[House Document 118-75]
[From the U.S. Government Publishing Office]
118th Congress, 1st Session - -- - - - - - - House Document 118-75
SAFE, SECURE, AND TRUSTWORTHY DEVELOPMENT
AND USE OF ARTIFICIAL INTELLIGENCE
__________
COMMUNICATION
from
THE PRESIDENT OF THE UNITED STATES
transmitting
AN EXECUTIVE ORDER TAKING ADDITIONAL STEPS TO DEAL WITH THE NATIONAL
EMERGENCY DECLARED IN EXECUTIVE ORDER 13694 OF APRIL 1, 2015, AS
AMENDED BY EXECUTIVE ORDER 13757 OF DECEMBER 28, 2016, AND FURTHER
AMENDED BY EXECUTIVE ORDER 13984 OF JANUARY 19, 2021, TAKING ADDITIONAL
STEPS TO ADDRESS THE NATIONAL EMERGENCY WITH RESPECT TO SIGNIFICANT
MALICIOUS CYBER-ENABLED ACTIVITIES, PURSUANT TO 50 U.S.C. 1703(b);
PUBLIC LAW 95-223, SEC. 204(b); (91 STAT. 1627)
[GRAPHIC NOT AVAILABLE IN TIFF FORMAT]
November 1, 2023.--Referred to the Committee on Foreign Affairs and
ordered to be printed
______
U.S. GOVERNMENT PUBLISHING OFFICE
49-011 WASHINGTON : 2023
The White House,
Washington, October 30, 2023.
Hon. Mike Johnson,
Speaker of the House of Representatives, Washington, DC.
Dear Mr. Speaker: Pursuant to the International Emergency
Economic Powers Act (50 U.S.C. 1701 et seq.) (IEEPA), I hereby
report that I have issued an Executive Order that takes
additional steps to deal with the national emergency declared
in Executive Order 13694 of April 1, 2015 (Blocking the
Property of Certain Persons Engaging in Significant Malicious
Cyber-Enabled Activities), as amended by Executive Order 13757
of December 28, 2016 (Taking Additional Steps to Address the
National Emergency With Respect to Significant Malicious Cyber-
Enabled Activities), and further amended by Executive Order
13984 of January 19, 2021 (Taking Additional Steps To Address
the National Emergency With Respect to Significant Malicious
Cyber-Enabled Activities).
Significant malicious cyber-enabled activities continue to
pose an unusual and extraordinary threat to the national
security, foreign policy, and economy of the United States. To
address this continuing national emergency and developments in
associated technologies, subsections 4.2(c)-(d) of the
Executive Order I have issued impose additional record-keeping
and reporting requirements with respect to foreign persons who
use United States Infrastructure as a Service Products and
foreign resellers of those Products, including to train large
Artificial Intelligence models with potential capabilities that
could be used in malicious cyber-enabled activity.
In subsection 4.2(e) of the Executive Order I have issued,
I have authorized the Secretary of Commerce to take such
actions, including the promulgation of rules and regulations,
and to employ all powers granted to the President by IEEPA as
may be necessary to carry out the purposes of subsections
4.2(c) and (d) of the Executive Order I have issued.
I am enclosing a copy of the Executive Order I have issued.
Sincerely,
Joseph R. Biden, Jr.
Executive Order
----------
Safe, Secure, and Trustworthy Development and Use of Artificial
Intelligence
By the authority vested in me as President by the
Constitution and the laws of the United States of America, it
is hereby ordered as follows:
Section 1. Purpose. Artificial intelligence (AI) holds
extraordinary potential for both promise and peril. Responsible
AI use has the potential to help solve urgent challenges while
making our world more prosperous, productive, innovative, and
secure. At the same time, irresponsible use could exacerbate
societal harms such as fraud, discrimination, bias, and
disinformation; displace and disempower workers; stifle
competition; and pose risks to national security. Harnessing AI
for good and realizing its myriad benefits requires mitigating
its substantial risks. This endeavor demands a society-wide
effort that includes government, the private sector, academia,
and civil society.
My Administration places the highest urgency on governing
the development and use of AI safely and responsibly, and is
therefore advancing a coordinated, Federal Government-wide
approach to doing so. The rapid speed at which AI capabilities
are advancing compels the United States to lead in this moment
for the sake of our security, economy, and society.
In the end, AI reflects the principles of the people who
build it, the people who use it, and the data upon which it is
built. I firmly believe that the power of our ideals; the
foundations of our society; and the creativity, diversity, and
decency of our people are the reasons that America thrived in
past eras of rapid change. They are the reasons we will succeed
again in this moment. We are more than capable of harnessing AI
for justice, security, and opportunity for all.
Sec. 2. Policy and Principles. It is the policy of my
Administration to advance and govern the development and use of
AI in accordance with eight guiding principles and priorities.
When undertaking the actions set forth in this order, executive
departments and agencies (agencies) shall, as appropriate and
consistent with applicable law, adhere to these principles,
while, as feasible, taking into account the views of other
agencies, industry, members of academia, civil society, labor
unions, international allies and partners, and other relevant
organizations:
(a) Artificial Intelligence must be safe and secure.
Meeting this goal requires robust, reliable, repeatable, and
standardized evaluations of AI systems, as well as policies,
institutions, and, as appropriate, other mechanisms to test,
understand, and mitigate risks from these systems before they
are put to use. It also requires addressing AI systems' most
pressing security risks--including with respect to
biotechnology, cybersecurity, critical infrastructure, and
other national security dangers--while navigating AI's opacity
and complexity. Testing and evaluations, including post-
deployment performance monitoring, will help ensure that AI
systems function as intended, are resilient against misuse or
dangerous modifications, are ethically developed and operated
in a secure manner, and are compliant with applicable Federal
laws and policies. Finally, my Administration will help develop
effective labeling and content provenance mechanisms, so that
Americans are able to determine when content is generated using
AI and when it is not. These actions will provide a vital
foundation for an approach that addresses AI's risks without
unduly reducing its benefits.
(b) Promoting responsible innovation, competition, and
collaboration will allow the United States to lead in AI and
unlock the technology's potential to solve some of society's
most difficult challenges. This effort requires investments in
AI-related education, training, development, research, and
capacity, while simultaneously tackling novel intellectual
property (IP) questions and other problems to protect inventors
and creators. Across the Federal Government, my Administration
will support programs to provide Americans the skills they need
for the age of AI and attract the world's AI talent to our
shores--not just to study, but to stay--so that the companies
and technologies of the future are made in America. The Federal
Government will promote a fair, open, and competitive ecosystem
and marketplace for AI and related technologies so that small
developers and entrepreneurs can continue to drive innovation.
Doing so requires stopping unlawful collusion and addressing
risks from dominant firms' use of key assets such as
semiconductors, computing power, cloud storage, and data to
disadvantage competitors, and it requires supporting a
marketplace that harnesses the benefits of AI to provide new
opportunities for small businesses, workers, and entrepreneurs.
(c) The responsible development and use of AI require a
commitment to supporting American workers. As AI creates new
jobs and industries, all workers need a seat at the table,
including through collective bargaining, to ensure that they
benefit from these opportunities. My Administration will seek
to adapt job training and education to support a diverse
workforce and help provide access to opportunities that AI
creates. In the workplace itself, AI should not be deployed in
ways that undermine rights, worsen job quality, encourage undue
worker surveillance, lessen market competition, introduce new
health and safety risks, or cause harmful labor-force
disruptions. The critical next steps in AI development should
be built on the views of workers, labor unions, educators, and
employers to support responsible uses of AI that improve
workers' lives, positively augment human work, and help all
people safely enjoy the gains and opportunities from
technological innovation.
(d) Artificial Intelligence policies must be consistent
with my Administration's dedication to advancing equity and
civil rights. My Administration cannot--and will not--tolerate
the use of AI to disadvantage those who are already too often
denied equal opportunity and justice. From hiring to housing to
healthcare, we have seen what happens when AI use deepens
discrimination and bias, rather than improving quality of life.
Artificial Intelligence systems deployed irresponsibly have
reproduced and intensified existing inequities, caused new
types of harmful discrimination, and exacerbated online and
physical harms. My Administration will build on the important
steps that have already been taken--such as issuing the
Blueprint for an AI Bill of Rights, the AI Risk Management
Framework, and Executive Order 14091 of February 16, 2023
(Further Advancing Racial Equity and Support for Underserved
Communities Through the Federal Government)--in seeking to
ensure that AI complies with all Federal laws and to promote
robust technical evaluations, careful oversight, engagement
with affected communities, and rigorous regulation. It is
necessary to hold those developing and deploying AI accountable
to standards that protect against unlawful discrimination and
abuse, including in the justice system and the Federal
Government. Only then can Americans trust AI to advance civil
rights, civil liberties, equity, and justice for all.
(e) The interests of Americans who increasingly use,
interact with, or purchase AI and AI-enabled products in their
daily lives must be protected. Use of new technologies, such as
AI, does not excuse organizations from their legal obligations,
and hard-won consumer protections are more important than ever
in moments of technological change. The Federal Government will
enforce existing consumer protection laws and principles and
enact appropriate safeguards against fraud, unintended bias,
discrimination, infringements on privacy, and other harms from
AI. Such protections are especially important in critical
fields like healthcare, financial services, education, housing,
law, and transportation,' where mistakes by or misuse of AI
could harm patients, cost consumers or small businesses, or
jeopardize safety or rights. At the same time, my
Administration will promote responsible uses of AI that protect
consumers, raise the quality of goods and services, lower their
prices, or expand selection and availability.
(f) Americans' privacy and civil liberties must be
protected as AI continues advancing. Artificial Intelligence is
making it easier to extract, re-identify, link, infer, and act
on sensitive information about people's identities, locations,
habits, and desires. Artificial Intelligence's capabilities in
these areas can increase the risk that personal data could be
exploited and exposed. To combat this risk, the Federal
Government will ensure that the collection, use, and retention
of data is lawful, is secure, and mitigates privacy and
confidentiality risks. Agencies shall use available policy and
technical tools, including privacy-enhancing technologies
(PETs) where appropriate, to protect privacy and to combat the
broader legal and societal risks--including the chilling of
First Amendment rights--that result from the improper
collection and use of people's data.
(g) It is important to manage the risks from the Federal
Government's own use of AI and increase its internal capacity
to regulate, govern, and support responsible use of AI to
deliver better results for Americans. These efforts start with
people, our Nation's greatest asset. My Administration will
take steps to attract, retain, and develop public service-
oriented AI professionals, including from underserved
communities, across disciplines--including technology, policy,
managerial, procurement, regulatory, ethical, governance, and
legal fields--and ease AI professionals' path into the Federal
Government to help harness and govern AI. The Federal
Government will work to ensure that all members of its
workforce receive adequate training to understand the benefits,
risks, and limitations of AI for their job functions, and to
modernize Federal Government information technology
infrastructure, remove bureaucratic obstacles, and ensure that
safe and rights-respecting AI is adopted, deployed, and used.
(h) The Federal Government should lead the way to global
societal, economic, and technological progress, as the United
States has in previous eras of disruptive innovation and
change. This leadership is not measured solely by the
technological advancements our country makes. Effective
leadership also means pioneering those systems and safeguards
needed to deploy technology responsibly--and building and
promoting those safeguards with the rest of the world. My
Administration will engage with international allies and
partners in developing a framework to manage AI's risks, unlock
AI's potential for good, and promote common approaches to
shared challenges. The Federal Government will seek to promote
responsible AI safety and security principles and actions with
other nations, including our competitors, while leading key
global conversations and collaborations to ensure that AI
benefits the whole world, rather than exacerbating inequities,
threatening human rights, and causing other harms.
Sec. 3. Definitions. For purposes of this order:
(a) The term ``agency'' means each agency described in 44
U.S.C. 3502(1), except for the independent regulatory agencies
described in 44 U.S.C. 3502(5).
(b) The term ``artificial intelligence'' or ``AI'' has the
meaning set forth in 15 U.S.C. 9401(3): a machine-based system
that can, for a given set of human-defined objectives, make
predictions, recommendations, or decisions influencing real or
virtual environments. Artificial intelligence systems use
machine- and human-based inputs to perceive real and virtual
environments; abstract such perceptions into models through
analysis in an automated manner; and use model inference to
formulate options for information or action.
(c) The term ``AI model'' means a component of an
information system that implements AI technology and uses
computational, statistical, or machine-learning techniques to
produce outputs from a given set of inputs.
(d) The term ``AI red-teaming'' means a structured testing
effort to find flaws and vulnerabilities in an AI system, often
in a controlled environment and in collaboration with
developers of AI. Artificial Intelligence red-teaming is most
often performed by dedicated ``red teams'' that adopt
adversarial methods to identify flaws and vulnerabilities, such
as harmful or discriminatory outputs from an AI system,
unforeseen or undesirable system behaviors, limitations, or
potential risks associated with the misuse of the system.
(e) The term ``AI system'' means any data system, software,
hardware, application, tool, or utility that operates in whole
or in part using AI.
(f) The term ``commercially available information'' means
any information or data about an individual or group of
individuals, including an individual's or group of individuals'
device or location, that is made available or obtainable and
sold, leased, or licensed to the general public or to
governmental or non-governmental entities.
(g) The term ``crime forecasting'' means the use of
analytical techniques to attempt to predict future crimes or
crime-related information. It can include machine-generated
predictions that use algorithms to analyze large volumes of
data, as well as other forecasts that are generated without
machines and based on statistics, such as historical crime
statistics.
(h) The term ``critical and emerging technologies'' means
those technologies listed in the February 2022 Critical and
Emerging Technologies List Update issued by the National
Science and Technology Council (NSTC), as amended by subsequent
updates to the list issued by the NSTC.
