Martin Edwards, vice president of Taft’s Public Affairs Strategies Group in Taft’s Washington, D.C. office, contributed to this post.

Early on July 1, the U.S. Senate voted to halt an effort to impose a 10-year moratorium on state regulation of artificial intelligence. The vote, 99-1, removed the AI provision from President Trump’s “Big, Beautiful Bill” that had evolved from a full moratorium on state AI regulation for the next decade, to its most recent iteration that required states to adopt the ban in order to receive federal broadband funding over the next five years.

Yesterday, Sen. Marsha Blackburn of Tennessee and Sen. Ted Cruz of Texas attempted to revise the AI ban to address current regulations. According to media reporting, efforts toward banning state AI regulation broke down amidst concerns that the language was overly broad and could adversely impact existing laws concerning privacy, consumer protection, and child safety.

In the last year, states have taken the lead in AI regulatory efforts as the federal government steers toward deregulation. Several state legislatures are currently debating bills to regulate AI developers, distributors, and deployers. The most prominent AI laws on the books include the California AI Transparency Act, Colorado AI Act, Tennessee’s Ensuring Likeness, Voice, and Image Security (ELVIS) Act, the Utah Artificial Intelligence Policy Act, and the Texas Responsible AI Governance Act (TRAIGA), which was signed into law last week. In addition, several of the 19 state consumer privacy laws currently in effect, or soon-to-be in effect, contain restrictions on algorithmic decision making.

The AI ban could potentially be resurrected in the U.S. House of Representatives as budget reconciliation efforts continue. However, given the decisive vote to remove the AI ban, we expect future deregulatory efforts would more likely manifest in a standalone federal preemption bill. Based on what we have learned from the most recent Senate negotiations, we expect any such effort would require sufficient federal protections as part of any compromise on state law preemption.

In the meantime, despite potential federal constraints, states will remain active players in AI regulation. As we have seen in California, Colorado, Tennessee, Texas, and Utah (and several states debating similar legislation), AI regulation is largely focused on emerging consumer protection needs and a demand for transparency and accountability in high-risk processing fields like employment, finance, health care, and education. Organizations can prepare now by adopting and improving AI governance, documenting risk assessment findings for AI tools in development or use, and working with legal counsel to evaluate how existing laws may impact AI activities.

This update is part of Taft’s White House Toolkit. Please reference the toolkit for additional cross-practice coverage of federal legislative and regulatory activity that may affect businesses or organizations.

Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Marcus Harris Marcus Harris

Marcus has established one of the country’s leading practices devoted to drafting and negotiating Enterprise Software related licenses, implementation and SaaS agreements, as well as litigating failed software implementations in courts and before arbitration panels across the country. He is one of the…

Marcus has established one of the country’s leading practices devoted to drafting and negotiating Enterprise Software related licenses, implementation and SaaS agreements, as well as litigating failed software implementations in courts and before arbitration panels across the country. He is one of the foremost attorneys in the country representing government entities, distributors and manufacturers in recovering damages arising out of failed Enterprise Resource Planning (ERP) software implementations.

Read more about Marcus HarrisMarcus's Linkedin Profile
Show more Show less
Photo of Zachary Heck Zachary Heck

Zach’s practice focuses on privacy and data security. Specifically, Zach assists clients in the areas of privacy compliance, data governance, and guidance in the aftermath of an information security incident, including data breach. Zach has experience advising clients with respect to FTC investigations…

Zach’s practice focuses on privacy and data security. Specifically, Zach assists clients in the areas of privacy compliance, data governance, and guidance in the aftermath of an information security incident, including data breach. Zach has experience advising clients with respect to FTC investigations, federal privacy regulations (such as HIPAA, FCRA, TCPA, and GLBA), state laws governing personally identifiable information (e.g., CCPA/CPRA), foreign privacy regulations (e.g., PIPEDA and GDPR), artificial intelligence, and government contracting security requirements (e.g., NIST 800-171 and CMMC 2.0).

Read more about Zachary HeckZachary's Linkedin Profile
Show more Show less
Related Posts
Is Your Business Really Protected When it Comes to AI
Is Your Business Really Protected from AI Risks?
May 30, 2025
1746205670660
The Truth About Cyber Insurance in 2025
May 19, 2025
Harris_Marcus_Landing
Harris to Moderate Panel at ITechLaw’s 2025 World Technology Conference
May 12, 2025