The White House AI Framework: What It Says, What It Doesn't, and Why the Gaps Matter More
On March 20, the White House released its "National Policy Framework for Artificial Intelligence — Legislative Recommendations," a four-page document urging Congress to act on AI legislation "this year." The framework covers seven areas: child safety, community impacts, intellectual property, free speech, innovation, workforce development, and federal preemption of state AI laws. It's a document that reveals as much by what it omits as by what it proposes — and for anyone working in AI security, the omissions are striking.
What's Actually in It
The framework is organized around seven pillars, each with a bold header and a handful of bullet-pointed recommendations. Here's the compressed version:
I. Protecting Children — Require age-assurance for AI platforms, mandate features reducing exploitation and self-harm risks, affirm existing child privacy laws apply to AI. Builds on the Take It Down Act. Notably, it warns Congress to "avoid setting ambiguous standards about permissible content" that could trigger litigation — a caveat that does real work in the document's logic.
II. Safeguarding Communities — Protect residential ratepayers from increased electricity costs due to data center buildout. Streamline permitting for AI infrastructure. Combat AI-enabled fraud targeting seniors. Provide grants and tax incentives for small businesses adopting AI.
III. Intellectual Property — The Administration "believes that training of AI models on copyrighted material does not violate copyright laws" but "supports allowing the Courts to resolve this issue." Proposes collective licensing frameworks (with antitrust exemptions) and a federal right protecting individuals from unauthorized AI-generated digital replicas.
IV. Preventing Censorship — Prevent the government from "coercing technology providers, including AI providers, to ban, compel, or alter content based on partisan or ideological agendas." Provide Americans with "effective means" to seek redress from government censorship via AI platforms.
V. Enabling Innovation — Establish regulatory sandboxes. Make federal datasets AI-ready. The headline recommendation: "Congress should not create any new federal rulemaking body to regulate AI."
VI. Workforce — Incorporate AI training into existing education and apprenticeship programs. Study task-level workforce realignment. Bolster land-grant institutions.
VII. Federal Preemption — Preempt state AI laws that "impose undue burdens" in favor of a national standard. States retain police powers, zoning authority, and governance of their own AI procurement — but cannot regulate AI development, cannot burden AI use for otherwise lawful activity, and cannot hold AI developers liable for third-party misuse of their models.
The Copyright Dodge
Section III contains the framework's most artful maneuver. The Administration states its position — training on copyrighted material is legal — and then immediately defers to the courts. It tells Congress not to "take any actions that would impact the judiciary's resolution of whether training on copyrighted material constitutes fair use."
This is having your cake and eating it. By stating a position while deferring resolution, the Administration signals to industry that it has their back while avoiding the political cost of legislating on a contested issue. The proposed collective licensing frameworks add a safety valve — rights holders can negotiate compensation, with antitrust immunity — but the framework explicitly says such legislation "should not address when or whether such licensing is required."
Translation: we'll build the infrastructure for licensing but won't require anyone to use it. It's a voluntary system for a problem the Administration doesn't think exists. The courts, currently split, will eventually force clarity — but the framework is designed to delay that reckoning while the industry's training data moat deepens.
Preemption: The Real Battleground
Section VII is where the framework's consequences become most tangible. The recommendation to preempt state AI laws targets a growing wave of state-level regulation: Colorado's AI Act (requiring impact assessments for high-risk AI decisions), California's various AI proposals, and the broader trend of states filling the federal vacuum with their own rules.
The framework draws a line: states can enforce "laws of general applicability" (fraud, consumer protection, child safety) against AI companies, and they retain zoning authority over data center placement. But states "should not be permitted to regulate AI development, because it is an inherently interstate phenomenon with key foreign policy and national security implications."
This framing — AI development as inherently federal jurisdiction — is aggressive. It would effectively prevent states from imposing safety testing requirements, bias audits, or transparency mandates on AI model development. The carve-out for "laws of general applicability" is narrower than it sounds: a state anti-discrimination law might apply to an AI hiring system, but a state law specifically requiring bias testing of AI hiring systems would likely be preempted.
The political dynamics here are complex. More than 50 House Republicans have already pushed back, arguing in a letter that "recent attempts to halt state AI legislation suggest not merely a desire for coordination, but an effort to prevent the passage of measures holding the tech industry accountable." This isn't a partisan divide — it's a federalism one.
Americans for Responsible Innovation, an Anthropic-backed group, called the framework's liability protections "Section 230 on testosterone" — a reference to the internet-era liability shield that many now view as having enabled the worst excesses of social media without accountability.
The Anti-Censorship Provisions: Three Readings
Section IV, "Preventing Censorship and Protecting Free Speech," deserves a careful reading because it operates on multiple levels simultaneously.
Reading one — anti-jawboning: After the Murthy v. Missouri litigation exposed federal agencies pressuring platforms to remove content, provisions preventing government coercion of AI providers address a real and documented problem. If taken at face value, this prevents any administration from using informal pressure to shape AI outputs.
