Desiree Sainthrope brings a seasoned perspective to the intersection of global trade and emerging technology, drawing on years of experience drafting complex legal agreements and analyzing the implications of artificial intelligence. As the legal landscape shifts beneath the feet of Silicon Valley and Washington alike, she has become a central voice in the debate over how to regulate models that are quickly outpacing current laws. Her background in global compliance allows her to see the granular details of how a single federal rule can ripple across state lines and international borders. Today, we sit down with her to explore the high-stakes negotiations between Congressional leaders and the White House as they grapple with the dual pressures of innovation and national security.
The following discussion explores the tension between federal authority and state-level protections, the divide over mandatory risk disclosures for developers, and the technical challenges posed by advanced models like Mythos. We also delve into the political fallout facing lawmakers in states like Massachusetts and the potential for a “pre-clearance” regime that could fundamentally change how AI is released to the public.
Congressional leaders are debating whether federal AI rules should override state laws in places like California and New York. What are the specific risks of a legislative “patchwork” for developers, and how could federal preemption impact state-level efforts to protect children’s privacy or digital safety?
The tech industry is sounding an alarm about a “patchwork” of conflicting state laws because they fear a reality where a model developed in a single lab must comply with fifty different sets of safety standards. For a developer, this isn’t just a bureaucratic headache; it is a fundamental shift in how they must architect their systems, potentially forcing them to build different versions of a model for different jurisdictions. While industry leaders argue this stifles innovation, safety advocates are terrified that federal preemption will act as a “litigation magnet,” allowing companies to sue states to block vital protections for children’s privacy or digital safety. There is a palpable sense of dread among regional legislators who believe that any federal deal struck now will be significantly weaker than the safeguards they have already fought to put in place. If federal rules override these local efforts, we could see a race to the bottom where the lowest common denominator of safety becomes the national standard, leaving vulnerable populations exposed.
There is currently a divide between making AI risk disclosures mandatory or keeping them voluntary for advanced developers. What practical data-sharing requirements are necessary to ensure national security, and how would a light-touch approach change the level of transparency companies provide to the government?
The divide between Representative Trahan and Representative Obernolte highlights the core philosophical struggle in Washington: do we trust these companies to self-report, or do we force their hands? To truly protect national security, the government needs mandatory data-sharing requirements that provide a window into the training data and the specific failure modes of a model before it is deployed. A light-touch or voluntary approach would essentially allow AI firms to decide for themselves what the government gets to see, which creates a massive blind spot for federal regulators. We have seen this play out before in other industries, where “voluntary” often becomes a euphemism for “non-existent,” leaving the public to deal with the fallout only after a catastrophe occurs. Without a mandate, the level of transparency will be dictated by corporate PR departments rather than security experts, which is a gamble many in the current administration are no longer willing to take.
The emergence of powerful models like Mythos has raised alarms regarding automated cybersecurity vulnerabilities. How should a pre-clearance regime for new models function in practice, and what specific technical benchmarks should the government use to vet an AI’s ability to discover flaws that human hackers miss?
The arrival of Mythos, developed by the firm Anthropic, has fundamentally changed the conversation because it can identify cybersecurity vulnerabilities that even the most skilled human hackers overlook. A functioning pre-clearance regime would require the White House to “greenlight” these models before they ever reach the public, effectively treating them like high-risk medical devices or aircraft. The technical benchmarks would have to be rigorous, involving “red-teaming” exercises where the government tests the AI’s ability to automate the discovery and exploitation of software flaws in a controlled environment. There is a frantic energy in the White House right now as they realize that if a model like Mythos is released without these checks, it could provide a turnkey solution for state-sponsored cyberattacks. It isn’t just about looking at the code; it’s about observing the model’s behavior in a sandbox to ensure it won’t provide a roadmap for crippling national infrastructure.
Efforts to strike a federal deal have faced resistance from state legislators and safety advocates concerned about weakening safeguards. How might legal challenges arise if broad federal rules are used to block local safety laws, and what steps can lawmakers take to balance innovation with regional autonomy?
The legal friction is already heating up, as evidenced by the letter sent to Representative Trahan by top Democrats in the Massachusetts legislature warning her against cutting a deal that would override their state’s safeguards. If a broad federal law is passed with preemption clauses, we will almost certainly see a wave of lawsuits from state attorneys general who argue that the federal government is overstepping its constitutional bounds. Companies will use these federal rules as a shield to argue that state-level rules on issues like AI bias or consumer protection are preempted, leading to years of expensive and stalling litigation. To balance this, lawmakers need to ensure that federal rules serve as a “floor” rather than a “ceiling,” allowing states to build more rigorous protections on top of a national baseline. This would allow for a level of regional autonomy that respects the fact that a citizen in Boston or Silicon Valley might have very different expectations for digital safety than the federal government’s minimum standard.
The current administration is weighing a laissez-faire approach against a more rigorous vetting process for high-risk AI. What are the long-term economic consequences of a pre-clearance mandate, and how can the executive branch ensure that national security mandates do not stifle the competitive speed of domestic firms?
The debate within the Trump administration is a high-stakes balancing act between maintaining America’s competitive edge and preventing a “post-Mythos world” disaster. A rigorous pre-clearance mandate could potentially slow down the release cycle for domestic firms, giving international rivals a window to capture market share while American models sit in a government waiting room. However, the economic consequences of a major AI-driven cyberattack or a catastrophic system failure would be far more devastating than a few months of regulatory delay. The executive branch can mitigate this by creating a fast-track vetting process for firms that demonstrate a high degree of internal safety testing and by providing clear, predictable benchmarks that don’t move during the review. It’s a matter of building a regulatory infrastructure that is as fast and agile as the technology it’s trying to govern, rather than relying on a slow, 20th-century bureaucracy to manage 21st-century intelligence.
What is your forecast for federal AI regulation?
I expect we will see a period of intense volatility where executive orders fill the vacuum left by a gridlocked Congress. The “Mythos” effect has created a sense of urgency that will likely result in a targeted executive order from President Trump establishing a vetting process for the most advanced models, even if a broader legislative deal remains elusive. We are going to see a fierce tug-of-war between the “light-touch” advocates and those pushing for mandatory transparency, with the final outcome likely being a hybrid model that prioritizes national security over pure market speed. Ultimately, the pressure from states like California and Massachusetts will force the federal government to adopt more stringent standards than they initially intended, simply to avoid a permanent legal war with the nation’s most powerful regional economies. It won’t be a clean or easy process, but the days of AI development happening in a complete regulatory vacuum are officially over.
