My understanding is that the requirement is for __platforms__ with 10m+ monthly users. That is, like Twitter but (probably) not Hacker News. And that really it is more that these platforms need to provide an interface in which bots can identify themselves and do a good faith effort in identifying bots
> Online platforms with over 10 million monthly U.S. visitors would need to ensure bot operators on their services comply with these expanded disclosure rules.
So even if the bot is from a small business, they still must identify themselves as long as they are on a platform like Twitter, Facebook, Reddit, etc. This feels reasonable, even if we disagree on a threshold. It doesn't make sense to enforce this for small niche forums. This would put undue burden on small players and similarly be a waste of government resources, especially because any potential damage is, by definition, smaller.
Big players love regulation because it's gatekeeping and they can always step over the gate. But the gate keeps out competition. More specifically, it squashes competition before they can even become good competitors. So I think it definitely is a good idea to regulate in this fashion. Remember that the playing field is always unbalanced, big players can win with worse products because they can leverage their weight.
There's a practical reason with two sides to it. Most small companies simply won't know this rule even exists, if it passes. And as various other jurisdictions pass various other laws relating to AI, this will gradually turn into hundreds of laws, very possibly incompatible, spattered across countless jurisdictions - regularly changing with all sorts of opaque precedent defining what they exactly mean. You'll literally need a regulatory compliance department to keep up to date.
And such departments, staffed with lawyers, tend to be expensive. Have these laws affect small business and you greatly imperil the ability of small companies to even exist, which is one reason big companies in certain industries tend to actively lobby for regulations - a pretext of 'safety' with a reality of anticompetitive behavior. But by the time a company has 10 million regular users, it should be able to comfortably fund a compliance department.
Small companies don't have to implement the ability to stop marketing or political texts if the customer replies STOP. Twilio, Amazon SNS, and other companies further down the stack do it automatically.
I assume foundational models will include it in all text they emit somehow.
Just how Zoom tells everyone "recording in progress" as soon as you press the record button, to ensure compliance. Or indeed Apple's newish call recording feature.
I think there's an easy middle ground, 10M is huge. 1k would be much more reasonable. That gives startups more than enough runway to be naughty while also making sure they fix things up before becoming a problem.
Incorrect. They 10M requirement is part of the definition of an "online platform" [1], which is only mentioned in the existing statue as them NOT having an obligation [2] and is not mentioned at all in the proposed law [3] other than a formatting fix.
Run 10 subsidiaries via a chain of shell companies, each carefully staying under, say, 8M monthly users, all relaying approximately the same messages, both by pure coincidence, and by admittedly blatant imitation of each other!
It's a horse trading thing. You are less likely to get your bill passed if it will impact small businesses. think less about SV startups who know what they're doing and more about some indy barber who buys an off the shelf scheduling assistant -- should they have to bury themselves in legal code first?
For the same reason GDPR should have not applied to smaller businesses, lots of people who had otherwise perfectly fine small sites that were useful and reasonably secure could not afford the overhead due to various factors, being self-bootstrapped, too small of a budget, hobbyist projects, etc the things that always make the internet great. The fines are in the millions at a MINIMUM, its ridiculous.
After GDPR became the law in the EU, we saw here on HN numerous announcements of smaller sites / companies just shutting their doors. Meanwhile, bigger sites and companies can afford all the red tape, and they win all these smaller companies customers by default.
Big players love regulation because it's gatekeeping and they can always step over the gate. But the gate keeps out competition. More specifically, it squashes competition before they can even become good competitors. So I think it definitely is a good idea to regulate in this fashion. Remember that the playing field is always unbalanced, big players can win with worse products because they can leverage their weight.