TL;DR
A three-way internal fight between the Commerce Department, intelligence agencies, and pro-industry factions has paralysed US federal AI regulation. Trump scrapped an executive order at the last minute, CAISI testing announcements were pulled from NIST’s website, and no framework exists weeks after Mythos demonstrated offensive cybersecurity capabilities.
The Trump administration is locked in an internal battle over artificial intelligence regulation that has paralysed federal AI policy at the moment it matters most. Three factions are fighting for control: the Commerce Department, which has been quietly building civilian testing partnerships with AI companies; national security officials who want intelligence agencies to evaluate frontier models before release; and pro-industry aides who argue that any regulation risks slowing American AI leadership. The conflict has been described by people involved as a “knife fight.”
The paralysis became visible in May. On 5 May, the Center for AI Standards and Innovation, housed within the Commerce Department’s National Institute of Standards and Technology, announced pre-deployment testing agreements with Google DeepMind, Microsoft, and Elon Musk’s xAI. Days later, the announcement was removed from NIST’s website with no explanation. CAISI staff were told to take the page down but not told why.
The executive order that never happened
The dysfunction escalated on 21 May when Trump abruptly scrapped the signing of a landmark executive order that would have formalised government partnerships with leading AI companies to vet cutting-edge models before public release. The signing ceremony was cancelled at the last minute, with Trump saying he worried the order “could dull America’s edge on AI technology.”
The order had been months in the making. Axios obtained the draft text, which would have established a framework for pre-release safety evaluations of frontier AI models, given CAISI a formal mandate, and created reporting requirements for companies developing the most powerful systems. Silicon Valley allies within the administration lobbied against the order, arguing it would replicate the regulatory approach of Biden’s AI executive order, which Trump had repealed on his first day in office.
The Mythos factor
The internal fight has been intensified by Anthropic’s Mythos model, which discovered more than 10,000 zero-day vulnerabilities across every major operating system and web browser. The model’s ability to autonomously identify and exploit software flaws alarmed national security officials, who argue that AI systems capable of this kind of offensive cybersecurity work must be evaluated by intelligence agencies before release, not by civilian standards bodies.
The Office of the National Cyber Director has proposed establishing a large AI evaluation centre within the Office of the Director of National Intelligence, giving spy agencies a significant new role in AI policy. The proposal comes against the backdrop of the Pentagon’s supply-chain risk designation of Anthropic, which arose from the company’s refusal to grant the military unrestricted access to its models.
Commerce Department officials have pushed back, arguing that housing AI evaluation within the intelligence community would drive companies away from voluntary cooperation and turn safety testing into a national security function that other countries would view as weaponised. The civilian testing model, they argue, is the only approach that maintains trust with the AI industry while still providing the government with early visibility into frontier capabilities.
The regulatory vacuum
The result of the infighting is that the United States has no new federal AI regulation weeks after Mythos demonstrated capabilities that would have triggered immediate regulatory action in most other advanced economies. The European Union’s AI Act enters full enforcement in August 2026, giving European regulators statutory authority over AI systems that the US government currently lacks.
The contrast is not lost on industry. AI companies have complained about European overregulation, but the absence of any coherent US framework creates its own problems. Without clear federal rules, states are drafting their own AI legislation, companies face an unpredictable patchwork of requirements, and the government has no formal mechanism to evaluate models before deployment even when those models can find thousands of exploitable vulnerabilities in critical infrastructure.
Trump’s first-day repeal of Biden’s AI executive order, which had established reporting thresholds for the most powerful AI models, removed the only existing federal framework. The administration’s stated rationale was that Biden’s approach was too heavy-handed and would stifle innovation. Sixteen months later, the replacement framework has not materialised, and the internal factions show no signs of reaching consensus.
What happens next
The stalled executive order may be revived in a weakened form, or the administration may pursue a more limited approach focused on voluntary commitments from AI companies rather than formal pre-release evaluation. Anthropic’s own Project Glasswing, which gives vetted organisations access to Mythos for cybersecurity testing, is effectively a private-sector substitute for the government evaluation programme that the White House cannot agree on.
The irony is that the administration’s pro-innovation stance, which was supposed to give American AI companies a competitive advantage over more heavily regulated European and Chinese rivals, has instead produced a policy vacuum that leaves the government unable to respond coherently to the most significant AI capability demonstration of the year. The knife fight continues, and the models keep getting more powerful.
