AI Leaders Bring Washington a Bag of Promises

In our last episode before the August break, the Cyberlaw Podcast drills down on the AI industry leaders' trip to Washington, where they dutifully signed up to what Gus Hurwitz calls "a bag of promises." Gus and I parse the promises, some of which are empty, others of which have substance. Along the way, we examine the EU's struggling campaign to persuade other countries to adopt its AI regulation framework. Really, guys, if you don't want to be called regulatory neocolonialists, maybe you shouldn't go around telling former European colonies to change their laws to match yours.

Jeffery Atik picks up the AI baton, unpacking Senate Majority Leader Chuck Schumer's (D-N.Y.) overhyped set of AI amendments to the National Defense Authorization Act (NDAA), and panning the claim by authors that AI models have been "stealing" their works. Also this week, another endlessly litigated and unjustified claim of high-tech infringement came to a close with the appellate rejection of a claim that linking to a site violates the site's copyright. We also cover the AI industry's unfortunately well-founded fear of enabling face recognition and Meta's unusual open-source AI strategy.

Richard Stiennon pulls the podcast back to the National Cybersecurity Implementation Plan, which I praised last episode for its disciplined format. Richard introduces me to an Atlantic Council report in which several domain experts marked up the text. This exposed flaws not apparent on first read; it turns out that the implementation plan took a few remarkable dives, such as omitting all mention of one of the strategy's more ambitious goals. That's the problem with strategies in government. They only mean something if the leadership is willing to follow them.

Gus gives us a regulatory lawyer's take on the FCC's new cybersecurity label for IoT devices and on the EPA's beleaguered regulations for water system cybersecurity. He doubts that either program can be grounded in a legislative grant of regulatory jurisdiction. Richard points out that CISA managed to get new cybersecurity concessions from Microsoft without even a pretense of regulatory jurisdiction.

Gus gives us a quick assessment of the latest DOJ/FTC draft merger review guidelines. He thinks it's a overreach that will tarnish the prestige and persuasiveness of the guidelines.

In quick hits:

• Richard updates us on the latest U.S. sanctions on European spyware firms. I offer a dissent from the whole campaign.
• Jeffery covers the brain drain in semiconductors from Europe to China, and we ask when it will hit the U.S.
• Gus covers the latest technopanic and media handwringing over the really very satisfying use of technology to catch serial killers and drug dealers.
• Speaking of technopanics, I question the latest narrative expressing shock that an FBI agent searched the 702 database using the name of a Senator being targeted by a foreign intelligence service.

Download 469th Episode (mp3)

You can subscribe to The Cyberlaw Podcast using iTunes, Google Play, Spotify, Pocket Casts, or our RSS feed. As always, The Cyberlaw Podcast is open to feedback. Be sure to engage with @stewartbaker on Twitter. Send your questions, comments, and suggestions for topics or interviewees to CyberlawPodcast@gmail.com. Remember: If your suggested guest appears on the show, we will send you a highly coveted Cyberlaw Podcast mug! The views expressed in this podcast are those of the speakers and do not reflect the opinions of their institutions, clients, friends, families, or pets.