Senate Advances Landmark Tech Policy Priorities

August 6, 2024

Reading Time : 10+ min

Key Points

  • The Senate has passed landmark children’s online privacy and safety legislation via a near-unanimous vote shortly before departing for the August recess. The bill is comprised of revised versions of the Kids Online Safety Act (Title I; 1409) and the Children and Teens’ Online Privacy Protection Act (Title II; 1418). While the measure’s passage in the Senate is notable, its prospects in the House remain unclear.
  • In the same week, the Senate Commerce Committee approved eight bipartisan AI-focused measures, sending the bills to the floor for consideration, potentially as soon as September when the chamber returns from August recess.
  • The Senate Homeland Security and Governmental Affairs Committee (HSGAC) also advanced AI procurement legislation via a party-line vote, with plans in the near-term to shore up more Republican support for the proposal.
  • Meanwhile, annual defense authorization legislation, which is expected to include key AI provisions, remains on lawmakers’ plates post-recess.

Senate Advances Major Online Child Safety Reforms

On July 30, 2024, the Senate passed the Kids Online Safety and Privacy Act (S. 2073) via an overwhelmingly bipartisan vote of 91-3 shortly before departing for the August recess.

The measure is comprised of two bills—(1) the Kids Online Safety Act (Title I; S. 1409), which would establish a duty of care for social media platforms to prevent their products from harming children; and (2) the Children and Teens’ Online Privacy Protection Act (Title II; S. 1418), which would ban targeted ads to children and teens, ban companies from collecting personal information from users under 17 years of age, and allow users to erase personal information collected about them.

While the bill’s passage in the Senate is notable, it remains unclear whether the House will pass the measure, amend the measure and send it back to the Senate, or decline to pass the bill altogether. Although House Speaker Mike Johnson (R-LA) has spoken positively about the package, House Members started their summer recess last week, and when they return in September, lawmakers’ focus will be on averting a government shutdown by the end of the fiscal year on September 30th.

Below is a summary of the bill’s provisions:

  • Kids Online Safety Provisions
    • Duty of Care: Requires covered platforms to have a “duty of care” to prevent their products from harming children. Covered platforms are defined to include “a social media service, social network, online video game, messaging application, video streaming service, or an online platform that connects to the internet and that is used, or is reasonably likely to be used, by a minor.”
    • Safeguards for Minors: Requires covered platforms to (1) provide minors and their parents with controls to protect against stalking, exploitation, addiction, and dangerous material; (2) provide parents with tools to help manage a minor’s use of a platform; and (3) provide a dedicated reporting channel to alert the platform of harms to minors and respond in a timely manner. Covered platforms would also be barred from facilitating the advertising of products or services to minors of certain unlawful products for minors.
    • Disclosure: Prior to registration or use by a minor, requires covered platforms to provide notice of the policies, practices, and safeguards, and use by a child requires parental consent, among other disclosure requirements.
    • Transparency: Requires covered platforms with more than 10 million active monthly U.S. users to annually issue a public, independent report describing the risks of harm to minors.
    • Research on Social Media and Minors: Requires the National Academy of Sciences and the Federal Trade Commission (FTC) to conduct at least five scientific studies and reports on the risk of harms to minors by use of online platforms.
    • Market Research: Requires the FTC to establish guidance for covered platforms seeking to conduct market- and product-focused research on minors.
    • Age Verification Study and Report: Requires the Commerce Department to conduct a study evaluating the most technologically feasible options for developing systems to verify age at the device or operating system level.
    • Enforcement: Grants enforcement authority to the FTC for its provisions, and to state attorneys general (AGs) for the safeguards for minors and disclosure and transparency provisions.
    • Kids Online Safety Council: Directs the Commerce Department to create a Kids Online Safety Council to advise on the implementation of the Act. The Council would be comprised of parents, experts, representatives from covered platforms, federal agencies, state AGs, youth representatives, and disadvantaged communities.
    • Preemption: Stipulates that the children’s online safety provisions do not preempt Federal or State student privacy laws or the Children’s Online Privacy Protection Act (COPPA) or authorize actions conflicting with Congress’s restriction on the FTC “KidVid” proceeding.
  • Filter Bubble Transparency
    • Requires online platforms to provide greater transparency to consumers about algorithmic recommendation systems and enable users to easily switch between the algorithms that use their personal data and alternative versions.
  • Children and Teens’ Online Privacy
    • Inclusion of Teens: Expands on COPPA by extending privacy safeguards to users who are 13 to 16 years of age.
    • Data Minimization Safeguards: (1) Prohibits targeted advertising to children and teens; (2) limits the online collection of personal information of children and teens to that which is necessary to fulfill a transaction or service, provide a product or service requested, or comply with the law; (3) generally prohibits an operator from storing or transferring personal information of a child or teen outside of the U.S.; and (4) prohibits an operator from retaining personal information collected from a child or teen for longer than is reasonably necessary.
    • “Actual Knowledge” Standard: Expands COPPA’s knowledge standard so that operators with knowledge fairly implied on the basis of objective circumstances that a user is a child or teen must comply with COPPA.
    • Notice-and-Consent Requirements: Requires operators to (1) update their online privacy notice with information about the consumer rights available to the parent of the child or the teen and the procedures used to limit its collection of personal information; (2) obtain verifiable consent before using or disclosing personal information for any purpose that is a material change from the original purposes; (3) provide additional information about their privacy practices to a parent of a child and the right to challenge the accuracy of the personal information; and (4) provide the same consumer rights to teens as for parents of a child. The bill provides for a school consent exemption.
    • Preemption: Amends the preemption language in COPPA to stipulate that it may not be construed to prohibit states from enacting a law, rule, or regulation that provides greater protection to children or teens.
    • FTC Guidance: Requires the FTC to issue guidance with 180 days of enactment to help operators understand the agency’s determination of whether an operator has knowledge fairly implied on the basis of objective circumstances that a user is a child or teen.
    • Study of Mobile and Online Application Oversight: Requires the FTC to, within three years of enactment, submit a report to Congress on ensuring that mobile and online applications directed to children operate in accordance with COPPA and related guidance. The FTC must also submit an annual report to Congress detailing the number of COPPA actions, investigations, and complaints received and any related policy recommendations.
    • GAO Study: Directs the Comptroller General of the United States to conduct a study on the privacy of teens who use financial technology products.

