AI governance in US technology.
FTC enforcement of deceptive AI practices, DOJ antitrust scrutiny of AI platforms, NIST AI RMF as the emerging governance baseline, state consumer privacy obligations, and AI Safety Executive Order requirements.
Regulatory obligations at a glance
Key frameworks applying to AI in US technology. Map your AI systems against each.
AI products and services must not be deceptive (false capability claims, hidden AI use) or unfair (AI causing consumer harm without countervailing benefit). FTC has brought enforcement actions against AI misuse and has signalled ongoing AI enforcement priority.
HighAI products directed at or likely to be used by children under 13 must comply with COPPA — parental consent required before data collection. The Amazon Alexa $25M settlement established the enforcement precedent.
HighAI platforms in strategic market positions face increasing antitrust scrutiny. AI product bundling, exclusive dealing arrangements, and algorithmic coordination that harms competition risks DOJ investigation and action.
High14 states have comprehensive consumer privacy laws with automated decision-making rights, opt-out rights, and enforcement provisions. AI products must accommodate consumer rights for residents of covered states.
HighWhile voluntary, the NIST AI Risk Management Framework is increasingly referenced in government contracts, regulatory guidance, and litigation as the expected AI governance baseline for technology companies.
MediumExecutive Order 14110 requirements for dual-use foundation model developers — safety testing, red-teaming, and reporting obligations — apply to developers of large AI models. Implementation guidance continues to evolve.
High