House GAAIA Discussion Draft Proposes Federal AI Governance Framework

The draft builds upon work from the bipartisan House AI Task Force. Representatives Suhas Subramanyam (D-Va.), Scott Franklin (R-Fla.), Scott Peters (D-Calif.), and Erin Houchin (R-Ind.) joined in releasing the draft.

Many observers believe that the current Obernolte-Trahan discussion draft bill is unlikely to pass out of committee or the House based on opposition from some in industry and various Members of Congress, including the leaders of the House Democrat AI Task Force. It may be best to view this new bipartisan bill as a conversation starter developed because of frustration that Congress has not yet really legislated on AI. The draft bill has been thrust into a complicated tech policy arena that includes many interconnected issues. Other tech policy discussions, including children’s online safety legislation and a privacy bill, in the Energy and Commerce Committee and the Senate Commerce Committee’s potential consideration of legislation impacting AI chatbots, children’s online safety, or a social media ban for some children could all be lumped in with various AI initiatives from the White House to attract additional support. Every few days, there are new developments in the AI policy area within the Administration and Congress, but it is helpful to see where Reps. Obernolte and Trahan were able to identify bipartisan consensus.

Objectives of the GAAIA

The 269-page draft would establish a federal AI governance regime addressing national security, cybersecurity, workforce, and innovation. If enacted, the legislation would create a framework for frontier-model oversight, codify the Center for AI Standards and Innovation (CAISI), expand federal attention to workforce and labor-market effects, review federal AI adoption and related regulatory barriers, address government “jawboning” of AI platforms, advance AI research, development, and international cooperation, and temporarily preempt state laws that specifically regulate the development of AI models. The research and international-cooperation provisions include support for AI testbeds, codification of the National Artificial Intelligence Research Resource (NAIRR), and limits on the People’s Republic of China’s participation in US-led standards coalitions. The draft follows President Trump’s June 2 executive order establishing voluntary federal agency reviews of frontier AI models and the White House’s March National Policy Framework for AI, which called on US Congress to preempt state AI laws imposing “undue burdens.”

Frontier Model Oversight and Incident Reporting

The GAAIA would establish a federal oversight framework for advanced AI developers that fall into one of two categories: “frontier developer,” which is any entity that has trained, or initiated the training of, a frontier model and that, collectively with its affiliates, had more than $50 million in gross revenue in the prior calendar year, and “large frontier developer,” which is an entity that meets the same test but had more than $500 million in gross revenue in the prior calendar year. The distinction matters because some obligations — such as transparency reports and critical-safety incident reporting — would apply to all frontier developers, while others — such as the published frontier AI framework and the independent audit regime — apply only to large frontier developers. The GAAIA distinguishes between general AI deployment and the development of frontier systems, with preemption and oversight provisions focused on the development side. Notably, the frontier transparency and audit requirements in Sections 111 and 112 would themselves sunset three years after enactment unless Congress reauthorizes them.

• Frontier AI Framework: The GAAIA would require each large frontier developer to write, implement, comply with, and clearly and conspicuously publish on a publicly available website a “frontier AI framework” — technical and organizational protocols to assess, mitigate, and manage catastrophic risk — within one year of enactment, and to review and update that framework at least annually.

• Reporting Obligations: The GAAIA would require frontier developers to report certain “critical safety incidents” — defined as unauthorized access to, modification of, or exfiltration of a frontier model’s weights; a failure of the model’s risk-mitigation measures; or loss of control of the model — to the CAISI director within 15 days of discovery and within 24 hours to a law enforcement agency where an incident poses an imminent risk of death or serious physical injury.

• Review and Audit Requirements: Large frontier developers would be required to retain a CAISI-licensed independent verification organization (IVO) to perform audits and assessments at least semi-annually and, on an ad hoc basis at the CAISI director’s request, grant the IVO timely access to unredacted materials, records, personnel, and systems, and submit post-audit reports. The IVO would assess not only the large frontier developer’s compliance with the law, but also whether the developer’s frontier AI framework is adequate to achieve acceptable levels of catastrophic-risk mitigation.

