CLIENT ALERT / US POLICY
June 9, 2026
Read time: 6 min
US President Donald Trump has issued an executive order (EO) that marks a notable evolution in the administration’s stance on artificial intelligence (AI). The EO balances national security and cybersecurity risks with innovation as AI capabilities continue to advance.
The EO calls for AI developers to voluntarily share certain new models with the federal government up to 30 days before providing access to other partners and directs national security agencies to create a framework for evaluating AI-related risks and establishing an AI-cybersecurity clearinghouse.
In this article, we summarize key provisions of the EO, provide an overview of the administration’s evolving stance on AI, and analyze what implementation of the EO means for stakeholders.
On June 2, 2026, President Trump issued an EO titled, Promoting Advanced Artificial Intelligence Innovation and Security, accompanied by a White House fact sheet. The EO’s substantive directives fall into four areas:
- Developing a secure frontier AI model process. Within 60 days, the US Department of the Treasury, the National Security Agency, and the Cybersecurity and Infrastructure Security Agency must develop and maintain a classified benchmarking process to assess the advanced cyber capabilities of AI models and to set the threshold at which a model becomes a “covered frontier model.” The three agencies must also design a voluntary framework through which developers can engage the federal government to determine whether a model meets that designation, with the stated goal of providing trusted partners with secure early access to strengthen cybersecurity and promote secure innovation.
- Strengthening government cybersecurity. Within 30 days, federal agencies are directed to quickly prioritize the cyber defense of National Security Systems and US Department of War information systems. Within the same window, the secretary of the US Department of Homeland Security must issue Binding Operational Directives (BODs) and other guidance to expedite the cyber defense of civilian federal systems; expand AI-enabled defensive tools; and facilitate access to cybersecurity tools and services, including (where appropriate) covered frontier models for agencies; state and local authorities; and operators of critical infrastructure such as rural hospitals, community banks, and local utilities.
- Creating an AI cybersecurity clearinghouse. Within 30 days, the secretary of the Treasury must establish a clearinghouse – in voluntary collaboration with the AI industry and critical infrastructure operators – to coordinate scanning for software vulnerabilities, discover and validate them, and prioritize remediation and distribution of vulnerability patches.
- Prioritizing enforcement against criminal actors. The US attorney general is directed to prioritize enforcement of federal criminal statutes against anyone who uses AI to illegally access or damage computer systems without authorization or who uses AI agents to unlawfully access data later used for criminal purposes.
How the Trump administration’s AI stance has evolved
The administration’s earlier actions were mostly focused on reducing regulation and limiting what it viewed as burdensome rules on AI development.
On January 23, 2025, President Trump issued EO 14179, Removing Barriers to American Leadership in Artificial Intelligence, which revoked the prior administration’s AI policies and directed agencies to remove barriers to US AI leadership. In July 2025, the White House released Winning the AI Race: America’s AI Action Plan, a three-pillar strategy focused on accelerating innovation, building AI infrastructure, and leading in international diplomacy and security, with a stated goal of removing “red tape and onerous regulation.” That same month, President Trump signed EO 14319, Preventing Woke AI in the Federal Government, which directed the federal government to only procure large language models adhering to “unbiased AI principles” of truth-seeking and ideological neutrality. Then, in December 2025, President Trump signed EO 14365, Ensuring a National Policy Framework for Artificial Intelligence, which sought to check state-level AI regulation by establishing an AI Litigation Task Force to challenge state AI laws and conditioning certain federal funding on the absence of “onerous” state laws.
The June 2026 EO presents a new affirmative national security and cybersecurity agenda and introduces considerations that require coordinated action across departments and agencies to actively harness and secure AI capabilities. While it does not abandon the Trump administration’s anti-regulation messaging, it leans into more government involvement by adding a stronger security-focused agenda that relies heavily on voluntary cooperation between the federal government and private sector.
What’s next
Over the next 30 days, federal agencies will roll out specific guidance, establish a cybersecurity clearinghouse, and expand protections for critical infrastructure. Organizations should calibrate their AI governance, cybersecurity, and government-engagement strategies accordingly.
- AI developers, particularly those building advanced or frontier models, should monitor the forthcoming classified benchmarking process and “covered frontier model” threshold, as well as the voluntary early-access framework. Although participation is framed as voluntary and the EO disclaims any licensing regime, the designation criteria and government engagement mechanisms may shape competitive positioning and government-partnership opportunities. The express disclaimer of mandatory licensing or pre-clearance is significant for developers concerned about regulatory drag, but companies should watch how the voluntary frameworks operate in practice as there is risk of eventual evolution into a standard of care.
- Critical infrastructure operators, including rural hospitals, community banks, and local utilities, as well as larger financial, healthcare, and energy enterprises should anticipate new federal guidance and BODs expanding access to AI-enabled cybersecurity tools and evaluate how to take advantage of and prepare for the planned AI cybersecurity clearinghouse and vulnerability-remediation coordination.
- Government contractors and vendors providing AI or cybersecurity products should track the rapidly developing agency directives and programs, which may create procurement opportunities and new contractual and compliance expectations.
