Companies Ftc Regulatory
The FTC Turns AI Safety Upside Down — and Ransomware Goes Browserborne
The Federal Trade Commission issued a proposed policy statement arguing that training AI chatbots to avoid discriminatory responses could itself constitute consumer deception under Section 5 of the FTC Act. The agency's reasoning is that if an AI system is constrained to produce certain types of outputs and does not disclose that, users may believe they are receiving objective results when they are in fact receiving shaped ones. Critics of the statement note that every AI system makes design choices about outputs — the question of whether a system should be built to avoid harmful content is an engineering decision, not concealment, in the same way a calculator declining to report that two plus two equals five is not deceiving its user.
The regulatory implication, if this framing became enforceable policy, is that AI companies could face FTC liability for implementing bias safeguards while simultaneously facing civil liability for discriminatory outputs — a legally difficult position that might incentivize disclosure of constraints rather than their removal. The political dynamics of the current administration make enforcement against major AI companies in this context appear unlikely, but the statement's logic, once introduced into regulatory discourse, may prove durable.
On the cybersecurity front, Check Point researchers demonstrated that DeepSeek, the Chinese AI model, can generate browser-only ransomware — code that encrypts a victim's files entirely inside a web browser without requiring any software download, exploit, or elevated system access. The 'no download required' element is critical for security professionals: traditional endpoint security tools are architected around detecting and blocking malicious software installations. Browser-based execution within a legitimate application like Chrome or Firefox bypasses that entire defensive layer entirely.
Microsoft faces a separate AI legal threat through a shareholder suit alleging that the company's board failed to adequately disclose legal and financial risks associated with GitHub Copilot and other AI tools trained on copyrighted code. The theory is that if active copyright litigation against those products succeeds, Microsoft's exposure would exceed what the company's public disclosures prepared investors for — copyright liability being tested through securities law in what amounts to a flanking maneuver around the intellectual property cases themselves. California's youth social media bill, meanwhile, was rewritten to allow minors to remain on platforms that strip algorithmically addictive features such as infinite scroll, push notifications, and recommendation feeds — a shift in regulatory philosophy away from outright bans that have faced First Amendment challenges.