(i) The term ``critical infrastructure'' has the meaning
set forth in section 1016(e) of the USA PATRIOT Act of 2001, 42
U.S.C. 5195c(e).
(j) The term ``differential-privacy guarantee'' means
protections that allow information about a group to be shared
while provably limiting the improper access, use, or disclosure
of personal information about particular entities.
(k) The term ``dual-use foundation model'' means an AI
model that is trained on broad data; generally uses self-
supervision; contains at least tens of billions of parameters;
is applicable across a wide range of contexts; and that
exhibits, or could be easily modified to exhibit, high levels
of performance at tasks that pose a serious risk to security,
national economic security, national public health or safety,
or any combination of those matters, such as by:
(i) substantially lowering the barrier of entry-for
non-experts to design, synthesize, acquire, or use
chemical, biological, radiological, or nuclear (CBRN)
weapons;
(ii) enabling powerful offensive cyber operations
through automated vulnerability discovery and
exploitation against a wide range of potential targets
of cyber attacks; or
(iii) permitting the evasion of human control or
oversight through means of deception or obfuscation.
Models meet this definition even if they are provided to end
users with technical safeguards that attempt to prevent users
from taking advantage of the relevant unsafe capabilities.
(l) The term ``Federal law enforcement agency'' has the
meaning set forth in section 21(a) of Executive Order 14074 of
May 25, 2022 (Advancing Effective, Accountable Policing and
Criminal Justice Practices To Enhance Public Trust and Public
Safety).
(m) The term ``floating-point operation'' means any
mathematical operation or assignment involving floating-point
numbers, which are a subset of the real numbers typically
represented on computers by an integer of fixed precision
scaled by an integer exponent of a fixed base.
(n) The term ``foreign person'' has the meaning set forth
in section 5(c) of Executive Order 13984 of January 19, 2021
(Taking Additional Steps To Address the National Emergency With
Respect to Significant Malicious Cyber-Enabled Activities).
(o) The terms ``foreign reseller'' and ``foreign reseller
of United States Infrastructure as a Service Products'' mean a
foreign person who has established an Infrastructure as a
Service Account to provide Infrastructure as a Service Products
subsequently, in whole or in part, to a third party.
(p) The term ``generative AI'' means the class of AI models
that emulate the structure and characteristics of input data in
order to generate derived synthetic content. This can include
images, videos, audio, text, and other digital content.
(q) The terms ``Infrastructure as a Service Product,''
``United States Infrastructure as a Service Product,'' ``United
States Infrastructure as a Service Provider,'' and
``Infrastructure as a Service Account'' each have the
respective meanings given to those terms in section 5 of
Executive Order 13984.
(r) The term ``integer operation'' means any mathematical
operation or assignment involving only integers, or whole
numbers expressed without a decimal point.
(s) The term ``Intelligence Community'' has the meaning
given to that term in section 3.5(h) of Executive Order 12333
of December 4, 1981 (United States Intelligence Activities), as
amended.
(t) The term ``machine learning'' means a set of techniques
that can be used to train AI algorithms to improve performance
at a task based on data.
(u) The term ``model weight'' means a numerical parameter
within an AI model that helps determine the model's outputs in
response to inputs.
(v) The term ``national security system'' has the meaning
set forth in 44 U.S.C. 3552(b)(6).
(w) The term ``omics'' means biomolecules, including
nucleic acids, proteins, and metabolites, that make up a cell
or cellular system.
(x) The term ``Open RAN'' means the Open Radio Access
Network approach to telecommunications-network standardization
adopted by the O-RAN Alliance, Third Generation Partnership
Project, or any similar set of published open standards for
multi-vendor network equipment interoperability.
(y) The term ``personally identifiable information'' has
the meaning set forth in Office of Management and Budget (OMB)
Circular No. A-130.
(z) The term ``privacy-enhancing technology'' means any
software or hardware solution, technical process, technique, or
other technological means of mitigating privacy risks arising
from data processing, including by enhancing predictability,
manageability, disassociability, storage, security, and
confidentiality. These technological means may include secure
multiparty computation, homomorphic encryption, zero-knowledge
proofs, federated learning, secure enclaves, differential
privacy, and synthetic-data-generation tools. This is also
sometimes referred to as ``privacy-preserving technology.''
(aa) The term ``privacy impact assessment'' has the meaning
set forth in OMB Circular No. A-130.
(bb) The term ``Sector Risk Management Agency'' has the
meaning set forth in 6 U.S.C. 650(23).
(cc) The term ``self-healing network'' means a
telecommunications network that automatically diagnoses and
addresses network issues to permit self-restoration.
(dd) The term ``synthetic biology'' means a field of
science that involves redesigning organisms, or the
biomolecules of organisms, at the genetic level to give them
new characteristics. Synthetic nucleic acids are a type of
biomolecule redesigned through synthetic-biology methods.
(ee) The term ``synthetic content'' means information, such
as images, videos, audio clips, and text, that has been
significantly modified or generated by algorithms, including by
AI.
(ff) The term ``testbed'' means a facility or mechanism
equipped for conducting rigorous, transparent, and replicable
testing of tools and technologies, including AI and PETS, to
help evaluate the functionality, usability, and performance of
those tools or technologies.
(gg) The term ``watermarking'' means the act of embedding
information, which is typically difficult to remove, into
outputs created by AI--including into outputs such as photos,
videos, audio clips, or text--for the purposes of verifying the
authenticity of the output or the identity or characteristics
of its provenance, modifications, or conveyance.
Sec. 4. Ensuring the Safety and Security of AI Technology.
4.1. Developing Guidelines, Standards, and Best Practices
for AI Safety and Security. (a) Within 270 days of the date of
this order, to help ensure the development of safe, secure, and
trustworthy AI systems, the Secretary of Commerce, acting
through the Director of the National Institute of Standards and
Technology (NIST), in coordination with the Secretary of
Energy, the Secretary of Homeland Security, and the heads of
other relevant agencies as the Secretary of Commerce may deem
appropriate, shall:
(i) Establish guidelines and best practices, with the
aim of promoting consensus industry standards, for
developing and deploying safe, secure, and trustworthy
AI systems, including:
(A) developing a companion resource to the AI
Risk Management Framework, NIST AI 100-1, for
generative AI;
(B) developing a companion resource to the
Secure Software Development Framework to
incorporate secure development practices for
generative AI and for dual-use foundation
models; and
(C) launching an initiative to create
guidance and benchmarks for evaluating and
auditing AI capabilities, with a focus on
capabilities through which AI could cause harm,
such as in the areas of cybersecurity and
biosecurity.
(ii) Establish appropriate guidelines (except for AI
used as a component of a national security system),
including appropriate procedures and processes, to
enable developers of AI, especially of dual-use
foundation models, to conduct AI red-teaming tests to
enable deployment of safe, secure, and trustworthy
systems. These efforts shall include:
(A) coordinating or developing guidelines
related to assessing and managing the safety,
security, and trustworthiness of dual-use
foundation models; and
(B) in coordination with the Secretary of
Energy and the Director of the National Science
Foundation (NSF), developing and helping to
ensure the availability of testing
environments, such as testbeds, to support the
development of safe, secure, and trustworthy AI
technologies, as well as to support the design,
development, and deployment of associated PETs,
consistent with section 9(b) of this order.
(b) Within 270 days of the date of this order, to
understand and mitigate AI security risks, the Secretary of
Energy, in coordination with the heads of other Sector Risk
Management Agencies (SRMAs) as the Secretary of Energy may deem
appropriate, shall develop and, to the extent permitted by law
and available appropriations, implement a plan for developing
the Department of Energy's AI model evaluation tools and AI
testbeds. The Secretary shall undertake this work using
existing solutions where possible, and shall develop these
tools and AI testbeds to be Capable of assessing near-term
extrapolations of AI systems' capabilities. At a minimum, the
Secretary shall develop tools to evaluate AI capabilities to
generate outputs that may represent nuclear, nonproliferation,
biological, chemical, critical infrastructure, and energy-
security threats or hazards. The Secretary shall do this work
solely for the purposes of guarding against these threats, and
shall also develop model guardrails that reduce such risks. The
Secretary shall, as appropriate, consult with private AI
laboratories, academia, civil society, and third-party
evaluators, and shall use existing solutions.
4.2. Ensuring Safe and Reliable AI. (a) Within 90 days of
the date of this order, to ensure and verify the continuous
availability of safe, reliable, and effective AI in accordance
with the Defense Production Act, as amended, 50 U.S.C. 4501 et
seq., including for the national defense and the protection of
critical infrastructure, the Secretary of Commerce shall
require:
(i) Companies developing or demonstrating an intent
to develop potential dual-use foundation models to
provide the Federal Government, on an ongoing basis,
with information, reports, or records regarding the
following:
(A) any ongoing or planned activities related
to training, developing, or producing dual-use
foundation models, including the physical and
cybersecurity protections taken to assure the
integrity of that training process against
sophisticated threats;
(B) the ownership and possession of the model
weights of any dual-use-foundation models, and
the physical and cybersecurity measures taken
to protect those model weights; and
(C) the results of any developed dual-use
foundation model's performance in relevant AI
red-team testing based on guidance developed by
NIST pursuant to subsection 4.1(a)(ii) of this
section, and a description of any associated
measures the company has taken to meet safety
objectives, such as mitigations to improve
performance on these red-team tests and
strengthen overall model security. Prior to the
development of guidance on red-team testing
standards by NIST pursuant to subsection
4.1(a)(ii) of this section, this description
shall include the results of any red-team
testing that the company has conducted relating
to lowering the barrier to entry for the
development, acquisition, and use of biological
weapons by non-state actors; the discovery of
software vulnerabilities and development of
associated exploits; the use of software or
tools to influence real or virtual events; the
possibility for self-replication or
propagation; and associated measures to meet
safety objectives; and
(ii) Companies, individuals, or other organizations
or entities that acquire, develop, or possess a
potential large-scale computing cluster to report any
such acquisition, development, or possession, including
the existence and location of these clusters and the
amount of total computing power available in each
cluster.
(b) The Secretary of Commerce, in consultation with the
Secretary of State, the Secretary of Defense, the Secretary of
Energy, and the Director of National Intelligence, shall
define, and thereafter update as needed on a regular basis, the
set of technical conditions for models and computing clusters
that would be subject to the reporting requirements of
subsection 4.2(a) of this section. Until such technical
conditions are defined, the Secretary shall require compliance
with these reporting requirements for:
(i) any model that was trained using a quantity of
computing power greater than 10\26\ integer or
floating-point operations, or using primarily
biological sequence data and using a quantity of
computing power greater than 10\23\ integer or
floating-point operations; and
(ii) any computing cluster that has a set of machines
physically co-located in a single datacenter,
transitively connected by data center networking of
over 100 Gbit/s, and having a theoretical maximum
computing capacity of 10\20\ integer or floating-point
operations per second for training AI.
(c) Because I find that additional steps must be taken to
deal with the national emergency related to significant
malicious cyber-enabled activities declared in Executive Order
13694 of April 1, 2015 (Blocking the Property of Certain
Persons Engaging in Significant Malicious Cyber-Enabled
Activities), as amended by Executive Order 13757 of December
28, 2016 (Taking Additional Steps to Address the National
Emergency With Respect to Significant Malicious Cyber-Enabled
Activities), and further amended by Executive Order 13984, to
address the use of United States Infrastructure as a Service
(IaaS) Products by foreign malicious cyber actors, including to
impose additional record-keeping obligations with respect to
foreign transactions and to assist in the investigation of
transactions involving foreign malicious cyber actors, I hereby
direct the Secretary of Commerce, within 90 days of the date of
this order, to:
(i) Propose regulations that require United States
IaaS Providers to submit a report to the Secretary of
Commerce when a foreign person transacts with that
United States IaaS Provider to train a large AI model
with potential capabilities that could be used in
malicious cyber-enabled activity (a ``training run'').
Such reports shall include, at a minimum, the identity
of the foreign person and the existence of any training
run of an AI model meeting the criteria set forth in
this section, or other criteria defined by the
Secretary in regulations, as well as any additional
information identified by the Secretary.
(ii) Include a requirement in the regulations
proposed pursuant to subsection 4.2(c)(i) of this
section that United States IaaS Providers prohibit any
foreign reseller of their United States IaaS Product
from providing those products unless such foreign
reseller submits to the United States IaaS Provider a
report, which the United States IaaS Provider must
provide to the Secretary of Commerce, detailing each
instance in which a foreign person transacts with the
foreign reseller to use the United States IaaS Product
to conduct a training run described in subsection
4.2(c)(i) of this section. Such reports shall include,
at a minimum, the information specified in subsection
4.2(c)(i) of this section as well as any additional
information identified by the Secretary.
(iii) Determine the set of technical conditions for a
large AI model to have potential capabilities that
could be used in malicious cyber-enabled activity, and
revise that determination as necessary and appropriate.
Until the Secretary makes such a determination, a model
shall be considered to have potential capabilities that
could be used in malicious cyber-enabled activity if it
requires a quantity of computing power greater than
10\26\ integer or floating-point operations and is
trained on a computing cluster that has a set of
machines physically co-located in a single datacenter,
transitively connected by data center networking of
over 100 Gbit/s, and having a theoretical maximum
compute capacity of 10\20\ integer or floating-point
operations per second for training AI.
