Intermediate

US AI Policy

The United States has taken a different approach to AI regulation than the EU, relying on executive orders, voluntary frameworks, and existing sector-specific laws rather than comprehensive legislation.

Federal Framework

The US approach to AI regulation is characterized by voluntary frameworks and sector-specific application of existing laws:

Framework Year Key Elements
Executive Order on AI 2023 Safety testing for powerful models, AI watermarking, privacy protections, equity and civil rights, worker protections
NIST AI RMF 2023 Voluntary risk management framework with four core functions: Govern, Map, Measure, Manage
AI Bill of Rights 2022 Non-binding principles: safe systems, algorithmic discrimination protection, data privacy, notice/explanation, human alternatives
OMB AI Guidance 2024 Requirements for federal agencies using AI: risk management, testing, transparency, human oversight

NIST AI Risk Management Framework

  1. Govern

    Establish organizational policies, processes, and structures for managing AI risk. Define roles, responsibilities, and accountability.

  2. Map

    Identify and document the context in which AI systems operate, including intended uses, stakeholders, potential impacts, and risk factors.

  3. Measure

    Assess and track identified risks using quantitative and qualitative methods. Monitor for bias, security vulnerabilities, and performance degradation.

  4. Manage

    Prioritize and respond to identified risks. Implement mitigations, document decisions, and communicate with stakeholders.

Sector-Specific Regulation

In the US, existing laws are being applied and adapted to cover AI:

Financial Services

Fair lending laws (ECOA, FHA), SEC oversight of algorithmic trading, OCC guidance on model risk management, CFPB enforcement on discriminatory AI.

Healthcare

FDA regulation of AI as medical devices, HIPAA privacy protections for health data, CMS rules on AI in Medicare/Medicaid decisions.

Employment

EEOC guidance on AI and anti-discrimination, Title VII applicability to algorithmic hiring, state laws requiring bias audits (NYC Local Law 144).

Transportation

NHTSA regulation of autonomous vehicles, FAA rules for autonomous drones, DOT guidance on AI in safety-critical systems.

State-Level AI Laws

State Law/Regulation Focus
New York City Local Law 144 (2023) Requires bias audits of automated employment decision tools
Colorado AI Act (2024) Requires developers and deployers to manage risks of high-risk AI systems
California Multiple bills AI transparency, deepfake disclosure, automated decision systems
Illinois AI Video Interview Act Requires consent and disclosure for AI analysis in video job interviews
Texas HB 2060 (2025) Establishes AI advisory council, requires state agency AI use disclosure
💡
Key Takeaway: The US approach is fragmented but evolving. Companies operating in the US must track federal guidance, sector-specific rules, and an increasing number of state laws. This patchwork makes compliance more complex than a single comprehensive regulation.