White House prepares broad AI order including security and safety rules


President Joe Biden on Monday is expected to sign an executive order on artificial intelligence, with several provisions meant to prompt strong cybersecurity regulations as the technology evolves.

The order marks the first-ever binding government action on AI and comes as the administration and lawmakers have labored to come up with a policy framework and at the same time compete with foreign adversaries like China.

“The actions that President Biden directed today are vital steps forward in the U.S.’s approach on safe, secure, and trustworthy AI,” according to a White House fact sheet. “More action will be required, and the Administration will continue to work with Congress to pursue bipartisan legislation to help America lead the way in responsible innovation.”

The White House seeks to build on voluntary commitments it secured from leading AI companies earlier this year and arrives just days before Vice President Kamala Harris is expected to attend Britain’s AI summit.

The order requires some AI companies to share their safety test results — based on standards developed by the National Institute of Standards and Technology — with the federal government. It also directs the Commerce Department to establish guidance on AI watermarking and creates a digital security program for making AI tools that will eventually help identify vulnerabilities in critical software.

The Homeland Security Department will mandate that critical infrastructure operators meet the new standards and will set up a new AI Safety and Security Board to focus on AI threats to critical infrastructure.

The fact sheet also promises there will be fresh federal aid for “accelerating the development and use of privacy-preserving techniques—including ones that use cutting-edge AI and that let AI systems be trained while preserving the privacy of the training data.”

The executive order focuses heavily on the importance of designing AI to protect Americans’ privacy, saying that without guardrails AI can pose a privacy risk because it allows for easy extraction, identification and exploitation of personal data.

The president is asking Congress to pass bipartisan data privacy legislation and to prioritize federal support for “accelerating the development and use of privacy-preserving techniques—including ones that use cutting-edge AI and that let AI systems be trained while preserving the privacy of the training data.”

Additionally, the executive order calls for bolstering privacy-protective research and technologies, including cryptographic tools, through the funding of a network to coordinate privacy research.

Federal agencies also will be assessed on how they gather and use commercially available information, including from data brokers, and on how they add rigor to privacy guidance judging AI risks.

The executive order “seems on track to represent a remarkable, whole-of-government effort to support the responsible development and governance of AI,” Center for Democracy & Technology CEO Alexandra Reeve Givens said in a statement.

“It’s notable to see the Administration focusing on both the emergent risks of sophisticated foundation models and the many ways in which AI systems are already impacting people’s rights — a crucial approach that responds to the many concerns raised by public interest experts and advocates,” she added.

Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles


Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Post

Russian hacking tool floods social networks with bots, researchers say

Next Post

Toronto Public Library facing disruptions due to cyberattack

Related Posts

Apache Cordova App Harness Targeted in Dependency Confusion Attack

Researchers have identified a dependency confusion vulnerability impacting an archived Apache project called Cordova App Harness. Dependency confusion attacks take place owing to the fact that package managers check the public repositories before private registries, thus allowing a threat actor to publish a malicious package with the same name to a public package repository. This&
Read More