(d) Within 180 days of the date of this order, pursuant to
the finding set forth in subsection 4.2(c) of this section, the
Secretary of Commerce shall propose regulations that require
United States IaaS Providers to ensure that foreign resellers
of United States IaaS Products verify the identity of any
foreign person that obtains an IaaS account (account) from the
foreign reseller. These regulations shall, at a minimum:
(i) Set forth the minimum standards that a United
States IaaS Provider must require of foreign resellers
of its United States IaaS Products to verify the
identity of a foreign person who opens an account or
maintains an existing account with a foreign reseller,
including:
(A) the types of documentation and procedures
that foreign resellers of United States IaaS
Products must require to verify the identity of
any foreign person acting as a lessee or sub-
lessee of these products or services;
(B) records that foreign resellers of United
States IaaS Products must securely maintain
regarding a foreign person that obtains an
account, including information establishing:
(1) the identity of such foreign
person, including name and address;
(2) the means and source of payment
(including any associated financial
institution and other identifiers such
as credit card number, account number,
customer identifier, transaction
identifiers, or virtual currency wallet
or wallet address identifier);
(3) the electronic mail address and
telephonic contact information used to
verify a foreign person's identity; and
(4) the Internet Protocol addresses
used for access or administration and
the date and time of each such access
or administrative action related to
ongoing verification of such foreign
person's ownership of such an account;
and
(C) methods that foreign resellers of United
States IaaS Products must implement to limit
all third-party access to the information
described in this subsection, except insofar as
such access is otherwise consistent with this
order and allowed under applicable law;
(ii) Take into consideration the types of accounts
maintained by foreign resellers of United States IaaS
Products, methods of opening an account, and types of
identifying information available to accomplish the
objectives of identifying foreign malicious cyber
actors using any such products and avoiding the
imposition of an undue burden on such resellers; and
(iii) Provide that the Secretary of Commerce, in
accordance with such standards and procedures as the
Secretary may delineate and in consultation with the
Secretary of Defense, the Attorney General, the
Secretary of Homeland Security, and the Director of
National Intelligence, may exempt a United States IaaS
Provider with respect to any specific foreign reseller
of their United States IaaS Products, or with respect
to any specific type of account or lessee, from the
requirements of any regulation issued pursuant to this
subsection. Such standards and procedures may include a
finding by the Secretary that such foreign reseller,
account, or lessee complies with security best
practices to otherwise deter abuse of United States
IaaS Products.
(e) The Secretary of Commerce is hereby authorized to take
such actions, including the promulgation of rules and
regulations, and to employ all powers granted to the President
by the International Emergency Economic Powers Act, 50 U.S.C.
1701 et seq., as may be necessary to carry out the purposes of
subsections 4.2(c) and (d) of this section. Such actions may
include a requirement that United States IaaS Providers require
foreign resellers of United States IaaS Products to provide
United States IaaS Providers verifications relative to those
subsections.
4.3. Managing AI in Critical Infrastructure and in
Cybersecurity. (a) To ensure the protection of critical
infrastructure, the following actions shall be taken:
(i) Within 90 days of the date of this order, and at
least annually thereafter, the head of each agency with
relevant regulatory authority over critical
infrastructure and the heads of relevant SRMAs, in
coordination with the Director of the Cybersecurity and
Infrastructure Security Agency within the Department of
Homeland Security for consideration of cross-sector
risks, shall evaluate and provide to the Secretary of
Homeland Security an assessment of potential risks
related to the use of AI in critical infrastructure
sectors involved, including ways in which deploying AI
may make critical infrastructure systems more
vulnerable to critical failures, physical attacks, and
cyber attacks, and shall consider ways to mitigate
these vulnerabilities. Independent regulatory agencies
are encouraged, as they deem appropriate, to contribute
to sector-specific risk assessments.
(ii) Within 150 days of the date of this order, the
Secretary of the Treasury shall issue a public report
on best practices for financial institutions to manage
AI-specific cybersecurity risks.
(iii) Within 180 days of the date of this order, the
Secretary of Homeland Security, in coordination with
the Secretary of Commerce and with SRMAs and other
regulators as determined by the Secretary of Homeland
Security, shall incorporate as appropriate the AI Risk
Management Framework, NIST AI 100-1, as well as other
appropriate security guidance, into relevant safety and
security guidelines for use by critical infrastructure
owners and operators.
(iv) Within 240 days of the completion of the
guidelines described in subsection 4.3(a)(iii) of this
section, the Assistant to the President for National
Security Affairs and the Director of OMB, in
consultation with the Secretary of Homeland Security,
shall coordinate work by the heads of agencies with
authority over critical infrastructure to develop and
take steps for the Federal Government to mandate such
guidelines, or appropriate portions thereof, through
regulatory or other appropriate action. Independent
regulatory agencies are encouraged, as they deem
appropriate, to consider whether to mandate guidance
through regulatory action in their areas of authority
and responsibility.
(v) The Secretary of Homeland Security shall
establish an Artificial Intelligence Safety and
Security Board as an advisory committee pursuant to
section 871 of the Homeland Security Act of 2002
(Public Law 107-296). The Advisory Committee shall
include AI experts from the private sector, academia,
and government, as appropriate, and provide to the
Secretary of Homeland Security and the Federal
Government's critical infrastructure community advice,
information, or recommendations for improving security,
resilience, and incident response related to AI usage
in critical infrastructure.
(b) To capitalize on AI's potential to improve United
States cyber defenses:
(i) The Secretary of Defense shall carry out the
actions described in subsections 4.3(b)(ii) and (iii)
of this section for national security systems, and the
Secretary of Homeland Security shall carry out these
actions for non-national security systems. Each shall
do so in consultation with the heads of other relevant
agencies as the Secretary of Defense and the Secretary
of Homeland Security may deem appropriate.
(ii) As set forth in subsection 4.3(b)(i) of this
section, within 180 days of the date of this order, the
Secretary of Defense and the Secretary of Homeland
Security shall, consistent with applicable law, each
develop plans for, conduct, and complete an operational
pilot project to identify, develop, test, evaluate, and
deploy AI capabilities, such as large-language models,
to aid in the discovery and remediation of
vulnerabilities in critical United States Government
software, systems, and networks.
(iii) As set forth in subsection 4.3(b)(i) of this
section, within 270 days of the date of this order, the
Secretary of Defense and the Secretary of Homeland
Security shall each provide a report to the Assistant
to the President for National Security Affairs on the
results of actions taken pursuant to the plans and
operational pilot projects required by subsection
4.3(b)(ii) of this section, including a description of
any vulnerabilities found and fixed through the
development and deployment of AI capabilities and any
lessons learned on how to identify, develop, test,
evaluate, and deploy AI capabilities effectively for
cyber defense.
4.4. Reducing Risks at the Intersection of AI and CBRN
Threats. (a) To better understand and mitigate the risk of AI
being misused to assist in the development or use of CBRN
threats--with a particular focus on biological weapons--the
following actions shall be taken:
(i) Within 180 days of the date of this order, the
Secretary of Homeland Security, in consultation with
the Secretary of Energy and the Director of the Office
of Science and Technology Policy (OSTP), shall evaluate
the potential for AI to be misused to enable the
development or production of CBRN threats, while also
considering the benefits and application of AI to
counter these threats, including, as appropriate, the
results of work conducted under section 8(b) of this
order. The Secretary of Homeland Security shall:
(A) consult with experts in AI and CBRN
issues from the Department of Energy, private
AI laboratories, academia, and third-party
model evaluators, as appropriate, to evaluate
AI model capabilities to present CBRN threats--
for the sole purpose of guarding against those
threats--as well as options for minimizing the
risks of AI model misuse to generate or
exacerbate those threats; and
(B) submit a report to the President that
describes the progress of these efforts,
including an assessment of the types of AI
models that may present CBRN risks to the
United States, and that makes recommendations
for regulating or overseeing the training,
deployment, publication, or use of these
models, including requirements for safety
evaluations and guardrails for mitigating
potential threats to national security.
(ii) Within 120 days of the date of this order, the
Secretary of Defense, in consultation with the
Assistant to the President for National Security
Affairs and the Director of OSTP, shall enter into a
contract with the National Academies of Sciences,
Engineering, and Medicine to conduct--and submit to the
Secretary of Defense, the Assistant to the President
for National Security Affairs, the Director of the
Office of Pandemic Preparedness and Response Policy,
the Director of OSTP, and the Chair of the Chief Data
Officer Council--a study that:
(A) assesses the ways in which AI can
increase biosecurity risks, including risks
from generative AI models trained on biological
data, and makes recommendations on how to
mitigate these risks;
(B) considers the national security
implications of the use of data and datasets,
especially those associated with pathogens and
omics studies, that the United States
Government hosts, generates, funds the creation
of, or otherwise owns, for the training of
generative AI models, and makes recommendations
on how to mitigate the risks related to the use
of these data and datasets;
(C) assesses the ways in which AI applied to
biology can be used to reduce biosecurity
risks, including recommendations on
opportunities to coordinate data and high-
performance computing resources; and
(D) considers additional concerns and
opportunities at the intersection of AI and
synthetic biology that the Secretary of Defense
deems appropriate.
(b) To reduce the risk of misuse of synthetic nucleic
acids, which could be substantially increased by AI's
capabilities in this area, and improve biosecurity measures for
the nucleic acid synthesis industry, the following actions
shall be taken:
(i) Within 180 days of the date of this order, the
Director of OSTP, in consultation with the Secretary of
State, the Secretary of Defense, the Attorney General,
the Secretary of Commerce, the Secretary of Health and
Human Services (HHS), the Secretary of Energy, the
Secretary of Homeland Security, the Director of
National Intelligence, and the heads of other relevant
agencies as the Director of OSTP may deem appropriate,
shall establish a framework, incorporating, as
appropriate, existing United States Government
guidance, to encourage providers of synthetic nucleic
acid sequences to implement comprehensive, scalable,
and verifiable synthetic nucleic acid procurement
screening mechanisms, including standards and
recommended incentives. As part of this framework, the
Director of OSTP shall:
(A) establish criteria and mechanisms for
ongoing identification of biological sequences
that could be used in a manner that would pose
a risk to the national security of the United
States; and
(B) determine standardized methodologies and
tools for conducting and verifying the
performance of sequence synthesis procurement
screening, including customer screening
approaches to support due diligence with
respect to managing security risks posed by
purchasers of biological sequences identified
in subsection 4.4(b)(i)(A) of this section, and
processes for the reporting of concerning
activity to enforcement entities.
(ii) Within 180 days of the date of this order, the
Secretary of Commerce, acting through the Director of
NIST, in coordination with the Director of OSTP, and in
consultation with the Secretary of State, the Secretary
of HHS, and the heads of other relevant agencies as the
Secretary of Commerce may deem appropriate, shall
initiate an effort to engage with industry and relevant
stakeholders, informed by the framework developed under
subsection 4.4(b)(i) of this section, to develop and
refine for possible use by synthetic nucleic acid
sequence providers:
(A) specifications for effective nucleic acid
synthesis procurement screening;
(B) best practices, including security and
access controls, for managing sequence-of-
concern databases to support such screening;
(C) technical implementation guides for
effective screening; and
(D) conformity-assessment best practices and
mechanisms.
(iii) Within 180 days of the establishment of the
framework pursuant to subsection 4.4(b)(i) of this
section, all agencies that fund life-sciences research
shall, as appropriate and consistent with applicable
law, establish that, as a requirement of funding,
synthetic nucleic acid procurement is conducted through
providers or manufacturers that adhere to the
framework, such as through an attestation from the
provider or manufacturer. The Assistant to the
President for National Security Affairs and the
Director of OSTP shall coordinate the process of
reviewing such funding requirements to facilitate
consistency in implementation of the framework across
funding agencies.
(iv) In order to facilitate effective implementation
of the measures described in subsections 4.4(b)(i)-
(iii) of this section, the Secretary of Homeland
Security, in consultation with the heads of other
relevant agencies as the Secretary of Homeland Security
may deem appropriate, shall:
(A) within 180 days of the establishment of
the framework pursuant to subsection 4.4(b)(i)
of this section, develop a framework to conduct
structured evaluation and stress testing of
nucleic acid synthesis procurement screening,
including the systems developed in accordance
with subsections 4.4(b)(i)-(ii) of this section
and implemented by providers of synthetic
nucleic acid sequences; and
(B) following development of the framework
pursuant to subsection 4.4(b)(iv)(A) of this
section, submit an annual report to the
Assistant to the President for National
Security Affairs, the Director of the Office of
Pandemic Preparedness and Response Policy, and
the Director of OSTP on any results of the
activities conducted pursuant to subsection
4.4(b)(iv)(A) this section, including
recommendations, if any, on how to strengthen
nucleic acid synthesis procurement screening,
including customer screening systems.
4.5. Reducing the Risks Posed by Synthetic Content. To
foster capabilities for identifying and labeling synthetic
content produced by AI systems, and to establish the
authenticity and provenance of digital content, both synthetic
and not synthetic, produced by the Federal Government or on its
behalf:
(a) Within 240 days of the date of this order, the
Secretary of Commerce, in consultation with the heads of other
relevant agencies as the Secretary of Commerce may deem
appropriate, shall submit a report to the Director of OMB and
the Assistant to the President for National Security Affairs
identifying the existing standards, tools, methods, and
practices, as well as the potential development of further
science-backed standards and techniques, for:
(i) authenticating content and tracking its
provenance;
(ii) labeling synthetic content, such as using
watermarking;
(iii) detecting synthetic content;
(iv) preventing generative AI from producing child
sexual abuse material or producing non-consensual
intimate imagery of real individuals (to include
intimate digital depictions of the body or body parts
of an identifiable individual);
(v) testing software used for the above purposes; and
(vi) auditing and maintaining synthetic content.
(b) Within 180 days of submitting the report required under
subsection 4.5(a) of this section, and updated periodically
thereafter, the Secretary of Commerce, in coordination with the
Director of OMB, shall develop guidance regarding the existing
tools and practices for digital content authentication and
synthetic content detection measures. The guidance shall
include measures for the purposes listed in subsection 4.5(a)
of this section.
