At a Glance.
- EU council withdraws its vote on chat control.
- The US looks to continue curbing investments in China’s AI and technology sectors.
EU Council withdraws vote on chat control.
The News.
Last Thursday, the European Union (EU) Council withdrew its planned vote on the Chat Control law. This plan was originally proposed by Belgium in 2022 and would give the government the power to monitor all chat messages as well as other forms of digital communications among its citizens. When originally introduced, the goal of this law was to improve efforts related to detecting child sexual abuse material on messaging platforms by implementing an “upload moderation” system that would scan messages, images, videos, and links. Additionally, each service that would have been required to install this monitoring tool would be required to ask users' permission to scan their messages. If a user denied access, then the system would block them from being able to share images or URLs with others. To scan these messages, the proposed solution would require messaging apps to send messages to the upload moderation system for examination before encrypting them and sending them to the intended destination.
The vote was withdrawn after it became clear that the Council did not have the needed majority to pass the law. As of right now, this vote has been postponed indefinitely until Belgium can present a new proposal that would regain the majority. However, it is unlikely that this chat control law will be passed soon as the Council Presidency will transfer from Belgium to Hungary in July. While Hungary has stated that it intends to continue advancing the negotiations on chat control, it remains unclear how long that process will take and what the final results will entail.
The Knowledge.
The chat control measure has been highly controversial since it was originally proposed. While the law was created as a way to protect children from grooming activities while also detecting abusive materials, numerous concerns have been raised regarding its invasive nature and invasion of privacy. Many of these messaging applications have signaled that if this measure is adopted then they will pull their operations in Europe.
For example, Meredith Whittaker, the president of Signal, published her official position on June 17th, framing this law as a heavily invasive rebranding form of client-side scanning. Whittaker stated in this position that the proposal would “fundamentally undermine encryption” regardless of whether it scanned messages before or after it was encrypted and would create numerous vulnerabilities that hackers and hostile nation-states could exploit. Other organizations echoed Whittaker’s beliefs as companies like Mozilla, and the Center for Democracy & Technology among others signed a joint statement urging the EU to reject the proposal.
The Impact.
While the vote on this law has been paused indefinitely for now, the conversation surrounding chat control is far from over given Hungary’s intention to continue these conversations after it takes over control in July. While this bill does only apply to messaging applications within the EU, the implications of this bill could have far-reaching implications for people outside of the EU communicating with people or organizations residing within the EU. Given its wide-reaching implications, it is understandable why many messaging applications, privacy organizations, and citizens are raising their concerns related to the provision. For citizens and organizations residing in the EU, people should continue to stay informed on this bill over the coming months as negotiations continue and monitor what changes are being made to the bill and how that could impact the privacy of these messaging services in the future.
US aims to further curb investments in China’s AI and tech sectors.
The News.
On Friday, the United States (US) issued new draft rules that would fully ban, or in some cases, require notification of certain investments in artificial intelligence (AI) as well as other technology sectors within China, among other countries such as Macau and Hong Kong. With these new rules, the onus has been placed on US companies and individuals to determine if their investment deals would need to be restricted or banned. Treasury Assistant Secretary for Investment Security, Paul Rosen, stated with this announcement that “this proposed rule advances our national security by preventing the many benefits certain US investments provide…from supporting the development of sensitive technologies in countries that may use them to threaten our national security.”
With the Treasury Department issuing this proposal, the next steps will involve receiving public comments on their draft by August 4th. Currently, the proposed rules would ban any transactions involving AI being used for certain use cases, as well as banning transactions involving systems already trained in using a specified quantity of computing power. Additionally, these proposed rules would require organizations and individuals to notify the government of any transactions that would be related to the development of AI systems or semiconductors that have not already been prohibited.
The Knowledge.
