Jason Oxman President and Chief Executive Officer at Information Technology Industry Council | Official website
WASHINGTON – Today, global tech trade association ITI responded to the U.S. Department of Commerce’s notice of proposed rulemaking (NPRM) implementing Executive Order 13984, Taking Additional Steps to Address the National Emergency with Respect to Significant Malicious Cyber-Enabled Activities, and U.S. President Biden’s Executive Order on Safe, Secure, and Trustworthy AI.
In its comments, ITI emphasized the importance of safeguarding U.S. national security and expressed a commitment to collaboration with the government to address threats posed by malicious actors’ use of critical infrastructure. However, ITI raised concerns regarding the proposed rule's approach, particularly on identity verification requirements and their effectiveness in deterring malicious activity.
"We question whether the proposed requirements will achieve the underlying objective of the EO," ITI stated. "The proposed identity verification requirements will put unnecessary burden on cloud service providers, undermine global trust in U.S.-based cloud computing services, and ultimately prove ineffective in achieving the goals of the EO."
Regarding the AI training run reporting requirements, ITI urged the government to refine the rule from a technical and policy perspective. ITI suggested tying the reporting requirement to the compute threshold introduced in the AI EO as a way to target the rule more effectively.
ITI also provided recommendations to the Commerce Department, including targeting the rules to countries of concern, splitting the rulemaking into two separate parts for better consideration, acting in coordination with international partners, defining best practices for deterring IaaS abuse, and leveraging existing authorities to address malicious cyber-enabled abuse.
For more details, ITI's full comment submission can be accessed on their website.