(c) Within 180 days of the development of the guidance
required under subsection 4.5(b) of this section, and updated
periodically thereafter, the Director of OMB, in consultation
with the Secretary of State; the Secretary of Defense; the
Attorney General; the Secretary of Commerce, acting through the
Director of NIST; the Secretary of Homeland Security; the
Director of National Intelligence; and the heads of other
agencies that the Director of OMB deems appropriate, shall--for
the purpose of strengthening public confidence in the integrity
of official United States Government digital content--issue
guidance to agencies for labeling and authenticating such
content that they produce or publish.
(d) The Federal Acquisition Regulatory Council shall, as
appropriate and consistent with applicable law, consider
amending the Federal Acquisition Regulation to take into
account the guidance established under subsection 4.5 of this
section.
4.6. Soliciting Input on Dual-Use Foundation Models with
Widely Available Model Weights. When the weights for a dual-use
foundation model are widely available--such as when they are
publicly posted on the Internet--there can be substantial
benefits to innovation, but also substantial security risks,
such as the removal of safeguards within the model. To address
the risks and potential benefits of dual-use foundation models
with widely available weights, within 270 days of the date of
this order, the Secretary of Commerce, acting through the
Assistant Secretary of Commerce for Communications and
Information, and in consultation with the Secretary of State,
shall:
(a) solicit input from the private sector, academia, civil
society, and other stakeholders through a public consultation
process on potential risks, benefits, other implications, and
appropriate policy and regulatory approaches related to dual-
use foundation models for which the model weights are widely
available, including:
(i) risks associated with actors fine-tuning dual-use
foundation models for which the model weights are
widely available or removing those models' safeguards;
(ii) benefits to AI innovation and research,
including research into AI safety and risk management,
of dual-use foundation models for which the model
weights are widely available; and
(iii) potential voluntary, regulatory, and
international mechanisms to manage the risks and
maximize the benefits of dual-use foundation models for
which the model weights are widely available; and
(b) based on input from the process described in subsection
4.6(a) of this section, and in consultation with the heads of
other relevant agencies as the Secretary of Commerce deems
appropriate, submit a report to the President on the potential
benefits, risks, and implications of dual-use foundation models
for which the model weights are widely available, as well as
policy and regulatory recommendations pertaining to those
models.
4.7. Promoting Safe Release and Preventing the Malicious
Use of Federal Data for AI Training. To improve public data
access and manage security risks, and consistent with the
objectives of the Open, Public, Electronic, and Necessary
Government Data Act (title II of Public Law 115-435) to expand
public access to Federal data assets in a machine-readable
format while also taking into account security considerations,
including the risk that information in an individual data asset
in isolation does not pose a security risk but, when combined
with other available information, may pose such a risk:
(a) within 270 days of the date of this order, the Chief
Data Officer Council, in consultation with the Secretary of
Defense, the Secretary of Commerce, the Secretary of Energy,
the Secretary of Homeland Security, and the Director of
National Intelligence, shall develop initial guidelines for
performing security reviews, including reviews to identify and
manage the potential security risks of releasing Federal data
that could aid in the development of CBRN weapons as well as
the development of autonomous offensive cyber capabilities,
while also providing public access to Federal Government data
in line with the goals stated in the Open, Public, Electronic,
and Necessary Government Data Act (title II of Public Law 115-
435); and
(b) within 180 days of the development of the initial
guidelines required by subsection 4.7(a) of this section,
agencies shall conduct a security review of all data assets in
the comprehensive data inventory required under 44 U.S.C.
3511(a)(1) and (2)(B) and shall take steps, as appropriate and
consistent with applicable law, to address the highest-priority
potential security risks that releasing that data could raise
with respect to CBRN weapons, such as the ways in which that
data could be used to train AI systems.
4.8. Directing the Development of a National Security
Memorandum. To develop a coordinated executive branch approach
to managing AI's security risks, the Assistant to the President
34 for National Security Affairs and the Assistant to the
President and Deputy Chief of Staff for Policy shall oversee an
interagency process with the purpose of, within 270 days of the
date of this order, developing and submitting a proposed
National Security Memorandum on AI to the President. The
memorandum shall address the governance of AI used as a
component of a national security system or for military and
intelligence purposes. The memorandum shall take into account
current efforts to govern the development and use of AI for
national security systems. The memorandum shall outline actions
for the Department of Defense, the Department of State, other
relevant agencies, and the Intelligence Community to address
the national security risks and potential benefits posed by AI.
In particular, the memorandum shall:
(a) provide guidance to the Department of Defense, other
relevant agencies, and the Intelligence Community on the
continued adoption of AI capabilities to advance the United
States national security mission, including through directing
specific AI assurance and risk-management practices for
national security uses of Al that may affect the rights or
safety of United States persons and, in appropriate contexts,
non-United States persons; and (b) direct continued actions, as
appropriate and consistent with applicable law, to address the
potential use of AI systems by adversaries and other foreign
actors in ways that threaten the capabilities or objectives of
the Department of Defense or the Intelligence Community, or
that otherwise pose risks to the security of the United States
or its allies and partners.
Sec. 5. Promoting Innovation and Competition.
5.1. Attracting AI Talent to the United States. (a) Within
90 days of the date of this order, to attract and retain talent
in AI and other critical and emerging technologies in the
United States economy, the Secretary of State and the Secretary
of Homeland Security shall take appropriate steps to:
(i) streamline processing times of visa petitions and
applications, including by ensuring timely availability
of visa appointments, for noncitizens who seek to
travel to the United States to work on, study, or
conduct research in AI or other critical and emerging
technologies; and
(ii) facilitate continued availability of visa
appointments in sufficient volume for applicants with
expertise in AI or other critical and emerging
technologies.
(b) Within 120 days of the date of this order, the
Secretary of State shall:
(i) consider initiating a rulemaking to establish new
criteria to designate countries and skills on the
Department of State's Exchange Visitor Skills List as
it relates to the 2-year foreign residence requirement
for certain J-1 nonimmigrants, including those skills
that are critical to the United States;
(ii) consider publishing updates to the 2009 Revised
Exchange Visitor Skills List (74 FR 20108); and
(iii) consider implementing a domestic visa renewal
program under 22 C.F.R. 41.111(b) to facilitate the
ability of qualified applicants, including highly
skilled talent in AI and critical and emerging
technologies, to continue their work in the United
States without unnecessary interruption.
(c) Within 180 days of the date of this order, the
Secretary of State shall:
(i) consider initiating a rulemaking to expand the
categories of nonimmigrants who qualify for the
domestic visa renewal program covered under 22 C.F.R.
41.111(b) to include academic J-1 research scholars and
F-1 students in science, technology, engineering, and
mathematics (STEM); and
(ii) establish, to the extent permitted by law and
available appropriations, a program to identify and
attract top talent in AI and other critical and
emerging technologies at universities, research
institutions, and the private sector overseas, and to
establish and increase connections with that talent to
educate them on opportunities and resources for
research and employment in the United States, including
overseas educational components to inform top STEM
talent of nonimmigrant and immigrant visa options and
potential expedited adjudication of their visa
petitions and applications.
(d) Within 180 days of the date of this order, the
Secretary of Homeland Security shall:
(i) review and initiate any policy changes the
Secretary determines necessary and appropriate to
clarify and modernize immigration pathways for experts
in AI and other critical and emerging technologies,
including 0-1A and EB-1 noncitizens of extraordinary
ability; EB-2 advanced-degree holders and noncitizens
of exceptional ability; and startup founders in AI and
other critical and emerging technologies using the
International Entrepreneur Rule; and
(ii) continue its rulemaking process to modernize the
H-1B program and enhance its integrity and usage,
including by experts in AI and other critical and
emerging technologies, and consider initiating a
rulemaking to enhance the process for noncitizens,
including experts in AI and other critical and emerging
technologies and their spouses, dependents, and
children, to adjust their status to lawful permanent
resident.
(e) Within 45 days of the date of this order, for purposes
of considering updates to the ``Schedule A'' list of
occupations, 20 C.F.R. 656.5, the Secretary of Labor shall
publish a request for information (RFI) to solicit public
input, including from industry and worker-advocate communities,
identifying AI and other STEM-related occupations, as well as
additional occupations across the economy, for which there is
an insufficient number of ready, willing, able, and qualified
United States workers.
(f) The Secretary of State and the Secretary of Homeland
Security shall, consistent with applicable law and implementing
regulations, use their discretionary authorities to support and
attract foreign nationals with special skills in AI and other
critical and emerging technologies seeking to work, study, or
conduct research in the United States.
(g) Within 120 days of the date of this order, the
Secretary of Homeland Security, in consultation with the
Secretary of State, the Secretary of Commerce, and the Director
of OSTP, shall develop and publish informational resources to
better attract and retain experts in AI and other critical and
emerging technologies, including:
(i) a clear and comprehensive guide for experts in AI
and other critical and emerging technologies to
understand their options for working in the United
States, to be published in multiple relevant languages
on AI.gov; and
(ii) a public report with relevant data on
applications, petitions, approvals, and other key
indicators of how experts in AI and other critical and
emerging technologies have utilized the immigration
system through the end of Fiscal Year 2023.
5.2. Promoting Innovation. (a) To develop and strengthen
public-private partnerships for advancing innovation,
commercialization, and risk-mitigation methods for AI, and to
help promote safe, responsible, fair, privacy-protecting, and
trustworthy AI systems, the Director of NSF shall take the
following steps:
(i) Within 90 days of the date of this order, in
coordination with the heads of agencies that the
Director of NSF deems appropriate, launch a pilot
program implementing the National AI Research Resource
(NAIRR), consistent with past recommendations of the
NAIRR Task Force. The program shall pursue the
infrastructure, governance mechanisms, and user
interfaces to pilot an initial integration of
distributed computational, data, model, and training
resources to be made available to the research
community in support of AI-related research and
development. The Director of NSF shall identify Federal
and private sector computational, data, software, and
training resources appropriate for inclusion in the
NAIRR pilot program. To assist with such work, within
45 days of the date of this order, the heads of
agencies whom the Director of NSF identifies for
coordination pursuant to this subsection shall each
submit to the Director of NSF a report identifying the
agency resources that could be developed and integrated
into such a pilot program. These reports shall include
a description of such resources, including their
current status and availability; their format,
structure, or technical specifications; associated
agency expertise that will be provided; and the
benefits and risks associated with their inclusion in
the NAIRR pilot program. The heads of independent
regulatory agencies are encouraged to take similar
steps, as they deem appropriate.
(ii) Within 150 days of the date of this order, fund
and launch at least one NSF Regional Innovation Engine
that prioritizes AI-related work, such as AI-related
research, societal, or workforce needs.
(iii) Within 540 days of the date of this order,
establish at least four new National AI Research
Institutes, in addition to the 25 currently funded as
of the date of this order.
(b) Within 120 days of the date of this order, to support
activities involving high-performance and data-intensive
computing, the Secretary of Energy, in coordination with the
Director of NSF, shall, in a manner consistent with applicable
law and available appropriations, establish a pilot program to
enhance existing successful training programs for scientists,
with the goal of training 500 new researchers by 2025 capable
of meeting the rising demand for AI talent.
(c) To promote innovation and clarify issues related to AI
and inventorship of patentable subject matter, the Under
Secretary of Commerce for Intellectual Property and Director of
the United States Patent and Trademark Office (USPTO Director)
shall:
(i) within 120 days of the date of this order,
publish guidance to USPTO patent examiners and
applicants addressing inventorship and the use of AI,
including generative AI, in the inventive process,
including illustrative examples in which AI systems
play different roles in inventive processes and how, in
each example, inventorship issues ought to be analyzed;
(ii) subsequently, within 270 days of the date of
this order, issue additional guidance to USPTO patent
examiners and applicants to address other
considerations at the intersection of AI and IP, which
could include, as the USPTO Director deems necessary,
updated guidance on patent eligibility to address
innovation in AI and critical and emerging
technologies; and
(iii) within 270 days of the date of this order or
180 days after the United States Copyright Office of
the Library of Congress publishes its forthcoming AI
study that will address copyright issues raised by AI,
whichever comes later, consult with the Director of the
United States Copyright Office and issue
recommendations to the President on potential executive
actions relating to copyright and AI. The
recommendations shall address any copyright and related
issues discussed in the United States Copyright
Office's study, including the scope of protection for
works produced using AI and the treatment of
copyrighted works in AI training.
(d) Within 180 days of the date of this order, to assist
developers of AI in combatting AI-related IP risks, the
Secretary of Homeland Security, acting through the Director of
the National Intellectual Property Rights Coordination Center,
and in consultation with the Attorney General, shall develop a
training, analysis, and evaluation program to mitigate AI-
related IP risks. Such a program shall:
(i) include appropriate personnel dedicated to
collecting and analyzing reports of AI-related IP
theft, investigating such incidents with implications
for national security, and, where appropriate and
consistent with applicable law, pursuing related
enforcement actions;
(ii) implement a policy of sharing information and
coordinating on such work, as appropriate and
consistent with applicable law, with the Federal Bureau
of Investigation; United States Customs and Border
Protection; other agencies; State and local agencies;
and appropriate international organizations, including
through work-sharing agreements;
(iii) develop guidance and other appropriate
resources to assist private sector actors with
mitigating the risks of AI-related IP theft;
(iv) share information and best practices with AI
developers and law enforcement personnel to identify
incidents, inform stakeholders of current legal
requirements, and evaluate AI systems for IP law
violations, as well as develop mitigation strategies
and resources; and
(v) assist the Intellectual Property Enforcement
Coordinator in updating the Intellectual Property
Enforcement Coordinator Joint Strategic Plan on
Intellectual Property Enforcement to address AI-related
issues.
