Bipartisan AI Bill Targets Frontier Labs and State Regulators
Data Breach TodayArchived Jun 06, 2026✓ Full text saved
House Draft Targets Frontier Labs with Audits While Blocking State AI Laws A House discussion draft would impose safety mandates and independent audits on the country's most powerful AI developers, but the fight over a three-year block on state AI laws is already dominating the response.
Full text archived locally
✦ AI Summary· Claude Sonnet
Artificial Intelligence & Machine Learning , Next-Generation Technologies & Secure Development
Bipartisan AI Bill Targets Frontier Labs and State Regulators
House Draft Targets Frontier Labs with Audits While Blocking State AI Laws
Jennifer Lawinski • June 5, 2026
Credit Eligible
Get Permission
A bipartisan bill that would establish the first comprehensive federal framework for governing frontier artificial intelligence was met with swift criticism after its release Thursday. (Image: Shutterstock)
A bipartisan bill that would establish the first comprehensive federal framework for governing frontier artificial intelligence was met with swift criticism after its release Thursday, drawing fire for its provision that would bar states from regulating AI model development for three years.
See Also: Edge Transformation: Top 5 SASE Predictions and Trends
The discussion draft landed just two days after President Trump signed an executive order establishing voluntary federal agency reviews of frontier AI models, a move that underscored the administration's preference for light-touch regulation and the pressure on Congress to establish its own framework before more states take the lead on AI regulation. Both are hitting as Congress prepares for its final months in session before its August recess, after which lawmakers will be under even greater scrutiny leading up to the November midterm elections.
The 269-page Great American Artificial Intelligence Act of 2026 was introduced by Reps. Jay Obernolte, R-Calif., and Lori Trahan, D-Mass., with four co-sponsors: Representatives Suhas Subramanyam, D-Va., Scott Franklin, R-Fla., Scott Peters, D-Calif., and Erin Houchin, R-Ind.
The bill would require the most powerful frontier AI companies – such as OpenAI, Anthropic and Google – to publish safety frameworks, submit twice-yearly independent audits and report critical incidents to federal regulators. Penalties would rack up quickly, up to $1 million per day for violations.
The bill would prohibit any state from establishing or enforcing any law "specifically regulating the development" of any AI model for three years. The sponsors carved out laws of general applicability - civil rights, labor protections, consumer privacy and child sexual abuse material - and explicitly preserved state authority to regulate AI after deployment.
Criticism came quickly from labor unions, civil society groups and AI safety advocates.
"This bill takes the current floor on state AI legislation and turns it into a federal ceiling, preventing state lawmakers from addressing emerging AI harms in an era of fast-moving technology," Brad Carson, president, Americans for Responsible Innovation, said in a statement.
The group launched an advertising campaign in Massachusetts this week specifically urging Trahan to oppose the preemption provisions. Carson said the approach was "a generational mistake."
"A national AI standard should protect at least as much as it preempts, and states across the country have already enacted laws that do far more for Americans on issues like child safety and consumer protections than this proposal," said Brendan Steinhauser, CEO of The Alliance for Secure AI, in a statement. "Congress needs to build a strong floor that states can expand on."
Union leaders Randi Weingarten, president, AFT, and Sara Nelson, president, Association of Flight Attendants-CWA, said it was "a giveaway to the AI industry." The AFL-CIO said "any attempt to tie the hands of states in their efforts to keep working people safe is not acceptable."
While an FAQ document released by Rep. Trahan's office drew a distinction between laws that would be "preempted" and those "federalized," the bill's text makes no such distinction.
This gap is consequential, said Nicholas Garcia, senior policy counsel at Public Knowledge. "If you read 'any bill that would require someone to do something during the development phase of an AI model' as specifically regulating development, that would be a very broad interpretation, and certainly covers things that have nothing to do with what the bill is fundamentally about," he said.
Garcia instead said he would advocate for a narrower, one-to-one preemption.
"The best kind of preemption is preemption that is one-to-one - what the federal government takes action on in terms of transparency, oversight, accountability, that's what they preempt the states from doing," he said. "That creates a simple regime for companies to understand and comply with, and it leaves the states room to regulate themselves, to pass laws on stuff that Congress isn't ready to do."
