This Week: Global privacy debate, reform efforts heat up in the United States; Republicans, Democrats unite in calls for increased platform liability; artificial intelligence gains focus of lawmakers for funding and scrutiny; technology in transportation, what’s pending and what’s on the horizon.
Week in Review
President Trump returned Monday from the G-20 Summit in Osaka, Japan. During the trip, President Trump met with Chinese President Xi Jinping, after which the leaders announced plans to resume previously stalled trade negotiations. In exchange, President Trump pledged to withhold tariff escalation and announced that Xi agreed to resume purchases of American agricultural products. In addition to meeting with President Xi, President Trump held a bilateral meeting at the Korean Demilitarized Zone (DMZ) with Kim Jong-un of North Korea.
While the House and Senate remained out of session for the weeklong Fourth of July recess, President Trump signed into law Monday H.R. 3401, the $4.6 billion emergency supplemental appropriations bill. The House voted 305-102 to pass the measure last Thursday, June 27 despite pushback from some House Democrats. The bill provides $2.9 billion for the Department of Health and Human Services and $1.3 billion for the Department of Homeland Security, among other provisions, to support efforts to address the humanitarian crisis at the southern border.
The House and Senate return to Washington next week with just six work weeks until government funding expires on September 30. In addition to government funding, the chambers must also address National Flood Insurance Program (NFIP) reauthorization, Export-Import Bank reauthorization, and budget caps by the September 30 deadline. While the House successfully passed 10 of 12 spending bills last month through one standalone appropriations bill and two minibuses, negotiations in the Senate have stalled as the upper chamber struggles to reach consensus on a budget caps deal. Senate Appropriations Committee Chairman Shelby (R-AL) has reportedly proposed the concept of “deeming” top-line defense and nondefense spending levels once the upper chamber returns to Washington in order to advance funding negotiations absent a budget deal.
The Senate Judiciary Committee is slated to convene a hearing next Tuesday, July 9 entitled “Protecting Innocence in a Digital World” to analyze existing protections for minors on the internet. The hearing comes amid efforts led in large part by Senators Hawley (R-MO) and Markey (D-MA) to bolster children’s online privacy rules. In recent months, the Senators have introduced several measures aimed at addressing growing concerns around the topic, including legislation to amend the Children’s Online Privacy Protection Act (COPPA).
On Wednesday, the Senate Commerce Committee will consider the nominations of Stephen Dickson to be Administrator of the Federal Aviation Administration (FAA) and Michelle Schultz to be a Member of the Surface Transportation Board. The Committee will also consider a number of legislative measures during the executive session, including the Blockchain Promotion Act, the Developing Innovation and Growing the Internet of Things (DIGIT) Act and the Broadband Deployment Accuracy and Technological Availability (DATA) Act, among other bills.
The White House will host a Social Media Summit on Thursday the address “strategic challenges of today’s online environment.” The Administration has reportedly extended invitations to Turning Point USA Executive Director Charlie Kirk as well as representatives from the Heritage Foundation and the Media Research Center.
The same day, the FCC will convene a summit on the industry’s implementation of SHAKEN/STIR, a caller ID authentication framework to combat illegal robocalls and caller ID spoofing. The summit will highlight progress that major providers have made toward combating robocalls and provide an opportunity to identify any challenges to implementation.
Global Privacy Debate, Reform Efforts Heat Up in the United States
In January 2020, the California Consumer Privacy Act (CCPA) will take effect. The European Union’s (EU) General Data Protection Regulation spurred efforts in California (CA) to promote consumer privacy and have led to significant negotiations within the U.S. Congress to adopt a federal privacy framework to address concerns about data use while balancing reasonable business practices. Below are the issues to follow as things heat up in the U.S. privacy debate.
Prior to the January 2020 effective data of CCPA, CA Attorney General Xavier Becerra will incorporate changes from the CA Legislature into the implementing regulations. In June, the CA Assembly approved a number of amendments to exempt certain types of businesses and data from the law including the changes to the definition of “consumer” and “personally identifiable information.” Negotiations in the CA Senate have grown more tense as stakeholders continue to ask for greater clarifications and exemptions with lawmakers trying to balance corporate concerns with strong opposition from consumer groups. Of specific importance to industry is AB 25, which seeks to address employees being included within the definition of “consumer”, among other issues. It has been suggested that the legislation faces sharp opposition from the ACLU and the California Employment Lawyers Association. The alleged opposition is focused on concerns with employers selling data and employer surveillance. Scheduled hearings for July 9 on the proposed bills to amend CCPA should set the stage for heated negotiations this summer and an expectation that the CA Legislature may have to be more limited in aspirations to scale back the law when it takes effect.
Federal efforts to address consumer privacy and data security have been delayed in order to solicit greater input from Senate members to the informal privacy working group that includes Senators Wicker (R-MS), Moran (R-KS), Thune (R-SD), Cantwell (D-WA), Schatz (D-HI), and Blumenthal (D-CT). The group got off to a fast start in negotiations recognizing the impact of GDPR and the potential impact of CCPA as well as the need for Congress to act on a bipartisan bill to both address global changes to privacy laws and to ensure a patchwork of state laws does not create untenable obligations for the technology industry.
