AI Regulation: The President Weighs In

On December 11, 2025, President Trump signed Ensuring a National Policy Framework for Artificial Intelligence, an executive order ("EO" or the "Order") intended to establish uniform, nationwide guidance on artificial intelligence ("AI"). The EO seeks to address the growing patchwork of state-level AI legislation across the United States. According to the Order, the Administration's objective is to "sustain and enhance the United States' global AI dominance through a minimally burdensome national policy framework for AI." But this initiative begs the question: what does this mean for already established state-level AI regulations and the employers that must abide by them?

The EO comes on the heels of a recent Congressional decision to not include a federal preemption provision – or otherwise attempt to limit state-based AI regulation – in the National Defense Authorization Act for Fiscal Year 2026 ("NDAA"). Although the House-passed version contained a provision imposing a ten-year moratorium on state AI law enforcement through a budget reconciliation process, the Senate voted 99-1 to remove that stipulation. It appears that, because the NDAA failed to include the clause, the President's Order is another attempt to federally preempt state-level AI regulation and is particularly targeting states that have passed comprehensive AI governance laws, such as California, Colorado, and Texas. These states require developers to implement a recognized AI Governance Framework, conduct regular safety testing, and proactively mitigate any actual or foreseeable harms.

With the meteoric rise of artificial intelligence this year, several other states are primed to implement AI governance regulations. In fact, there are at least 1,200 state-level AI-related bills currently pending in Congress, laws, and interpretive guidance from state agencies in existence. President Trump has seemingly timed this Order to influence ongoing legislative debates at the state-level, but it will certainly take some time to develop a comprehensive review process of these hundreds of regulations.

This article examines President Trump's most recent executive order, its implications, and practical steps for employers to consider as the nation awaits additional guidance from the Administration.

Key Provisions in the EO

The Order, among other things, features the following significant directives:

1. Within 30 days, the Department of Justice ("DOJ") is to establish an AI Litigation Task Force with the purpose of challenging both the constitutionality of state AI laws and state AI laws that conflict with the EO's minimal compliance burden.
2. The Secretary of Commerce is to publish an evaluation of state AI laws that are "onerous" and conflict with a "minimally burdensome" national policy, as well as document any laws that should be referred to the DOJ's Task Force for potential action within 90 days.
3. The Secretary of Commerce must also take inventory of any state laws that are inconsistent with federal objectives and, consequently, restrict federal funding that these states receive.
4. Within 90 days, the Federal Communications Commission is to determine whether to adopt a federal reporting and disclosure standard for AI models that would purport to preempt state law.
5. Also within 90 days, the Federal Trade Commission must issue a policy statement on its power to prosecute unfair and deceptive trade practices to challenge state laws that "require alterations to the truthful outputs of AI models."

The Order expressly carves out state authority for child safety, data center infrastructure permitting, and procurement.

Expected Outcomes

Legal challenges on both a federal and state-level are to be expected.

Based on the Order, the Trump Administration is likely to challenge the constitutionality of state laws, or at a minimal level, whether states can have such laws regulating AI at all. The EO explicitly calls upon the DOJ's Task Force to challenge any laws that unconstitutionally regulate interstate commerce, are preempted by existing federal regulations, or are deemed unlawful according to the Attorney General's judgment. In response, state attorneys and other impacted parties may try to challenge the enforcement of the EO for exceeding authority, improperly restricting federal funding, or unlawfully preempting areas traditionally regulated by states.

We can also anticipate some challenges regarding the potential impact this EO will have on companies with international affiliations. It is important to note that these organizations may have obligations to comply with numerous frameworks embedded in their policies, and such companies need to consider the EU AI Act,¹ Data Act,² and General Data Protection Regulation³ ("GDPR") along with the guidance that President Trump's Administration will eventually release.

Practical Next Steps for Employers

Though the Order has a plan, it has yet to be effectuated, and certain terms, like "onerous" regulation, have not been defined. Moreover, the Administration has neither explained how it will determine which laws are "minimally burdensome," nor how agencies will determine what "truthful outputs of AI" are. With much undetermined, employers are advised to continue complying with applicable state and local laws until more guidance is released.

In the interim, employers should consider the following practical steps:

• Examine existing AI governance controls, understand which controls satisfy multiple frameworks, and evaluate which are jurisdiction-specific
• Document clear business-related justifications for AI governance, separate from considerations of state regulatory compliance
• Update internal compliance programs to ensure alignment with emerging federal requirements
• Establish monitoring processes for the federal actions directed by the EO
• Contact legal counsel to assess state-specific exposure and associated risks

The Order undoubtedly presents more questions than resolutions, but signals priorities to promote regulatory efficiency in artificial intelligence. As the bigger picture of AI compliance grows in complexity – on both a domestic and international level- employers should consult legal counsel for assistance with monitoring federal developments, assessing legal challenges and risks, and developing appropriate compliance strategies.

Footnotes

1. The EU AI Act categorizes applications into three areas: (1) unacceptable risk, (2) high-risk, and (3) not explicitly banned to help establish a global standard in legal framework for artificial intelligence.

2. The EU Data Act covers both personal data about individuals and non-personal data, like technical or usage data, grants users extensive rights to access, control, and share data generated by their use of connected products and related services, and subjects providers of cloud and other data processing services are to service switching requirements and mandatory customer contract terms.

3. The GDPR is a data privacy and security law that imposes obligations onto organizations anywhere in the world that target or collect data related to people in the European Union and imposes fines against those who fail to comply.