Brendan Steinhauser, CEO of The Alliance for Secure AI, a nonprofit that promotes safeguards for AI, praised the bill’s bipartisan approach to addressing advanced AI risks but said it “falls short” by preempting state AI laws. He called for Congress to set a federal floor for AI regulation while allowing states to adopt stronger protections.
By Jacob Wendler, Brendan Bordelon, Gabby Miller, and Meredith Lee Hill
Two key House lawmakers unveiled bipartisan artificial intelligence legislation on Thursday that would override some state AI laws and require top developers to disclose the safety and security risks of their new models.
The rollout of the much-anticipated discussion draft by Reps. Jay Obernolte (R-Calif.) and Lori Trahan (D-Mass.) represents the first significant bipartisan effort to advance AI legislation before Congress’ August recess — and the last realistic chance to craft federal rules governing the technology before the midterm elections.
The 269-page framework, which matches a version that POLITICO published earlier Thursday morning, would require top AI developers to create and implement plans to address the potentially catastrophic risks posed by their advanced models, including the potential for new systems to supercharge cybersecurity threats. It would also task third-party auditors with ensuring that AI companies comply with those plans
But it’s the proposal to preempt state rules on AI developers that has drawn the fiercest attacks from AI safety advocates and tech critics in both parties. Trahan’s decision to work with a Republican on a federal framework for AI has attracted blowback from her own party, with state lawmakers in Massachusetts and New York warning her against preempting their ability to regulate AI developers.
Brad Carson, president of Americans for Responsible Innovation – a nonprofit backed by a faction of tech billionaires that pushes for AI rules – said the proposal in its current form would turn “the current floor on state AI legislation” into a ceiling. He argued that state lawmakers have served as a key backstop for tech accountability and warned that preempting their authority would be “a generational mistake” that allows tech companies to operate without sufficient safeguards.
Brendan Steinhauser, CEO of The Alliance for Secure AI, a nonprofit that promotes safeguards for AI, praised the bill’s bipartisan approach to addressing advanced AI risks but said it “falls short” by preempting state AI laws. He called for Congress to set a federal floor for AI regulation while allowing states to adopt stronger protections.
The draft legislation’s release follows delicate talks between the two lawmakers over aspects of the legislation. Those include provisions that would preempt AI safety laws like those recently passed in California, New York and Illinois to rein in cutting-edge AI developers, and the question of whether a federal vetting regime should be compulsory.
Reps. Suhas Subramanyam (D-Va.), Scott Peters (D-Calif.), Scott Franklin (R-Fla.) and Erin Houchin (R-Ind.) are also expected to sign on to the framework, according to two people familiar with the matter, who — like others in this report — were granted anonymity to discuss nonpublic details.
The length of a sunset provision that would allow states to resume regulating advanced AI development was also a major sticking point. The lawmakers landed on a three-year phase-out in Thursday’s draft bill.
The draft legislation taps the Center for AI Standards and Innovation — an office within the Commerce Department’s National Institute of Standards and Technology — to ensure that top AI developers comply with the requirements. The draft would also formally establish CAISI, which was created via presidential executive order, and authorizes $300 million over the next three years for its budget. Top AI companies, including OpenAI, Anthropic and Google DeepMind, already partner with CAISI to conduct model evaluations on a voluntary basis.
The bill would also require CAISI and the Cybersecurity and Infrastructure Security Agency to support the digital security of open-source code, including by providing eligible software maintainers with access to frontier AI models that can find and fix security bugs. Only individuals or organizations based in the United States would be eligible to use the models.
In another nod to the growing hacking risks from AI, the framework would renew a long-stalled bill that allows the federal government and critical infrastructure companies to exchange data on cyber threats. Sen. Rand Paul (R-Ky.) has been blocking the law’s renewal amid frustration with CISA’s past efforts to counter online misinformation.
Obernolte co-chaired the last Congress’ bipartisan AI task force and has long maintained that any legislation must have buy-in from both parties.
Obernolte allies such as Rep. Ted Lieu (D-Calif.), who co-led the AI task force with him, and moderate Democrats eager to strike a bipartisan deal, such as Rep. Sam Liccardo of California, previously balked at supporting the new bill’s preemption requirements.
Patrick Hedger, director of policy at tech trade association NetChoice, in a statement praised the legislation as a “strong” bipartisan framework for governing AI — particularly its creation of a federal standard for AI developers — while saying the group hopes to work with lawmakers on provisions governing audits and developer data-sharing requirements.
Trahan, who is co-chair of the House Democratic messaging arm and isn’t ruling out a bid for a promotion in the next Congress, is eager to clinch a bipartisan accord despite risking alienating members of her own party in Washington, top lawmakers in her state and AI safety advocates.
Even GOP lawmakers in red states have condemned the idea of preempting state laws and are pushing ahead on their own AI regulation.
Ron DeSantis, the outgoing governor of Florida with national political ambitions, criticized Congress in December for Republicans’ proposed decade-long moratorium on state AI rules, calling such a policy “AI amnesty.” Top Republican leaders and candidates in Florida are pushing for stricter oversight of the technology, including GOP gubernatorial frontrunner Rep. Byron Donalds, who publicly disagreed with President Donald Trump’s desire for federal preemption on Monday.
The framework is an attempt to merge Trump’s broadly light-touch regulatory approach to AI with Obernolte’s own desire for a bipartisan federal framework.
Trump on Tuesday signed an executive order that asks some AI companies to submit their powerful new models to voluntary government review for cybersecurity threats 30 days before releasing the products to the public.
In March, the White House sent an AI blueprint to the Hill that sought to preempt any state laws that regulate the way models are developed or that penalize companies for the way others use their AI. House Speaker Mike Johnson expressed his support days after the administration issued its AI agenda, urging lawmakers to enact a law that would preempt state laws governing the industry and protecting children.
House Democrats are still deciding as a caucus what their official AI policy positions should be in the next Congress, with the Democratic Commission on AI serving as one such forum for these preliminary discussions. The partisan working group comes following Johnson’s decision not to renew the 118th Congress’ bipartisan AI task force, despite Democrats’ calls to do so.
Kelsey Brugger and John Sakellariadis contributed to this report.