(e) To advance responsible AI innovation by a wide range of
healthcare technology developers that promotes the welfare of
patients and workers in the healthcare sector, the Secretary of
HHS shall identify and, as appropriate and consistent with
applicable law and the activities directed in section 8 of this
order, prioritize grantmaking and other awards, as well as
undertake related efforts, to support responsible AI
development and use, including:
(i) collaborating with appropriate private sector
actors through HHS programs that may support the
advancement of AI-enabled tools that develop
personalized immune-response profiles for patients,
consistent with section 4 of this order;
(ii) prioritizing the allocation of 2024 Leading Edge
Acceleration Project cooperative agreement awards to
initiatives that explore ways to improve healthcare-
data quality to support the responsible development of
AI tools for clinical care, real-world-evidence
programs, population health, public health, and related
research; and
(iii) accelerating grants awarded through the
National Institutes of Health Artificial Intelligence/
Machine Learning Consortium to Advance Health Equity
and Researcher Diversity (AIM-AHEAD) program and
showcasing current AIM-AHEAD activities in underserved
communities.
(f) To advance the development of AI systems that improve
the quality of veterans' healthcare, and in order to support
small businesses' innovative capacity, the Secretary of
Veterans Affairs shall:
(i) within 365 days of the date of this order, host
two 3-month nationwide AI Tech Sprint competitions; and
(ii) as part of the AI Tech Sprint competitions and
in collaboration with appropriate partners, provide
participants access to technical assistance, mentorship
opportunities, individualized expert feedback on
products under development, potential contract
opportunities, and other programming and resources.
(g) Within 180 days of the date of this order, to support
the goal of strengthening our Nation's resilience against
climate change impacts and building an equitable clean energy
economy for the future, the Secretary of Energy, in
consultation with the Chair of the Federal Energy Regulatory
Commission, the Director of OSTP, the Chair of the Council on
Environmental Quality, the Assistant to the President and
National Climate Advisor, and the heads of other relevant
agencies as the Secretary of Energy may deem appropriate,
shall:
(i) issue a public report describing the potential
for AI to improve planning, permitting, investment, and
operations for electric grid infrastructure and to
enable the provision of clean, affordable, reliable,
resilient, and secure electric power to all Americans;
(ii) develop tools that facilitate building
foundation models useful for basic and applied science,
including models that streamline permitting and
environmental reviews while improving environmental and
social outcomes;
(iii) collaborate, as appropriate, with private
sector organizations and members of academia to support
development of AI tools to mitigate climate change
risks;
(iv) take steps to expand partnerships with industry,
academia, other agencies, and international allies and
partners to utilize the Department of Energy's
computing capabilities and AI testbeds to build
foundation models that support new applications in
science and energy, and for national security,
including partnerships that increase community
preparedness for climate-related risks, enable clean-
energy deployment (including addressing delays in
permitting reviews), and enhance grid reliability and
resilience; and
(v) establish an office to coordinate development of
AI and other critical and emerging technologies across
Department of Energy programs and the 17 National
Laboratories.
(h) Within 180 days of the date of this order, to
understand AI's implications for scientific research, the
President's Council of Advisors on Science and Technology shall
submit to the President and make publicly available a report on
the potential role of AI, especially given recent developments
in AI, in research aimed at tackling major societal and global
challenges. The report shall include a discussion of issues
that may hinder the effective use of AI in research and
practices needed to ensure that AI is used responsibly for
research.
5.3. Promoting Competition. (a) The head of each agency
developing policies and regulations related to AI shall use
their authorities, as appropriate and consistent with
applicable law, to promote competition in AI and related
technologies, as well as in other markets. Such actions include
addressing risks arising from concentrated control of key
inputs, taking steps to stop unlawful collusion and prevent
dominant firms from disadvantaging competitors, and working to
provide new opportunities for small businesses and
entrepreneurs. In particular, the Federal Trade Commission is
encouraged to consider, as it deems appropriate, whether to
exercise the Commission's existing authorities, including its
rulemaking authority under the Federal Trade Commission Act, 15
U.S.C. 41 et seq., to ensure fair competition in the AI
marketplace and to ensure that consumers and workers are
protected from harms that may be enabled by the use of AI.
(b) To promote competition and innovation in the
semiconductor industry, recognizing that semiconductors power
AI technologies and that their availability is critical to AI
competition, the Secretary of Commerce shall, in implementing
division A of Public Law 117-167, known as the Creating Helpful
Incentives to Produce Semiconductors (CHIPS) Act of 2022,
promote competition by:
(i) implementing a flexible membership structure for
the National Semiconductor Technology Center that
attracts all parts of the semiconductor and
microelectronics ecosystem, including startups and
small firms;
(ii) implementing mentorship programs to increase
interest and participation in the semiconductor
industry, including from workers in underserved
communities;
(iii) increasing, where appropriate and to the extent
permitted by law, the availability of resources to
startups and small businesses, including:
(A) funding for physical assets, such as
specialty equipment or facilities, to which
startups and small businesses may not otherwise
have access;
(B) datasets--potentially including test and
performance data--collected, aggregated, or
shared by CHIPS research and development
programs;
(C) workforce development programs;
(D) design and process technology, as well as
IP, as appropriate; and
(E) other resources, including technical and
intellectual property assistance, that could
accelerate commercialization of new
technologies by startups and small businesses,
as appropriate; and
(iv) considering the inclusion, to the maximum extent
possible, and as consistent with applicable law, of
competition-increasing measures in notices of funding
availability for commercial research-and-development
facilities focused on semiconductors, including
measures that increase access to facility capacity for
startups or small firms developing semiconductors used
to power AI technologies.
(c) To support small businesses innovating and
commercializing AI, as well as in responsibly adopting and
deploying AI, the Administrator of the Small Business
Administration shall:
(i) prioritize the allocation of Regional Innovation
Cluster program funding for clusters that support
planning activities related to the establishment of one
or more Small Business AI Innovation and
Commercialization Institutes that provide support,
technical assistance, and other resources to small
businesses seeking to innovate, commercialize, scale,
or otherwise advance the development of AI;
(ii) prioritize the allocation of up to $2 million in
Growth Accelerator Fund Competition bonus prize funds
for accelerators that support the incorporation or
expansion of AI-related curricula, training, and
technical assistance, or other AI-related resources
within their programming; and
(iii) assess the extent to which the eligibility
criteria of existing programs, including the State
Trade Expansion Program, Technical and Business
Assistance funding, and capital-access programs--such
as the 7(a) loan program, 504 loan program, and Small
Business Investment Company (SBIC) program--support
appropriate expenses by small businesses related to the
adoption of AI and, if feasible and appropriate, revise
eligibility criteria to improve support for these
expenses.
(d) The Administrator of the Small Business Administration,
in coordination with resource partners, shall conduct outreach
regarding, and raise awareness of, opportunities for small
businesses to use capital-access programs described in
subsection 5.3(c) of this section for eligible AI-related
purposes, and for eligible investment funds with AI-related
expertise--particularly those seeking to serve or with
experience serving underserved communities--to apply for an
SBIC license.
Sec. 6. Supporting Workers. (a) To advance the Government's
understanding of AI's implications for workers, the following
actions shall be taken within 180 days of the date of this
order:
(i) The Chairman of the Council of Economic Advisers
shall prepare and submit a report to the President on
the labor-market effects of AI.
(ii) To evaluate necessary steps for the Federal
Government to address AI-related workforce disruptions,
the Secretary of Labor shall submit to the President a
report analyzing the abilities of agencies to support
workers displaced by the adoption of AI and other
technological advancements. The report shall, at a
minimum:
(A) assess how current or formerly
operational Federal programs designed to assist
workers facing job disruptions--including
unemployment insurance and programs authorized
by the Workforce Innovation and Opportunity Act
(Public Law 113-128)--could be used to respond
to possible future AI-related disruptions; and
(B) identify options, including potential
legislative measures, to strengthen or develop
additional Federal support for workers
displaced by AI and, in consultation with the
Secretary of Commerce and the Secretary of
Education, strengthen and expand education and
training opportunities that provide individuals
pathways to occupations related to AI.
(b) To help ensure that AI deployed in the workplace
advances employees' well-being:
(i) The Secretary of Labor shall, within 180 days of
the date of this order and in consultation with other
agencies and with outside entities, including labor
unions and workers, as the Secretary of Labor deems
appropriate, develop and publish principles and best
practices for employers that could be used to mitigate
AI's potential harms to employees' well-being and
maximize its potential benefits. The principles and
best practices shall include specific steps for
employers to take with regard to AI, and shall cover,
at a minimum:
(A) job-displacement risks and career
opportunities related to AI, including effects
on job skills and evaluation of applicants and
workers;
(B) labor standards and job quality,
including issues related to the equity,
protected-activity, compensation, health, and
safety implications of AI in the workplace; and
(C) implications for workers of employers'
AI-related collection and use of data about
them, including transparency, engagement,
management, and activity protected under
worker-protection laws.
(ii) After principles and best practices are
developed pursuant to subsection (b)(i) of this
section, the heads of agencies shall consider, in
consultation with the Secretary of Labor, encouraging
the adoption of these guidelines in their programs to
the extent appropriate for each program and consistent
with applicable law.
(iii) To support employees whose work is monitored or
augmented by AI in being compensated appropriately for
all of their work time, the Secretary of Labor shall
issue guidance to make clear that employers that deploy
AI to monitor or augment employees' work must continue
to comply with protections that ensure that workers are
compensated for their hours worked, as defined under
the Fair Labor Standards Act of 1938, 29 U.S.C. 201 et
seq., and other legal requirements.
(c) To foster a diverse AI-ready workforce, the Director of
NSF shall prioritize available resources to support AI-related
education and AI-related workforce development through existing
programs. The Director shall additionally consult with
agencies, as appropriate, to identify further opportunities for
agencies to allocate resources for those purposes. The actions
by the Director shall use appropriate fellowship programs and
awards for these purposes.
Sec. 7. Advancing Equity and Civil Rights.
7.1. Strengthening AI and Civil Rights in the Criminal
Justice System. (a) To address unlawful discrimination and
other harms that may be exacerbated by AI, the Attorney General
shall:
(i) consistent with Executive Order 12250 of November
2, 1980 (Leadership and Coordination of
Nondiscrimination Laws), Executive Order 14091, and 28
C.F.R. 0.50-51, coordinate with and support agencies in
their implementation and enforcement of existing
Federal laws to address civil rights and civil
liberties violations and discrimination related to AI;
(ii) direct the Assistant Attorney General in charge
of the Civil Rights Division to convene, within 90 days
of the date of this order, a meeting of the heads of
Federal civil rights offices--for which meeting the
heads of civil rights offices within independent
regulatory agencies will be encouraged to join--to
discuss comprehensive use of their respective
authorities and offices to: prevent and address
discrimination in the use of automated systems,
including algorithmic discrimination; increase
coordination between the Department of Justice's Civil
Rights Division and Federal civil rights offices
concerning issues related to AI and algorithmic
discrimination; improve external stakeholder engagement
to promote public awareness of potential discriminatory
uses and effects of AI; and develop, as appropriate,
additional training, technical assistance, guidance, or
other resources; and
(iii) consider providing, as appropriate and
consistent with applicable law, guidance, technical
assistance, and training to State, local, Tribal, and
territorial investigators and prosecutors on best
practices for investigating and prosecuting civil
rights violations and discrimination related to
automated systems, including AI.
(b) To promote the equitable treatment of individuals and
adhere to the Federal Government's fundamental obligation to
ensure fair and impartial justice for all, with respect to the
use of AI in the criminal justice system, the Attorney General
shall, in consultation with the Secretary of Homeland Security
and the Director of OSTP:
(i) within 365 days of the date of this order, submit
to the President a report that addresses the use of AI
in the criminal justice system, including any use in:
(A) sentencing;
(B) parole, supervised release, and
probation;
(C) bail, pretrial release, and pretrial
detention;
(D) risk assessments, including pretrial,
earned time, and early release or transfer to
home-confinement determinations;
(E) police surveillance;
(F) crime forecasting and predictive
policing, including the ingestion of historical
crime data into AI systems to predict high-
density ``hot spots'';
(G) prison-management tools; and
(H) forensic analysis;
(ii) within the report set forth in subsection
7.1(b)(i) of this section:
(A) identify areas where AI can enhance law
enforcement efficiency and accuracy, consistent
with protections for privacy, civil rights, and
civil liberties; and
(B) recommend best practices for law
enforcement agencies, including safeguards and
appropriate use limits for AI, to address the
concerns set forth in section 13(e)(i) of
Executive Order 14074 as well as the best
practices and the guidelines set forth in
section 13(e)(iii) of Executive Order 14074;
and
(iii) supplement the report set forth in subsection
7.1(b)(i) of this section as appropriate with
recommendations to the President, including with
respect to requests for necessary legislation.
(c) To advance the presence of relevant technical experts
and expertise (such as machine-learning engineers, software and
infrastructure engineering, data privacy experts, data
scientists, and user experience researchers) among law
enforcement professionals:
(i) The interagency working group created pursuant to
section 3 of Executive Order 14074 shall, within 180
days of the date of this order, identify and share best
practices for recruiting and hiring law enforcement
professionals who have the technical skills mentioned
in subsection 7.1(c) of this section, and for training
law enforcement professionals about responsible
application of AI.
(ii) Within 270 days of the date of this order, the
Attorney General shall, in consultation with the
Secretary of Homeland Security, consider those best
practices and the guidance developed under section 3(d)
of Executive Order 14074 and, if necessary, develop
additional general recommendations for State, local,
Tribal, and territorial law enforcement agencies and
criminal justice agencies seeking to recruit, hire,
train, promote, and retain highly qualified and
service-oriented officers and staff with relevant
technical knowledge. In considering this guidance, the
Attorney General shall consult with State, local,
Tribal, and territorial law enforcement agencies, as
appropriate.
