August 2022 U.S. Tech Policy Roundup

Kennedy Patlan, Ake Kankirawatana, and Rachel Lau are associates at Freedman Consulting, LLC, where they work with leading public interest foundations and nonprofits on technology policy issues.

August is traditionally a sleepy month for policy in the U.S., but not this year. On August 9, President Biden signed the $280 billion CHIPS and Science Act into law, which includes a $52 billion appropriation for domestic semiconductor production and a nearly $170 billion authorization for R&D funding on topics such as artificial intelligence across multiple agencies. The law’s research funding provisions also authorized $20 billion to establish a new “Directorate for Technology, Innovation, and Partnerships” within the National Science Foundation. And in privacy news, California’s legislature passed the California Age-Appropriate Design Code Act, which will require tech companies to meet new safety standards for minors online. It now goes to Governor Gavin Newsom for signature.

Although the CHIPS and Science Act reached President Biden’s desk, the American Innovation and Choice Online Act (AICOA) will not for some time, if at all: Majority Leader Chuck Schumer (D-NY) is considering bringing the bill to a vote later this fall. The bill received additional support this month from FTC Commissioner Alvaro Bedoya during his first major speech at the National Association of Attorneys General Presidential Summit. Meanwhile, FTC transitions continued this month as Commissioner Noah Phillips, a Republican, announced plans to leave the FTC, triggering a lobbying response from conservative advocacy groups with an interest in his replacement.

Read on to learn more about August tech policy highlights at the FTC and beyond.

FTC Launches Privacy Rulemaking, Privacy Legislation Conversations Continue

• Summary: The FTC is wading deeper into the privacy discussion, announcing in mid-August that it is exploring rules to rein in harmful commercial surveillance and weak data security. The FTC is seeking comment on a wide range of privacy-related issues and will hold a virtual public forum in early September. The agency said that its current legal authority may not be sufficient to protect customers and that imposing privacy rules would require expanding the commission’s purview to seek penalties; however, more funding and authority for the FTC is not included in August’s Inflation Reduction Act of 2022 despite its inclusion in earlier reconciliation legislation. Other bills that could grant the FTC authority to levy fines on covered platforms that violate privacy rules include:
  • The Consumer Protection and Recovery Act (H.R.2668), which authorizes the FTC to obtain monetary relief for consumers through federal courts.
  • The Consumer Protection Remedies Act of 2022 (S.4145), which restores the FTC’s power to sue in federal court for monetary remedy for consumers and affirms Section 13(b)’s due process protections.
  • The American Innovation and Choice Online Act (S.2992), which establishes antitrust rules for some large online platforms, giving the FTC and DOJ the power to define covered entities carried by the bill and additional enforcement powers.
  • The Price Gouging Prevention Act of 2022 (S.4214), which gives the FTC the authority to investigate price gouging among energy companies and authorizes FTC enforcement powers on all regulations.
• Stakeholder Response: Various public interest groups supported the FTC’s move. Free Press praised the announcement, noting that this is a formal start to action that has been long in the making. The FTC’s announcement has sparked pushback from some stakeholders as well, who claimed that the agency is overstepping its bounds and encroaching on Congress’s authority. Representatives from the U.S. Chamber of Commerce’s Technology Engagement Center and NetChoice, a trade group, argued that Congress should be making privacy legislation instead of the FTC. The FTC’s two Republican members voted against the rule-making process, arguing that it would provide an excuse to lawmakers to block the American Data Privacy and Protection Act (H.R.8152, the “ADPPA”). The Supreme Court’s recent decision in West Virginia v. EPA could also affect the FTC’s purview, some experts argued, as it restricted the ability of regulatory agencies to rule on “major questions” that significantly affect the economy without “clear congressional authorization.”
• Conversations about the ADPPAalso continued this month, as opponents put pressure on key congressional figures to compromise between local constituent support and political viability. Ashkan Soltani, head of the California Privacy Protection Agency urged House Speaker Nancy Pelosi (D-CA) and Minority Leader Kevin McCarthy (R-CA) to oppose the ADPPA due to the bill’s state pre-emption clause, arguing that the federal legislation would “significantly weaken” the privacy rights of Californians and undermine the authority of the California Privacy Protection Agency. He echoed the call of other ADPPA critics to make the ADPPA a “floor rather than a ceiling,” allowing states to enforce stronger privacy protections than the federal standard. On the other side of the debate, five prominent data brokers expanded their collective spending on lobbying by around 11 percent in the second quarter of this year as they sought to influence the ADPPA’s provisions. Nearly 50 public interest organizations, however, called on Speaker Pelosi to bring the bill for a vote soon.
• What We’re Reading: The FTC’s involvement in the privacy discussion is part of a larger discussion about the agency’s authority. The FTC’s updated strategic plan expands the commission’s protections to the “public” rather than “consumers,” promising to crack down on “unfair methods of competition.” Experts wrote that the FTC’s announcement on privacy rulemaking is the first step toward achieving their strategic plan. The Wall Street Journal reported on the rulemaking announcement, outlining the potential tensions between FTC regulation and congressional legislation. On the legislative side of the debate, the Washington Post Editorial Board argued that Speaker Nancy Pelosi should bring the ADPPA to a vote in advance of the midterm elections, especially given the bill's support from a majority of voters. In Tech Policy Press, EPIC’s Alan Butler and Caitriona Fitzgerald analyzed the ADPPA, emphasizing the strengths of the bill, particularly its robust protections as a national privacy standard.

