The FTC’s designated agency ethics official is a “dedicated, honest, career civil servant who follows” the rules, FTC Chair Lina Khan said Friday in response to reports Lorielle Pankey acted improperly. House Judiciary Committee Chairman Jim Jordan, R-Ohio, and House Commerce Committee Chair Cathy McMorris Rodgers, R-Wash., have questioned ethics practices at the agency under Khan (see 2306280063). The Wall Street Journal reported Pankey owned stock in Meta when she advised Khan to recuse herself from a case involving the company. Khan issued a joint statement with Democratic Commissioners Rebecca Kelly Slaughter and Alvaro Bedoya: “We stand behind and are proud of our career staff. We are extraordinarily lucky to have highly professional and skilled colleagues who tirelessly work to preserve fair competition and protect Americans from unlawful business practices.”

The FTC is seeking comment on a proposed rule to stop companies from using fake reviews and endorsements. The agency announced a notice of proposed rulemaking to combat fake reviews, suppression of honest negative reviews and payment for positive reviews. The rule would “trigger civil penalties for violators and should help level the playing field for honest companies,” said Consumer Protection Bureau Director Samuel Levine. The commission voted 3-0 to approve the NPRM.

The continued lack of a national cyber director is a “challenge” to implementing a national cyber strategy (see 2303020051), the GAO said Thursday. National Cyber Director Chris Inglis announced his departure in February, and a replacement hasn’t been named, the agency noted. “This vacancy leaves unfilled a key leadership role needed to coordinate the federal efforts to address cybersecurity threats and challenges,” the agency said. “Further, sustained leadership in this position is essential to ensuring strategy execution and accountability.” The GAO urged the administration to “establish specific objectives and performance measures, resource requirements, and roles and responsibilities” in order to carry out the cyber strategy.

The FTC issued final revised advertising guidelines Thursday to ensure companies’ product reviews and endorsements are “truthful.” The agency solicited comment in May 2022 on the guidelines (see 2209270065), which advise businesses on what’s unfair or deceptive. The guidelines were last updated in 2009. The commission voted 3-0 to approve publication of the revised guides. Revisions include new principles for ad distortion when companies boost or suppress content; guidelines for incentivized reviews and fake negative reviews of competitor products; a new definition for “clear and conspicuous"; clarification that a “platform’s built-in disclosure tool might not be an adequate disclosure"; clarified definitions for fake reviews and virtual influencers; clarification for liability of advertisers, endorsers and intermediaries; and emphasis that “child-directed advertising is of special concern.”

Companies shouldn’t be forced to turn over sensitive data to competitors and European governments under the threat of massive fines authorized under the EU’s Data Act, the U.S. Chamber of Commerce said Wednesday. EU officials reached agreement on the Data Act Tuesday. European Commissioner for Internal Market Thierry Breton called it a “milestone in reshaping the digital space.” The chamber cited concerns about the legislation’s impact on competition, investment and innovation. “We urge EU policymakers to engage in dialogue with stakeholders, including American businesses, as the Act is finalized and implemented,” said Sean Heather, senior vice president-international regulatory affairs and antitrust.

The U.S. should avoid the EU's “overly prescriptive” approach to regulating AI (see 2306140039), the Computer & Communications Industry Association said Tuesday, releasing a white paper with regulatory recommendations. Congress and various agencies are exploring how to use existing and potential authorities to avoid risks of the technology (see 2306230060). CCIA agreed that. by “establishing clear guidelines and standards for transparency and accountability, regulation can help address concerns related to privacy, bias, and accountability.” But CCIA said an approach like the EU’s AI Act “may hamper the development of the next generation of AI technologies.” CCIA “hopes this paper will serve as a guide for policymakers to craft rules that maximize the benefits of AI while reducing the potential risks,” said Senior Counsel-Innovation Policy Josh Landau. “With smart regulation and governance, the United States can continue to lead the world in AI innovation.”

