California Defies Trump, Advances State AI Rules as Federal Preemption Fight Escalates

California Governor Gavin Newsom signed an executive order Monday directing state agencies to develop artificial intelligence procurement standards that prioritize public safety and civil rights, directly challenging the Trump administration's demand that states refrain from regulating the industry.

The order gives California four months to craft AI policies for companies seeking state contracts. "California leads in AI, and we're going to use every tool we have to ensure companies protect people's rights, not exploit them or put them in harm's way," Newsom said in the announcement.

The move sets up a legal confrontation with the White House, which in December established an AI Litigation Task Force within the Justice Department specifically to challenge state-level AI regulations. Trump's executive order accompanying the national AI framework declared that "excessive state regulation thwarts" the imperative for U.S. companies to "innovate without cumbersome regulation."

California's action is the most prominent example of a broader state-level regulatory push. More than 100 state laws addressing AI have been enacted nationwide, according to the New York Times, covering issues from child safety in chatbot interactions to copyright protections for creative works used in training data.

(The federal-state clash comes as industry voices at privacy conferences in Washington expressed concern over fragmented compliance requirements, with speakers urging companies to verify that AI agents fit existing governance frameworks and maintain proper data controls.)

The regulatory standoff reflects a deeper strategic divide. While the Trump administration frames deregulation as essential to maintaining U.S. competitiveness against China, state lawmakers argue that federal inaction has left consumers and workers exposed to algorithmic harms. Australia, by contrast, has opted for voluntary guidelines and economic tracking partnerships—Anthropic signed a memorandum of understanding with Canberra in early April to share adoption data—while eschewing binding legislation.

Meanwhile, cybersecurity experts warn that the velocity of AI-driven exploits has compressed dramatically. One policy director noted that the window from vulnerability disclosure to active exploit has collapsed from 63 days in 2018 to just five days in 2023, a pace that traditional security models struggle to match. Industry representatives at recent forums acknowledged that many companies will accept breach risk as a cost of doing business, even as the threat surface expands.

The California-federal confrontation is likely to define the boundaries of AI governance in the United States for years, with the Justice Department's litigation task force expected to file its first challenges in coming months.