Students’ Online Privacy Gets a Spotlight

• Summary: As the pandemic exacerbated concerns surrounding student mental health, many school districts turned to online monitoring software designed to identify students “at risk of harming themselves or others” based on their online behavior. However, recent survey research conducted by the Center for Democracy & Technology revealed that monitoring appears to be used more frequently to infringe on privacy and discipline students than to solve true safety challenges. 78 percent of teachers reported that their students had been “flagged by monitoring software for disciplinary action.” Half of the teachers and students surveyed also reported that student activity monitoring can take place outside of school hours. Given the increased involvement of law enforcement offices in student surveillance, advocates are concerned that the rights of marginalized students are at risk, especially in states where LGBTQ+ rights are not protected and abortion is illegal.
• Stakeholder response: The Center for Democracy & Technology report resulted in a group of civil society organizations sending a letter to the U.S. Department of Education’s Office for Civil Rights (OCR), encouraging OCR to issue a policy statement that condemns student surveillance tools that impede students’ civil rights and also states OCR’s intent to “take enforcement action against violations that result in discrimination.” On the legislative side, two child privacy bills (the Children and Teens’ Online Privacy Protection Act, S.1628, and the Kids Online Safety Act, S.3663) continue to await a vote in the Senate after they were reported from committee in July.
• What We’re Reading: Ars Technica covered an Ohio judge’s ruling that surveilling students’ homes during remote testing is a violation of the Fourth Amendment. This month, surveillance in the workplace was also investigated by The New York Times. In related children's privacy news, the FTC is seeking comments regarding the impacts of digital advertising and marketing messages on children, particularly when they may “blur the lines between ads and entertainment.”

Google’s Proposal to Exempt Political Emails from Spam Filters Draws Public Outcry

• Summary: Since a study published in March by researchers from North Carolina State University found that Google’s Gmail service exhibited political bias in its email spam filtering algorithm, the company has faced much public criticism. Many Republicans alleged that campaign emails from conservative candidates were sent to spam more often than those from liberal candidates. Despite Google’s (and the researchers’) denial of these claims, Sen. John Thune (R-SD) and over 20 Senate Republican cosponsors introduced the Political Bias In Algorithmic Sorting (BIAS) Emails Act (S.4409) on June 15, which would “prohibit providers of email services from using filtering algorithms to flag emails from political campaigns that consumers have elected to receive as spam.” Pressure has also been rising in a campaign by the GOP to limit Google’s ability to apply automated spam filtering. That fight led to a response from Google, which submitted a proposal to the Federal Election Commission (FEC) for a pilot program that would exempt campaign emails from automated spam filtering as long as they do not violate Google’s content policies. The FEC approved Google's pilot program by a 4-1 vote on August 11, despite public backlash to the proposal and concerns from Democratic FEC commissioners.
• Stakeholder Response: There has been overwhelming opposition to the pilot program proposed by Google to allow political emails to bypass algorithmic spam filters. Over 2,700 public comments have been submitted to the FEC on the advisory opinion, in addition to comments submitted by Citizens for Responsibility and Ethics in Washington, Campaign for Accountability, Civic Shout, and other public interest organizations, citing the rise in unwanted political fundraising emails the program would enable. The Democratic National Committee submitted comments opposing Google’s pilot program, highlighting misleading Republican fundraising efforts; the National Republican Senatorial Committee called the pilot program “unacceptable” and demanded that Google give “any 2022 campaign the option to reset their email domain, restore their email reputation and allow emails to go to Gmail inboxes.”
• What We’re Reading: In other news related to elections and the Internet, Politico reported that Facebook will not move up its timeline to review the company’s decision to suspend Donald Trump from the platform, regardless of any plans the former President may have concerning a presidential run or announcement. Protocol described plans from TikTok and Meta to tamp down misinformation on their platforms ahead of the mid-term elections in November. The Washington Post covered a new report by the Bipartisan Policy Center that encourages tech companies to be more proactive in combating misinformation by collaborating with election officials. Tech Policy Press explained platforms’ responses to (and lack of action on) the spread of election disinformation.