Senate Commerce/Homeland Security Committees Send Key AI Legislation to the Floor

On July 31, 2024, the Senate Commerce Committee advanced eight AI-focused measures during the Committee’s first legislative markup in a year. The markup was preceded by extensive negotiations between Chair Cantwell and Ranking Member Ted Cruz (R-TX), who filed dozens of amendments, including an amendment to implement a ten-year moratorium on AI regulations included in the Biden AI executive order, the AI Bill of Rights, or any similar documents.

In particular, the committee advanced the following measures:

  • CREATE AI Act of 2023 ( 2714):The bill, introduced by Sens. Martin Heinrich (D-NM), Todd Young (R-IN), Cory Booker (D-NJ), and Mike Rounds (R-SD), would authorizes the development of the National Artificial Intelligence Research Resource (NAIRR), to be overseen by the National Science Foundation (NSF) and funded through the $1 billion per year authorized to NSF under the National AI Initiative Act (P.L. 116-283). The bill advanced via a 19-7 vote.
  • TEST AI Act of 2023 (3162):The bill, introduced by Sens. Ben Ray Lujan (D-NM), John Thune (R-SD) and a bipartisan group of lawmakers, would direct the National Institute of Standards and Technology (NIST) to coordinate with the U.S. Department of Energy to establish testbeds for testing and evaluation of trusted AI systems to advance AI tools, capabilities, and workforce needs. The bill advanced via voice vote.
  • AI Research, Innovation, and Accountability Act of 2023 (3312):The bill, introduced by Sen. John Thune (R-SD), Amy Klobuchar (D-MN), and a bipartisan group of lawmakers, would (1) direct the U.S. Department of Commerce to issue standards for the testing and evaluation of AI systems that are used to make decisions that impact critical infrastructure, criminal justice, or biometric identification; (2) require transparency reports in certain instances for companies using high-impact AI systems to make decisions about housing, employment, credit, education, healthcare, or insurance; (3) direct NIST to provide sector-specific recommendations to federal agencies to improve the safe and responsible use of AI systems; and (4) direct research on verifying and labeling AI-generated content, require large internet platforms to provide notice to users when the platform is using generative AI, and require the Commerce Department to develop recommendations for consumer education efforts. The bill advanced via voice vote.
  • Future of AI Innovation Act of 2024 (4178):The bill, introduced by Senate Commerce Chair Maria Cantwell (D-WA) and Sens. Todd Young (R-IN), John Hickenlooper (D-CO), and Marsha Blackburn (R-TN), would formally establishes the AI Safety Institute at NIST to develop voluntary guidelines and standards with the private sector and federal agencies to promote innovation in AI. The bill advanced via voice vote.
  • NSF Artificial Intelligence Education Act of 2024 (4394):The bill, introduced by Senate Commerce Chair Maria Cantwell (D-WA) and Sen. Jerry Moran (R-KS), would expand scholarship and professional development opportunities to study AI and quantum with support from the NSF. The bill advanced via voice vote.
  • Small Business AI Training and Toolkit Act of 2024 (4487):The bill, introduced by Senate Commerce Chair Maria Cantwell (D-WA) and Sen. Jerry Moran (R-KS), would authorize the U.S. Department of Commerce to work with the Small Business Administration (SBA) to create and distribute AI training resources and tools to help small businesses leverage the technology. The bill advanced via voice vote.
  • AI Public Awareness and Education Campaign Act (4596):The bill, introduced by Sens. Todd Young (R-IN) and Brian Schatz (D-HI), would require the U.S. Department of Commerce to carry out a public awareness and education campaign to provide information regarding the benefits, risks, and prevalence of AI. The bill advanced via voice vote.
  • Validation and Evaluation for Trustworthy (VET) AI Act (4769):The bill, introduced by Sens. John Hickenlooper (D-CO) and Shelley Moore Capito (R-WV), would direct the NIST to develop voluntary specifications and guidelines for developers and deployers of AI systems to conduct internal assurance and work with third parties on external assurance regarding the verification and red-teaming of AI systems. The bill advanced via voice vote.