- All organizations deploying AI should note the EO’s emphasis on criminal enforcement against malicious AI use, which signals heightened US Department of Justice attention to AI-enabled intrusions and AI-agent misuse and reinforces the importance of robust cybersecurity governance and incident-response planning.
We will continue to monitor implementation of the EO. If you have questions or would like to discuss how the EO may affect your organization, please reach out to one of the authors or your regular firm contact.
Margie Sosa, a summer associate in the Dallas office, also contributed to this article.
Dawn Raid Guide
INSIGHT
Practical support for unannounced inspections
Read time: 4 min
Recently, there has been a noticeable increase in so-called “Dawn Raids,” i.e., unannounced on-site inspections and searches by antitrust authorities. This is likely due to catch-up effects after the pandemic, new investigative and detection methods by the authorities, and increased whistleblowing from within companies.
With our Dawn Raid Guide, you can not only prepare well for investigations but also have a guide at hand to quickly refer to during an actual antitrust search or other on-site inspection. A look at our Dawn Raid Guide offers first aid for practice purposes as well as in individual cases. We also recommend individual consultations to create internal search and dawn raid guidelines tailored to the specific situation of reception staff, affected managers, the legal department, and company management.
In the event of a “Dawn Raid,” it is crucial to act quickly and make the right decisions in a very short time to prevent damage to the company and potentially involved managers. Feel free to use the freely available Chapter 1 of our Dawn Raid Guide for initial preparation and contact us for further support, even during a “Dawn Raid,” at any time via email at kartellrecht@mwe.com or by phone at +49 211 3021 1010.
We have extensive experience and expertise in accompanying antitrust proceedings, both during and after an initial, unexpected official intervention. With the right preparation and support from our international and interdisciplinary network, you can best reduce the risk of fines and other negative consequences that may arise from an antitrust proceeding.
Dawn Raid Guide
Chapter 1
Dawn Raid Guide
Chapter 2
Dawn Raid Guide
Chapter 3
Dawn Raid Guide
Chapter 4
Dawn Raid Guide
Chapter 5
Structuring the future of health
INSIGHT
Read time: 3 min
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
Ullamco laboris nisi ut aliquip ex ea commodo consequat. Lorem ipsum dolor sit amet
Consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam , quis nostrud
Ex ea commodo consequat. Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed
Lately, all eyes seem to be on evergreen funds. Among private credit funds, they’ve emerged as one of the hottest fund formats in recent years – but despite their growing popularity, these funds can be complex, and their mechanics are often misunderstood.
If you have questions, you’re in the right place. Let’s demystify this increasingly popular fund structure.
Market activity. Participants expressed mixed-optimism at HPE NYC. Forty-six percent of attendees polled believed deal activity would be “about the same” over the next 12 months, while 42% believed it will improve. Panelists leaned more optimistic as they pointed to growing market activity over the last year and an increase in the deal pipeline through 2025.
Obstacles to healthcare PE transactions. Both panelists and attendees identified the lingering buyer-seller valuation gap as a major barrier facing Healthcare PE investors; 55% of attendees pointed to that valuation disconnect as the biggest challenge to successful deal executions. According to panelists, the gap is more pronounced in sectors where the lack of recent trades has made it particularly difficult for buyers and sellers to agree on valuations.
Pharmaceuticals. Panelists addressed concerns over margin erosion and possible disruptions to pharmaceutical accessibility. The pharmaceutical industry is adjusting to potential changes in patient access to drugs, including a push to direct-to-consumer channels. That movement has begun and continues to trend.
White House executive order moves to restrict state AI legislation
CLIENT ALERT / US POLICY
December 16, 2025
Read time: 7 min
On December 11, 2025, the White House issued an executive order (EO) attempting to restrict state-level artificial intelligence (AI) laws. This EO follows bipartisan legislative decisions to exclude preemption of state-level AI law provisions from two separate bills in 2025.
In the past several years, the number of state AI-related laws has significantly increased. In 2025 alone, 38 states adopted more than 100 laws relating to AI. Existing laws span consumer protection, employment, healthcare, election interference, and AI governance, to name a few. The administration’s stated goal is to maintain “global AI dominance” through a “minimally burdensome” framework. The EO sets out several measures and efforts, in furtherance of the administration’s desire to avoid a patchwork of state laws and regulations, to reduce barriers to innovation, and to ensure consistent oversight of interstate commerce.
Implementing the EO
The EO’s first three measures for implementing a “minimally burdensome” AI framework focus largely on states with existing AI laws:
- AI litigation task force: The EO instructs the attorney general to establish, within 30 days, an “AI Litigation Task Force” whose “sole responsibility shall be to challenge State AI laws” that are inconsistent with the EO, including on grounds that such laws unconstitutionally regulate interstate commerce, are preempted by existing federal regulations, or are otherwise unlawful in the attorney general’s judgment.
- Evaluation of existing state laws: The EO directs the secretary of commerce to publish, within 90 days, an evaluation identifying state AI laws that do not meet the standard of “minimally burdensome.” The secretary of commerce must do so in consultation with the special advisor for AI and crypto, the assistant to the president for economic policy, the assistant to the president for science and technology, and the assistant to the president and counsel to the president. This evaluation must identify “onerous laws that conflict with” the EO and laws that should be referred to the task force. The evaluation must, at a minimum, identify laws that “require AI models to alter their truthful outputs” or that “compel AI developers or deployers to disclose” information in violation of the First Amendment or other provisions of the Constitution.
