Public Policy & Governance

Rep. Obernolte (R-CA) and Rep. Trahan (D-MA) released a draft federal AI bill that would preempt state-level AI regulations, according to Politico. The preemption mechanism is the bill's central and most contested feature: it would override the growing patchwork of state laws — including California's active legislative agenda — in favour of a uniform federal framework. For industry, this is the primary attraction; for progressive Democrats and state attorneys general, it is the primary objection.

A follow-up Politico analysis describes the deal receiving a 'brutal reality check,' with Republicans skeptical of sweeping AI regulation and Democrats under pressure from state-rights constituencies to oppose any preemption. The bill's bipartisan co-sponsorship gives it a veneer of viability, but the internal party tensions on both sides make floor passage before the November 2026 midterms highly uncertain. If this window closes, federal AI legislation is unlikely to move until 2027 at the earliest, leaving state-level regimes — particularly California's — as the effective national standard by default.

Secretary Hegseth has reaffirmed the Pentagon's national security supply-chain risk designation of Anthropic, clearing procedural hurdles for a federal appeals court to adjudicate the boundaries of DoD's designation authority, per Politico. The core legal question is how far the Pentagon can extend supply-chain risk management frameworks — originally designed for hardware and telecommunications vendors — to cover AI model developers and their underlying training and deployment infrastructure.

The case's outcome will set binding precedent on whether the executive branch can use national security designation powers as a de facto regulatory tool for commercial AI firms, potentially bypassing the conventional notice-and-comment rulemaking process. This matters beyond Anthropic: it creates a legal template applicable to any AI company with foreign investment, foreign-sourced compute, or cloud dependencies that DoD deems a risk vector. Anthropic's publicly stated call for a global AI pause, announced simultaneously, adds political complexity — the company is simultaneously seeking to frame itself as a responsible safety actor while contesting the government's legal authority to restrict it.

California's AB 412, requiring AI developers to identify and disclose all copyrighted works used in training data, is again advancing through the Senate Privacy Committee despite EFF's formal opposition testimony arguing the bill is technically unenforceable, per EFF. The core problem EFF identifies is that the required information — granular provenance records for training datasets — frequently does not exist and cannot be reconstructed retroactively, particularly for models trained on web-scraped data at scale.

The bill's persistence despite these objections is itself a significant governance signal. California legislators appear willing to pass aspirational compliance mandates and let enforcement practicalities be resolved through litigation or future rulemaking. This mirrors the early trajectory of GDPR, which included provisions that were practically impossible to implement at the time of passage, with compliance norms developed over years of enforcement decisions. The difference is that training data provenance is arguably harder to reconstruct than personal data processing records, creating a more fundamental implementation gap.

EFF Senior Policy Analyst Dr. Matthew Guariglia testified before the House Homeland Security Subcommittee on Cybersecurity and Infrastructure Protection, arguing that federal agencies must not adopt AI systems without explicit constitutional safeguards, per EFF. The hearing's framing — focusing on frontier models, agentic AI, and AI coding tools in the context of critical infrastructure — reflects a shift in how Congress is approaching the government-use question, treating it as a security and resilience issue rather than solely a civil liberties one.

EFF's testimony entering the formal congressional record is procedurally significant: it creates a documented legislative history that can anchor future litigation or regulatory challenges to federal agency AI procurement decisions. The subcommittee's jurisdiction over critical infrastructure means any safeguard standards it develops would apply across DHS components with extensive domestic surveillance and enforcement roles — CBP, ICE, Secret Service — making the stakes of this hearing higher than its relatively low public profile suggests.