Further, the Senate Homeland Security and Governmental Affairs Committee (HSGAC) on July 31, 2024, advanced the PREPARED for AI Act (S. 4495) via a vote of 8-3, with several Republicans voting against the bill.

The bill, introduced by Chair Gary Peters (D-MI) and Sen. Thom Tillis (R-NC), would require federal agencies to assess and address the risks of their AI uses prior to buying and deploying the technology, and further direct the creation of pilot programs to test more flexible, competitive purchasing practices. Chair Peters has discussed “substantive concerns” about the legislation from GOP colleagues but has vowed to work with Republican lawmakers to shore up support for the measure.

Senate Majority Leader Chuck Schumer’s (D-NY) has maintained his desire to pass AI legislation on a rolling basis as opportunities arise. Over the remainder of the year, Senate lawmakers are expected to seek out opportunities to bring up key AI-focused bipartisan bills for floor consideration. However, despite the bipartisan votes on the bills advanced by the Commerce Committee, Ranking Member Ted Cruz (R-TX) voiced concern during the markup about several of the bills, potentially throwing a wrench into lawmakers’ plans for smooth passage.

In particular, despite the CREATE AI Act’s broad bipartisan support in both chambers, the Ranking Member voiced concern that the bill would grant federal agencies the ability to transfer taxpayer data into a shared repository without written consent. He also voiced concern that the AI Research, Innovation, and Accountability Act would lead to “heavy-handed regulation,” benefitting incumbent operators and entrenching large companies, and that the Future of AI Innovation Act would allow mandatory environmental impact assessments or climate change analyses to be applied to AI decision making or development.

Moreover, the Ranking Member offered an amendment, which was ultimately rejected, to repeal President Biden’s AI executive order (EO), which continues to draw criticism from Republican lawmakers and former President Donald Trump on the campaign trail.

Senate Preps to Move NDAA with AI Provisions

On June 13, 2024, the Senate Armed Services Committee approved its fiscal year (FY) 2025 National Defense Authorization Act (NDAA; S. 4638) that would expand the authority of the Pentagon’s chief AI officer to engage with military personnel, among other AI-focused provisions.

The following day, the House passed its FY 2025 House NDAA (H.R. 8070), which includes several AI provisions: (1) enhancing marine corps supply chains with AI; (2) securing computing for testing AI models trained on biological data; and (3) directing the U.S. Department of Defense (DoD) to identify individuals with AI expertise.

As the Senate looks to consider its version of the NDAA after August recess, lawmakers have introduced over 1,000 amendments to the bill, including 36 AI-focused amendments, summarized below.

 

Amdt. #

Sponsor

Summary

SA 2109

Sen. Mitt Romney (R-UT)

Requires a study on cyber, AI, and data analysis experience or knowledge of senior officers in certain roles.

SA 2110

Sen. Mitt Romney (R-UT)

Requires regulations on training on cyber, AI, and data analysis tools or capabilities of senior officers in certain roles.

SA 2181

Sen. Ron Wyden (D-OR)

Requires DoD to develop and implement a framework for AI and machine learning for intelligence, surveillance, reconnaissance, defense, and offensive purposes throughout DoD.