- Conditions on federal funding: Executive agencies are directed to assess their discretionary grant programs to determine whether agencies may condition their grants on states’ decisions to not enact conflicting AI laws or to enter into agreements to not enforce existing AI laws. The secretary of commerce is directed to issue a policy notice within 90 days, that will outline states’ eligibility for leftover funds once a state fulfills obligations under the Broadband Equity Access and Deployment program. Specifically, the notice will clarify that states with “onerous” AI laws are ineligible for leftover federal funding for broadband access.
Next, the EO identifies three key areas in which federal agencies and the administration are directed to publish or to initiate proceedings to consider issuing standards and policy statements to provide guidance on potential preemption of state AI laws:
- Federal Communications Commission (FCC) standard: The EO directs the FCC chair, within 90 days and in consultation with the special advisor for AI and crypto, to initiate a proceeding to assess whether to adopt a federal reporting and disclosure standard that preempts existing state laws.
- Federal Trade Commission (FTC) policy statement: The FTC chair is directed, within 90 days, to issue a policy statement that addresses the applicability of the FTC Act’s “prohibition on unfair and deceptive acts or practices” to AI models. This policy statement must explain the extent to which state laws that “require alterations to the truthful outputs of AI models are preempted by the FTC Act.
- Legislative recommendation: The special advisor for AI and crypto and the assistant to the president for science and technology will prepare a “legislative recommendation establishing a uniform Federal policy framework for AI that preempts State AI laws that conflict” with the EO.
Exceptions to the legislative recommendation
The EO provides three explicit exceptions from preemption by the legislative recommendation and leaves room for the administration to determine future carve-outs. The EO clarifies that the legislative recommendation would not preempt laws involving child safety protections, AI compute and data center infrastructure, and state procurement and use of AI.
State-level laws that may be affected
A wide range of AI laws may be targeted for preemption. However, laws targeting algorithmic discrimination may be prioritized under this EO. For example, the EO references the Colorado Artificial Intelligence Act (SB24-205), which includes requirements designed to protect against “algorithmic discrimination,” as an example of a law that “may even force AI models to produce false results.” Other US state and local laws that contain specific provisions intended to address the risks posed by algorithmic bias include:
- California’s automated decision-making technology (ADMT) regulations: Under the California Consumer Protection Act, businesses are required to perform risk assessments, provide notices and opt-out rights, and conduct cybersecurity audits when they use ADMT to make a “significant decision” about housing, education, employment, healthcare, or financial services. Parts of the ADMT regulations are scheduled to become effective on January 1, 2026.
- California’s Fair Employment and Housing Act (FEHA) AI regulations: Effective October 1, 2025, these regulations extend the FEHA to cover automated decision systems (ADS) in employment contexts and prohibit discriminatory ADS, primarily targeting three compliance areas: bias testing, recordkeeping, and vendor liability.
- Colorado Division of Insurance, 3 C.C.R. § 702-10: Colorado requires covered insurers to conduct prescribed testing before using predictive models, external consumer data, or algorithms to underwrite certain personal or small commercial lines, to ensure they do not result in unfair discrimination/disparate impact, and to adopt a governance and risk management framework.
- Illinois’ Human Rights Act amendments: Effective January 1, 2026, these amendments will prohibit employers from using AI that discriminates against employees on the basis of a protected class.
- New York City’s Local Law 144: Effective July 5, 2023, this law requires employers and employment agencies to conduct bias audits of automated employment decision tools (AEDTs) that are used to screen candidates or to substantially assist employers at any point in the hiring or promotion process. They must also provide notice to job applicants of the use of AEDTs and their right to request alternative evaluation processes, and they must publish audit results.
- Texas’ Responsible Artificial Intelligence Governance Act (TRAIGA): Effective January 1, 2026, the TRAIGA prohibits AI systems from being developed or deployed to unlawfully discriminate against a protected class.
- Utah’s Artificial Intelligence Consumer Protection amendments: Effective May 7, 2025, these amendments require businesses to make certain disclosures when providing a “high-risk” AI system that can be used to make “significant personal decisions” involving financial, legal, medical, or mental health services.
What now?
The EO seeks to restrict further state legislative efforts involving AI that do not meet a standard of “minimally burdensome” and to provide a framework for agencies to craft relevant standards. The scope and authority of the EO, however, are expected to face constitutional challenges concerning states’ rights in the coming months. While the EO could prompt Congress to act, consensus on the moratorium’s duration and terms is unlikely to happen quickly. This presents challenges for businesses that are investing time and resources in complying with, or preparing to comply with, potentially impacted laws.
The introduction of the EO is ultimately one factor among several that businesses will have to incorporate into their risk calculation when determining the best approach for their organizations. We will be closely monitoring this space for developments.
If you have questions or would like to discuss any issues related to this EO, contact your regular McDermott Will & Schulte lawyer or one of the authors.
Olivia Andrews, a law clerk in the New York office, also contributed to this client alert.