(iii) Within 365 days of the date of this order, the
Attorney General shall review the work conducted
pursuant to section 2(b) of Executive Order 14074 and,
if appropriate, reassess the existing capacity to
investigate law enforcement deprivation of rights under
color of law resulting from the use of AI, including
through improving and increasing training of Federal
law enforcement officers, their supervisors, and
Federal prosecutors on how to investigate and prosecute
cases related to AI involving the deprivation of rights
under color of law pursuant to 18 U.S.C. 242.
7.2. Protecting Civil Rights Related to Government Benefits
and Programs. (a) To advance equity and civil rights,
consistent with the directives of Executive Order 14091, and in
addition to complying with the guidance on Federal Government
use of AI issued pursuant to section 10.1(b) of this order,
agencies shall use their respective civil rights and civil
liberties offices and authorities--as appropriate and
consistent with applicable law--to prevent and address unlawful
discrimination and other harms that result from uses of AI in
Federal Government programs and benefits administration. This
directive does not apply to agencies' civil or criminal
enforcement authorities. Agencies shall consider opportunities
to ensure that their respective civil rights and civil
liberties offices are appropriately consulted on agency
decisions regarding the design, development, acquisition, and
use of AI in Federal Government programs and benefits
administration. To further these objectives, agencies shall
also consider opportunities to increase coordination,
communication, and engagement about AI as appropriate with
community-based organizations; civil-rights and civil-liberties
organizations; academic institutions; industry; State, local,
Tribal, and territorial governments; and other stakeholders.
(b) To promote equitable administration of public benefits:
(i) The Secretary of HHS shall, within 180 days of
the date of this order and in consultation with
relevant agencies, publish a plan, informed by the
guidance issued pursuant to section 10.1(b) of this
order, addressing the use of automated or algorithmic
systems in the implementation by States and localities
of public benefits and services administered by the
Secretary, such as to promote: assessment of access to
benefits by qualified recipients; notice to recipients
about the presence of such systems; regular evaluation
to detect unjust denials; processes to retain
appropriate levels of discretion of expert agency
staff; processes to appeal denials to human reviewers;
and analysis of whether algorithmic systems in use by
benefit programs achieve equitable and just outcomes.
(ii) The Secretary of Agriculture shall, within 180
days of the date of this order and as informed by the
guidance issued pursuant to section 10.1(b) of this
order, issue guidance to State, local, Tribal, and
territorial public-benefits administrators on the use
of automated or algorithmic systems in implementing
benefits or in providing customer support for benefit
programs administered by the Secretary, to ensure that
programs using those systems:
(A) maximize program access for eligible
recipients;
(B) employ automated or algorithmic systems
in a manner consistent with any requirements
for using merit systems personnel in public-
benefits programs;
(C) identify instances in which reliance on
automated or algorithmic systems would require
notification by the State, local, Tribal, or
territorial government to the Secretary;
(D) identify instances when applicants and
participants can appeal benefit determinations
to a human reviewer for reconsideration and can
receive other customer support from a human
being;
(E) enable auditing and, if necessary,
remediation of the logic used to arrive at an
individual decision or determination to
facilitate the evaluation of appeals; and
(F) enable the analysis of whether
algorithmic systems in use by benefit programs
achieve equitable outcomes.
7.3. Strengthening AI and Civil Rights in the Broader
Economy. (a) Within 365 days of the date of this order, to
prevent unlawful discrimination from AI used for hiring, the
Secretary of Labor shall publish guidance for Federal
contractors regarding nondiscrimination in hiring involving AI
and other technology-based hiring systems.
(b) To address discrimination and biases against protected
groups in housing markets and consumer financial markets, the
Director of the Federal Housing Finance Agency and the Director
of the Consumer Financial Protection Bureau are encouraged to
consider using their authorities, as they deem appropriate, to
require their respective regulated entities, where possible, to
use appropriate methodologies including AI tools to ensure
compliance with Federal law and:
(i) evaluate their underwriting models for bias or
disparities affecting protected groups; and
(ii) evaluate automated collateral-valuation and
appraisal processes in ways that minimize bias.
(c) Within 180 days of the date of this order, to combat
unlawful discrimination enabled by automated or algorithmic
tools used to make decisions about access to housing and in
other real estate-related transactions, the Secretary of
Housing and Urban Development shall, and the Director of the
Consumer Financial Protection Bureau is encouraged to, issue
additional guidance:
(i) addressing the use of tenant screening systems in
ways that may violate the Fair Housing Act (Public Law
90-284), the Fair Credit Reporting Act (Public Law 91-
508), or other relevant Federal laws, including how the
use of data, such as criminal records, eviction
records, and credit information, can lead to
discriminatory outcomes in violation of Federal law;
and
(ii) addressing how the Fair Housing Act, the
Consumer Financial Protection Act of 2010 (title X of
Public Law 111-203), or the Equal Credit Opportunity
Act (Public Law 93-495) apply to the advertising of
housing, credit, and other real estate-related
transactions through digital platforms, including those
that use algorithms to facilitate advertising delivery,
as well as on best practices to avoid violations of
Federal law.
(d) To help ensure that people with disabilities benefit
from AI's promise while being protected from its risks,
including unequal treatment from the use of biometric data like
gaze direction, eye tracking, gait analysis, and hand motions,
the Architectural and Transportation Barriers Compliance Board
is encouraged, as it deems appropriate, to solicit public
participation and conduct community engagement; to issue
technical assistance and recommendations on the risks and
benefits of AI in using biometric data as an input; and to
provide people with disabilities access to information and
communication technology and transportation services.
Sec. 8. Protecting Consumers, Patients, Passengers, and
Students. (a) Independent regulatory agencies are encouraged,
as they deem appropriate, to consider using their full range of
authorities to protect American consumers from fraud,
discrimination, and threats to privacy and to address other
risks that may arise from the use of AI, including risks to
financial stability, and to consider rulemaking, as well as
emphasizing or clarifying where existing regulations and
guidance apply to AI, including clarifying the responsibility
of regulated entities to conduct due diligence on and monitor
any third-party AI services they use, and emphasizing or
clarifying requirements and expectations related to the
transparency of AI models and regulated entities' ability to
explain their use of AI models. (b) To help ensure the safe,
responsible deployment and use of AI in the healthcare, public-
health, and human-services sectors:
(i) Within 90 days of the date of this order, the
Secretary of HHS shall, in consultation with the
Secretary of Defense and the Secretary of Veterans
Affairs, establish an HHS AI Task Force that shall,
within 365 days of its creation, develop a strategic
plan that includes policies and frameworks--possibly
including regulatory action, as appropriate--on
responsible deployment and use of AI and AI-enabled
technologies in the health and human services sector
(including research and discovery, drug and device
safety, healthcare delivery and financing, and public
health), and identify appropriate guidance and
resources to promote that deployment, including in the
following areas:
(A) development, maintenance, and use of
predictive and generative AI-enabled
technologies in healthcare delivery and
financing--including quality measurement,
performance improvement, program integrity,
benefits administration, and patient
experience--taking into account considerations
such as appropriate human oversight of the
application of AI-generated output;
(B) long-term safety and real-world
performance monitoring of AI-enabled
technologies in the health and human services
sector, including clinically relevant or
significant modifications and performance
across population groups, with a means to
communicate product updates to regulators,
developers, and users;
(C) incorporation of equity principles in AI-
enabled technologies used in the health and
human services sector, using disaggregated data
on affected populations and representative
population data sets when developing new
models, monitoring algorithmic performance
against discrimination and bias in existing
models, and helping to identify and mitigate
discrimination and bias in current systems;
(D) incorporation of safety, privacy, and
security standards into the software-
development lifecycle for protection of
personally identifiable information, including
measures to address AI-enhanced cybersecurity
threats in the health and human services
sector;
(E) development, maintenance, and
availability of documentation to help users
determine appropriate and safe uses of AI in
local settings in the health and human services
sector;
(F) work to be done with State, local,
Tribal, and territorial health and human
services agencies to advance positive use cases
and best practices for use of AI in local
settings; and
(G) identification of uses of AI to promote
workplace efficiency and satisfaction in the
health and human services sector, including
reducing administrative burdens.
(ii) Within 180 days of the date of this order, the
Secretary of HHS shall direct HHS components, as the
Secretary of HHS deems appropriate, to develop a
strategy, in consultation with relevant agencies, to
determine whether AI-enabled technologies in the health
and human services sector maintain appropriate levels
of quality, including, as appropriate, in the areas
described in subsection (b)(i) of this section. This
work shall include the development of AI assurance
policy--to evaluate important aspects of the
performance of AI-enabled healthcare tools--and
infrastructure needs for enabling pre-market assessment
and post-market oversight of AI-enabled healthcare-
technology algorithmic system performance against real-
world data.
(iii) Within 180 days of the date of this order, the
Secretary of HHS shall, in consultation with relevant
agencies as the Secretary of HHS deems appropriate,
consider appropriate actions to advance the prompt
understanding of, and compliance with, Federal
nondiscrimination laws by health and human services
providers that receive Federal financial assistance, as
well as how those laws relate to AI. Such actions may
include:
(A) convening and providing technical
assistance to health and human services
providers and payers about their obligations
under Federal nondiscrimination and privacy
laws as they relate to AI and the potential
consequences of noncompliance; and
(B) issuing guidance, or taking other action
as appropriate, in response to any complaints
or other reports of noncompliance with Federal
nondiscrimination and privacy laws as they
relate to AI.
(iv) Within 365 days of the date of this order, the
Secretary of HHS shall, in consultation with the
Secretary of Defense and the Secretary of Veterans
Affairs, establish an AI safety program that, in
partnership with voluntary federally listed Patient
Safety Organizations:
(A) establishes a common framework for
approaches to identifying and capturing
clinical errors resulting from AI deployed in
healthcare settings as well as specifications
for a central tracking repository for
associated incidents that cause harm, including
through bias or discrimination, to patients,
caregivers, or other parties;
(B) analyzes captured data and generated
evidence to develop, wherever appropriate,
recommendations, best practices, or other
informal guidelines aimed at avoiding these
harms; and
(C) disseminates those recommendations, best
practices, or other informal guidance to
appropriate stakeholders, including healthcare
providers.
(v) Within 365 days of the date of this order, the
Secretary of HHS shall develop a strategy for
regulating the use of AI or AI-enabled tools in drug-
development processes. The strategy shall, at a
minimum:
(A) define the objectives, goals, and high-
level principles required for appropriate
regulation throughout each phase of drug
development;
(B) identify areas where future rulemaking,
guidance, or additional statutory authority may
be necessary to implement such a regulatory
system;
(C) identify the existing budget, resources,
personnel, and potential for new public/private
partnerships necessary for such a regulatory
system; and
(D) consider risks identified by the actions
undertaken to implement section 4 of this
order.
(c) To promote the safe and responsible development and use
of AI in the transportation sector, in consultation with
relevant agencies:
(i) Within 30 days of the date of this order, the
Secretary of Transportation shall direct the
Nontraditional and Emerging Transportation Technology
(NETT) Council to assess the need for information,
technical assistance, and guidance regarding the use of
AI in transportation. The Secretary of Transportation
shall further direct the NETT Council, as part of any
such efforts, to:
(A) support existing and future initiatives
to pilot transportation-related applications of
AI, as they align with policy priorities
articulated in the Department of
Transportation's (DOT) Innovation Principles,
including, as appropriate, through technical
assistance and connecting stakeholders;
(B) evaluate the outcomes of such pilot
programs in order to assess when DOT, or other
Federal or State agencies, have sufficient
information to take regulatory actions, as
appropriate, and recommend appropriate actions
when that information is available; and
(C) establish a new DOT Cross-Modal Executive
Working Group, which will consist of members
from different divisions of DOT and coordinate
applicable work among these divisions, to
solicit and use relevant input from appropriate
stakeholders.
(ii) Within 90 days of the date of this order, the
Secretary of Transportation shall direct appropriate
Federal Advisory Committees of the DOT to provide
advice on the safe and responsible use of AI in
transportation. The committees shall include the
Advanced Aviation Advisory Committee, the Transforming
Transportation Advisory Committee, and the Intelligent
Transportation Systems Program Advisory Committee.
(iii) Within 180 days of the date of this order, the
Secretary of Transportation shall direct the Advanced
Research Projects Agency-Infrastructure (ARPA-I) to
explore the transportation-related opportunities and
challenges of AI--including regarding software-defined
AI enhancements impacting autonomous mobility
ecosystems. The Secretary of Transportation shall
further encourage ARPA-I to prioritize the allocation
of grants to those opportunities, as appropriate. The
work tasked to ARPA-I shall include soliciting input on
these topics through a public consultation process,
such as an RFI.
(d) To help ensure the responsible development and
deployment of AI in the education sector, the Secretary of
Education shall, within 365 days of the date of this order,
develop resources, policies, and guidance regarding AI. These
resources shall address safe, responsible, and
nondiscriminatory uses of AI in education, including the impact
AI systems have on vulnerable and underserved communities, and
shall be developed in consultation with stakeholders as
appropriate. They shall also include the development of an ``AI
toolkit'' for education leaders implementing recommendations
from the Department of Education's AI and the Future of
Teaching and Learning report, including appropriate human
review of AI decisions, designing AI systems to enhance trust
and safety and align with privacy-related laws and regulations
in the educational context, and developing education-specific
guardrails.
