AI Policy Experts Share What You Need To Know in 2024

Federal AI Regulations in the U.S.

In the federal AI regulatory landscape, there are two things to look at: an executive order issued by President Biden in October 2023, and the legislative proposals in the 118th Congress.

President Biden’s Executive Order

In October 2023, President Biden issued an executive order to manage the risks and opportunities presented by AI. It includes developing standards, promoting AI innovation, addressing algorithmic discrimination, and leading international AI agreements.

“The executive order gives a timeline of about three to nine months for the various federal agencies to draw up regulations in their respective areas of focus,” explained Gopal Ratnam, senior staff writer at CQ and Roll Call.

The order states that the National Institute of Standards and Technology (NIST) must set rigorous criteria for security testing; the Department of Homeland Security will create an AI Safety and Security Board; and the Federal Trade Commission (FTC) will use its authority to promote fair competition and protect consumers as it relates to AI. Other federal agencies are also called on to develop their own AI policies.

The agencies are currently drawing up their new AI responsibilities. “The last I reported, these agencies put out as many as 90 requests for comments from private sector companies and other civil society groups,” Ratnam said.

Legislative Proposals in Congress

“In terms of legislative proposals in Congress, there are two tracks,” explained Ratnam. “One is a framework that calls for a federal agency that will have strict oversight and be a licensing body. The other calls for the NIST and other agencies to develop standards for safety and governance, and then would require companies to sort of voluntarily comply with them.”

As part of developing its approach to AI legislation, Congress held nine insight forums closed to the media and the public. Among the invitees to the forums were Elon Musk, Mark Zuckerberg, Bill Gates, and Sam Altman, along with the CEOs of Google, Microsoft, and Nvidia.

“There was such a huge amount of security that they were even taken through back doors and service corridors so they wouldn't encounter members of the press,” said Ratnam. Watch the full webinar forRatnam’s insights on what went on in those meetings and what he expected to see as a result of them.

Along with AI, Congress is also focused on data privacy issues. There have been some proposals, most notably the American Data Privacy and Protection Act (ADPPA), but nothing concrete has been passed. Ratnam noted that Senate Majority Leader Chuck Schumer said that before the federal government tackles AI legislation, it will first take care of data privacy.

Within data privacy, there is a high priority being placed on children’s online safety. “My guess would be a kids’ online safety measure first, followed by a federal data privacy proposal that maybe comes out in conjunction with regulation on AI,” said Ratnam.

While there is a big push in Congress to get it all done this year, Ratnam noted that the window of opportunity may close by the August recess period as the election focus kicks into high gear.

AI Policy at the State Level

The lack of federal regulation on AI and data privacy has led some states to take matters into their own hands. According to Ratnam, at least 45 states are considering various pieces of legislation related to AI.

“I believe California was the first, but a lot of states have since taken that up, though not all of these policy proposals and laws are identical,” said Andrew Gamino-Cheong, CTO and co-founder of Trustible.

California introduced a comprehensive data privacy law, the California Privacy Rights Act, that even allows citizens to sue companies for data breaches.

As a result, many states have taken this law and amended it to form their own legislation. States like Virginia, Colorado, and Connecticut, among others, have all enacted similar data privacy laws.

While states have certainly taken the lead, the United States is still missing a federal law. Every state legislating data privacy or AI differently would make for a messy national landscape, and Ratnam questioned the effectiveness of state regulatory capabilities given their limited resources.

How Organizations Can Prepare for AI and Data Privacy Regulations

Regulations like the proposed ADPPA can provide a glimpse of what might be coming federally. As well, a look across the Atlantic could prove very insightful. “The European Union is already starting to implement elements of its data privacy and artificial intelligence regulation,” explained Ratnam. “That could potentially become the norm until we have a clear approach.”

Keeping track of regulatory updates is vital for organizations to be prepared for what is soon to come.

“FiscalNote is the perfect solution for tracking a lot of this information about what's going on at the state and the federal level,” said Gamino-Cheong. “They make it simple to target, engage, and report on those activities.”

To hear more exclusive insights from Ratnam and Gamino-Cheong, watch FiscalNote’s recent webinar, Navigating AI and Data Privacy in the US: Policy Developments to Watch in 2024.