White House releases “America’s AI Action Plan”
CLIENT ALERT / US POLICY
July 25, 2025
Read time: 9 min
On July 23, 2025, the White House released “Winning the Race: America’s AI Action Plan,” a document outlining nonbinding policy goals for federal regulation and support of artificial intelligence (AI). The action plan mirrors many of President Trump’s existing policy aims, including a focus on US manufacturing, deregulation, trade, and content restrictions. This On the Subject summarizes the main objectives set forth in the action plan and provides key takeaways for AI developers, deployers, and consumers.
Key Takeaways
- Emphasis on speed: Federal agencies are directed to accelerate AI innovation by removing regulations that may impede the speed of AI development and by expediting permits for data centers and other AI infrastructure. The administration directs the Office of Science and Technology Policy to launch a request for information from AI developers, deployers, and consumers in order to identify and address regulations that may hinder AI development or deployment. This effort would include identifying and revising or repealing regulations and subregulatory guidance.
- Domestic AI infrastructure: The action plan recommends a variety of approaches to expand AI infrastructure in the United States, including through the use of CHIPS Program Office, US Department of Energy (DOE), US Department of Defense (DOD), and National Science Foundation (NSF) funds to support chip production, grid upgrades, secure data centers, and AI-skilled workers in the United States.
- AI exports, diplomacy, and security: The action plan supports exporting AI technology (hardware, models, software, and standards) to allies and partners in order to promote US values and national security.
Industry Priorities
While the action plan is broadly structured to focus on key “pillars” that represent overarching policy goals, each pillar contains distinct action items in a wide range of industries. The following is a brief summary of key objectives in the action plan, organized by industry.
AI developers
Many aspects of the action plan support AI development and deployment. Two of the more interesting aspects of the action plan that directly implicate AI developers are that it:
- Encourages developers to release AI models that are open-source and open-weight.
- Puts into place certain policies to encourage model development that promotes “free speech” and “American values” and counters influence from foreign adversaries such as China.
The AI action plan specifically requires the US Department of Commerce (DOC) to revise the National Institute of Standards and Technology (NIST) AI Risk Management Framework (RMF) to eliminate references to misinformation; diversity, equity, and inclusion; and climate change. AI developers and other stakeholders that have implemented AI governance frameworks based on the NIST AI RMF, particularly those with contractual obligations to do so, should monitor for updates to the NIST AI RMF and adjust their AI governance accordingly.
By encouraging more open-source and open-weight AI models, the administration appears to be seeking ways to improve access to large-scale computing power for startups and academics. AI developers are also encouraged to partner with the National AI Research Resource so start-ups and academics can rent large-scale AI development infrastructure without entering into long-term contracts. The administration expressed support for National Telecommunications and Information Administration-led programs to help small and mid-sized businesses adopt open-source AI models. Importantly, the action plan makes it clear that the decision “to release an open or closed model is fundamentally up to the developer.”
Semiconductor industry
The action plan expresses support for continued CHIPS-funded manufacturing of semiconductors in the United States. The administration also states that certain environmental laws that may present barriers to new manufacturing opportunities should be removed or revised to advance manufacturing objectives.
Next-generation manufacturing and robotics
The administration explains that in order to support “next-generation manufacturing,” it will mobilize the DOD, DOC, DOE, NSF, and others to invest, via existing grant funding opportunities, in foundational and translational technologies for next-generation robotics, drones, autonomous systems, and related supply chains. The action plan states that the DOC should convene stakeholders to identify and resolve supply chain bottlenecks in US robotics and drone production.
Energy, data centers, and grid infrastructure
The administration outlines support for updating the US electric grid to enable more powerful AI data centers, through both stabilization of the existing grid and use of new energy generation technology such as enhanced geothermal, nuclear fission, and nuclear fusion.
High-security and government data centers
The action plan indicates the administration’s intent to develop federal standards for classified, attack-resistant AI data centers (led by the DOD, the Intelligence Community, the National Security Council, and NIST) and to fast-track agency adoption of those secure compute environments.
Healthcare, energy, agriculture, and other regulated industries
Within specific sectors of the economy that might otherwise be slow to adopt AI, such as the healthcare, energy, and agriculture industries, the administration proposes to launch domain-specific regulatory sandboxes/centers of excellence to allow firms to safely test AI tools and publish shared results with fewer regulatory considerations. The action plan also discusses multi-stakeholder efforts to set AI performance standards and measure productivity gains in sectors such as healthcare, energy, and agriculture.
Defense and national security
In a fast-moving geopolitical environment, the administration states that it will establish an “AI and autonomous systems virtual proving ground,” create a streamlined process to pinpoint and automate priority workflows, and negotiate agreements with cloud and other compute providers that guarantee DOD priority access to large-scale computing in a national emergency. The administration also proposes to transform senior military colleges into centers of AI research, development, and instruction, embedding AI skills and curriculum across degree programs.
Scientific research and datasets
The administration proposes to direct the NSF, DOE, NIST, and other partners to invest in automated, cloud-enabled laboratories across engineering, materials science, chemistry, biology, and neuroscience, and to use long-term agreements to support focused-research organizations that combine AI with high-throughput experimentation.