(e) The Federal Communications Commission is encouraged to
consider actions related to how AI will affect communications
networks and consumers, including by:
(i) examining the potential for AI to improve
spectrum management, increase the efficiency of non-
Federal spectrum usage, and expand opportunities for
the sharing of non-Federal spectrum;
(ii) coordinating with the National
Telecommunications and Information Administration to
create opportunities for sharing spectrum between
Federal and non-Federal spectrum operations;
(iii) providing support for efforts to improve
network security, resiliency, and interoperability
using next-generation technologies that incorporate AI,
including self-healing networks, 6G, and Open RAN; and
(iv) encouraging, including through rulemaking,
efforts to combat unwanted robocalls and robotexts that
are facilitated or exacerbated by AI and to deploy AI
technologies that better serve consumers by blocking
unwanted robocalls and robotexts.
Sec. 9. Protecting Privacy. (a) To mitigate privacy risks
potentially exacerbated by AI--including by AI's facilitation
of the collection or use of information about individuals, or
the making of inferences about individuals--the Director of OMB
shall:
(i) evaluate and take steps to identify commercially
available information (CAI) procured by agencies,
particularly CAI that contains personally identifiable
information and including CAI procured from data
brokers and CAI procured and processed indirectly
through vendors, in appropriate agency inventory and
reporting processes (other than when it is used for the
purposes of national security);
(ii) evaluate, in consultation with the Federal
Privacy Council and the Interagency Council on
Statistical Policy, agency standards and procedures
associated with the collection, processing,
maintenance, use, sharing, dissemination, and
disposition of CAI that contains personally
identifiable information (other than when it is used
for the purposes of national security) to inform
potential guidance to agencies on ways to mitigate
privacy and confidentiality risks from agencies'
activities related to CAI;
(iii) within 180 days of the date of this order, in
consultation with the Attorney General, the Assistant
to the President for Economic Policy, and the Director
of OSTP, issue an RFI to inform potential revisions to
guidance to agencies on implementing the privacy
provisions of the E-Government Act of 2002 (Public Law
107-347). The RFI shall seek feedback regarding how
privacy impact assessments may be more effective at
mitigating privacy risks, including those that are
further exacerbated by AI; and
(iv) take such steps as are necessary and
appropriate, consistent with applicable law, to support
and advance the near-term actions and long term
strategy identified through the RFI process, including
issuing new or updated guidance or RFIs or consulting
other agencies or the Federal Privacy Council.
(b) Within 365 days of the date of this order, to better
enable agencies to use PETs to safeguard Americans' privacy
from the potential threats exacerbated by AI, the Secretary of
Commerce, acting through the Director of NIST, shall create
guidelines for agencies to evaluate the efficacy of
differential-privacy-guarantee protections, including for AI.
The guidelines shall, at a minimum, describe the significant
factors that bear on differential-privacy safeguards and common
risks to realizing differential privacy in practice.
(c) To advance research, development, and implementation
related to PETs:
(i) Within 120 days of the date of this order, the
Director of NSF, in collaboration with the Secretary of
Energy, shall fund the creation of a Research
Coordination Network (RCN) dedicated to advancing
privacy research and, in particular, the development,
deployment, and scaling of PETs. The RCN shall serve to
enable privacy researchers to share information,
coordinate and collaborate in research, and develop
standards for the privacy-research community.
(ii) Within 240 days of the date of this order, the
Director of NSF shall engage with agencies to identify
ongoing work and potential opportunities to incorporate
PETs into their operations. The Director of NSF shall,
where feasible and appropriate, prioritize research--
including efforts to translate research discoveries
into practical applications--that encourage the
adoption of leading-edge PETs solutions for agencies'
use, including through research engagement through the
RCN described in subsection (c)(1) of this section.
(iii) The Director of NSF shall use the results of
the United States-United Kingdom PETs Prize Challenge
to inform the approaches taken, and opportunities
identified, for PETs research and adoption.
Sec. 10. Advancing Federal Government Use of AI.
10.1. Providing Guidance for AI Management. (a) To
coordinate the use of AI across the Federal Government, within
60 days of the date of this order and on an ongoing basis as
necessary, the Director of OMB shall convene and chair an
interagency council to coordinate the development and use of AI
in agencies' programs and operations, other than the use of AI
in national security systems. The Director of OSTP shall serve
as Vice Chair for the interagency council. The interagency
council's membership shall include, at minimum, the heads of
the agencies identified in 31 U.S.C. 901(b), the Director of
National Intelligence, and other agencies as identified by the
Chair. Until agencies designate their permanent Chief AI
Officers consistent with the guidance described in subsection
10.1(b) of this section, they shall be represented on the
interagency council by an appropriate official at the Assistant
Secretary level or equivalent, as determined by the head of
each agency.
(b) To provide guidance on Federal Government use of AI,
within 150 days of the date of this order and updated
periodically thereafter, the Director of OMB, in coordination
with the Director of OSTP, and in consultation with the
interagency council established in subsection 10.1(a) of this
section, shall issue guidance to agencies to strengthen the
effective and appropriate use of AI, advance AI innovation, and
manage risks from AI in the Federal Government. The Director of
OMB's guidance shall specify, to the extent appropriate and
consistent with applicable law:
(i) the requirement to designate at each agency
within 60 days of the issuance of the guidance a Chief
Artificial Intelligence Officer who shall hold primary
responsibility in their agency, in coordination with
other responsible officials, for coordinating their
agency's use of AI, promoting AI innovation in their
agency, managing risks from their agency's use of AI,
and carrying out the responsibilities described in
section 8(c) of Executive Order 13960 of December 3,
2020 (Promoting the Use of Trustworthy Artificial
Intelligence in the Federal Government), and section
4(b) of Executive Order 14091;
(ii) the Chief Artificial Intelligence Officers'
roles, responsibilities, seniority, position, and
reporting structures;
(iii) for the agencies identified in 31 U.S.C.
901(b), the creation of internal Artificial
Intelligence Governance Boards, or other appropriate
mechanisms, at each agency within 60 days of the
issuance of the guidance to coordinate and govern AI
issues through relevant senior leaders from across the
agency;
(iv) required minimum risk-management practices for
Government uses of AI that impact people's rights or
safety, including, where appropriate, the following
practices derived from OSTP's Blueprint for an AI Bill
of Rights and the NIST AI Risk Management Framework:
conducting public consultation; assessing data quality;
assessing and mitigating disparate impacts and
algorithmic discrimination; providing notice of the use
of AI; continuously monitoring and evaluating deployed
AI; and granting human consideration and remedies for
adverse decisions made using AI;
(v) specific Federal Government uses of AI that are
presumed by default to impact rights or safety;
(vi) recommendations to agencies to reduce barriers
to the responsible use of AI, including barriers
related to information technology infrastructure, data,
workforce, budgetary restrictions, and cybersecurity
processes;
(vii) requirements that agencies identified in 31
U.S.C. 901(b) develop AI, strategies and pursue high-
impact AI use cases;
(viii) in consultation with the Secretary of
Commerce, the Secretary of Homeland Security, and the
heads of other appropriate agencies as determined by
the Director of OMB, recommendations to agencies
regarding:
(A) external testing for AI, including AI
red-teaming for generative AI, to be developed
in coordination with the Cybersecurity and
Infrastructure Security Agency;
(B) testing and safeguards against
discriminatory, misleading, inflammatory,
unsafe, or deceptive outputs, as well as
against producing child sexual abuse material
and against producing non'-consensual intimate
imagery of real individuals (including intimate
digital depictions of the body or body parts of
an identifiable individual), for generative AI;
(C) reasonable steps to watermark or
otherwise label output from generative AI;
(D) application of the mandatory minimum
risk-management practices defined under
subsection 10.1(b) (iv) of this section to
procured AI;
(E) independent evaluation of vendors' claims
concerning both the effectiveness and risk
mitigation of their AI offerings;
(F) documentation and oversight of procured
AI;
(G) maximizing the value to agencies when
relying on contractors to use and enrich
Federal Government data for the purposes of AI
development and operation;
(H) provision of incentives for the
continuous improvement of procured AI; and
(I) training on AI in accordance with the
principles set out in this order and in other
references related to AI listed herein; and
(ix) requirements for public reporting on compliance
with this guidance.
(c) To track agencies' AI progress, within 60 days of the
issuance of the guidance established in subsection 10.1(b) of
this section and updated periodically thereafter, the Director
of OMB shall develop a method for agencies to track and assess
their ability to adopt AI into their programs and operations,
manage its risks, and comply with Federal policy on AI. This
method should draw on existing related efforts as appropriate
and should address, as appropriate and consistent with
applicable law, the practices, processes, and capabilities
necessary for responsible AI adoption, training, and governance
across, at a minimum, the areas of information technology
infrastructure, data, workforce, leadership, and risk
management.
(d) To assist agencies in implementing the guidance to be
established in subsection 10.1(b) of this section:
(i) within 90 days of the issuance of the guidance,
the Secretary of Commerce, acting through the Director
of NIST, and in coordination with the Director of OMB
and the Director of OSTP, shall develop guidelines,
tools, and practices to support implementation of the
minimum risk-management practices described in
subsection 10.1(b)(iv) of this section; and
(ii) within 180 days of the issuance of the guidance,
the Director of OMB shall develop an initial means to
ensure that agency contracts for the acquisition of AI
systems and services align with the guidance described
in subsection 10.1(b) of this section and advance the
other aims identified in section 7224(d)(1) of the
Advancing American AI Act (Public Law 117-263, div. G,
title LXXII, subtitle B).
(e) To improve transparency for agencies' use of AI, the
Director of OMB shall, on an annual basis, issue instructions
to agencies for the collection, reporting, and publication of
agency AI use cases, pursuant to section 7225(a) of the
Advancing American AI Act. Through these instructions, the
Director shall, as appropriate, expand agencies' reporting on
how they are managing risks from their AI use cases and update
or replace the guidance originally established in section 5 of
Executive Order 13960.
(f) To advance the responsible and secure use of generative
AI in the Federal Government:
(i) As generative AI products become widely available
and common in online platforms, agencies are
discouraged from imposing broad general bans or blocks
on agency use of generative AI. Agencies should instead
limit access, as necessary, to specific generative AI
services based on specific risk assessments; establish
guidelines and limitations on the appropriate use of
generative AI; and, with appropriate safeguards in
place, provide their personnel and programs with access
to secure and reliable generative AI capabilities, at
least for the purposes of experimentation and routine
tasks that carry a low risk of impacting Americans'
rights. To protect Federal Government information,
agencies are also encouraged to employ risk-management
practices, such as training their staff on proper use,
protection, dissemination, and disposition of Federal
information; negotiating appropriate terms of service
with vendors; implementing measures designed to ensure
compliance with record-keeping, cybersecurity,
confidentiality, privacy, and data protection
requirements; and deploying other measures to prevent
misuse of Federal Government information in generative
AI.
(ii) Within 90 days of the date of this order, the
Administrator of General Services, in coordination with
the Director of OMB, and in consultation with the
Federal Secure Cloud Advisory Committee and other
relevant agencies as the Administrator of General
Services may deem appropriate, shall develop and issue
a framework for prioritizing critical and emerging
technologies offerings in the Federal Risk and
Authorization Management Program authorization process,
starting with generative AI offerings that have the
primary purpose of providing large language model-based
chat interfaces, code-generation and debugging tools,
and associated application programming interfaces, as
well as prompt-based image generators. This framework
shall apply for no less than 2 years from the date of
its issuance. Agency Chief Information Officers, Chief
Information Security Officers, and authorizing
officials are also encouraged to prioritize generative
AI and other critical and emerging technologies in
granting authorities for agency operation of
information technology systems and any other applicable
release or oversight processes, using continuous
authorizations and approvals wherever feasible.
(iii) Within 180 days of the date of this order, the
Director of the Office of Personnel Management (OPM),
in coordination with the Director of OMB, shall develop
guidance on the use of generative AI for work by the
Federal workforce.
(g) Within 30 days of the date of this order, to increase
agency investment in AI, the Technology Modernization Board
shall consider, as it deems appropriate and consistent with
applicable law, prioritizing funding for AI projects for the
Technology Modernization Fund for a period of at least 1 year.
Agencies are encouraged to submit to the Technology
Modernization Fund project funding proposals that include AI--
and particularly generative AI--in service of mission delivery
(h) Within 180 days of the date of this order, to
facilitate agencies' access to commercial AI capabilities, the
Administrator of General Services, in coordination with the
Director of OMB, and in collaboration with the Secretary of
Defense, the Secretary of Homeland Security, the Director of
National Intelligence, the Administrator of the National
Aeronautics and Space Administration, and the head of any other
agency identified by the Administrator of General Services,
shall take steps consistent with applicable law to facilitate
access to Federal Government-wide acquisition solutions for
specified types of AI services and products, such as through
the creation of a resource guide or other tools to assist the
acquisition workforce. Specified types of AI capabilities shall
include generative AI and specialized computing infrastructure.
(i) The initial means, instructions, and guidance issued
pursuant to subsections 10.1(a)-(h) of this section shall not
apply to AI when it is used as a component of a national
security system, which shall be addressed by the proposed
National Security Memorandum described in subsection 4.8 of
this order.
10.2. Increasing AI Talent in Government. (a) Within 45
days of the date of this order, to plan a national surge in AI
talent in the Federal Government, the Director of OSTP and the
Director of OMB, in consultation with the Assistant to the
President for National Security Affairs, the Assistant to the
President for Economic Policy, the Assistant to the President
and Domestic Policy Advisor, and the Assistant to the President
and Director of the Gender Policy Council, shall identify
priority mission areas for increased Federal Government AI
talent, the types of talent that are highest priority to
recruit and develop to ensure adequate implementation of this
order and use of relevant enforcement and regulatory
authorities to address AI risks, and accelerated hiring
pathways.
