SIIA Public Policy

It is more clear than ever that Section 230 is essential for a safe and functional internet. While we applaud efforts to keep people safe online, it must not come at the expense of Section 230.

Timing matters. The U.S. & Brazil are in active trade talks aimed at deeper economic integration. Legislation that targets American tech companies w/ steep fines for vague conduct won't be seen as competition policy in Washington — it'll be interpreted as digital protectionism.

The EU's own experiment with ex ante regulation is already showing cracks. Early DMA implementation has degraded features, broken integrations, and frustrated users. That's a warning sign, not a model to replicate.

Brazil is fast-tracking a sweeping digital competition bill (PL 4.675/2025) modeled on the EU's Digital Markets Act. Here's why that's a bad idea — and why it matters beyond Brazil's borders siia.net/brazil-must-no…

SIIA filed an amicus brief in the Fourth Circuit defending access to lawful, factual data. The case challenges a WV law restricting public information and raises key First Amendment concerns. Read more: hubs.la/Q0477MqF0

Priorities include clearer lawful bases for AI development, interoperable consent and opt-out signals, streamlined cybersecurity incident reporting, and practical implementation timelines for the AI Act. Read more ⤵️ siia.net/siia-comments-…

Our comments recommend reducing duplication across the GDPR, AI Act, Data Act, and cybersecurity frameworks while maintaining strong protections for individuals and supporting a well-functioning digital market.

SIIA submitted comments to the European Commission’s Digital Fitness Check and Digital Omnibus review, highlighting how overlapping EU rules on privacy, AI, cybersecurity, and data governance affect compliance for software, cloud, and AI developers.

SIIA encourages flexible, risk-based guidance that builds on existing frameworks like the NIST AI Risk Management Framework, helping organizations strengthen AI security while continuing to innovate. siia.net/siia-response-…

AI agents can plan actions, call tools, and interact with external systems, creating new security considerations like prompt injection and permission misuse. But many risks can be addressed by extending proven cybersecurity practices.

💬 @SIIA submitted comments to @NIST and the Center for AI Standards and Innovation on security considerations for AI agent systems. As agentic AI evolves, security practices must evolve with it.

Our brief explains why these sweeping searches raise serious Fourth Amendment concerns and should require a warrant supported by probable cause and particularity. Protecting user privacy is essential to maintaining trust in digital services. Read more ⤵️ siia.net/siia-urges-sup…

The case asks whether law enforcement can compel tech companies to search through location data from millions of users to identify potential suspects through geofence searches.

🧵 @SIIA and @CCIAnet filed an amicus brief in Okello Chatrie v. United States addressing government access to location history data.

Imposing a new requirement that provides no benefit is “the definition of bad regulation.” We need smart, targeted solutions to protect kids online, not blanket data-collection mandates that burden safe platforms without improving safety.

Broad age verification mandates often miss the mark and create unnecessary hurdles. @JayObernolte is correct. The current bill is written too broadly and puts our children at risk by collecting their sensitive personal information.

SIIA joined @CCIA, @TechNetUpdate, and @BSAnews in a letter highlighting the importance of a competitive U.S. AI ecosystem. Policies addressing supply chain risks should avoid creating uncertainty that could weaken innovation and U.S. leadership in #AI. siia.net/siia-joins-tec…

True online safety shouldn’t come at the cost of anonymity and data security. Mandated age verification creates a hacker “honeypot.” Read @LekasSIIA’s testimony on crafting safety laws that protect privacy without invasive ID checks: siia.net/wp-content/upl…

Broad, blunt age verification mandates don't just "check boxes"—they force every user to hand over private data to tech platforms. To keep kids safe, we need privacy-first protections rather than sweeping government mandates that create new security vulnerabilities for families.

While a safe online environment for kids is a top priority, mandatory age verification risks turning platforms into massive databases of sensitive ID information.