The action plan charges the National Science and Technology Council’s Machine Learning & AI Subcommittee with setting minimum data-quality standards, requiring federally funded researchers to disclose nonproprietary datasets, creating secure compute environments at the National Science Foundation and DOE and an online portal for the National Secure Data Service, and exploring a whole-genome sequencing program for life on federal lands.
AI assurance, evaluation, and interpretability
The administration proposes to convene a cross-sector consortium (led by NIST and the DOC) to establish new measurement science and interoperable metrics for AI systems. They would also publish Center for AI Standards and Innovation-supported guidelines and resources so every federal agency can run mission-specific model evaluations and confirm legal compliance. The action plan discusses funding testbeds where multi-stakeholder teams can pilot AI in controlled settings across sectors such as agriculture, transportation, and healthcare.
Cybersecurity and critical infrastructure
The action plan calls for a US Department of Homeland Security-led AI Information Sharing & Analysis Center to circulate AI security threat intelligence across critical infrastructure sectors. The Department of Homeland Security will keep current private-sector guidance on remediating AI-specific vulnerabilities, and the Cybersecurity and Infrastructure Security Agency must update its incident and vulnerability response playbooks to weave in AI scenarios and coordination with chief AI officers.
Workforce and skills
The action plan prioritizes AI skill-building across career and technical education, apprenticeships, and employer training, with US Department of the Treasury guidance enabling tax-free reimbursement for AI courses. The plan calls for a national initiative to map high-priority trades (such as electricians and HVAC techs) for AI-infrastructure build-out and fund employer-driven training and apprenticeships.
Biosecurity and life sciences safety
The administration proposes to mandate that federally funded labs use synthesis providers with robust sequence screening and customer verification and develop data-sharing networks to spot malicious orders.
Government operations and procurement
Within the federal government, the action plan calls for:
- Codifying the Chief Artificial Intelligence Officer Council as the government’s main coordination hub for AI adoption and linking it with existing executive branch councils such as the President’s Management Council and Chief Data Officer Council.
- Creating a rapid-detail program so data scientists, software engineers, and other AI specialists can rotate to agencies that need them most.
- Crafting a uniform, government-wide catalog that lets any agency select, customize, and compare compliant AI models and see how peers are using them.
- Launching a General Services Administration-run initiative to move proven AI capabilities and use cases across agencies.
International trade and export controls
With regard to global trade, the action plan proposes that the DOC solicit proposals from industry consortia and, together with the US Department of State, EXIM Bank, Development Finance Corporation, and other agencies, broker export packages that bundle US-origin hardware, models, software, and standards for willing allies. An interagency group would explore using new and existing on-chip location-verification features and stand up a joint DOC – Intelligence Community effort to monitor diversion and expand end-use checks for AI-grade chips. Finally, the action plan tasks DOC with drafting new export controls on currently uncontrolled subsystems of semiconductor manufacturing equipment to close loopholes in the existing regime.
What’s next
While the AI action plan is nonbinding, AI developers and deployers should pay close attention to the wide-ranging and specific policy objectives that the administration sets forth. Binding executive orders related to AI are expected in the coming days and are likely to closely track the policy goals in the AI action plan.
*****
Our cross-practice team continues to closely monitor developments in AI. Reach out to one of the authors of this client alert or your regular McDermott lawyer to discuss the potential legal implications for your business.
No state AI law moratorium in One Big Beautiful Bill Act
CLIENT ALERT / US POLICY
July 8, 2025
Read time: 3 min
On July 4, 2025, US President Donald Trump signed into law the budget reconciliation bill, known as the One Big Beautiful Bill Act, after the US Senate voted to remove language that would have prohibited states from enforcing any law or regulation governing artificial intelligence (AI) models, AI systems, or automated decisions systems for a period after the bill’s enactment.
Failed effort to deregulate
The version of the bill passed by the US House of Representatives on May 22, 2025, would have placed a 10-year moratorium on any state enforcing any law or regulation affecting “artificial intelligence models,” “artificial intelligence systems,” or “automated decision systems,” in an effort to remove legal impediments to the deployment or operation of AI.
While senators attempted to revise the moratorium to meet budgetary rules and make it more palatable for certain factions of the Republican party, ultimately the Senate voted almost unanimously to remove the moratorium from the bill. The House did not attempt to reintroduce the moratorium and eventually passed the Senate version of the bill on July 3, 2025.
State AI Regulation: Present and future
With the moratorium failing to pass and little indication of federal interest in meaningful AI regulation, state AI regulation is likely here to stay. According to the National Conference of State Legislatures, as of 2025 all 50 states, Puerto Rico, the Virgin Islands, and Washington, DC, have introduced legislation to regulate AI. Significant state AI legislation will go into effect in 2026, including:
- California’s Assembly Bill 2013, which mandates comprehensive transparency in AI training datasets
- Colorado’s Senate Bill 205, which requires detailed disclosures and guardrails against discrimination for “high-risk” AI
- The recently enacted Texas Responsible AI Governance Act, which categorically restricts deployment of AI for certain purposes
In addition to state legislative action, developers and deployers of AI should continue to pay close attention to state enforcement action. California’s attorney general issued two legal advisories in January 2025 making it clear that his office would seek to use existing laws, such as the California Consumer Privacy Act, to protect consumers in the AI space. Similarly, Oregon’s attorney general stated in a December 2024 guidance document that his office would utilize laws such as the Oregon Consumer Privacy Act to do the same.
