As 2021 comes to a close, we will be sharing the key legislative and regulatory updates for artificial intelligence (“AI”), the Internet of Things (“IoT”), connected and automated vehicles (“CAVs”), and privacy this month.  Lawmakers introduced a range of proposals to regulate AI, IoT, CAVs, and privacy as well as appropriate funds to study developments in these emerging spaces.  In addition, from developing a consumer labeling program for IoT devices to requiring the manufacturers and operators of CAVs to report crashes, federal agencies have promulgated new rules and issued guidance to promote consumer awareness and safety.  We are providing this year-end round up in four parts.  In this post, we detail AI updates in Congress, state legislatures, and federal agencies.

Continue Reading U.S. AI and IoT Legislative Update – Year-End 2021

This is the seventh in a series of Covington blogs on implementation of Executive Order 14028, “Improving the Nation’s Cybersecurity,” issued by President Biden on May 12, 2021 (the “Cyber EO”).  The first blog summarized the Cyber EO’s key provisions and timelines, and the secondthirdfourthfifth, and sixth blogs described the actions taken by various government agencies to implement the EO during June, July, August, September, and October 2021, respectively.  This blog summarizes the key actions taken to implement the Cyber EO during November 2021.

Although most of the developments in November were directed at U.S. Government agencies, the standards being developed for such agencies could be imposed upon their contractors or otherwise be adopted as industry standards for all organizations that develop or acquire software.


Continue Reading November 2021 Developments Under President Biden’s Cybersecurity Executive Order

The newly enacted National Defense Authorization Act (“NDAA”) contains important provisions regarding the development and deployment of artificial intelligence (“AI”) and machine learning technologies, many of which build upon previous legislation introduced in the 116th Congress. The most substantial federal U.S. legislation on AI to date, these provisions will have significant implications in the national security sector and beyond. The measures in the NDAA will coordinate a national strategy on research, development, and deployment of AI, guiding investment and aligning priorities for its use.

President Trump had vetoed the NDAA after its initial passage in December, but the $740 billion NDAA became law over the objection of President Trump’s veto with a rare New Year’s Day Senate vote, 81-13. The House voted to override President Trump’s veto on December 28, on a 322-87 vote.

This post highlights some of the key AI provisions included in the NDAA.
Continue Reading AI Update: Provisions in the National Defense Authorization Act Signal the Importance of AI to American Competitiveness

On Friday, December 4, 2020, President Trump signed the bipartisan Internet of Things (“IoT”) Cybersecurity Improvement Act of 2020 into law.  The IoT Cybersecurity Improvement Act empowers the National Institute of Standards and Technology (“NIST”) to create cybersecurity standards for internet-connected devices purchased and used by federal agencies.  For more information on the law, please

The bipartisan Internet of Things (“IoT”) Cybersecurity Improvement Act of 2020 (S. 734, H.R. 1668) has passed the House and the Senate and is headed to the President’s desk for signature. The bill was sponsored in the House by Representatives Hurd (R-TX) and Kelly (D-IL), and in the Senate by Senators Warner (D-VA) and Gardner (R-CO).  President Trump is expected to sign the measure into law.

Continue Reading IoT Update: Congress Passes IoT Cybersecurity Improvement Act of 2020

Last month, NIST released its Draft NISTIR 8269, A Taxonomy and Terminology of Adversarial Machine Learning.

The taxonomy is intended to assist researchers and practitioners in developing a common lexicon around Adversarial Machine Learning, with the goal of setting standards and best practices for managing the security of Artificial Intelligence (“AI”) systems against attackers.
Continue Reading AI Update: NIST Seeks Public Comment on Taxonomy of Adversarial Machine Learning

Earlier this month the U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) released its Draft NISTIR 8267, Security Review of Consumer Home Internet of Things (IoT) Products, for public comment. NIST will accept public comments on the report through November 1, 2019.
Continue Reading IoT Update: NIST Seeks Public Comment on Security Review of Smart Home IoT Devices