SA 2200

Sen. Amy Klobuchar (D-MN)

Requires a report on voluntary guidelines for election offices that address the use and risks of AI technologies in the administration of elections.

SA 2201

Sen. Amy Klobuchar (D-MN)

Requires content that is substantially generated by AI in political advertisements to include a statement within the contents of the advertisements if generative AI was used to generate any image, audio, or video footage in the advertisements.

SA 2202

Sen. Amy Klobuchar (D-MN)

Prohibits the distribution of materially deceptive AI generated audio or visual media prior to an election.

SA 2314

Sen. Joe Manchin (D-WV)

Requires the U.S. Department of Energy (DOE) to establish a program to promote the use of AI.

SA 2345

Sen. Cory Booker (D-NJ)

Authorizes the NSF to identify grand challenges and award competitive prizes for AI research and development.

SA 2365

Sen. Gary Peters (D-MI)

Guides the federal government’s activities, personnel and processes to effectively and responsibly procure and use AI.

SA 2425

Sen. Brian Schatz (D-HI)

Establishes requirements for providers of generative AI systems that produce certain AI-generated content.

SA 2428

Sen. Brian Schatz (D-HI)

Creates AI implementation working groups throughout DoD.

SA 2432

Sen. Brian Schatz (D-HI)

Modifies requirements for a prize competition for technology that detects and discloses the use of generative AI.

SA 2542

Sen. Chuck Schumer (D-NY)

Establishes an AI-Enabled Weapon Systems Center of Excellence.

SA 2589

Sen. Todd Young (R-IN)

Requires the U.S. Department of Commerce to conduct a public awareness and education campaign to provide information regarding the benefits of, risks relating to, and the prevalence of AI in the daily lives of individuals in the United States.

SA 2609

Sen. Mike Rounds (R-SD)

Directs the U.S. Department of Health and Human Services (HHS) to implement a pandemic preparedness and response program utilizing AI and other relevant technologies.

SA 2612

Sen. Martin Heinrich (D-NM)

Directs the Administrator for Nuclear Security to develop and evaluate tools and testbeds to evaluate the capabilities of AI systems to assist in the development of chemical, biological, nuclear, or radiological weapons.

SA 2615

Sen. Martin Heinrich (D-NM)

Directs the Commerce Department to designate certain properties or capabilities of integrated circuits as being critical, or specialized, for high-performance computing, high-performance networking, AI development, or AI deployment; or perform research to make such designations.

SA 2616

Sen. Martin Heinrich (D-NM)

Establishes the National Artificial Intelligence Research Resource (NAIRR)

SA 2622

Sen. Peter Welch (D-VT)

Manages risks relating to military use AI.

SA 2714

Sen. Mike Rounds (R-SD)

Directs the National Institutes of Health (NIH) to take steps to govern ethical AI use and innovation for health care development, research, and equity.

SA 2715

Sen. Mike Rounds (R-SD)

Addresses the use of AI by regulated financial entities.

SA 2718

Sen. Mike Rounds (R-SD)

Requires a report on AI regulation in the financial services industry.

SA 2857

Sen. Chuck Schumer (D-NY)

Establishes physical and cybersecurity requirements for data centers storing frontier AI models.

SA 2863

Sen. Todd Young (R-IN)

Establishes a pilot program on developing near-term use cases and demonstrations of AI toward biotechnology applications for national security.

SA 2915

Sen. Martin Heinrich (D-NM)

Requires the Comptroller General to submit a report that describes a methodology framework to evaluate competitiveness in the field of AI and to assess availability of data across selected Federal Government entities.

SA 2947

Sen. Markwayne Mullin (R-OK)

Authorizes the use of operations and maintenance funds to procure software as a service and data as a service and modify software to include AI systems to meet the operational needs of DoD.

SA 2978

Sen. Mike Rounds (R-SD)

Directs the NIH to take steps to govern AI use and innovation for health care development, research, and equity.

SA 2991

Sen. John Cornyn (R-TX)

Authorizes the use of operations and maintenance funds to procure software as a service and data as a service and modify software to include AI systems to meet the operational needs of the DOD.

SA 3013

Sen. Jerry Moran (R-KS)

Requires the National Institute of Standards and Technology (NIST) to develop standards and guidelines for AI used or operated by Federal agencies or by an agency contractor.

SA 3043

Sen. Chuck Schumer (D-NY)

Establishes a center of excellence to support the development and maturation of AI-enabled weapon systems by organizations within DoD.

SA 3068

Sen. Maria Cantwell (D-WA)

Supports NSF education and professional development relating to AI.