Cobun Zweifel-Keegan, managing director at Washington, D.C.-based IAPP, said the preemption language does appear broader than the bill's primary substantive focus. "The main substantive governance requirements of the federal framework are the frontier model requirements, and it clearly is meant to preempt the state laws that are almost identical to that," Zweifel-Keegan said. He said it could potentially keep states from regulating AI developers even on issues that are outside the bill's core scope, but still leave room for states to regulate use and deployment.
Co-sponsor Rep. Houchin defended the bill. "America should lead the world in AI, not regulate ourselves into falling behind China through a patchwork of 50 different state laws," she said. "This bill creates a clear national standard for how AI models are developed while preserving the ability of states and parents to protect children."
Garcia disputed the idea that the law is necessary because of the sheer volume of state regulations. "We don't have anything close to 50 states right now. We have a handful of states that have created very thoughtful legislation in the absence of Congress doing anything at all," he said. "And many of those laws are consistent with each other."
Regulating the AI Giants
The draft legislation, as it stands now, applies only to "large frontier developers," with more than $500 million in annual revenue that have trained a frontier model, defined as a foundation model requiring more than 10²⁶ floating-point operations. This net scoops up a small number of companies including OpenAI, Anthropic, Google DeepMind and Meta. AI model developers with at least $50 million in revenue are subject to a less rigorous set of requirements.
The core framework has three interlocking parts. Large frontier developers must publicly publish a frontier AI framework - technical protocols for assessing and managing "catastrophic risk," which is defined as a foreseeable risk of death or injury to more than 50 people, or $1 billion in property damage, caused by a model assisting in CBRN weapons development, conducting cyberattacks or evading developer control. Developers also must publish transparency reports before deploying any new or substantially modified model, covering risk assessments, output modalities and restrictions. Critical safety incidents, including loss of model control or exfiltration of model weights, must be reported to regulators within 15 days, or within 24 hours if the risk is imminent.
The bill also requires that companies participate in mandatory semi-annual audits by licensed Independent Verification Organizations, which are private firms verified by CAISI.
These IVOs will assess whether the AI companies risk-mitigation practices meet standards for cybersecurity, biosecurity, CBRN uplift and loss-of-control scenarios, and submit findings directly to CAISI.
Garcia said this CAISI-certification requirement was a meaningful improvement over generic auditing mandates. "When you have an independent auditing requirement without certification or methodology standards, those auditors aren't prevented from having conflicts of interest - the worst version is companies grading their own homework," he said.
One adjustment Garcia recommended was to give CAISI the authority to randomly assign IVOs across AI developers rather than allowing long-term relationships to form.
Zweifel-Keegan said that the mandatory external audit requirement puts the bill ahead of what any state has enacted. "This is a stronger law than the laws that have passed in California, New York and even Illinois," he said. "The six-month mandatory external audit requirement kind of puts it beyond what other states have proposed."
Codifying the Center for AI Standards and Innovation
The bill would formally codify the Center for AI Standards and Innovation in statute for the first time, providing $100 million annually for fiscal 2027 to 2029 and authorizing above-GS-scale hiring to compete for AI talent. CAISI would develop voluntary security standards, evaluate foreign AI systems, and administer the IVO licensing regime. Its authorization would also terminate three years after enactment.
In addition, the bill extends the Cybersecurity Information Sharing Act through 2035, establishes federal criminal penalties for AI-assisted financial crimes and impersonation of federal officials, requires WARN Act disclosures for AI-related layoffs and creates a Labor Department AI Workforce Research Hub. Title II addresses workforce preparedness, including AI education grants, K-12 training and scholarships.
The bill has not been formally introduced, and the sponsors gave no timeline.
For most of the AI ecosystem, including companies deploying models rather than training them, Zweifel-Keegan said the near-term compliance question will be "more about best practices than legal compliance, in the same way that privacy started out years ago."
Garcia said Public Knowledge is willing to support the sponsors, but hinges on narrowing the preemption. The safety provisions, he said, represent real progress. "It incorporates some of the best ideas from the states, and in some ways refines and improves them. It's pretty good at solving the narrow problem it's trying to solve."
But the preemptions are what keeps it from being more. "I wouldn't call it the Great American Act. It's the Pretty Good American Act, and it would be even better if the preemption was narrower."