What’s next?
AI developers and deployers should pay close attention to both state and federal action in the coming years. While the moratorium failed, there is bipartisan support for safety and privacy regulation of AI, and that likely will continue to grow in the years to come.
* * *
To discuss the potential legal implications of state AI regulation for your business, reach out to one of the authors of this article or your regular McDermott lawyer.
House Budget Reconciliation Bill Would Delay State AI Regulation
CLIENT ALERT / US POLICY
June 10, 2025
Read time: 7 min
On May 22, 2025, the US House of Representatives passed the budget reconciliation bill, known as the “One Big Beautiful Bill Act,” which includes language that would prohibit any state from enforcing any law or regulation regulating artificial intelligence (AI) models, AI systems, or automated decisions systems for a 10-year period after the bill’s enactment.
This article examines the potential impact of this moratorium on AI regulation at the state level and what it would mean for developers and deployers.
AI Regulation: The Current Landscape
The AI landscape has been fast evolving, and the technology has a wide range of use cases that touch almost every aspect of individuals’ lives. The federal government’s response to this new technology’s implications, on the other hand, has been mixed. Different administrations, from Obama through this second Trump administration, have been largely circumspect, relying on broad policies slanted more or less toward principles of “responsible AI.” Instead of coming to a consensus on a set of requirements to provide guardrails for developers and deployers, Congress and the executive branch have limited their legislative and regulatory activities, called for research into AI, and generally directed regulatory bodies to consider ways to advance and regulate the technology. Even former US President Joe Biden’s executive orders, including the Blueprint for an AI Bill of Rights, were little more than unenforceable guiding principles.
Absent clear federal guidance, state legislatures have filled the void through piecemeal legislation. As a result, the current AI regulation landscape involves different legal requirements from one state to the next. While the existing regulation is limited to a handful of states, continuing down the path of overlapping state legal requirements will make it difficult for AI developers and deployers to efficiently comply with AI regulation across the country.
House Republicans Look to Delay Regulation
In the absence of federal laws or regulations and in light of the piecemeal approach that state legislatures have taken, the House of Representatives passed the Artificial Intelligence and Information Technology Modernization Initiative as part of the House reconciliation bill. The initiative would place a 10-year moratorium on state enforcement of any law or regulation governing “artificial intelligence models,” “artificial intelligence systems,” or “automated decision systems.” The initiative explicitly states that its primary purpose is to remove legal impediments to facilitate the deployment and operation of AI.
The moratorium imposed by the initiative does not apply to state laws or regulations:
- The primary purpose and effect of which is to make it easier to deploy and operate AI.
- That does not impose certain “substantive” requirements on AI models unless the requirements are imposed under federal law or generally applicable to other models and systems the perform similar functions.
- That impose only reasonable fees and bonds on AI models and treat other similar models the same.
The moratorium’s carve-outs are vague and broad. The bill does not define which requirements would be considered “substantive.” This could make it easy for AI developers and deployers to argue that a state law or regulation is subject to the moratorium because it imposes a “substantive requirement.” However, it could also lead to more broad-sweeping state laws and regulations that attempt to cover far more technology than just AI models to be “generally applicable to other models” and avoid the moratorium.
The bill, including the initiative, passed the House of Representatives mostly along party lines with Republicans in support.
What Does It Mean for AI Developers and Deployers?
If signed into law, the initiative would fundamentally alter the regulatory landscape for AI developers and deployers. Any law purporting to regulate AI specifically would clearly be unenforceable under this bill (assuming it survives legal challenge). What is less clear is whether laws that may be used to restrict the development or deployment of AI tools, but which are not written specifically in relation to AI, would similarly be unenforceable. Some states have previously hinted at regulatory levers that may be utilized even absent state legislation that explicitly regulates AI.
On January 13, 2025, California Attorney General Rob Bonta released two legal advisories reflecting the view that AI may be regulated under existing laws, even if those laws do not directly reference AI. For example, Attorney General Bonta noted that the California Consumer Privacy Act prevents AI developers from processing personal information for nondisclosed purposes. He also explained that the California Invasion of Privacy Act restricts recording communications without the consent of the parties, which could impact AI training efforts. (For more information on the California attorney general advisories, see our On the Subject).
Similarly, the Oregon Attorney General released a guidance document on December 24, 2024, applying Oregon’s Consumer Privacy Act to AI. The attorney general explained that AI developers that use personal data to train AI systems must clearly disclose this use in an accessible and clear privacy notice, and they must obtain affirmative consent to use such personal data and provide an opportunity to revoke that consent.
These statements from the Oregon and California attorneys general underscore the ambiguity in the bill’s language. A more recent letter from 40 state attorneys general to the majority and minority leaders of the House and the US Senate highlights the likelihood of state efforts to enforce state laws, and the ongoing need for AI developers and deployers to be mindful of the range of implicated state laws. In the letter, the attorneys general noted that “[i]mposing a broad moratorium on all state action while Congress fails to act in this area is irresponsible and deprives consumers of reasonable protections.”
