Copy of Media Library (2)

SIIA’s 2024 Policy Priorities: Safeguarding Children, Fostering Responsible AI, and Shaping the Future of Digital Governance

by Policy

The Software & Information Industry Association (SIIA) outlines its 2024 Policy Priorities in a comprehensive document spanning various key areas. SIIA places a strong emphasis on protecting children’s online safety and privacy, particularly in response to concerning bills at both federal and state levels. The “Keep Kids Safe and Connected” campaign aims to ensure internet safety for children while advocating against potential privacy vulnerabilities and negative impacts on marginalized communities arising from legislative proposals like KOSA.

In the realm of education, SIIA acknowledges the vast potential of artificial intelligence (AI) and emphasizes the need for a robust framework that balances innovation with risk mitigation. The organization collaborates with the Ed tech industry, having established the “Principles for the Future of AI in Education” in 2023. SIIA is committed to working with government leaders to promote responsible AI adoption in educational environments.

Our 2024 Policy Priorities addresses broader issues, such as the call for responsible AI regulation, modernization of data policy, and the importance of a comprehensive federal privacy legislation to create uniform standards across states. Additionally, SIIA advocates for a healthy intellectual property system, supporting patent quality, copyright protection, and defending against non-practicing entities.

Other policy priorities include advancing digital trade, promoting international coordination on digital policies, and engaging with the European Union on various regulatory frameworks. SIIA underscores the significance of cybersecurity measures, digital identity technologies, and policies to counter synthetic media and uphold democratic values in the online environment. We remains committed to collaboration across sectors to address critical challenges and promote innovative solutions.

SIIA’s 2024 Policy Priorities
Copy of Media Library (58)

Request for Revision of FTC Rulemaking Process – Negative Option Rule, Project No. P064202

by Policy

SIIA and various organizations express their concerns and objections to the Federal Trade Commission’s (FTC) proposed amendments to the Negative Option Rule. We argue that the FTC’s procedures do not comply with the required public participation and dispute resolution standards outlined in Section 18 of the FTC Act.

The letter outlines several procedural shortcomings in the FTC’s approach, including the absence of a rebuttal comment period, limitations on the submission of disputed issues of material fact, and the Commission’s determination that there are no such disputes. The organizations assert that these shortcomings contradict the statutory mandate and undermine public participation.

We calls for the withdrawal of the Final Hearing notice and urges the FTC to issue an initial hearing notice consistent with previous rulemakings and federal law. The organizations argue that the FTC’s process has limited public input, eliminated opportunities for cross-examination and rebuttal evidence, and failed to adhere to the intent of the Magnuson-Moss Act and the FTC Improvements Act of 1980.

Ultimately, We request that the FTC address their concerns, withdraw the Informal Hearing notice, and provide a fair and transparent rulemaking process that allows for meaningful public participation.

Full Letter Here
Copy of Media Library (56)

SIIA’s Opposition to New Jersey Bill A.5750/S.4215 on Children’s Online Protection

by Policy
The Software & Information Industry Association (SIIA) opposes New Jersey bill A.5750/S.4215, designed to protect children online. The SIIA argues that the bill faces constitutional challenges due to its age verification and parental consent requirements. They claim these measures are impractical, potentially restricting access for underprivileged youth and hindering positive online development. Additionally, the SIIA criticizes the inclusion of a private right of action, suggesting it may lead to disproportionate legal costs. While supporting the goal of safeguarding minors, the SIIA urges reconsideration of the bill’s provisions to ensure constitutional compliance and practical feasibility.
Full Letter Here
Copy of Media Library (59)

Concerns and Recommendations Regarding NCDPI’s Updated Data Confidentiality and Security Agreement

by Policy

Software & Information Industry Association (SIIA) expresses appreciation for the efforts of the North Carolina Department of Public Instruction (NCDPI) in safeguarding student data. However, SIIA raises several concerns regarding the recently updated “Data Confidentiality and Security Agreement for Online Service Providers and Public School Units.” The concerns include:

    1. The time-consuming requirement for advanced approval by public school units (PSUs) for subcontractor use and data sharing, suggesting an alternative of obligating subcontractors to follow privacy and security requirements.
    2. The definition of shared data extending beyond legal frameworks, recommending alignment with state and federal laws.
    3. Operational difficulties in meeting the 24-hour breach disclosure timeframe, proposing an extension to at least 72 hours after breach confirmation.
    4. Lack of a nondisclosure agreement between NCDPI and vendors, suggesting an inherent and written duty of confidentiality when confidential information is requested.
    5. Inconsistency between NCDPI’s statement on no changes to the Agreement and the Authorization to Operate Letter allowing PSU’s acceptance of vendor modifications, recommending more flexibility.
    6. Inadequate time for vendor compliance with third-party assessment standards, proposing a more lenient timeframe aligned with state education funding deadlines.
    7. Impracticality of third-party penetration tests, suggesting the use of non-confidential reports from recognized cybersecurity frameworks.
    8. Contradiction with NC’s student data privacy statute regarding ownership of de-identified, aggregated data and metadata, recommending compliance with applicable state law.
    9. Lack of clarity in the timeline for data destruction post-subscription termination, suggesting adherence to the vendor’s data retention policy or customer request.

The letter concludes with additional questions related to approved third-party assessments, protections under the Public Records Act, a grayed-out section in the “Process Overview Flow Chart,” and the adequacy of an ISO 27001 certificate for NCDPI’s requirements.

Full Letter Here
Copy of Media Library (55)

NIST Virtual Listening Session: Paul Lekas Advocates U.S. Leadership in Critical and Emerging Technology Standards

by Policy
Paul Lekas, Senior Vice President of Global Public Policy & Government Affairs at the Software & Information Industry Association (SIIA), addressed the NIST Virtual Listening Session on the U.S. Government National Standards Strategy for Critical and Emerging Technology on December 19, 2023. He endorsed NIST’s call for increased U.S. participation in Critical and Emerging Technology (CET) standards. He stressed the role of standards in economic growth and democratic values. Lekas proposed federal grants for SMEs, emphasizing their vital contributions to CET standards. Underlining the importance of balancing innovation and standards, he suggested measures to enhance private sector engagement, including advisory committees and regular meetings. Lekas urged sustained U.S. commitment to global leadership in CET standards.
Full Testimony