Reading two — anti-safety-guardrails: The same provisions could be read as pressure against AI companies' own content moderation and safety filters. When the framework says AI should "pursue truth and accuracy without limitation," it creates tension with the safety guardrails that every major AI company has spent years developing. The irony is not lost: the Administration simultaneously cut off Anthropic from government contracts for being "woke" while proposing anti-censorship rules.
Reading three — political positioning: The framework was released strategically two days after Senator Blackburn's competing draft bill. The anti-censorship language addresses a base concern (perceived tech censorship of conservative voices) while simultaneously constraining future administrations from using AI regulation for content-related objectives.
All three readings are probably correct simultaneously. The provisions serve multiple purposes, and that ambiguity is a feature, not a bug.
What's Not in the Document
For a national AI policy framework, the omissions are remarkable:
No safety testing requirements. The framework contains no mandate for red teaming, safety evaluations, or pre-deployment testing of frontier AI models. The Biden-era executive order had included specific provisions for safety testing; this framework replaces them with reliance on "industry-led standards." For anyone who's worked in security, "industry-led standards" without regulatory backstop is a polite way of saying "optional."
No AI security framework. There are no provisions for vulnerability disclosure in AI systems, no safe harbor for security researchers evaluating AI models, and no mandatory incident reporting for AI system failures. More than 350 leading AI researchers have called on companies to establish safe harbor protections for good-faith AI evaluation. The framework doesn't address this at all.
No algorithmic bias protections. The framework mentions no requirements for bias testing, impact assessments, or algorithmic auditing. The ACLU noted that the Administration's removal of DEI language from the AI Risk Management Framework could "preclude AI developers from considering discriminatory and unfair harms." The framework fills this gap with nothing.
Thin national security provisions. The framework's sole national security recommendation is that Congress should ensure intelligence agencies have "sufficient technical capacity to understand frontier AI model capabilities." That's it. No specifics on what "sufficient technical capacity" means, no mandatory reporting thresholds for dangerous capabilities, no framework for evaluating dual-use risks. The framework invokes national security as the justification for federal preemption of state AI laws — AI development is "an inherently interstate phenomenon with key foreign policy and national security implications" — but then offers almost nothing on the national security substance. It's national security as jurisdictional argument, not as policy priority.
No comprehensive data privacy framework. The child privacy provisions affirm existing COPPA-style protections, but there's no broader data privacy proposal — despite the fact that AI systems are the largest data collection and processing engines ever built.
No environmental provisions. Section II addresses ratepayer costs from data center energy use but says nothing about the environmental impact of AI infrastructure buildout more broadly.
No liability framework. Beyond the state preemption provisions (which shield developers from state-level liability), the framework proposes no federal liability framework for AI harms. If a state can't hold a developer liable for third-party misuse and there's no federal mechanism either, who's accountable?
The International Context
The framework explicitly positions itself against the EU AI Act. US CTO Michael Kratsios called the EU's approach "an absolute disaster" at Davos. The contrast is stark:
| US Framework | EU AI Act | |
|---|---|---|
| Philosophy | Innovation-first | Rights-first, risk-based |
| New regulator | Explicitly prohibited | European AI Office created |
| Risk classification | None | Four tiers with banned uses |
| Safety testing | Industry-led, voluntary | Mandatory for high-risk systems |
| Enforcement | Existing agencies | Fines up to 7% global turnover |
The EU's approach has its own problems — overclassification, compliance costs, potential chilling effects on European AI development. But the US framework swings so far in the opposite direction that it creates a different set of risks: no accountability mechanisms, no safety floor, and a regulatory vacuum that benefits incumbents who can afford to self-regulate.
China, meanwhile, has taken a third path — embedding governance requirements directly into AI system architecture rather than relying on post-deployment enforcement. Global AI companies now navigate three fundamentally incompatible regulatory regimes.
Looking Ahead
The framework is a wishlist, not legislation. Public Citizen called it "dead on arrival in Congress," which may overstate the case, but the bipartisan pushback on preemption alone suggests the final legislation will look different.
Three scenarios seem most likely:
Scenario 1: Partial adoption. Congress cherry-picks the least controversial provisions (child safety, anti-fraud, workforce training) and punts on preemption and copyright. Most likely outcome.
Scenario 2: Courts fill the gap. In the absence of legislation, the courts continue to define AI law piecemeal — on copyright, on liability, on discrimination. The framework's preferred outcome for copyright, and the default outcome for everything else.
Scenario 3: An AI incident forces action. A significant AI harm event — a discriminatory hiring system affecting thousands, a deepfake influencing an election, an AI system failure causing physical harm — creates political pressure for emergency legislation that looks nothing like this framework. The tail risk nobody is planning for.
The most consequential thing about the White House AI Framework isn't what it proposes. It's what it reveals about the current administration's theory of AI governance: that the technology is best regulated by the companies building it, that the primary risk is overregulation rather than underregulation, and that the federal government's role is to clear the runway rather than set the guardrails.
Whether you agree with that theory or not, you should understand what it means in practice: no safety testing floor, no liability framework, no security researcher protections, and a preemption regime that prevents states from filling these gaps. The framework is a bet that the benefits of unregulated AI development will outweigh the harms. It may be right. But it's worth noting that we made the same bet with social media, and the consensus on how that turned out is not encouraging.