If enacted, the laws would also be subject to challenges in courts, which could interpret the moratorium’s provisions more broadly or, more likely because the moratorium would preempt state law, more narrowly. States may test the boundaries of the moratorium by enacting laws that, for example, on their terms apply to an industry broadly but which practically apply more narrowly, or by attempting to skirt the definitions used in the moratorium. Regardless of how states respond legislatively, however, AI developers and deployers would be wise to expect state attempts to continue enforcing their existing laws, which could significantly restrict the application of the moratorium. Developers and deployers should focus on governance and risk assessment mechanisms that will help prevent algorithmic discrimination, the acquisition and use of private information without appropriate authorization, and other violations of consumer protection laws and principles.
What’s Next?
The initiative must now get through the Senate. It remains unclear whether the moratorium on state AI is permissibly included in the bill because it is potentially “extraneous” to the federal budget, and it faces opposition, as indicated by the action of most state attorneys general. Additionally, since the bill passed in the House, some Congress members who supported it have begun speaking out against this provision. Therefore, AI developers and deployers should not celebrate yet and should pay close attention to the initiative over the coming weeks as the “One Big Beautiful Bill Act” suffers through the inevitable legislative process.
* * *
To discuss the initiative’s potential legal implications for your business, reach out to one of the authors of this article or your regular McDermott lawyer.
US Copyright Office Issues Report Addressing Use of Copyrighted Material to Train Generative AI Systems
CLIENT ALERT / US POLICY
May 30, 2025
Read time: 9 min
Overview
On May 9, 2025, the US Copyright Office (“USCO”) released a highly anticipated pre-publication version of the third and likely final installment of its Report on Copyright and Artificial Intelligence – Part 3: Generative AI Training (the “Report”).[1]
The very next day President Trump dismissed the Register of Copyrights and Director of the USCO, Shira Perlmutter – two days after dismissing Carla Hayden, the Librarian of Congress.[2]Perlmutter has since sued President Trump and the acting Librarian of Congress seeking an injunction blocking her removal.[3]
It is unclear whether Trump’s dismissals (1) were related to the content of the Report (which was critical of some of the arguments advanced by those who favor free use of copyrighted material to train AI models), (2) prompted the unusual pre-publication of the Report or (3) will affect the issuance or content of the final Report.
Regardless, the Report addresses an unsettled question underlying dozens of pending copyright AI lawsuits: does the use of copyrighted works without permission to develop and deploy generative AI (“GenAI”) models qualify as “fair use?”[4] This is the billion dollar question facing GenAI companies whose business model is predicated on such use.
For private fund managers and others who are increasingly looking to harness the power of GenAI and navigate the attendant legal risk, the Report is particularly timely.
While the Report notes that any fair use analysis must be context-specific, it does offer some helpful general guidelines in assessing fair use for GenAI. According to the Report, transformative use and market effects will be the most significant fair use factors that judges will assess in ruling on GenAI companies’ use of copyrighted material. As detailed below, these factors tend to weigh for or against fair use depending on the circumstances – and one federal judge appears poised to rule broadly in favor of fair use for GenAI.
Ultimately, the Report does not recommend immediate government intervention on fair use or compulsory licensing issues related to GenAI. Instead, it advises allowing the nascent licensing market for GenAI training data to evolve organically. To address potential gaps in data offerings and market inefficiencies, the Report explores alternative mechanisms, including extended collective licensing schemes, which could provide broader and more efficient licensing solutions by aggregating rights on behalf of multiple copyright holders.[5]
Fair Use Factors
For private fund managers contemplating using GenAI in their investment process, the Report’s discussion of the fair use factors is worth examining.
In addressing the first fair use factor (the purpose and character of the use), the Report notes that determining whether an AI output is transformative is context-dependent. Some use cases are clearly permitted, others clearly are not.[6] Of note to private fund managers, using GenAI for noncommercial research or analysis where portions of the copyrighted works are not reproduced in the outputs is, according to the Report, likely to constitute fair use.[7] However, using unlawfully accessed material (via pirated works or by circumventing paywalls) to train a GenAI model that produces unrestricted competing content would not constitute fair use.[8]
Also of note for private fund managers, the Report highlights that when retrieval-augmented generation (“RAG”) searches[9] summarize the retrieved copyrighted works rather than providing hyperlinks to the original source, such outputs are less likely to be considered transformative and, therefore, may not qualify as fair use.[10]
In addressing the second factor (the nature of the copyrighted work), the Report notes that any analysis must be context-specific but a fair use finding is less likely if the material used to train the GenAI is “more expressive” or “previously unpublished.”[11]
In addressing the third factor (the amount and substantiality of the use), the Report concludes that under certain circumstances, use of an entire work may not in fact weigh against fair use.[12]
In addressing the fourth factor (market effects), which the Supreme Court has designated as “undoubtedly the single most important element of fair use,”[13] the Report identifies several potential harms, including lost sales, lost licensing opportunities, RAG-related substitution and market dilution. Here, the USCO wades into “uncharted territory,”[14] as no court has yet recognized that market dilution can be applied when AI-generated content competes with human-created works.[15] However, the Report argues that while many GenAI applications promise great public benefits, the sheer unprecedented volume of such applications could pose significant harm to the market for copyrighted works.[16] If courts apply this theory of market dilution, rightsholders may be able to block any use that might have a general effect on the market for copyrighted works, even if it doesn’t specifically impact the rightsholder. Further, the Report emphasizes that where licensing options already exist – or are reasonably likely to develop – the loss of licensing opportunities will disfavor fair use.[17]
Ultimately, the USCO concludes that fair use analysis of GenAI applications must remain on a case-by-case basis, but the first and fourth factors will carry “considerable weight.”[18]
Licensing
The Report outlines four general licensing options: voluntary direct licensing, voluntary collective licensing, extended collective licensing (“ECL”) and compulsory licensing.