SA 3071

Sen. Maria Cantwell (D-WA)

Establishes AI standards, metrics, and evaluation tools, supports AI research, development, and capacity-building activities, promotes innovation in the AI industry by ensuring companies of all sizes can succeed and thrive.

SA 3074

Sen. Martin Heinrich (D-NM)

Requires any commercial cloud computing service that offers unclassified access to AI systems on its platform to also provide a particular AI system in a classified computing environment at no cost to the National Nuclear Security Administration.

SA 3138

Sen. Chuck Schumer (D-NY)

Requires the establishment of an advanced computing infrastructure program to enable advanced AI capabilities within DoD.

SA 3139

Sen. Chuck Schumer (D-NY)

Sets forth cybersecurity requirements for highly-capable AI systems.



Conclusion

As House lawmakers formulate their approach to the Kids Online Safety Act, Senate lawmakers seek out opportunities to advance AI-focused bills on the floor, and the Senate prepares to move its NDAA, Akin’s Lobbying & Public Policy team continues to work with closely lawmakers and their staff on these issues and keep clients apprised of key developments.

Share This Insight

Previous Entries

Data Dive

November 19, 2024

The European Union’s AI Office published the inaugural General-Purpose AI Code of Practice on November 14, 2024. The Code is intended to assist providers of AI models in their preparations for compliance with the forthcoming EU AI Act, to be enforced from August 2, 2025. The Code is designed to be both forward-thinking and globally applicable, addressing the areas of transparency, risk evaluation, technical safeguards and governance. While adherence to the Code is not mandatory, it is anticipated to serve as a means of demonstrating compliance with the obligations under the EU AI Act. Following a consultation period that garnered approximately 430 responses, the AI Office will be empowered to apply these rules, with penalties for nonconformity potentially reaching 3% of worldwide turnover or €15 million. Three additional iterations of the Code are anticipated to be produced within the coming five months.

...

Read More

Data Dive

November 15, 2024

On October 29, 2024, the DOJ issued a proposed rule prohibiting and restricting certain transactions that could allow persons from countries of concern, such as China, access to bulk sensitive personal data of U.S. citizens or to U.S. government-related data (regardless of volume).

...

Read More

Data Dive

October 17, 2024

During the course of any lending transaction, lenders will conduct a due diligence review of the borrower, including reviewing any relevant “know-your-customer” information.

...

Read More

Data Dive

September 17, 2024

Following the publication of the European Union’s Artificial Intelligence Act (AI Act or Act) on 12 July 2024, there are now a series of steps that various EU bodies need to take towards implementation. One of the first key steps is in relation to the establishment of codes of practice to “contribute to the proper application” of the AI Act.

...

Read More

Data Dive

August 6, 2024

On July 30, 2024, the Senate passed the Kids Online Safety and Privacy Act (S. 2073) via an overwhelmingly bipartisan vote of 91-3 shortly before departing for the August recess.

...

Read More

Data Dive

July 18, 2024

On 12 July 2024, the European Union Artificial Intelligence Act (AI Act or Act) was published in the Official Journal of the European Union (EU), marking the final step in the AI Act’s legislative journey. Its publication triggers the timeline for the entry into force of the myriad obligations under the AI Act, along with the deadlines we set out below. The requirement to ensure a sufficient level of AI literacy of staff dealing with the operation and use of AI systems will, for example, apply to all providers and deployers on 2 February 2025.

...

Read More

Data Dive

July 18, 2024

On June 18, 2024, the United States Securities and Exchange Commission (SEC) announced a settlement with R.R. Donnelley & Sons Company (RRD) for alleged internal control and disclosure failures following a ransomware attack in 2021. Without admitting or denying the SEC’s findings, the business communications and marketing services provider agreed to pay a civil penalty of over $2.1 million to settle charges alleging violations of Section 13(b)(2)(B) of the Securities Exchange Act of 1934 (Exchange Act) and Exchange Act Rule 13a-15(a).1

...

Read More

© 2024 Akin Gump Strauss Hauer & Feld LLP. All rights reserved. Attorney advertising. This document is distributed for informational use only; it does not constitute legal advice and should not be used as such. Prior results do not guarantee a similar outcome. Akin is the practicing name of Akin Gump LLP, a New York limited liability partnership authorized and regulated by the Solicitors Regulation Authority under number 267321. A list of the partners is available for inspection at Eighth Floor, Ten Bishops Square, London E1 6EG. For more information about Akin Gump LLP, Akin Gump Strauss Hauer & Feld LLP and other associated entities under which the Akin Gump network operates worldwide, please see our Legal Notices page.