The unfinished state AI regulation debate
Photo Credit: Getty
Following internal party negotiations, the Senate declined to include a multiyear moratorium on state artificial intelligence (AI) regulation in President Trump’s “One Big Beautiful Bill.” Initially passed in the House version of H.R. 1, Sen. Ted Cruz (R-TX) attempted to salvage the AI moratorium by striking a deal with Sen. Marsha Blackburn (R-TN). The tenuous deal reduced the moratorium to five years and excluded preemption of state regulations for child online safety and copyright enforcement. Soon after, Sen. Blackburn pulled her support, and the Senate voted 99-1 to remove the moratorium.
Opponents within the GOP asserted that the provision would unjustifiably curtail states’ rights and insufficiently address pressing AI issues, such as online child safety and data privacy. Democrats largely came out against the provision, contending that a nationwide state preemption without a viable federal framework to regulate AI would leave the field dangerously unrestrained.
Proponents of the moratorium worry that the current approach to AI regulation produces an overbearing and unwieldy patchwork of conflicting state regulations. As competition with China in AI development continues to heat up, the enforcement of potentially inconsistent state AI laws risks curtailing innovation and development.
Presently, California, Colorado, and Texas have enacted legislation regulating AI. California alone has 18 AI-specific laws, with more proposed legislation on the way. Included among California’s AI statutes is a law clarifying that AI-generated data is treated as personal information, allowing consumers to sue AI companies for data breaches under the California Consumer Privacy Act protections. In 2024, Colorado enacted a comprehensive AI law that established far-reaching obligations related to documentation, disclosures, risk analysis and mitigation, governance, and evaluations of potential effects for developers and deployers of “high-risk” AI systems (defined as any artificial intelligence system that, when deployed, makes or significantly influences a consequential decision). In June 2025, Texas Governor Greg Abbott signed an AI law that sets a new AI governance regulatory framework for developers and deployers of AI systems operating in Texas. These are just a few examples of the wide array of state AI laws that have been enacted within the past few years.
The risks associated with greater penalties, rising compliance costs, and unpredictability all weigh against the application of a state AI law patchwork. Also, the current state-driven AI regulatory apparatus risks certain states creating AI compliance standards for other states. Considering most AI companies are based in California, it is plausible that California’s AI compliance regime reaches far beyond California’s borders and becomes a de facto nationwide standard.
The Constitution’s Commerce Clause empowers Congress to regulate activity that has a substantial economic effect on interstate commerce. Accordingly, Congress has a firm basis to establish the federal government as the primary regulator over the AI industry. Federal preemption of state laws regulating the tech sector is not without precedent. For instance, in 1998 the Internet Tax Freedom Act imposed a three-year moratorium (later made permanent) on state taxation of internet access.
Adam Thierer, senior fellow for technology and innovation at the R Street Institute, has contributed extensively to the discussion of the federal government’s role in AI regulation. Thierer advocates for an incremental and specifically tailored program for federal AI regulation in contrast to a comprehensive federal AI bill. This proposal offers a strong, viable option for Congress to combat regulatory inefficiency at the state level.
Current data privacy regulation demonstrates the negative consequences stemming from state law patchworks. Many states followed suit after California enacted its landmark consumer data privacy legislation in 2018. In the wake of the recent tide of new state privacy laws, companies doing business online across multiple states now face a complex and costly compliance regime.
Though the proposed multiyear moratorium on state AI laws failed in the Senate, the need for action remains. The emerging cumbersome, costly, and complex patchwork of state AI laws risks hobbling one of the most dynamic fields in the US tech sector. Federal regulatory standards for AI would reduce the emerging state-driven inefficiencies and promote American dominance in AI development.