Two bills currently being considered by the U.S. Senate—the American Innovation and Choice Online Act (AICOA) and the Open App Markets Act (OAMA)—would, if passed and signed into law, result in significant redesigns of technology platforms of the U.S. companies Apple, Meta (owner of Facebook), Alphabet (owner of Google), and Amazon. Microsoft might also be ensnared. These mandated business changes would financially weaken the U.S. information technology sector, severely limit these companies’ abilities to innovate, and significantly undermine their efforts to combat cyber threats and state-sponsored misinformation, disinformation, and malinformation.
Strangely, while diminishing these U.S. companies and making them and their customers more vulnerable to foreign manipulation, the legislation would likely leave state-affected Chinese and Russian technology platforms untouched, some of which are making significant inroads in U.S. markets.
The AICOA makes it unlawful for a “covered platform” (i.e., a platform that reaches the success levels of the U.S. companies listed above) to better serve the needs of its own products than those of its rivals. The bill enumerates ten forms of preferencing that would become illegal, including (1) not allowing a platform’s business users to access or interoperate with the platform’s operating system, hardware, or software features that the provider uses for its own products; (2) using non-public data generated on the platform by business users or their products to compete with those users; (3) materially restricting these users from accessing the data; and (4) failing to be neutral, fair, and nondiscriminatory in its treatment of technical standards affecting the platform’s own products and those of rivals. The bill allows for an affirmative defense of violations of the ten forms of outlawed preferencing, which means that government regulators would oversee platform design changes.
The OAMA is similar to the AICOA in that it requires the platforms to allow users to “install third-party apps or app stores through means other than its app store.” It also demands that all developers have the same “access to operating system interfaces, development information, hardware and software features.” It says the provisions do not apply if the violations are “necessary to achieve user privacy, security, or digital safety.” However, it puts the burden of proof on the platform to convince regulators that its platform features are “narrowly tailored and could not be achieved through a less discriminatory and technically possible means.” It’s hard to imagine the logic of having politically appointed regulators judging disputes over computer code and artificial intelligence algorithms.
These bills threaten cyber and national security by opening the platforms and customers’ systems to intrusion by adversaries, restricting these companies’ abilities to continue to be world leaders in technology innovation, and weakening the U.S. information technology sector’s financial capacity.
Consider what would have happened this year with the Russian invasion of Ukraine if the AICOA and OAMA had been in effect. The laws put little or no limit on the number of points where Russian actors could access the U.S. platforms’ computer systems, and each of these points is a vulnerability. By the time the Ukraine conflict started, the Russian actors would have already used their access to challenge the U.S. platforms’ security, features, and content. The U.S. companies would have been fighting back. However, U.S. regulators would be delaying the defensive measures by investigating whether they unduly discriminated against the Russian actors disguised as legitimate businesses struggling to compete.
Given the platforms’ regulatory hurdles and delays, it is likely that the Russian actors could have planted malware designed to stealthily collect U.S. and Ukraine metadata, steal software, intercept and alter data flows, surveil Americans and Ukrainians, disrupt the platforms’ attempts to prevent misuse, and compromise platform functions. The regulations would also have required the U.S. platforms to provide data to a wide range of stealth Russian-supported companies. American lives and interests would have been put at risk, as would the lives and interests of American allies.
In a technologically driven world, national security depends partly on a country’s technology leadership. AICOA’s and OAMA’s openness requirements and other business limitations are specifically designed to constrict the innovativeness of the U.S. platforms that have led much of the tech revolution. The openness requirements would mean that platform users, which could include bad actors, could delay platform innovations by claiming they harm the users’ businesses. This was the case with openness requirements in telecommunications, where regulatory processes delayed new services and slowed the replacement of copper lines with fiber optics.
National security also depends on a financially vibrant information technology sector. AICOA and OAMA explicitly limit a company’s profitability that becomes so successful that it comes under the law’s control. Because about 90 percent of all technology startups fail, constraints on the profitability of the winners limit the willingness of entrepreneurs and investors to take high risks. This effect would be compounded by the Platform Competition and Opportunity Act, also under consideration in the Senate, which would limit opportunities for entrepreneurs to profit from developing an innovative product and selling it to one of the Big Tech firms rather than go through the expense and risk of building its own large business.
The sponsors of the AICOA and OAMA have been dismissive of the national security issues. They should not. It is never a good time to put a country’s national security and industries at risk, but the rising tensions with Russia, China, and other tech-savvy countries make these legislations come at particularly bad times.
Mark Jamison is a senior fellow at the American Enterprise Institute, where he works on how technology affects the economy, and on telecommunications and Federal Communications Commission issues. He is concurrently the director and Gunter Professor of the Public Utility Research Center at the University of Florida’s Warrington College of Business.