While these new rules have not been implemented at this time, they come as a result of an executive order issued by President Biden in August 2023. This executive order was aimed at addressing US investments in various technologies and products that could be considered impactful to the nation’s national security. When originally signed, the executive order directed federal agencies to regulate specific US investments involving products, such as semiconductors, and technologies, such as AI and quantum computing. While these rules are aimed at primarily restricting exports to China, Macau, and Hong Kong at this time, US officials have signaled that they could widen the scope of these restrictions further if deemed necessary.
These new rules come after the Biden administration has taken numerous steps to severely limit what technologies and products are allowed to leave the US. Since the administration signed its executive order last August, various federal agencies, such as the Commerce Department, have implemented new restrictions on what types of semiconductor chips can be exported. If implemented in its current form, former Treasury official, Laura Black, stated that “US investors will need to engage in more extensive due diligence when making investments in China or investments involving Chinese companies that operate in the covered sectors.” Black continued by highlighting how these proposed rules were aimed at keeping US-managed funds from inadvertently helping China develop its capabilities in areas that would aid in modernizing military capabilities.
The Impact.
While these rules are only a draft at this time, this draft is reflective of the Biden administration’s clear intention to severely limit technology companies’ abilities to export their products and technologies to various nations of concern. For companies involved in developing various emerging technologies services and products, teams should take the time to fully understand this document and the restrictions that it would impose to determine if their dealings could be potentially impacted by it. If dealings are disrupted, companies should take the time over the next month to submit their comments to the Treasury Department before August 4th for consideration.
While these new rules will likely not impact the average US citizen, the measures are designed to secure US national security over the coming years. By restricting these technological exports, the Biden Administration is looking to secure US technological superiority for years to come by ensuring that capabilities and advancements remain solely within the US and its allied nations.
Other Noteworthy Stories.
FTC refers TikTok complaint to the DOJ.
What: The Federal Trade Commission (FTC) referred a complaint against TikTok related to the Department of Justice (DOJ).
Why: Last week, a complaint was filed against TikTok over alleged violations of the children’s safety law. The complaint is based on a 2019 compliance review of TikTok when the company was known as Musical.ly after it settled a lawsuit over violations regarding the Children’s Online Privacy Protection Act. With this complaint referral, the FTC stated that “the investigation uncovered reason to believe named defendants are violating or are about to violate the law and that a proceeding is in the public interest.”
A TikTok spokesperson responded to this referral stating that the company was “disappointed the agency is pursuing litigation instead of continuing to work with us on a reasonable solution.” Additionally, the spokesperson stated that TitTok “strongly disagrees with the FTC’s allegations” and that the application offers “age-appropriate experience with stringent safeguards.”
Biden Administration bans US sales of Kaspersky software over ties to Russia.
What: The Biden administration has banned the sale of the Kaspersky Lab’s software as well as imposed sanctions on the company’s executives over cyber risks.
Why: Last week, the Biden Administration announced a series of actions aimed at significantly restricting access to the Kaspersky antivirus software. These restrictions came due to the administration’s concerns about the company’s alleged ties to the Russian government. In this announcement, Commerce Secretary, Gina Raimondo expressed her concerns with the software’s ability to leverage its privileged access to potentially steal sensitive information, install malware, or prevent updates. To do so, the Commerce Department plans to add the company to the entity list which will prevent US suppliers from being able to engage with the company in any capacity. With this move, the Biden administration has effectively banned the sale, resale, and software updates for Kaspersky products within the US starting September 29th.
Additionally, the Biden administration sanctioned twelve people in leadership roles at the firm. These sanctions targeted high-level executives including the company’s COO, legal officer, and chief business development officer among others.
Kaspersky responded to this announcement stating that they believed that the US made this decision based on “the present geopolitical climate and theoretical concerns, rather than a comprehensive evaluation of the integrity of Kaspersky’s products and services.” Additionally, Kaspersky stated that the company is managed privately and has no connections to the Russian government. Russia’s government also responded to these sanctions by stating that this move was done to stifle competition rather than protect citizens.