The director of the White House’s Office of Science and Technology Policy (OSTP) said today that Federal privacy legislation must work in harmonization with Congress’ forthcoming legislation to create guardrails on artificial intelligence (AI) development.
“It creates enormous problems for the industry to not have the full harmonization [in privacy],” Arati Prabhakar said during the World Economic Forum in Davos, Switzerland, today. “This is an area where President Biden continues to call on our Congress to act on privacy legislation.”
The United States has yet to pass legislation that would rein in Big Tech and put Americans in control of their personal data, with Congress swinging and missing several times on getting a national data privacy standard over the finish line over the past decade.
During the 117th Congress, the House Energy and Commerce Committee paved the way for a national data privacy standard through the bipartisan, bicameral American Data Privacy and Protection Act (ADPPA).
The ADPPA aimed to provide consumers with fundamental data privacy rights by creating strong oversight mechanisms and establishing meaningful enforcement. The bill was favorably reported to the full House by a vote of 53-2 but was not voted on before the new Congress was sworn in in 2023. Before the ADPPA legislation, the last serious push for stronger standards dates back to 2019.
Prabhakar highlighted the importance of working with global partners on the development of AI and its standards. For example, the OSTP director cited the European Union’s General Data Protection Regulation, noting that this privacy law laid a solid foundation for the rest of the world to build on.
“Everyone shares a sense of urgency because AI has been around. This is not our first encounter with AI, but what has happened in the last year has focused everyone’s attention on how pervasive it’s going to be in everyone’s lives,” Prabhakar said. “There will be places where harmonization can occur and we’re working towards it. And we can approach, I think, really good harmonization that forms a foundation that everyone can build on.”
Microsoft’s Vice Chair and President Brad Smith highlighted during the World Economic Forum panel that laws around the world already exist that governments should apply to AI and create better harmonization globally.
“There are a wide variety of laws in place around the world that were not necessarily written for AI but they absolutely apply to AI – privacy laws, cybersecurity rules, digital safety, child protection, consumer protection, competition law,” Smith said. “You have existing regulators, courts, and the like, all working with that, and companies are working to navigate it. Now you have a new set of AI specific rules and laws.”
“There’s more similarity than most people assume. People are often prone to look at the [EU] AI Act, they look at the executive order or the voluntary commitments in the United States. And the fundamental goals are complimentary, in my view,” Smith said. “The AI Act started by looking at the fundamental rights of European citizens, the values of Europe – privacy, the protection of consumers, democratic rights – all things that are held deeply as important in the U.S. and other places.”
There seems to be bipartisan consensus among lawmakers and tech experts in the U.S. that in order to pass comprehensive guardrails for AI, Congress must first approve a Federal data privacy law – a goal that has been eluding lawmakers for many years.
Most recently, Sen. Catherine Cortez Masto, D-Nev., reintroduced three pieces of legislation focused on strengthening data privacy protections for Americans’ personal information, and tasking the Federal government with research work to improve online data privacy for consumers.