The CEOs of Google, Microsoft, Apple and OpenAI met with President Joe Biden and India Prime Minister Narendra Modi at the White House Friday, as the administration continues its push to regulate AI (see 2305250037). Google's Sundar Pichai, Microsoft's Satya Nadella, Apple's Tim Cook and OpenAI's Sam Altman met with senior officials from both countries to discuss innovation, investment and manufacturing. Commerce Secretary Gina Raimondo, National Economic Council Director Lael Brainard, National Security Adviser Ajit Doval and NASA Administrator Bill Nelson were among U.S. participants. Biden told attendees the U.S. and India are developing new technology that will change the world, and the government needs the executives' help to "build guardrails around emerging technologies” so they're "trustworthy, secure and uphold our shared values in human rights.” Modi spoke briefly in Hindi after the president’s remarks. Biden and Modi issued a joint statement with a commitment to develop and promote regulations that “facilitate greater technology sharing, co-development, and co-production opportunities between U.S. and Indian industry, government, and academic institutions.” Altman, Microsoft President Brad Smith and IBM Chief Privacy and Trust Officer Christina Montgomery have urged Congress to regulate the emerging technology. Senate Majority Leader Chuck Schumer, D-N.Y., is leading a series of Senate briefings and meetings in hopes of reaching agreement on comprehensive legislation (see 2306210065). Sens. Ed Markey, D-Mass., and Gary Peters, D-Mich., in a letter announced Friday, asked the GAO to assess the potential harms of generative AI. The agency told us it’s likely to accept the request, though a formal review is pending.

NIST is launching a public working group on the risks and opportunities of generative AI, Commerce Secretary Gina Raimondo announced Thursday. The working group will consist of volunteers with expertise in the public and private sector, NIST said. The group will build on NIST’s AI Risk Management Framework and address challenges from AI technology that generates “content, such as code, text, images, videos and music.” Applications to join the working group are due July 9. The group “will help provide essential guidance for those organizations that are developing, deploying and using generative AI, and who have a responsibility to ensure its trustworthiness,” said Raimondo.

Online marketplaces need to follow a new law that starting June 27 requires verification of high-volume, third-party sellers of consumer goods, the FTC said Tuesday. The Integrity, Notification and Fairness in Online Retail Marketplaces for Consumers (Inform) Act defines a high-volume seller as someone who has made 200 or more sales in a 12-month period, worth $5,000 or more. Introduced by House Consumer Protection Subcommittee Chair Gus Bilirakis, R-Fla., and ranking member Jan Schakowsky, D-Ill., the Inform Act is meant to protect consumers from counterfeit, unsafe and stolen goods on platforms like Amazon and e-Bay. Senate Judiciary Committee Chairman Dick Durbin, D-Ill., introduced companion legislation with Sen. Bill Cassidy, R-La. The FTC “will enforce the act to the fullest extent possible and will collaborate with our state partners to hold online marketplaces accountable,” Consumer Protection Bureau Director Samuel Levine said Tuesday. The agency sent letters to 50 online platforms.

Russian cyber hackers exploited several federal agencies through a file transfer vulnerability, Cybersecurity and Infrastructure Security Agency Director Jen Easterly told reporters Thursday. This isn’t a campaign “like SolarWinds that presents a systemic risk to our national security or our nation’s networks,” she said, but CISA is working with the FBI and others to “understand prevalence within federal agencies.” The Department of Energy was reportedly one of the agencies affected. The FTC wasn't hit, an agency official said Friday. The FCC didn’t comment. At this point, CISA believes threat actors are “only stealing information that is being stored on the file transfer application at the precise time that the intrusion occurs,” she said. Based on conversations with the Joint Cyber Defense Collaborative, “these intrusions are not being leveraged to gain broader access, to gain persistence into targeted systems, or to steal specific high value information -- in sum, as we understand it, this attack is largely an opportunistic one,” she said. CISA isn’t aware of the attackers threatening to “extort or release any data stolen from U.S. government agencies.” CISA issued a joint cybersecurity advisory with the FBI June 7, recommending protective measures against Russia’s CL0P Ransomware Gang. The cyber group has been trying to exploit a “vulnerability in Progress Software's managed file transfer solution, known as MOVEit, to steal data from underlying MOVEit Transfer databases,” she said. CISA is working with the FBI, Progress Software and federal partners to understand the extent of the intrusions. “At this time, we are not tracking any significant impacts to the federal civilian executive branch (.gov) enterprise but are continuing to work with our partners on this issue,” said Easterly. House Commerce Committee Chair Cathy McMorris Rodgers, R-Wash., and ranking member Frank Pallone, D-N.J., are seeking briefings from DOE and federal officials to understand the “severity of the attack,” they said Friday: “The wide scale nature of this attack underscores the importance of bolstering the ability of industry specific federal agencies to secure America’s critical infrastructure and respond to complex attacks.”