Tech leaders should watch for the downstream effects of a forthcoming voluntary review of frontier AI models by the federal government, a system set up by President Donald Trump via an executive order Tuesday. The order was signed about a week after he scrapped the initial proposal.
The directive creates a model review process to assess safety vulnerabilities before they’ve been released to the public. It aims to screen AI models for national security concerns, such as ones raised by Anthropic’s still-private Claude Mythos in April without introducing “overly burdensome regulation,” the order said.
Within 60 days, the departments of Homeland Security and Treasury, the White House Office of the National Cyber Director and the National Institute of Standards and Technology will determine the standards for the review process, the order said.
The government will then request up to 30 days of pre-release access to those models along with early access for select critical infrastructure operators. Trump’s initial order, set to be released right before Memorial Day, reportedly called for a 90-day review process.
Samir Jain, VP of policy at the Center for Democracy and Technology, said in an emailed statement Tuesday that the order addresses “real and growing cybersecurity threats” to the companies and infrastructure Americans are increasingly relying on.
The order takes steps to address these threats, Jain said, including by pushing for “desperately-needed resources for state and local officials.” It also avoids a mandatory licensing process for new models.
In an interview with CIO Dive in May, Jain said he hopes that the process will be as voluntary as possible, and will be governed by clear standards. The published order leaves some parts of the process unanswered, which could be confusing for those in technology decision-making positions at their companies.
“What was not clear is what was going to happen if that testing revealed national security risks of some kind,” Jain said in the interview. “Was the government going to try to block the release of the model, was it going to insist on mitigation of those risks?”
The EO should not become a mechanism for the administration to punish companies for political or other arbitrary reasons, he said. The Center for Democracy and Technology intends to closely monitor the details of the review process, Jain said.
Executive playbook
For CIOs, there is significance in what the order signals, Lydia Clougherty Jones, VP analyst at Gartner, said in an email.
“Voluntary collaboration is key and the absence of directing regulation is noteworthy,” she said. “However, the policy drivers are national security and cybersecurity focused; the EO applies only to yet-to-be-defined frontier models and essentially with respect to cybersecurity concerns.”
U.S. states that enact general or wide-reaching AI safety regulation will likely still face preemption challenges, from various federal and state actors, Clougherty Jones said.
While the order does not impose licensing requirements, pre-market safety testing, or veto power as models go to market, nothing prevents the government from using other mechanisms, such as the Defense Production Act, to impact a company’s release, she added.
“It also does not address terms of federal contractor agreements, including control of the capabilities and use of AI models,” Clougherty Jones said.
