Public Policy & Governance

The European Parliament has formally adopted the AI Omnibus package, which amends the existing AI Act and is now on the verge of entering into force. According to CDT, while the final text avoided some of the most harmful amendments proposed during the Commission's drafting phase, it nonetheless introduces consequential changes that weaken protections for individuals subject to high-risk AI systems. CDT's analysis does not specify which articles were modified, but the framing — that the final text 'diluted' rather than eliminated protections — suggests a legislative compromise that prioritised industry operability over rights enforcement.

This is a completed legislative action, not a proposal. The implementation gap to watch is the distance between the Omnibus text's requirements and actual enforcement by national market surveillance authorities, which have historically underperformed on the original AI Act's mandates. Member states with weaker enforcement infrastructure will be the path of least resistance for non-compliant deployers.

French Prime Minister Sébastien Lecornu has confirmed that the Direction Générale de la Sécurité Intérieure (DGSI), France's domestic intelligence service, will transition from Palantir's AI data tools to ChapsVision, a French provider. As reported by The Guardian, Lecornu framed the move explicitly in terms of avoiding 'strategic dependencies' in the digital sphere. This is a confirmed government decision, not a policy aspiration — though the transition timeline and contractual details have not been publicly disclosed.

The strategic significance extends beyond the bilateral France-US dimension. Palantir holds substantial intelligence and defence contracts across NATO member states and with the EU itself. France's move will intensify pressure on other European governments — particularly Germany and the Netherlands, which have active Palantir procurement relationships — to articulate their own positions on vendor dependency. It also complicates Palantir's positioning in ongoing EU defence AI procurement discussions. The move aligns with the EU AI Act's emerging guidance on critical infrastructure AI and the European Commission's push for 'digital sovereignty,' but France is acting unilaterally and at speed rather than awaiting a coordinated EU procurement framework.

Rep. Josh Gottheimer (D-NJ) is preparing legislation that would require mandatory government reviews of powerful AI models for national security, critical infrastructure, and bioterror risks, according to Politico. This is a bill in preparation, not yet introduced — the critical distinction for policy professionals is that no legislative text has been made public and no committee process has begun. The bill's framing, however, directly tracks the political fallout from the US government's June 12 classification of Anthropic's Fable model as a dangerous munition and the subsequent global access shutdown.

The Fable episode, analysed in The Guardian by Sanders and Schneier, exposed a fundamental enforcement problem: export-control frameworks designed for discrete physical goods cannot cleanly apply to software models accessible via API. The government's inability to distinguish domestic from foreign users forced a blanket shutdown. Gottheimer's bill — if it moves toward mandatory pre-deployment reviews rather than post-hoc export controls — would represent a structural shift toward a pre-market authorisation model analogous to what the EU AI Act attempts for high-risk systems, but targeted specifically at frontier models and national security vectors. Gottheimer is a centrist Democrat with a record of bipartisan dealmaking, which gives the bill slightly better prospects than average for a minority-party initiative.

CDT has led a coalition of free expression and digital rights organisations — including EFF — in a formal letter to the Senate Judiciary Committee urging it not to advance the NO FAKES Act in its current form. As detailed by both CDT and EFF, the coalition's objections centre on the bill's notice-and-takedown mechanism, which they argue replicates the most problematic features of DMCA Section 512 and would enable suppression of satire, commentary, and journalism. The bill is designed to address AI-generated replicas of individuals — deepfakes — but the coalition argues its scope is overbroad and lacks adequate First Amendment safeguards.

This is a coalition opposition letter, not a legislative block — the Senate Judiciary Committee retains full discretion to advance the bill. The political dynamics are complex: the NO FAKES Act has support from entertainment industry unions (particularly SAG-AFTRA) and has attracted bipartisan Senate co-sponsors motivated by constituent concerns about AI impersonation. The civil society coalition's leverage depends on whether it can shift swing-vote senators who are sympathetic to free expression concerns. The bill's proponents argue the existing framework for persona rights is inadequate and that the harms from AI impersonation are concrete and immediate.

Meta has signalled it will drop its opposition to the Kids Online Safety Act (KOSA) on the condition that the bill includes language preempting state-level AI laws, according to Politico. Meta's prior opposition was widely credited with killing KOSA in 2024. This is a conditional withdrawal of opposition — not formal support — but given Meta's lobbying weight, the shift significantly alters KOSA's congressional viability. Simultaneously, a conservative coalition including Mike Pence's Advancing American Freedom is opposing the inclusion of kids' safety proposals in any broader AI legislative package, citing privacy risks and free expression concerns around age verification mandates, per Politico.

The strategic significance of Meta's maneuver is considerable: by attaching a preemption condition to its support, Meta is attempting to use the political momentum of child safety legislation to neutralise the growing patchwork of state AI laws — including California's SB 1047 framework and equivalent measures in Colorado, Illinois, and Texas. This is a direct lobbying strategy to trade on KOSA's bipartisan appeal in order to achieve a federal preemption outcome that the company has separately failed to secure through dedicated federal AI legislation. The opposition from Pence-aligned conservatives on First Amendment and privacy grounds creates an unusual left-right pincer against the package, though for divergent reasons.