This is part of an ongoing series of Covington blogs on the implementation of Executive Order No. 14110 on the “Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence” (the “AI EO”), issued by President Biden on October 30, 2023. The first blog summarized the AI EO’s key provisions and related OMB guidance, and subsequent blogs described the actions taken by various government agencies to implement the AI EO from November 2023 through September 2024. This blog describes key actions taken to implement the AI EO during October 2024. We will discuss developments during October 2024 to implement President Biden’s 2021 Executive Order on Cybersecurity in a separate post.
White House Issues National Security Memorandum on AI
On October 24, 2024, the White House published a National Security Memorandum on the use of AI models and AI-enabled technologies in national security systems and for military or intelligence purposes (“AI NSM”). The AI NSM and its accompanying “Framework to Advance AI Governance and Risk Management in National Security” (“AI Framework”) fulfill Section 4.8 of the AI EO, which requires the creation of the AI NSM to guide adoption of AI capabilities in support of U.S. national security and address potential uses of AI by adversaries and other foreign actors. Among other things, the AI NSM: (1) requires the U.S. AI Safety Institute to conduct voluntary safety tests of frontier AI models before and after their deployment, (2) instructs certain agencies to develop and implement sector-specific AI testing for cyber, nuclear, radiological, chemical, and biological risks, (3) establishes an AI Framework with prohibited uses and minimum risk management practices for AI used for national security, and (4) outlines potential amendments to the Federal Acquisition Regulation (“FAR”) to promote a streamlined and competitive procurement process for safe and reliable AI systems. Covington will publish a client alert that discusses the AI NSM in more detail, including how the AI NSM may be affected by the upcoming change in presidential administrations.
OMB Releases AI Procurement Requirements for Federal Agencies
On October 3, 2024, the White House Office of Management and Budget (“OMB”) released Memorandum M-24-18, Advancing the Responsible Acquisition of Artificial Intelligence in Government (the “Memo”). The Memo, which implements § 10.1(d)(ii) of the AI Executive Order and the Advancing American AI Act, establishes requirements for ensuring that federal agency contracts for AI systems and services align with the OMB’s March 2024 AI Memo, previously covered here. Among other things, the Memo requires agency contracts for rights-impacting and safety-impacting AI to include terms for vendor monitoring, documentation, testing, risk mitigation, performance improvements, and incident reporting. The Memo also establishes documentation and watermarking requirements for vendors of “general use enterprise-wide generative AI” and testing and accuracy requirements for vendors of “AI-based biometric systems.”
Department of Labor Issues Guidance on AI and Worker Well-Being for Employers and Developers
On October 16, the Department of Labor released a guidance document titled “AI and Worker Well-Being,” which provides employers and AI developers with principles and best practices for protecting workers from potential harms from AI while maximizing potential benefits, as required by § 6(b)(i) of the AI EO. Recommendations in the guidance include employer notice and disclosure when using AI in the workplace, protections for employee data, and AI audits for disparate or adverse impacts.
Department of Treasury Outbound Investment Rule
On October 28, 2024, the Department of Treasury (“Treasury”) issued a final rule to implement Executive Order 14105, “Addressing United States Investments in Certain National Security Technologies and Products in Countries of Concern.” As we have previously covered here, the final rule prohibits or requires notice for certain transactions involving Chinese or Chinese-owned entities, including transactions involving AI systems designed for military or government intelligence purposes or that meet certain computational thresholds.