAVs with a safety driver present.  The CPUC uses the term “drivered” to refer to CAVs with safety drivers present, while those without safety drivers are referred to as “driverless”. For more information on this development, see this post from Inside Tech Media.

Data Privacy

Legislators and the Executive branch have expressed interest in children’s privacy this quarter.   For example, President Biden’s State of the Union address focused on children’s privacy online, specifically asking Congress to introduced legislation aimed at children’s privacy protections.  On the Hill, “The Kids Online Safety Act,” (S. 3663) introduced by Senator Richard Blumenthal (D-CT) and co-sponsored by Senator Marsha Blackburn (R-TN), would create requirements for new safeguards, tools, and transparency requirements for minors online.  Notably, the bill would create a “duty to act in the best interests of a minor” that uses the covered entity’s (defined broadly as any commercial software or online application likely to be used by a minor) products or services.  The bill would also require covered entities to conduct annual independent audits of the risk of harm to minors on their service and issue a public report based on its findings.  For more information on this bill, see this post from Inside Privacy.

Additionally, the Utah legislature passed a comprehensive data privacy bill this quarter, which will go to the governor next for his signature.  The bill provides consumers right access and deletion rights, as well as rights to opt-out of the “sale” of personal information, “targeted advertising,” and processing of sensitive data.  If signed by the governor, the Attorney General will have authority to enforce the law’s requirements.  For more information on this bill, see this post from Inside Privacy.

We will continue to update you on meaningful developments in these quarterly updates and across our blogs.

Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Jayne Ponder Jayne Ponder

Jayne Ponder counsels national and multinational companies across industries on data privacy, cybersecurity, and emerging technologies, including Artificial Intelligence and Internet of Things.

In particular, Jayne advises clients on compliance with federal, state, and global privacy frameworks, and counsels clients on navigating the…

Jayne Ponder counsels national and multinational companies across industries on data privacy, cybersecurity, and emerging technologies, including Artificial Intelligence and Internet of Things.

In particular, Jayne advises clients on compliance with federal, state, and global privacy frameworks, and counsels clients on navigating the rapidly evolving legal landscape. Her practice includes partnering with clients on the design of new products and services, drafting and negotiating privacy terms with vendors and third parties, developing privacy notices and consent forms, and helping clients design governance programs for the development and deployment of Artificial Intelligence and Internet of Things technologies.

Jayne routinely represents clients in privacy and consumer protection enforcement actions brought by the Federal Trade Commission and state attorneys general, including related to data privacy and advertising topics. She also helps clients articulate their perspectives through the rulemaking processes led by state regulators and privacy agencies.

As part of her practice, Jayne advises companies on cybersecurity incident preparedness and response, including by drafting, revising, and testing incident response plans, conducting cybersecurity gap assessments, engaging vendors, and analyzing obligations under breach notification laws following an incident.

Photo of Nira Pandya Nira Pandya

Nira Pandya is a member of the firm’s Technology and IP Transactions Practice Group in Boston.

With a broad practice that spans a variety of industries, Nira routinely advises clients with their most complex commercial transactions and strategic collaborations involving technology, intellectual property…

Nira Pandya is a member of the firm’s Technology and IP Transactions Practice Group in Boston.

With a broad practice that spans a variety of industries, Nira routinely advises clients with their most complex commercial transactions and strategic collaborations involving technology, intellectual property, and data, with a focus on issues around IP ownership and licensing, artificial intelligence, software development, and information technology services.

As a member of the firm’s Digital Health Initiative, Nira counsels pharmaceutical, medical device, healthcare, and technology clients on commercial and intellectual property considerations that arise in partnerships and collaborations at the intersection of life sciences and technology.

Nira leverages in-house experience gained during her secondment to a leading technology company, where she partnered with business clients and translated legal advice into practical solutions. Prior to joining the firm’s Technology and IP Transactions practice group, Nira advised private and public companies on mergers and acquisitions, joint ventures, strategic investments, and other corporate transactions.

Photo of Nicholas Xenakis Nicholas Xenakis

Nick Xenakis draws on his Capitol Hill experience to provide regulatory and legislative advice to clients in a range of industries, including technology. He has particular expertise in matters involving the Judiciary Committees, such as intellectual property, antitrust, national security, immigration, and criminal…

Nick Xenakis draws on his Capitol Hill experience to provide regulatory and legislative advice to clients in a range of industries, including technology. He has particular expertise in matters involving the Judiciary Committees, such as intellectual property, antitrust, national security, immigration, and criminal justice.

Nick joined the firm’s Public Policy practice after serving most recently as Chief Counsel for Senator Dianne Feinstein (D-CA) and Staff Director of the Senate Judiciary Committee’s Human Rights and the Law Subcommittee, where he was responsible for managing the subcommittee and Senator Feinstein’s Judiciary staff. He also advised the Senator on all nominations, legislation, and oversight matters before the committee.

Previously, Nick was the General Counsel for the Senate Judiciary Committee, where he managed committee staff and directed legislative and policy efforts on all issues in the Committee’s jurisdiction. He also participated in key judicial and Cabinet confirmations, including of an Attorney General and two Supreme Court Justices. Nick was also responsible for managing a broad range of committee equities in larger legislation, including appropriations, COVID-relief packages, and the National Defense Authorization Act.

Before his time on Capitol Hill, Nick served as an attorney with the Federal Public Defender’s Office for the Eastern District of Virginia. There he represented indigent clients charged with misdemeanor, felony, and capital offenses in federal court throughout all stages of litigation, including trial and appeal. He also coordinated district-wide habeas litigation following the Supreme Court’s decision in Johnson v. United States (invalidating the residual clause of the Armed Career Criminal Act).