A host of governments around the globe have proposed regulation aimed at tech this year, especially the EU. The effort to regulate tech of all kinds stretches across the globe. Digitalization, Cryptocurrency and Artificial Intelligence are three key areas that are at risk for forthcoming regulations. The industry needs to focus heavily on these areas and resist the anti-innovative elements of them.
Digitalization has become so widespread that it has also invited vulnerabilities from hackers. The adoption of Zero Trust rules has been voluntary as a defense against intensive hacking on the net. Federal Zero Trust rules now create governmental Zero Trust standards which will have a broad reach. This effort is reasonable and welcome but, in any event, not optional.
Cryptocurrency is another hot area for regulators. Last week we looked at the Federal blockchain regulatory sweep. Here we include a short recap of the efforts to regulate Crypto coins. The anti-money laundering and anti-fraud elements are straightforward to justify. For the Crypto coin business, however, federal regulation could easily lead to a usurpation of the blockchain currencies by the Fed or the banks.
The greatest threat, however, comes from the adoption of the EU rules on AI. For American industry, the extraterritoriality of these rules could place a wholesale limitation on tech evolution.
This is a year where regulation of tech is taking specific form. It is a year when the industry needs to recognize the negative impact proposed rules may have on innovation and act to limit the damage.
Digitalized firms pay the price for security
Most internet users are free riders. The net is, as a matter of design, “open.” The cost of maintaining the security of the net is oblique but real. The result is that security is far below acceptable standards. Proof is not hard to find. From the SolarWinds hack to the Colonial Pipeline ransomware attack, we are seeing the effects of an international virtual war.
These attacks have resulted in a push back at the private and governmental level. Zero Trust technologies are moving forward as companies become digital and web based. Zero Trust principles from Microsoft help show the change in approach from the “trust but verify” days of the past. The Microsoft principles include (1) verify explicitly, (2) use least privileged access and (3) assume a breach exists.
At the Federal level, the law now requires that “the migration to cloud technology shall adopt Zero Trust Architecture, as practicable.” People can only infer the effectiveness of these efforts as they see public and private vulnerabilities mitigated. Cybersecurity is a cost of doing business and a necessary cost reduction effort. Investors should see investments in Zero Trust as a positive.
Crypto and the Feds
There are two central questions in cryptocurrency regulation, especially Stable coin regulation:
1. How far can the government legally go in defending the dollar
2. How far should the government go
The Federal government can act without restraint in a currency crisis. Contracts and contract law do not bar the Government from acting to defend the dollar. In addition, problems with the dollar have come from the US policy.
Inflation protection is one of the core drivers of the demand for Crypto currencies and regulators should be careful to see that increased use of Crypto is the messenger. The message is that debasement of the dollar is driving defensive asset allocations. These allocations result in increased Cryptocurrency demand which the regulators will resist.
EU aims for a regulatory mugging of AI
For the AI industry, the long anticipated regulatory regime is taking form. The EU has attempted to take the lead in AI regulation. It is an effort which the industry and the U.S. should strongly resist. Its scope is breathtaking and obviously aimed at the US. Below is a short excerpt from the EU proposal.
1.This Regulation applies to:
(a) providers placing on the market or putting into service AI systems in the Union, irrespective of whether those providers are established within the Union or in a third country;
(b) users of AI systems located within the Union;
(c) providers and users of AI systems that are located in a third country, where the output produced by the system is used in the Union;
The proposals purport to be risk based but would create a vast set of rules for all AI initiatives. In practice it is easy to see every line of code subject to regulatory review to check if it is “high risk.”
The rules note that “The use of AI with its specific characteristics (e.g. opacity, complexity, dependency on data, autonomous behavior) can adversely affect a number of fundamental rights enshrined in the EU Charter of Fundamental Rights (‘the Charter’).” The stultifying effect on business use of AI, in and out of the EU, is clear.
Tech needs to defend against over regulation
Big tech has affirmed a willingness and even a limited desire for regulation. However, 2022 is a year where one should be careful what one wishes for on all regulatory fronts. The industry and industry groups must understand the aggressive nature of the proposed Crypto and AI regulations. Regulators need to appreciate the advantage these rules will give to non-compliant adversarial international regimes.
We hope you enjoyed this article. Please give us your feedback.
This article is not intended as investment, tax, or financial advice. Contact a licensed professional for advice concerning any specific situation.