If you missed it last week, there was a tech callout in the State of the Union Address. President Joe Biden called for banning AI voice impersonations in his address, aiming to protect people from the misuse of the technology. The Federal Communications Commission has already made AI-generated voices in robocalls illegal, but this move does not cover all contexts at the federal level.
So, while we’re talking legislation, Oregon has passed an expansive right-to-repair law, becoming the fourth state to do so. The legislation requires manufacturers to provide consumers access to tools, parts, and manuals for repairing their electronic devices. The law goes further than other states’ laws, triggering objections from tech companies like Apple. Advocates believe the law will make repairs more accessible and cheaper for consumers, while opponents argue it may compromise device security and safety and could lead to legal challenges.
The Federal Highway Administration is seeking public comments on its proposal to adopt the Cyber Security Evaluation Tool developed by the Cybersecurity and Infrastructure Security Agency (CISA). The tool would help transportation authorities address cyber incidents and meet the requirements of the bipartisan infrastructure law. The FHWA believes leveraging CISA’s expertise is more appropriate than creating a separate tool and will continue collaborating with other federal agencies to develop cybersecurity tools for highway-related equities.
Speaking of CISA, The Government Accountability Office (GAO) has reported that the CISA lacks sufficient staff with the necessary skills to handle risks to operational technology (OT) systems. OT systems are crucial to critical infrastructure and are vulnerable to cyberattacks. The GAO spoke with CISA officials and nonfederal entities, who highlighted challenges in working with CISA and a lack of timely information sharing. The GAO offered recommendations to CISA, including measuring customer service, effective workforce planning, issuing guidance to sector risk management agencies, and developing a policy on collaboration with these agencies.
Why do we care?
We’re going to wrestle with questions like “do you own you voice” as AI gets regulated. And I anticipate it will.
We’re watching CISA’s work get adopted. This is good news! Industries may need to engage more directly with policymakers to ensure that cybersecurity regulations and support structures meet their specific needs, and frankly, ensure funding for initiatives that the industry depeneds on. If you believe in cybersecurity as the big opportunity, you want there to be policy and regulation that requires it.