Amazon Acquisitions Raise Further Antitrust Questions

• Summary: Amazon continues to acquire companies across market verticals, sparking potential investigation by the FTC. In August, the company committed to acquiring iRobot, maker of the robotic vacuum, Roomba. This move follows the company’s July announcement of plans to acquire OneMedical. Amazon’s acquisition of iRobot would give Amazon a trove of data documenting interior maps of users’ homes. Experts are anticipating a potential FTC investigation of this acquisition and are urging Congress to “fully resource the FTC.”
• Stakeholder Response: Business Insider spoke to tech policy advocates from the Institute for Local Self-Reliance and Public Citizen about their concerns over Amazon’s acquisition of Roomba and why it may be the “most dangerous, threatening acquisition” in Amazon’s history. The Lincoln Network’s Jonathon Hauenschild and Luke Hogg wrote for Tech Policy Press about the need for increased Congressional funding of the FTC and the Department of Commerce’s Antitrust Division so that the agencies can effectively investigate significant mergers and acquisitions in tech.
• What We’re Reading: In other antitrust news, in response to a separate FTC investigation regarding Amazon’s Prime subscription business, Amazon wrote a complaint claiming that the FTC is “harassing” company leadership and attempting to limit the agency’s investigative demands. The FTC and Meta secured a December court date over Meta’s acquisition of Within Unlimited Inc, a virtual reality company. The FTC also removed Mark Zuckerberg as a defendant from the lawsuit. The Wall Street Journal reported on a lawsuit filed by Kochava Inc., an Idaho data-marketing and analytics company, targeted at the FTC, claiming that the agency does not have grounds to sue the company for its use of geolocation data. However, the FTC filed a lawsuit against Kochava, with claims that the company is selling customers’ sensitive data without adequate privacy protections. 9to5Mac provided updates on an appeal hearing of a 2021 antitrust lawsuit between Epic and Apple, slated for the fall.

Following Pressure From U.S. Government, Oracle Begins Auditing TikTok

• Summary: This month, Axios reported that Oracle began its auditing of TikTok’s content moderation and algorithms to monitor for manipulation by Chinese authorities. In June, following pressure from U.S. authorities, TikTok changed the default storage location for all U.S. user data, and indicated that it was routing all of its user traffic to Oracle Cloud Infrastructure. The collaboration with Oracle will, among other things, require that the training for TikTok’s AI occur on Oracle’s U.S.-based cloud. These steps are part of TikTok’s Project Texas initiative to improve data security and build trust for U.S. users.
• Stakeholder Response: Amidst these changes, many Washington lawmakers remain concerned about TikTok’s data collection. Earlier this month, House Chief Administrative Officer (CAO) Catherine Szpindor, who oversees House IT operations, sent a memo to House digital staffers advising against downloading or using TikTok due to privacy and security concerns related to data collection. Michael Beckerman, TikTok’s Vice President and Head of Public Policy for the Americas, responded with a letter to the CAO denying several of the data collection claims in the CAO’s memo, including the allegations that TikTok uses facial recognition technology or collects “face or voice data to identify individuals.” TikTok’s letter urged the CAO to rescind the memo.
• What We’re Reading: TechCrunch reported on Oracle’s monitoring arrangement with TikTok and reviewed recent controversy surrounding TikTok’s content moderation policies. TechCrunch’s Natasha Lomasalso reported on a privacy class action complaint filed against Oracle, outlining the challenges of privacy litigation absent a federal privacy law. The Verge’s Makena Kelly examined TikTok’s plans to combat election-related misinformation in the upcoming midterm cycle. The Columbia Journalism Review’s Mathew Ingram investigated an array of TikTok data privacy concerns and surveyed steps the White House may take regarding TikTok and foreign companies more broadly.

New Legislation and Policy Updates

This month, major updates were made to the Journalism Competition and Preservation Act (JCPA, S.673, sponsored by Sen. Amy Klobuchar, D-MN) ahead of an expected September Senate Judiciary Committee markup. Rather than the bill’s original four-year safe harbor, the new version would provide media and news outlets with an eight-year safe harbor from antitrust laws. The safe harbor was extended to prevent the sudden need for lobbying due to the temporary nature of the safe harbor, Axios’s Sara Fischerreported. It also now excludes news outlets with more than 1,500 employees.

Public Opinion Spotlight

In August, Pew Research Center released findings from a poll that surveyed 1,316 U.S. teens about their use of digital devices and social media from April 14-May 4, 2022. The poll found that:

• “97 percent of teens use the internet daily”
• “54 percent of teens say it would be hard to give up social media”
• “36 percent of teens say they spend too much time on social media”
• “The share of teens who say they use Facebook has plummeted from 71 percent in a 2014-2015 survey to 32 percent today”
• “YouTube tops the 2022 teen online landscape among platforms covered in the Center’s new survey, as it is used by 95 percent of teens”

This month, the Media Insight Project, a partnership between The Associated Press-NORC Center for Public Affairs Research and the American Press Institute, released survey data on trends in news consumption among young people. The surveyors interviewed 5,975 young Americans ages 16-40 between May-June 2022. Respondents were recruited through random sampling. The survey found that:

• “76 percent of young Americans get news daily”
• “71 percent gets news daily from social media”
• “9 in 10 young people say misinformation is a problem”
• Among reported social media platforms, a third of respondents received their news from YouTube and Instagram, while Facebook usage among millennials declined from 57 percent in 2015 to 40 percent in 2022.
• 45 percent of young people also reported that they receive news from traditional sources (e.g., television, radio, newspapers.)
• 32 percent of millennials say they enjoy following the news, compared to 53 percent in 2015

- - -

We welcome feedback on how this roundup and the underlying tracker could be most helpful in your work – please contact Alex Hart and Kennedy Patlan with your thoughts.