Leading tech vendors are seeking relief from the rising patchwork of state laws on AI and data privacy. President Donald Trump’s one big beautiful bill law does this by putting a 10-year suspension on state AI laws, and Congress is working on yet another federal data privacy bill.
The U.S. House of Representatives passed a widespread tax and domestic policy package on Thursday, and is now being taken up by the Senate. The tax bill was passed between 215 and 214 votes, with all House Democrats voting against the package. The inclusion of the bill halting state law enforcement agencies applies to law or regulations. “Limitations, restrictions or regulations on artificial intelligence models, artificial intelligence systems, or automated decision systems that have entered interstate commerce.”
The bill reflects the federal administration’s policy change on AI, said Gartner analyst Lydia Clauty Jones. The proposal requires further approval when it passes the Senate, but she said the private sector should “preparation for today to be more deregulated tomorrow,” as Trump’s message of deregulation is reflected in Congress.
Large technology vendors advocate federal policies to take the state’s laws ahead. In a comment submitted to the White House Science and Technology Policy office, which is in the process of creating a federal AI action plan, Google characterized the growing patchwork as chaotic, while also calling state laws overburden. Similarly, for years, the tech giant has been calling on Congress to enact a federal data privacy framework that preempts state data privacy laws.
However, the last two important federal data privacy laws introduced into Congress did not invade the law. At this week’s AI regulation hearing, Rep. Lori Trahan (D-Mass.) targets large tech companies, and said the vendors hope to halt federal efforts to adopt data privacy laws, including measures they disagree with, including minimizing data collection.
Trahan agreed that state law patchwork is not good for business, but she said the belief that a suspension of state AI law “inspires Congress to somehow unify the patchwork of state law.” She opposes removing the state’s guardrails, and Congress is struggling to agree to a unique measure for big technology.
“Our constituents are not stupid,” she said. “They are hoping for real actions from us to curb abuse in tech companies and are trying not to give blanket immunity to further abuse our most sensitive data.”
How state data privacy laws have affected big technology
Google recently reached data privacy payments with Texas for nearly $1.4 billion. Texas Attorney General Ken Paxton sued Google in 2022, illegally tracking users and collecting biometric, geographical and secret search data.
Paxton described the massive settlement in the release as a victory for Texans’ privacy, adding that it “will tell businesses that we will pay to abuse our trust.” Paxton also secured a $1.4 billion settlement with Meta to illegally collect facial recognition data.
Cobun Zweifel-Keegan, managing director of IAPP, a privacy expert organization, said the settlement was “on scale” than other data privacy payments, indicating that Texas is serious about focusing on big technology.
“In Texas… there’s a lot of pride behind this settlement,” Zweifel Keegan said. “There’s a bit of that idea. We certainly see it in Texas, but I don’t think it’s going to spread to other states.”
However, he said that Texas settlement with Google is not so important in terms of addressing new issues.
If it fails, it could take years for all regulators to finish their investigation and reach the settlement.
Cobun Zweifel-Keeganmanaging Director, IAPP
“It raised most of the old issues that were previously sued, and previously enforced in AGS or class actions,” Zweifel Keegan said. “One of the big points for me is that it shows a long tail of privacy. That can take years for all regulators to finish their investigation and reach the settlement after you fail.”
At the IAPP Global Privacy Summit last month, Evangelos Razis, a professional staff member of the House Committee on Energy and Commercial, said the committee is working on a federal data privacy framework. He said the committee is assessing what is working and not working at the state level regarding data privacy.
Preparing for state AI law moratoriums
While several US states have data privacy laws that enforce them against large tech vendors, other states, including Utah, California and Colorado, have also passed AI laws.
Similar to concerns about the patchwork of data privacy laws, the issue is that state AI law collages are convinced that Congressional Republicans will hinder the ability of businesses to innovate and build technology to compete on a global scale.
With the suspension of state AI law, Clougherty Jones said the state could or could enforce only certain aspects of the regulations, or at all.
She said companies should pay attention to the proposed moratorium’s references to automated decision-making systems. According to Gartner, 50% of business decisions will be automated or augmented by autonomous AI agents by 2027.
“Organisations should consider the impact of proposals on AI ambitions to enhance decision-making,” she said. “They also need to track state legislatures with pending AI regulations to regulate automated decision-making in New York, New York, Texas and others.
Faith Bradley, assistant professor of information systems teaching at George Washington University School of Business, said the federal government is often lagging behind technological advances. By the time new technology is widely adopted and negative impacts arise, the government is catching up, she said.
She said AI itself is “not evil,” but that given the uncertainty around how data is collected, stored and used, a legal framework would be needed to hold AI vendors accountable.
“When it comes to using any kind of AI tool, it’s very important. You need to understand whether it’s possible misuse,” she said. “You need to calculate the risk.”
Makenzie Holland is a senior news writer covering big technology and federal regulations. Prior to joining Informa TechTarget, he was a general assignment reporter and crime and education reporter for Wibash Plain Dealer’s Wilmington StarNews.