Last week, Congresswomen Eshoo (D-CA) and Lofgren (D-CA) shared a draft of their Online Privacy Act for comment by July 12. The draft bill does not preempt state privacy laws but seeks to bolster U.S. resources to address consumer privacy and grants consumers more control over the data collected about them, including the ability to opt-out of personalized targeting. Further, the draft legislation creates a private right of action for consumers and consumer groups and empowers state attorneys general to enforce the law and bring cases for violation of it.
Elements of the Eshoo-Lofgren bill have been a part of the discussions in the Senate but appear to be more aligned with CCPA than what is politically feasible in Congress. The House Energy and Commerce Committee and Senate Commerce Committee will be busy navigating how to address consumer privacy and data security in the coming months and it seems highly ambitious for Congress to enact a comprehensive privacy law before year’s end.
Republicans, Democrats Unite in Calls for Increased Platform Liability
Despite the political rancor that dominates many policy discussions inside the Capital Beltway, some Republican and Democratic policymakers have found common ground in calling for greater scrutiny and potentially increased liability for dominant technology platforms. The focus largely stems from recent concerns with content moderation practices and proliferation of hate speech online. In particular, questions regarding the efficacy of Section 230 of the Communications Decency Act (CDA) remain at the forefront of ongoing debates related to technology industry oversight. As readers may recall, Section 230 provides online platforms certain protections related to user-generated content, shielding companies from liability of third-party content. In the 115th Congress, Section 230 was amended with the passage of the Fight Online Sex Trafficking Act in March 2018, which the President later signed into law. The legislation amended the CDA to clarify that Section 230 does not immunize platforms that promote or facilitate online sex trafficking.
Republicans on Capitol Hill have repeatedly expressed concern with the content moderation policies of online platforms, arguing that these businesses censor conservative voices and detract from the availability of neutral public forums. Democrats have focused their attention on the inability or unwillingness of platforms to consistently mitigate terrorist and illicit activities. Both parties agree that these concerns demonstrate the need to consider certain reforms of Section 230. For example, late last month Senator Josh Hawley (R-MO) introduced the Ending Support for Internet Censorship Act, which removes the automatic immunity under Section 230 of the CDA for large technology companies.
Although the Ending Support for Internet Censorship Act currently lacks additional cosponsors, its language has already revitalized debate over the necessity of Section 230. Senator Ron Wyden (D-OR), who co-authored Section 230 and has remained a staunch opponent of calls to reform the provision, has already expressed concern for the bill. “Senator Hawley has written a bill to deputize the federal government as the Speech Police in flagrant violation of the First Amendment,” Wyden tweeted. Industry stakeholder groups have also hosted congressional briefings and authored Op-Eds to defend the safe harbor provision. Looking to the remainder of this year, Congress plans to hold additional hearings related to technology industry oversight. We can expect discussions of Section 230 to remain at the forefront of policymakers’ minds as Congress continues its scrutiny of online platforms.
Artificial Intelligence Gains Focus of Lawmakers for Funding and Scrutiny
Artificial intelligence (AI) in gaining traction among lawmakers as an area of keen interest. As the Senate and House versions of National Defense Authorization Act (NDAA) demonstrate, lawmakers are increasingly willing to invest significant federal resources in promoting and developing AI. In addition to funding for national security purposes, the House version of the NDAA picks up on another area of interest for lawmakers – bias. The House version of the NDAA as well as four of the seven other pieces of legislation that have been introduced in both chambers would require actions by the agencies designated in the bills to identify and minimize inappropriate bias. During the last work period the issue of algorithmic bias was raised in hearings, panel discussions, and staff events on the Hill. In addition, workforce displacement has been an area of focus for lawmakers. Five of the seven bills would direct designated federal agencies to consider the impact of AI on the workforce and begin consideration of plans to mitigate the impact where displacement or reductions in overall workforce are high. With privacy legislation being considered in both chambers, there is interest in empowering consumers with the tools they will need to control the use of their data for purposes of AI.
These concerns demonstrate that the new technological wave of AI will face greater scrutiny earlier in its development than many of the past technological changes. While passage of legislation beyond the NDAA remains an uphill challenge, particularly given the legislative calendar, the foundation for future consideration is being laid now.
Technology in Transportation: What’s Pending and What’s on the Horizon
Expect the House and perhaps the Senate to introduce companion bills to promote the development of driverless vehicles following the July 4 recess. In the last Congress, the House passed the Self Drive Act, H.R. 3388, by voice vote in September 2017. The Senate bill, S. 1185, called the AV Start Act, never got to the Senate floor, foundering amid concerns over privacy, cybersecurity, safety, forced arbitration, and preemption. In this Congress, House and Senate committee staff are working to resolve differences between the bills and address those concerns.
