White House Pulls Draft AI Safety Executive Order: What Businesses Need to Know
On 21 May 2026, the White House (USA) postponed the signing of an executive order that would have introduced a pre-release government review mechanism for advanced AI models. The signing ceremony had been announced with the participation of leading technology company executives and was cancelled hours before it was due to take place, following direct consultations between AI adviser David Sacks and a number of CEOs with the Oval Office.
1. What Was Planned and What Happened
The draft order provided for a voluntary framework under which developers of advanced AI models would submit those models to federal agencies for a period of up to 90 days prior to public release, for assessment of security threats. OpenAI and Anthropic were among the companies engaged in negotiations with the administration. The signing was called off after adviser Sacks and a number of industry leaders held consultations with the White House. According to sources cited by Axios, the primary reason was a principled objection to regulation as such.
2. Background: Why the Issue Became Urgent
The initiative had a specific factual basis. Anthropic suspended the release of its Mythos model after internal testing revealed that the model had identified thousands of vulnerabilities in operating systems and web browsers. Anthropic subsequently granted limited access to approximately 50 organisations managing critical infrastructure under Project Glasswing. This precedent drove the legislative initiative: unrestricted public release of a model with such capabilities posed material risks to critical infrastructure and national security systems.
3. Why the Order Was Pulled
Three objections dominated industry pushback.
- First, a disputed allocation of authority: the coordinating role was assigned to the Treasury Department, whereas CISA and NIST hold the established technical expertise in cybersecurity.
- Second, the 90-day transfer period could have precluded parallel testing of models by allied nations.
- Third, the order duplicated existing mechanisms, given that leading frontier models already undergo voluntary testing through the Commerce Department's Center for AI Standards and Innovation.
|
Beyond the procedural objections, a more fundamental concern was raised in public commentary. As Tech Policy Press noted, a safety regime that depends on who happens to be running a company and to whom that executive decides to grant access does not constitute a meaningful safety regime. |
4. Implications for Business
The regulatory vacuum at the US federal level persists. The Biden administration's AI executive order was revoked in January 2025. No replacement has been enacted. In the absence of a comprehensive federal framework, the legal regime governing advanced AI systems is determined by sector-specific requirements applicable to the relevant industry: financial services, healthcare, defence.
For international businesses, this means that compliance architecture must be constructed without reference to a single federal standard.
The EU AI Act remains in force, with revised timelines.
- Under the political agreement of 7 May 2026, which remains subject to formal adoption,
- standalone high-risk AI systems (Annex III) will be subject to the full set of obligations from 2 December 2027;
- systems embedded in regulated products will follow from 2 August 2028.
- Transparency obligations, including AI-generated content labelling, take effect from 2 December 2026.
- The extraterritorial reach of the regulation mirrors the GDPR: compliance is mandatory for any organisation whose AI systems are used within the EU or produce outputs affecting EU residents, regardless of the organisation's jurisdiction of incorporation.
Contractual framework and rights in AI-developed outputs.
The absence of a mandatory federal pre-release disclosure regime leaves open questions as to the scope of corresponding obligations under government contracts and joint development arrangements involving defence contractors. Provisions governing disclosure, licensing and allocation of rights in AI-developed outputs in such agreements warrant careful review in light of the prevailing regulatory uncertainty.
Author: Kamal Tserakhau, Hleb Shumilau.
The Arbitration & IT Disputes practice advises companies in the development and distribution of AI solutions on contractual structuring, EU AI Act compliance, and disputes concerning liability for AI system performance.
| If your business is assessing the regulatory or contractual implications discussed above, REVERA team would be pleased to assist. |
Write to our lawyer to learn more details
Contact a Lawyer