Public Policy & Governance

The Center for Digital Technology has published a one-year retrospective on the Trump administration's updated OMB AI guidance, which was issued in April 2025 to govern federal agency procurement and use of AI. The CDT's core finding is that agencies have moved quickly to expand AI use but have lagged on implementing the safeguards the guidance nominally required — including risk assessments, transparency mechanisms, and civil liberties impact reviews. This confirms the pattern CDT flagged at the guidance's release: that implementation fidelity, not the text of the guidance itself, would be the decisive variable. See CDT.

The practical consequence is that federal agencies are deploying AI in high-stakes contexts — benefits adjudication, law enforcement support, immigration processing — without the oversight infrastructure the OMB guidance anticipated. This is not unique to the current administration; implementation gaps have characterised federal technology governance for decades. But the pace of AI deployment raises the stakes. For policy professionals, the relevant question is whether the OMB guidance has any enforcement mechanism, and CDT's analysis suggests the answer is largely no — agencies face no binding consequence for non-compliance with safeguard requirements.

Florida Attorney General James Uthmeier has announced a criminal investigation into OpenAI, focused on whether ChatGPT provided material assistance — described as 'significant advice' — to the suspect in a recent campus mass shooting. This is a qualitatively different type of enforcement action than the FTC civil investigations or state consumer protection inquiries that have characterised AI regulatory enforcement to date. A criminal probe, even if it does not result in charges, forces OpenAI to engage with prosecutorial discovery processes and creates reputational and legal exposure that civil proceedings do not. See The Guardian.

The legal theory is not yet publicly articulated — it is unclear whether the AG is pursuing a products liability angle, a criminal facilitation theory, or an unfair business practices framing with criminal dimensions. Florida's track record on tech enforcement is mixed; the state has pursued high-profile investigations that did not result in significant legal outcomes. However, the action will put pressure on OpenAI's trust and safety practices and may accelerate state-level legislative proposals requiring AI platforms to implement harm-prevention protocols. Other state AGs are likely watching closely.

The Department of Defense's FY2027 budget request includes over $54 billion for the Defense Autonomous Warfare Group — a programme focused on autonomous drone warfare that received a fraction of this funding in the prior year. The scale of the request signals a strategic commitment to AI-enabled lethal autonomy that goes well beyond prior DoD AI investment patterns. Critically, independent experts cited in reporting note that the military lacks the doctrinal and governance frameworks to responsibly manage autonomous weapons systems at this scale. See The Guardian.

From a governance standpoint, the relevant gap is between procurement velocity and policy readiness. DoD's existing AI ethics principles, adopted in 2020, and its Directive 3000.09 on autonomous weapons have not been updated to address the operational context implied by a 24,000% budget increase for autonomous combat systems. International humanitarian law obligations — particularly distinction, proportionality, and meaningful human control — are not addressed in the budget documents. This creates significant exposure for the US at multilateral forums, including ongoing UN Convention on Certain Conventional Weapons discussions where allied governments are pushing for binding autonomous weapons regulation.

The Trump administration has asked a federal judge to pause its own appeal in a legal dispute with Anthropic — a case arising from a temporary ruling that constrained certain government actions relating to the company — while simultaneously signalling through lobbyists and policy channels that it is softening its broader adversarial stance toward the AI firm. Reporting from Politico and Politico indicates that lobbyists and policy officials are describing a recalibration driven by the administration's broader AI competitiveness agenda — effectively treating Anthropic as a strategically important domestic asset rather than a regulatory target.

This episode illustrates a structural tension in US AI governance: the administration is simultaneously pursuing a deregulatory stance toward the AI industry, a geopolitical competition framing that treats frontier AI firms as national champions, and residual legal disputes that are now being selectively abandoned when they conflict with the competitiveness narrative. The practical implication is that enforcement actions against large frontier AI companies under the current administration face a ceiling imposed by industrial policy considerations. Anthropic's ability to benefit from this dynamic — despite being a company with explicit AI safety positioning that might otherwise attract regulatory scrutiny — reflects how the 'national champion' framing is reshaping enforcement calculus.

The Guardian's exclusive reporting reveals that the Metropolitan Police Service is in active commercial discussions with Palantir over an AI platform for automating criminal intelligence analysis. Internal Met concerns cited in the reporting centre on the data sovereignty implications of allowing a US-headquartered company — whose software is actively used by US Immigration and Customs Enforcement and the Israeli military — to process highly sensitive UK law enforcement data. See The Guardian.

The procurement, if concluded, would face scrutiny under the UK's existing AI in policing governance frameworks, including the College of Policing's algorithmic transparency standards and ICO guidance on law enforcement data processing. The political sensitivity is heightened by Palantir's associations with controversial US government programmes — associations that have previously derailed UK public sector deals, including NHS data contracts. This procurement is proceeding in a context where the UK government has opted against binding AI regulation in favour of sector-specific guidance, meaning there is no statutory pre-market approval mechanism that would apply. Whether existing procurement rules and data protection law are sufficient governance instruments for this type of high-risk AI deployment is the central question.