As the Trump administration drafts its artificial intelligence action plan, industry leaders are advocating for clear, risk-based regulations to prevent unnecessary restrictions on AI-driven cybersecurity and enterprise applications.
Those recommendations came in from tech policy and industry groups Information Technology Industry Council (ITI) and the Alliance for Digital Innovation (ADI) and submitted to the Office of Management and Budget (OMB) in response to an executive order issued by President Donald Trump in January, where he announced his plans to develop a Federal “action plan” on AI.
In his EO, Trump aimed for a deadline of six months to have the plan developed which would reflect “the policy of the United States to sustain and enhance America’s global AI dominance in order to promote human flourishing, economic competitiveness, and national security.”
Both groups praised the Trump administration’s commitment to what it has asserted will be a largely deregulated approach to AI.
ITI noted in its response to the administration’s request for information asking for feedback on the AI action plan that a “holistic framework to support both innovation and investment in the technology” would be beneficial while also limiting overregulation.
ADI echoed similar sentiments, urging the Trump administration to take a “risk-based approach” to AI governance. It said that policies should focus “regulatory efforts on AI systems that have a significant legal or safety impact on individuals, thereby avoiding unnecessary constraints on low-risk, enterprise-level AI uses, such as cybersecurity measures.”
Working with Congress to implement AI regulation is especially important to pre-empt state legislation, ITI noted, writing that without Federal regulation there’s “a risk that a tidal wave of state legislative activity could undermine the Administration’s stated goals of avoiding the overregulation of AI and promoting technological preeminence.”
Currently, there is no Federal legislation in place to regulate AI while some states, including Colorado and Utah, have passed narrowly tailored regulations.
When using AI in defense solutions, ADI wrote that regulation should employ “use-case-specific policies that impose appropriate requirements on developers and deployers of high-risk AI systems, while exempting routine enterprise IT functions from unnecessary constraints.”
ITI noted that integrating AI into defense solutions could “provide automated, adaptive, and scalable security solutions.” The group recommended that the administration “support cryptography and secure AI model training techniques” to “protect AI systems from adversarial attacks,” and deploying and supporting “AI threat detection capabilities to counter the rising use of AI in cyberattacks.”
Both groups recommended streamlining AI procurement processes to facilitate faster adoption of innovative AI solutions by the Federal government, which they said could spur innovation by engaging emerging technology providers. ADI supported micro-purchases and simplified acquisition thresholds, stating that it could foster “a more competitive and flexible procurement environment.”
Public-private partnerships also drive AI research and innovation, the groups added, while encouraging the alignment of regulatory approaches with industry best practices. Forums and workshops that enable Federal officials and industry stakeholders to exchange knowledge could improve collaboration, according to ADI. ITI added that fostering industry-academia partnerships could help address AI workforce-related challenges.
“To address the AI workforce shortage, policymakers should focus on initiatives that support AI education and reskilling programs, incentivize companies to invest in AI talent development, and facilitate collaboration between academia, industry, and government to create a robust AI talent pipeline,” ITI wrote.
The groups also addressed the need for improved access to Federal datasets and the establishment of best practices for data governance by digitizing government records, standardizing data formats, and ensuring privacy protections.
