In the world of AI, a month is an eternity. In my last article (https://www.stoelprivacyblog.com/2025/06/articles/ai/ai-legislative-developments-early-days-or-tipping-point/), just over a month ago, I wrote about the much-discussed proposed 10-year moratorium on the enforcement of state AI laws. Ultimately, the Senate voted against it, and the House passed the Senate version of the tax and spending bill. Game over? Perhaps not.
On July 23, 2025, the Executive Office of the President released “Winning the Race – America’s AI Action Plan,” available here: https://www.whitehouse.gov/wp-content/uploads/2025/07/Americas-AI-Action-Plan.pdf. Conveniently, or perhaps not exactly so, I was scheduled to present AI legislative developments at a conference that morning. I was able to skim the plan before the presentation and promised the attendees that I would provide a more nuanced assessment during my evening panel on global AI policy and compliance.
The plan is wide-ranging and provides under the heading “Remove Red Tape and Onerous Regulation”: “The Federal government should not allow AI-related Federal funding to be directed toward states with burdensome AI regulations that waste these funds, but should also not interfere with states’ rights to pass prudent laws that are not unduly restrictive to innovation.” Policy recommendations include: “Led by OMB, work with Federal agencies that have AI-related discretionary funding programs to ensure, consistent with applicable law, that they consider a state’s AI regulatory climate when making funding decisions and limit funding if the state’s AI regulatory regimes may hinder the effectiveness of that funding or award.” If, when, and how this will be implemented remain to be seen. Another policy recommendation is to “[r]eview all Federal Trade Commission (FTC) investigations commenced under the previous administration to ensure that they do not advance theories of liability that unduly burden AI innovation. Furthermore, review all FTC final orders, consent decrees, and injunctions, and, where appropriate, seek to modify or set aside any that unduly burden AI innovation.” Practically, this may be a relatively short list, if not a null set. The relatively recent Workado and Intellivision complaints and associated settlements both address alleged false and unsubstantiated claims about the efficacy of AI solutions. The Rite-Aid consent decree may be within scope as well, as artificial intelligence technologies undergird many biometric systems. The commissioners who voted in favor of the decree, in December 2023, are now gone.
Congress is in recess until early September. It’s possible that the 10-year (or a shorter duration) moratorium may be reintroduced as a separate bill.
In the meantime, the states forge ahead, although only a handful of them, including California (AB 410, AB 412, AB 853, and SB 53, as examples) and New York (A06578, S06954, and S00934, to list a few bills), remain in legislative session. Texas Governor Greg Abbott signed into law HB 149 (Texas Responsible Artificial Intelligence Governance Act), which takes a considerably narrower approach than the Colorado AI Act, which, after the failure of SB 25-318, still goes into effect on February 1, 2026, and Virginia HB 2094, which was vetoed by Governor Glenn Youngkin earlier this year.
Put simply, fragmentation continues and should be expected, at least for the near future. Couple this with extra-national concepts such as Sovereign AI, and other geopolitical factors and considerations, and we can all agree that we live in interesting times.
Of course, AI is not the only item on the radar. For example, earlier this month, with limited exception, U.S. DOJ Provisions Pertaining to Preventing Access to U.S. Sensitive Personal Data and Government-Related Data by Countries of Concern or Covered Persons, codified at https://www.ecfr.gov/current/title-28/chapter-I/part-202, are now fully enforceable. The rules address prohibited transactions and restricted transactions with a country of concern or covered person and introduce considerable compliance obligations.
Thus, while July typically might be a month to put away the laptop for a bit, it seems that this July was very much an exception. Let’s see what August brings.