Whistleblower Protections

The GAAIA would also protect AI whistleblowers from retaliation. These protections could not be waived or altered by contract, including by any pre-dispute arbitration or other alternative-dispute-resolution agreement, and available remedies include double back pay with interest and compensatory damages such as litigation costs, expert witness fees, and reasonable attorneys’ fees.

Codifying the Center for AI Standards and Innovation

The GAAIA would codify CAISI within the US Department of Commerce and place it at the center of the legislation’s federal standards and evaluation framework. Key obligations for CAISI under the GAIAA include: 

• Developing voluntary guidelines, best practices, and standards for AI security and related evaluation work.

• Evaluating and monitoring activities tied to advanced AI systems.

• Supporting synthetic content detection tools.

• Administering the licensing regime for independent verification organizations that audit large frontier developers.

If passed, GAAIA would authorize $100 million annually for CAISI for fiscal years 2027 through 2029 and give the center special hiring authority for technical experts.

Workforce, Education, and Labor-Market Provisions

The GAAIA also addresses workforce and labor-market issues associated with AI adoption. The draft legislation:

• Directs federal agencies to collect additional data on AI use and adoption in the labor market.

• Calls for revisions to federal surveys so that AI-related workforce effects can be tracked more systematically.

• Places workforce impacts alongside national security, cybersecurity, and innovation concerns in the federal AI policy framework.

• Authorizes and directs the US National Science Foundation to establish and award grants for AI research, education, and workforce development, and authorizes scholarships and fellowships for students in AI-related programs.

• Amends the Worker Adjustment and Retraining Notification Act to require 60-days advance notice whenever AI is a “substantial factor” in a qualifying mass layoff.

• Requires the Secretary of Labor to designate at least 15 AI-sensitive occupations every two years and publish annual employment forecasts for those occupations.

Federal AI Adoption and Regulatory Review

The GAAIA would also address AI use at the federal level and the broader regulatory environment. The US Government Accountability Office would evaluate federal AI adoption progress and identify federal statutes or regulations that affect AI innovation or unduly burden AI infrastructure, including energy-related infrastructure.

• Calls for evaluation of federal AI adoption across government.

• Directs review of statutes and regulations that may affect AI innovation or infrastructure development.

• Connects AI governance to broader questions of federal capacity, infrastructure, and implementation.

Cybersecurity and Open-Source Software Security

The GAAIA would extend the Cybersecurity Information Sharing Act of 2015 through fiscal year 2035, continuing the legal framework that allows companies to share cyber threat information without incurring antitrust liability. The bill would also require large AI developers to provide model access to eligible open-source software maintainers for cybersecurity purposes.

AI Fraud Deterrence

The GAAIA would amend federal mail fraud, wire fraud, bank fraud, and money laundering statutes to increase maximum fines from $1 million to $2 million, add enhanced penalties when AI is used in the commission of those offenses, and impose penalties for using AI to impersonate government officials. Notably, the draft does not carve out defensive or simulation uses of AI, such as red-teaming or fraud detection testing, raising questions about whether such activities could inadvertently fall within its scope.

Federal Preemption of State AI Development Laws

The GAAIA would preempt certain state laws and regulations that specifically regulate the development of AI models for a three-year period. The draft, if adopted, would preserve state authority over the use or deployment of AI systems while preventing states from imposing separate rules on how models are built, trained, or developed. 

Key Takeaways

• The GAAIA combines frontier-model oversight, standards of development, workforce provisions, and federal regulatory review in a single federal AI framework.

• The most detailed obligations concern advanced developers, risk management, incident reporting, and independent review.

• The GAAIA would position the United States to lead on international AI standards by forming coalitions with like-minded governments.

• The GAAIA would broaden access to AI research resources, including prioritizing the release of federal datasets for AI training, by codifying the National Artificial Intelligence Research Resource.

• The GAAIA’s proposed three-year preemption of certain state AI development laws is expected to be a significant point of discussion as the legislation develops.

• As a discussion draft, the GAAIA may see changes before formal introduction, including to its scope, preemption, and implementation details.

We will continue to monitor developments and provide further updates as the legislation progresses. If you have any questions about GAAIA or would like to engage with Congress on the development of this legislation, please contact one of the authors of this alert.