(b) Within 45 days of the date of this order, to coordinate
rapid advances in the capacity of the Federal AI workforce, the
Assistant to the President and Deputy Chief of Staff for
Policy, in coordination with the Director of OSTP and the
Director of OMB, and in consultation with the National Cyber
Director, shall convene an AI and Technology Talent Task Force,
which shall include the Director of OPM, the Director of the
General Services Administration's Technology Transformation
Services, a representative from the Chief Human Capital
Officers Council, the Assistant to the President for
Presidential Personnel, members of appropriate agency
technology talent programs, a representative of the Chief Data
Officer Council, and a representative of the interagency
council convened under subsection 10.1(a) of this section. The
Task Force's purpose shall be to accelerate and track the
hiring of AI and AI-enabling talent across the Federal
Government, including through the following actions:
(i) within 180 days of the date of this order,
tracking and reporting progress to the President on
increasing AI capacity across the Federal Government,
including submitting to the President a report and
recommendations for further increasing capacity;
(ii) identifying and circulating best practices for
agencies to attract, hire, retain, train, and empower
AI talent, including diversity, inclusion, and
accessibility best practices, as well as to plan and
budget adequately for AI workforce needs;
(iii) coordinating, in consultation with the Director
of OPM, the use of fellowship programs and agency
technology-talent programs and human-capital teams to
build hiring capabilities, execute hires, and place AI
talent to fill staffing gaps; and
(iv) convening a cross-agency forum for ongoing
collaboration between AI professionals to share best
practices and improve retention.
(c) Within 45 days of the date of this order, to advance
existing Federal technology talent programs, the United States
Digital Service, Presidential Innovation Fellowship, United
States Digital Corps, OPM, and technology talent programs at
agencies, with support from the AI and Technology Talent Task
Force described in subsection 10.2(b) of this section, as
appropriate and permitted by law, shall develop and begin to
implement plans to support the rapid recruitment of individuals
as part of a Federal Government-wide AI talent surge to
accelerate the placement of key AI and AI-enabling talent in
high-priority areas and to advance agencies' data and
technology strategies.
(d) To meet the critical hiring need for qualified
personnel to execute the initiatives in this order, and to
improve Federal hiring practices for AI talent, the Director of
OPM, in consultation with the Director of OMB, shall:
(i) within 60 days of the date of this order, conduct
an evidence-based review on the need for hiring and
workplace flexibility, including Federal Government-
wide direct-hire authority for AI and related data-
science and technical roles, and, where the Director of
OPM finds such authority is appropriate, grant it; this
review shall include the following job series at all
General Schedule (GS) levels: IT Specialist (2210),
Computer Scientist (1550), Computer Engineer (0854),
and Program Analyst (0343) focused on AI, and any
subsequently developed job series derived from these
job series;
(ii) within 60 days of the date of this order,
consider authorizing the use of excepted service
appointments under 5 C.F.R. 213.3102(i)(3) to address
the need for hiring additional staff to implement
directives of this order;
(iii) within 90 days of the date of this order,
coordinate a pooled-hiring action informed by subject
matter experts and using skills-based assessments to
support the recruitment of AI talent across agencies;
(iv) within 120 days of the date of this order, as
appropriate and permitted by law, issue guidance for
agency application of existing pay flexibilities or
incentive pay programs for AI, AI-enabling, and other
key technical positions to facilitate appropriate use
of current pay incentives;
(v) within 180 days of the date of this order,
establish guidance and policy on skills-based, Federal
Government-wide hiring of AI, data, and technology
talent in order to increase access to those with
nontraditional academic backgrounds to Federal AI,
data, and technology roles;
(vi) within 180 days of the date of this order,
establish an interagency working group, staffed with
both human-resources professionals and recruiting
technical experts, to facilitate Federal Government-
wide hiring of people with AI and other technical
skills;
(vii) within 180 days of the date of this order,
review existing Executive Core Qualifications (ECQs)
for Senior Executive Service (SES) positions informed
by data and AI literacy competencies and, within 365
days of the date of this order, implement new ECQs as
appropriate in the SES assessment process;
(viii) within 180 days of the date of this order,
complete a review of competencies for civil engineers
(GS-0810 series) and, if applicable, other related
occupations, and make recommendations for ensuring that
adequate AI expertise and credentials in these
occupations in the Federal Government reflect the
increased use of AI in critical infrastructure; and
(ix) work with the Security, Suitability, and
Credentialing Performance Accountability Council to
assess mechanisms to streamline and accelerate
personnel-vetting requirements, as appropriate, to
support AI and fields related to other critical and
emerging technologies.
(e) To expand the use of special authorities for AI hiring
and retention, agencies shall use all appropriate hiring
authorities, including Schedule A(r) excepted service hiring
and direct-hire authority, as applicable and appropriate, to
hire AI talent and AI-enabling talent rapidly. In addition to
participating in OPM-led pooled hiring actions, agencies shall
collaborate, where appropriate, on agency-led pooled hiring
under the Competitive Service Act of 2015 (Public Law 114-137)
and other shared hiring. Agencies shall also, where applicable,
use existing incentives, pay-setting authorities, and other
compensation flexibilities, similar to those used for cyber and
information technology positions, for AI and data-science
professionals, as well as plain-language job titles, to help
recruit and retain these highly skilled professionals. Agencies
shall ensure that AI and other related talent needs (such as
technology governance and privacy) are reflected in strategic
workforce planning and budget formulation.
(f) To facilitate the hiring of data scientists, the Chief
Data Officer Council shall develop a position-description
library for data scientists (job series 1560) and a hiring
guide to support agencies in hiring data scientists.
(g) To help train the Federal workforce on AI issues, the
head of each agency shall implement--or increase the
availability and use of--AI training and familiarization
programs for employees, managers, and leadership in technology
as well as relevant policy, managerial, procurement,
regulatory, ethical, governance, and legal fields. Such
training programs should, for example, empower Federal
employees, managers, and leaders to develop and maintain an
operating knowledge of emerging AI technologies to assess
opportunities to use these technologies to enhance the delivery
of services to the public, and to mitigate risks associated
with these technologies. Agencies that provide professional-
development opportunities, grants, or funds for their staff
should take appropriate steps to ensure that employees who do
not serve in traditional technical roles, such as policy,
managerial, procurement, or legal fields, are nonetheless
eligible to receive funding for programs and courses that focus
on AI, machine learning, data science, or other related subject
areas.
(h) Within 180 days of the date of this order, to address
gaps in AI talent for national defense, the Secretary of
Defense shall submit a report to the President through the
Assistant to the President for National Security Affairs that
includes:
(i) recommendations to address challenges in the
Department of Defense's ability to hire certain
noncitizens, including at the Science and Technology
Reinvention Laboratories;
(ii) recommendations to clarify and streamline
processes for accessing classified information for
certain noncitizens through Limited Access
Authorization at Department of Defense laboratories;
(iii) recommendations for the appropriate use of
enlistment authority under 10 U.S.C. 504(b)(2) for
experts in AI and other critical and emerging
technologies; and
(iv) recommendations for the Department of Defense
and the Department of Homeland Security to work
together to enhance the use of appropriate authorities
for the retention of certain noncitizens of vital
importance to national security by the Department of
Defense and the Department of Homeland Security.
Sec. 11. Strengthening American Leadership Abroad. (a) To
strengthen United States leadership of global efforts to unlock
AI's potential and meet its challenges, the Secretary of State,
in coordination with the Assistant to the President for
National Security Affairs, the Assistant to the President for
Economic Policy, the Director of OSTP, and the heads of other
relevant agencies as appropriate, shall:
(i) lead efforts outside of military and intelligence
areas to expand engagements with international allies
and partners in relevant bilateral, multilateral, and
multi-stakeholder fora to advance those allies' and
partners' understanding of existing and planned AI-
related guidance and policies of the United States, as
well as to enhance international collaboration; and
(ii) lead efforts to establish a strong international
framework for managing the risks and harnessing the
benefits of AI, including by encouraging international
allies and partners to support voluntary commitments
similar to those that United States companies have made
in pursuit of these objectives and coordinating the
activities directed by subsections (b), (c), (d), and
(e) of this section, and to develop common regulatory
and other accountability principles for foreign
nations, including to manage the risk that AI systems
pose.
(b) To advance responsible global technical standards for
AI development and use outside of military and intelligence
areas, the Secretary of Commerce, in coordination with the
Secretary of State and the heads of other relevant agencies as
appropriate, shall lead preparations for a coordinated effort
with key international allies and partners and with standards
development organizations, to drive the development and
implementation of AI-related consensus standards, cooperation
and coordination, and information sharing. In particular, the
Secretary of Commerce shall:
(i) within 270 days of the date of this order,
establish a plan for global engagement on promoting and
developing AI standards, with lines of effort that may
include:
(A) AI nomenclature and terminology;
(B) best practices regarding data capture,
processing, protection, privacy,
confidentiality, handling, and analysis;
(C) trustworthiness, verification, and
assurance of AI systems; and
(D) AI risk management;
(ii) within 180 days of the date the plan is
established, submit a report to the President on
priority actions taken pursuant to the plan; and
(iii) ensure that such efforts are guided by
principles set out in the NIST AI Risk Management
Framework and United States Government National
Standards Strategy for Critical and Emerging
Technology.
(c) Within 365 days of the date of this order, to promote
safe, responsible, and rights-affirming development and
deployment of AI abroad:
(i) The Secretary of State and the Administrator of
the United States Agency for International Development,
in coordination with the Secretary of Commerce, acting
through the director of NIST, shall publish an AI in
Global Development Playbook that incorporates the AI
Risk Management Framework's principles, guidelines, and
best practices into the social, technical, economic,
governance, human rights, and security conditions of
contexts beyond United States borders. As part of this
work, the Secretary of State and the Administrator of
the United States Agency for International Development
shall draw on lessons learned from programmatic uses of
AI in global development.
(ii) The Secretary of State and the Administrator of
the United States Agency for International Development,
in collaboration with the Secretary of Energy and the
Director of NSF, shall develop a Global AI Research
Agenda to guide the objectives and implementation of
AI-related research in contexts beyond United States
borders. The Agenda shall:
(A) include principles, guidelines,
priorities, and best practices aimed at
ensuring the safe, responsible, beneficial, and
sustainable global development and adoption of
AI; and
(B) address AI's labor-market implications
across international contexts, including by
recommending risk mitigations.
(d) To address cross-border and global AI risks to critical
infrastructure, the Secretary of Homeland Security, in
coordination with the Secretary of State, and in consultation
with the heads of other relevant agencies as the Secretary of
Homeland Security deems appropriate, shall lead efforts with
international allies and partners to enhance cooperation to
prevent, respond to, and recover from potential critical
infrastructure disruptions resulting from incorporation of AI
into critical infrastructure systems or malicious use of AI.
(i) Within 270 days of the date of this order, the
Secretary of Homeland Security, in coordination with
the Secretary of State, shall develop a plan for
multilateral engagements to encourage the adoption of
the AI safety and security guidelines for use by
critical infrastructure owners and operators developed
in section 4.3(a) of this order.
(ii) Within 180 days of establishing the plan
described in subsection (d)(i) of this section, the
Secretary of Homeland Security shall submit a report to
the President on priority actions to mitigate cross-
border risks to critical United States infrastructure.
Sec. 12. Implementation. (a) There is established, within
the Executive Office of the President, the White House
Artificial Intelligence Council (White House AI Council). The
function of the White House AI Council is to coordinate the
activities of agencies across the Federal Government to ensure
the effective formulation, development, communication, industry
engagement related to, and timely implementation of AI-related
policies, including policies set forth in this order.
(b) The Assistant to the President and Deputy Chief of
Staff for Policy shall serve as Chair of the White House AI
Council.
(c) In addition to the Chair, the White House AI Council
shall consist of the following members, or their designees:
(i) the Secretary of State;
(ii) the Secretary of the Treasury;
(iii) the Secretary of Defense;
(iv) the Attorney General;
(v) the Secretary of Agriculture;
(vi) the Secretary of Commerce;
(vii) the Secretary of Labor;
(viii) the Secretary of HHS;
(ix) the Secretary of Housing and Urban Development;
(x) the Secretary of Transportation;
(xi) the Secretary of Energy;
(xii) the Secretary of Education;
(xiii) the Secretary of Veterans Affairs;
(xiv) the Secretary of Homeland Security;
(xv) the Administrator of the Small Business
Administration;
(xvi) the Administrator of the United States Agency
for International Development;
(xvii) the Director of National Intelligence;
(xviii) the Director of NSF;
(xix) the Director of OMB;
(xx) the Director of OSTP;
(xxi) the Assistant to the President for National
Security Affairs;
(xxii) the Assistant to the President for Economic
Policy;
(xxiii) the Assistant to the President and Domestic
Policy Advisor;
(xxiv) the Assistant to the President and Chief of
Staff to the Vice President;
(xxv) the Assistant to the President and Director of
the Gender Policy Council;
(xxvi) the Chairman of the Council of Economic
Advisers;
(xxvii) the National Cyber Director;
(xxviii) the Chairman of the Joint Chiefs of Staff;
and
(xxix) the heads of such other agencies, independent
regulatory agencies, and executive offices as the Chair
may from time to time designate or invite to
participate.
(d) The Chair may create and coordinate subgroups
consisting of White House AI Council members or their
designees, as appropriate.
Sec. 13. General Provisions. (a) Nothing in this order
shall be construed to impair or otherwise affect:
(i) the authority granted by law to an executive
department or agency, or the head thereof; or
(ii) the functions of the Director of the Office of
Management and Budget relating to budgetary,
administrative, or legislative proposals.
(b) This order shall be implemented consistent with
applicable law and subject to the availability of
appropriations.
(c) This order is not intended to, and does not, create any
right or benefit, substantive or procedural, enforceable at law
or in equity by any party against the United States, its
departments, agencies, or entities, its officers, employees, or
agents, or any other person.
Joseph R. Biden, Jr.
The White House, October 30, 2023.
[all]