If you’ve been keeping tabs on the AI legal landscape lately, one thing is clear: states aren’t waiting. Over the past year, lawmakers across the country have introduced—and in some cases passed—a flurry of bills aimed at regulating the use of AI systems, particularly in the areas of consumer protection, data privacy, and transparency. From algorithmic bias bans to generative AI labeling and ADMT restrictions, a patchwork of new AI rules is quickly taking shape.
But now, that momentum is running into a potential roadblock: a provision in House Republicans’ proposed budget reconciliation bill would impose a ten-year moratorium on state and local enforcement of laws specifically targeting AI models, systems, or automated decision-making tools. As drafted, the provision does not appear intended to affect neutral laws of general applicability that would affect both AI and non-AI systems in the same manner, like UDAP statutes or general privacy laws.
Supporters – including leading technology companies – argue that the pause is needed to give the federal government space to develop a unified national framework and prevent a growing patchwork of state and local regulations. Opponents, however, are pushing back hard, arguing that the states are best positioned to move quickly when consumer harms start to surface and pointing to Congress’s distinct lack of progress in advancing a federal framework to address AI.
In a recent letter – an official National Association of Attorneys General policy letter signed by 40 state Attorneys General (AGs) from both political parties – AGs warned that the provision would be “wholly destructive of reasonable state efforts to prevent known harms associated with AI” and jeopardize “hundreds of existing and pending state laws,” including some long-standing statutes. The letter explains that the provision could sweep in elements of broader state privacy laws, such as consumer opt-outs from certain automated decision-making and requirements for risk assessments tied to high-risk profiling. The AGs also note that a previous bipartisan letter had recommended “an appropriate federal framework” emphasizing “’high risk’ AI systems” and “robust transparency,” and providing for concurrent enforcement authority in part due to the AGs’ role as “trusted intermediaries” for consumers. They conclude the letter by welcoming federal partnership on addressing AI challenges.
It is unclear whether the provision will survive in the final budget bill, as it may run afoul of the Senate’s “Byrd rule,” which bars provisions deemed extraneous to budgetary goals. Should the provision clear any objections and remain in the reconciliation package, it could pass with a simple majority.
If enacted, the implications for state authority—and for companies navigating AI compliance—could be significant. The moratorium would freeze a fast-moving regulatory landscape just as many states are beginning to implement and enforce AI-related protections. Whether this leads to a more coherent, thoughtful approach to AI regulation or a regulatory vacuum remains to be seen.
However, we expect AGs will remain active and outspoken in this space (see here and here) and, regardless of the outcome, will use their UDAP laws where possible (as we’ve already noted here). And they will continue to push back on federal preemption of their laws as they have in the past, such as during the introduction of federal privacy bills in 2022 and 2024. Stay tuned for further updates and analysis as the legislative process unfolds.
[View source.]
