Alston & Bird Privacy, Cyber & Data Strategy Blog

President Biden Signs First National Security Memorandum Focused on AI

By , , and

On October 24, 2024, President Biden signed the first-ever National Security Memorandum (“NSM”) focused on artificial intelligence (“AI”), pursuant to subsection 4.8 of Executive Order 14110. The NSM provides guidance on developing, employing, and strengthening AI usage within the federal government.

The NSM outlines three main objectives which serve as guideposts in directing the U.S. Government in “appropriately harnessing AI models and AI-enabled technologies . . .”

Below are the NSM’s requirements that support each objective.

Objective 1: Leading the world’s development of safe, secure, and trustworthy AI.

  • The Department of Defense (“DoD”) and the Department of Homeland Security (“DHS”) must assist in attracting and bringing individuals with relevant AI experience to the U.S.
  • Within 180 days of the NSM (April 22, 2025), the Chair of Economic Advisers must prepare an analysis of the AI talent market in the U.S. and other countries.
  • The DoD, Department of Energy (“DoE”), and the Intelligence Community (“IC”) must consider the applicability of large-scale AI in achieving their mission.
  • The National Science Foundation (“NSF”) must use the National AI Research Resource (“NAIRR”) pilot project and any future NAIRR efforts to ensure AI research in the U.S. remains competitive.
  • Within 180 days of the NSM (April 22, 2025), the DoE must launch a pilot project to evaluate the performance and efficiency of federated AI and data sources for frontier AI-scale trainings, fine-tuning, and inference.
  • The AI Safety Institute (“AISI”) will serve as the primary U.S. Government point of contact with private sector AI developers.
  • Within 180 days of the NSM (April 22, 2025), AISI will issue guidance for AI developers on how to test, evaluate, and manage risks to safety, security, and trustworthiness arising from dual-use foundation models.
  • All agencies that conduct or fund safety testing and evaluations of AI systems must share the results of those evaluations with AISI within 30 days of completion.

Objective 2: Responsibly harness powerful AI to achieve national security objectives.

  • Covered agencies must revise their hiring and retention policies and strategies to advance responsible AI adoption.
  • Within 120 days of the NSM (February 21, 2025), covered agencies must identify education and training opportunities to increase AI competency within their agencies.
  • Each agency that uses AI on national security systems (“NSS”) must take all appropriate steps to accelerate responsible approval of AI systems.
  • Within 150 days of the NSM (March 23, 2025), the DoD must evaluate the feasibility of advancing, increasing, and promoting co-development and shared use of AI and AI-enabled assets with select allies and partners.
  • Heads of covered agencies must monitor, assess, and mitigate risks directly tied to their agency’s development and use of AI. Some of those risks include privacy harms, risks to physical safety, discrimination, and data spillage.
  • The Framework to Advance AI Governance and Risk Management in National Security (“AI Framework”), introduced in the NSM, will require covered agencies to follow certain requirements. Some of these requirements include, but are not limited to, having a Chief AI Officer, having an AI Governance Board, and having sufficient training programs to enable the proper use of AI systems.
  • Within 150 days of the NSM (March 23, 2025), the National Manager for NSS must issue minimum cybersecurity guidance and direction for AI used as a component of NSS.

Objective 3: Fostering a stable, responsible, and globally beneficial international AI governance landscape.

  • Within 120 days of the NSM (February 21, 2025), a strategy for the advancement of international AI governance norms must be produced. This strategy must be in line with safe, secure, and trustworthy AI as well as democratic values. Further, the strategy must discuss an approach to working in international institutions.

Companies in the AI space should keep a close eye on how the departments and agencies mentioned above implement the requirements of this NSM, in particular how the administration defines “safe, secure, and trustworthy AI,” as it may portend how the government regulates AI in the years to come.

 

 

LinkedIn
Avatar photo

About Kim Peretti

A former DOJ cybercrime prosecutor and former director of PwC's cyber forensics group, Kim delivers top of the line cyber risk management and information security counsel to her clients. As co-leader of our Privacy, Cyber & Data Strategy Team, Kim is recognized by select publications and is frequently quoted by the media.

[Read Bio]

Avatar photo

About Kate Hanniford

Kate Hanniford is a partner with Alston & Bird’s Privacy, Cyber & Data Strategy Team. . She focuses her practice on cybersecurity counseling, as well as federal securities law compliance, enforcement, and litigation.

[Read Bio]

Avatar photo

About Kellen Dwyer

Kellen Dwyer is partner and co-leader of Alston & Bird’s National Security & Digital Crimes practice. He previously served in the Justice Department in several cyber and national security roles. As an assistant U.S. attorney in the Eastern District of Virginia, he obtained a computer hacking indictment against Julian Assange and represented the United States at Assange’s extradition hearings in London.

[Read Bio]

Headshot of Dan Felz

About Daniel Felz

Dan’s clients receive operations-ready management of their complex privacy, security, and technology issues, as well as seamless interactions with stakeholders. Fluent in German with a U.S. litigation background, Dan helps companies of all sizes across industries and jurisdictions resolve data-related matters at the local, national, and international levels.

[Read Bio]

Share to...
BufferCopyFlipboardHacker NewsLineLinkedInMessengerMixPinterestPocketPrintRedditSMSTelegramTumblrVKWhatsAppXingYummly