- Voluntary direct licenses are negotiated on a case-by-case basis between individual rightsholders and AI developers.
- Voluntary collective licensing agreements typically involve collective management organizations (“CMO”s) that are authorized by multiple rightsholders to negotiate licenses and administer royalty collection and distribution on their behalf.[19]
- ECL builds on the voluntary collective agreement model to cover the works of all relevant rightsholders in a particular category – even those who haven’t actually joined the CMO – while providing an opt-out mechanism for non-participant rightsholders to negotiate separately.[20]
- Compulsory licensing is a statutory framework that permits use of copyrighted material without the rightsholder’s direct consent, subject to government oversight and often complex rate-setting procedures.[21]
Voluntary direct and collective licensing markets for GenAI have already emerged, with others in development.[22] Licensing at scale, however, raises several practical concerns including cost structure, impact on model quality and antitrust issues. Licensing large volumes of copyrighted works at market rates could be prohibitively expensive, particularly given the vast datasets required to train modern AI models. Moreover, if models can only be trained on licensed works, the resulting models may be “tainted by bias and inaccuracy.”[23] There are also antitrust concerns that big tech companies could crowd out smaller developers who might not be able to afford to negotiate broad data licenses.[24] The USCO argues these concerns shouldn’t factor into the fair use analysis, and defers to the Department of Justice for guidance (including a possible antitrust exemption) and the Federal Trade Commission for enforcement.[25]
The Report ultimately advocates for the growth of voluntary licensing regimes for copyrighted works, which can facilitate AI innovation while protecting rightsholders. To support this approach, the Report further argues that ECL could address market inefficiencies without the market risks from “premature” statutory approaches such as compulsory licensing, which may stifle innovation and distort market incentives.[26]
Litigation
The Report is already impacting pending copyright AI lawsuits. While the USCO defers to the courts to “weigh the statutory factors together” and calls it impossible to prejudge litigation outcomes,[27] federal courts can and have deferred to the legal interpretations of agencies such as the USCO, depending on their thoroughness, validity and persuasiveness.[28] As no definitive case law exists on the use of copyrighted material for training GenAI,[29] content owners have already jumped on the Report, citing it as supplemental authority in a detailed counter to the fair use defense in two pending cases.[30] Interestingly, in a May 22, 2025 hearing in a federal case against Anthropic PBC in California, Judge William Alsup said he was leaning “toward finding Anthropic PBC violated copyright law when it made initial copies of pirated books, but that its subsequent uses to train their GenAI models qualify as fair use.”[31] Alsup appeared sympathetic to Anthropic’s argument that its use is “transformative in the extreme” but also might make Anthropic pay for its initial use, noting: “I have a hard time seeing that you can commit what is ordinarily a crime, but get exonerated because you end up using it for a transformative use.”[32] Alsup could be the first judge in the nation to rule on fair use in the GenAI context. And if his reasoning on the fair use factors survives appeal and is adopted by other courts, it could augur well for developers of GenAI, even if the Report itself provides litigation ammunition for content owners.
Takeaways
Overall, the Report provides some instructive – if not legally binding – guidance for AI companies, copyright owners and private fund managers.
For AI companies and downstream users, the Report suggests that implementing effective guardrails to prevent infringing outputs will weigh in favor of fair use and recommends leveraging existing and emerging data licensing frameworks to train AI models. The Report also flags for AI companies that knowingly training AI models on pirated datasets would almost certainly exceed the boundaries of fair use.[33] In such cases, and possibly others, courts may be less inclined to accept arguments about transformative use or net societal benefits of GenAI – particularly when such use poses foreseeable market harm to content owners.[34]
For copyright owners, the Report encourages creators to pursue organized approaches to collective licensing via CMOs while recognizing market dilution as a potential harm from unrestrained AI training. The Report also notes that copyright owners ideally shouldn’t be required to opt out of the use of their material for training AI models.
For private fund managers, the Report offers some guidance that certain non-commercial research uses of GenAI may constitute fair use but that other uses (RAG searches) may not, and therefore carry greater risk. Given the volatility at the Copyright Office and the rapid technological and legal developments in the AI space, private fund managers who use GenAI should continue to pay close attention to this area.
Authored by and Steven Appel.
If you have any questions concerning this Alert, please contact your attorney or one of the authors.
