Today, the Trump Administration issued an Executive Order titled "Promoting Advanced Artificial Intelligence Innovation and Security." The order mandates several coordinated actions to integrate AI into national security infrastructure and establish a framework for “voluntary” federal oversight.

The June release followed the abrupt postponement of a nearly identical draft order in late May. The White House appeared ready to sign that order, even going so far as to invite top AI executives to the Oval Office for the ceremony. However, the event was abruptly canceled after an overnight pressure campaign from prominent tech figures, including Elon Musk, Mark Zuckerberg, and former Trump administration AI czar David Sacks, who reportedly dismissed the draft as "just something doomers wanted." President Trump publicly justified pulling the order by stating he did not want a regulatory "blocker" getting in the way of the US lead over China.

The new order includes many hallmarks of the earlier pulled draft, including the same opening language that declares that the United States leads the world in AI due to the "enormous talent and innovation of our AI industry, and because we refuse to stifle this innovation with overly burdensome regulation." It also prioritizes developing an AI cybersecurity clearinghouse to coordinate on the cybersecurity implications of frontier AI models and to establish a benchmark for assessing the capabilities of advanced AI.

What’s in it?

The order mandates several actions by federal agencies, including:

Upgrading cybersecurity defenses: Within 30 days, the Committee on National Security Systems and the Secretary of War are to prioritize the cyber defense of their respective information systems. Civilian systems are also included, with the Cybersecurity and Infrastructure Security Agency (CISA) directed to issue guidance to protect “civilian Federal Government information systems” and facilitate access to AI-enabled defensive tools.

Establishing an AI cybersecurity clearinghouse: The order directs the formation of a collaborative body within 30 days “that coordinates and deconflicts scanning for software vulnerabilities, discovers and validates such vulnerabilities, and coordinates and prioritizes remediation and distribution of vulnerability patches. The clearinghouse will be headed by the Treasury Department, in consultation with the Department of War, the National Security Agency (NSA), Homeland Security, and CISA.

Securing frontier model deployment: Within 60 days, the order directs Treasury, the Department of War, the NSA, and CISA, in consultation with the National Cyber Director, the Assistant to the President for Science and Technology, and NIST to “develop and maintain a classified benchmarking process to assess the advanced cyber capabilities of AI models and determine the threshold at which an AI model should be designated a ‘covered frontier model.’ The order provides that the NSA, in consultation with the National Cyber Director, the APST, CISA, and other representatives of the Department of War, will make such determinations. The framework also calls for frontier developers to engage and collaborate with the government “to determine whether model(s) under development meet the designation of “covered frontier model,” and provide “access to covered frontier models,” including to select trusted partners, “to promote secure innovation and strengthen the cybersecurity of critical infrastructure.”

In keeping with the earlier proposal, this framework is described as “voluntary.” Prior to the May draft, some administration officials publicly likened the intended oversight framework to an "FDA for AI". The text of both the May draft and the final June order explicitly forbids this approach, ensuring that nothing shall "authorize the creation of a mandatory governmental licensing, preclearance, or permitting requirement.

One change to the May draft is the timeline for review. That text stated that developers would be able to "provide the Federal Government with access to covered frontier models... for a period of up to 90 days before they plan to release such models to other trusted partners." In the final June order, that window was reduced to 30 days.

Protecting against criminal actors: Section 4 directs the Attorney General to “prioritize the enforcement of… all applicable Federal criminal laws against anyone who utilizes AI to illegally access or damage a computer without authorization, or who utilizes AI while engaged in such illegal access to further any other crime." This includes "employing AI agents to unlawfully access data or information that is subsequently used for a criminal or unlawful purpose."

What’s next?

The details will determine the order’s ultimate impact. Policymakers and experts are already divided over both its significance and its purportedly “voluntary” nature. Sen. Bernie Sanders (I-VT) offered that the executive order is “voluntary and does almost nothing to protect Americans.” Meanwhile, Adam Thierer of the R Street Institute argued that although the order stops short of a formal licensing regime, it still represents a “significant win for the military-industrial complex and the continuing fiction of ‘voluntarism’ surrounding its inner workings.” Such open-ended EOs, he argues, can “lead to more avenues for public officials to exert control over not just model security, but potentially many other aspects of algorithmic development and use, including content-related matters.”

While the executive branch released the order, Congress has also begun examining many of the same issues. On Thursday, the House Homeland Security Subcommittee on Cybersecurity and Infrastructure Protection will hold a hearing titled "The AI Security Landscape: How Frontier Models, Agentic AI, and AI Coding Tools Are Reshaping Cybersecurity and Critical Infrastructure Resilience." The hearing is expected to examine how advanced AI models intersect with the cybersecurity issues raised in the executive order.