The US House and Senate are unlikely to pass federal legislation on the use of AI in business, so users should focus their attention on a new NIST framework in lieu of state-level law, according to Workday’s veep for corporate affairs.
Chandler Morse, a former chief of staff to Republican Senator Jeff Flake, told The Register that while the Republicans have won the House and the Senate, margins remained close in both, making the chances of passing federal legislation governing the use of AI during current presidential tenure unlikely.
“In all honesty, I don’t think anything’s going to happen in the US, Congress or federal legislation, but what is happening is a tremendous amount of activity at the state level,” the SaaS enterprise application vendor policy expert said.
In September, California Governor Gavin Newsom vetoed Bill 1047, arguing it failed to take the right approach to ensuring or requiring AI safety. But he left the door open for the US state’s lawmakers to propose a better bill for governing AI safety.
An alternative California bill addressing automated decision making (AB 2930) is also currently inactive. Although Workday initially supported the bill, it later challenged the details on accountability for how users introduced products and withdrew its support, Morse said. Nonetheless, California was likely to “take another run at it,” as would New York, while Connecticut and Colorado were also proposing legislation and Texas was “in the game,” he said.
EU AI Act still in infancy, but those with ‘intelligent’ HR apps better watch out
In the meantime, businesses would be wise to look at the US National Institute of Standards and Technology AI Risk Management Framework, which it released in July.
NIST developed a voluntary framework to “better manage risks to individuals, organizations, and society associated with AI.”
Since the EU has already introduced its AI Act, the NIST framework offers another set of standards to guide businesses looking to implement AI while legislation is developed, Morse said.
“Everyone looks at Congress and says, ‘You should do something.’ We don’t think Congress is going to act, and there should be something against which the US can harmonize with Europe. The quickest way we thought that could happen was to ask the NIST to do a framework. They had completed the Cyber Framework and had just finished the privacy framework. We actually got Congress to ask them to do it, and they are now the most advanced component [in US AI policy], although it is voluntary,” he said.
“We’re probably, like, halfway through the first period. It’s early days. We know where we want to go, but it’s also unlikely that it gets there without engagement. We are actively asking everyone to have an opinion, and get engaged. Where this all lands is going to direct the where AI goes,” he said.
In November, Joel Meyer, Domino Data Lab public sector president and former Homeland Security strategic initiatives deputy assistant secretary, told The Register that while president-elect Donald Trump was likely to ditch much of the work done by the outgoing Biden administration around AI when he comes into office, the AI Safety Institute housed within NIST might survive. Meyer said while any of Biden’s executive actions could be fair game for the Trump administration to scrap in the name of political point scoring, such established offices are unlikely to vanish entirely. ®