The National Highway Traffic Safety Administration (NHTSA), the lead agency within DOT for automated vehicles, has two ongoing rulemakings, each at the initial stage of an Advanced Notice of Proposed Rulemaking (ANPRM). NHTSA-2018-0092 sought comments on designing a national pilot program to facilitate, monitor, and learn from testing and development of advanced driving technologies. The comment deadline closed November 26, 2018. NHTSA-2019-0036 seeks comments on proposed changes to Federal Motor Vehicle Safety Standards (FMVSSs) to accommodate advanced driving system (ADS) technologies with respect to crash avoidance. Comments are due by July 29, 2019. Future NHTSA rulemakings will address FMVSSs for crashworthiness, and telltales, indicators, and warnings.
In the absence of any FMVSS on ADS-equipped vehicles, NHTSA published a petition by General Motors (NHTSA-2019-0016) for exemption from 16 different FMVSSs, seeking comments by May 20, 2019.
In May, the Federal Motor Carrier Administration (FMCSA) reopened an ANPRM first published in 2018, seeking comments on how to accommodate ADS in commercial motor vehicles. The new comment period is July 29, 2019.
Federal Aviation Administration
As noted, the Senate Commerce Committee will vote on Stephen Dickson’s nomination to serve as FAA Administrator next Wednesday, July 10, notwithstanding the controversy over Dickson’s initial failure to disclose to the Committee a whistleblower complaint filed against Delta Air Lines when he serves as head of flight operations. While the Committee has the votes to move Dickson’s nomination to the Senate floor, the opposite dynamic is in the House, which, because of an arcane law that prohibits retired service officers to serve simultaneously as Administrator and Deputy Administrator, will have a vote on whether to waive this statutory prohibition.
Boeing 737 MAX
In the aftermath of two fatal accidents involving the Boeing 737 MAX, and the worldwide grounding of this aircraft, the FAA has come under criticism for how it oversaw Boeing’s development of a stall prevention system, in particular as part of Boeing’s Organization Designation Authority (ODA) granted by FAA. The House and Senate have both held hearings and this fall the Senate Commerce Committee is likely to hold a follow up hearing after the accident investigation report from the fatal Lion Air accident is released.
There are multiple reviews underway in the Executive Branch. Transportation Secretary Chao established a Special Committee to review the FAA’s certification procedures for new aircraft, including the 737 MAX, within the Safety Oversight and Certification Advisory Committee (SOCAC), which was created by section 202 of the FAA Reauthorization Act of 2018. The FAA set up a Joint Authorities Technical Review (JATR), chaired by Chris Hart, which includes NASA and international authorities, to examine the automated flight control system of the 737 MAX. In March the DOT Inspector General initiated an audit of the 737 MAX certification process. The Justice Department’s criminal division reportedly has initiated an inquiry, although its scope has not been disclosed.
The main focus is on when the Federal Aviation Administration (FAA) will publish a proposed rule to require remote identification of drones. Remote ID will address safety, security and privacy concerns, and is essential to the development of an unmanned traffic management (UTM) system. The FAA’s schedule has slipped several times, with September 2019 as the latest target date for an NPRM. At the initial meeting of the reconstituted Drone Advisory Committee meeting last month, FAA tasked the DAC to explore ways in which remote ID could be tested and used in advance of the rulemaking.
Yesterday, House Transportation and Infrastructure Committee and Aviation Subcommittee leaders wrote to the DOT, FAA, and OMB agency heads raising concerns with delays in remote ID rulemaking, requesting the officials provide a written response that includes the steps and timeframes for issuing the NPRM and final rule, as well as projected timelines for DOT and OMB reviews of the proposed and final rules. They also request that these officials provide T&I Committee staff with a briefing on the progress made each quarter until the remote ID rule is finalized.
In February, FAA published a NPRM on operations over people (FAA-2018-1087). The proposed rule would also allow operations at night, and convert recurrent remote pilot testing to a training regimen. At the same time, FAA also published an ANPRM seeking comment on a variety of subjects under the title of Safe and Secure Operations (FAA-2018-1086). The comment deadline for both rulemakings passed April 15. No further action is expected on either of these rulemakings until a remote ID final rule is published.
Also expected by the end of this summer is a proposed rule to implement restrictions on drone operations over and near critical infrastructure facilities. Section 369 of the FAA Reauthorization Act of 2018 directed the FAA to publish a proposed rule my March 31, 2019, after the agency had taken no action to implement a requirement in 2016 to set up a process to review and approve applications for restrictions around critical infrastructure.
In response to section 349 of the 2018 FAA Reauthorization Act, FAA is also expected in the coming weeks to issue a Request for Information (RFI) seeking companies to participate in developing an aeronautical knowledge test for recreational drone pilots online.
Last Friday, the FAA published a proposed rule on Special Authorizations for Supersonic Aircraft, FAA-2019-0451 (June 28, 2019). The FAA is proposing to streamline the procedures to authorize supersonic aircraft operations for purposes of research and development. Supersonic aircraft operations over land for commercial purposes remain prohibited. The NPRM proposes to add a new basis for flight testing to accommodate future noise certification actions. Comments are due August 27, 2019