On June 2, the Trump administration's highly anticipated executive order on artificial intelligence was officially released. Named "Promoting Advanced Artificial Intelligence Innovation and Security," the core design of this executive order can be summarized in five points:
First, establish a "Protected Frontier Models" system. The Department of the Treasury, the National Security Agency (NSA), and the Cybersecurity and Infrastructure Security Agency (CISA) will, within 60 days, establish a classified evaluation system to determine which AI models qualify as the most advanced and powerful, which possess significant cyberattack or cybersecurity capabilities, and under what circumstances they should be designated as "Protected Frontier Models."
Second, encourage AI companies to voluntarily cooperate with the government before officially releasing models. Companies can proactively communicate with the government to confirm whether their models qualify as frontier models. They can also provide models to the federal government for testing up to 30 days before public release. The government will also help screen trusted partners to receive prioritized access to these models.
Third, explicitly oppose a licensing system for AI model releases. The executive order specifically emphasizes that nothing within it should be construed as establishing a mandatory licensing, approval, or pre-clearance mechanism for AI model development or release. This indicates the government seeks insight into and access to frontier models without directly controlling their release.
Fourth, use AI to enhance U.S. cyber defense capabilities. The executive order requires CISA to propose a concrete plan within 30 days to accelerate federal government cybersecurity upgrades, deploy AI cybersecurity tools, and provide AI security services to state and local governments as well as critical infrastructure operators like hospitals, banks, and utilities.
Fifth, establish an AI cybersecurity information-sharing mechanism. Within 30 days, the Department of the Treasury will promote the creation of the "AI Cybersecurity Information Sharing Center," responsible for coordinating vulnerability discovery, verification, patch remediation, and threat intelligence sharing. This can be understood as a vulnerability-sharing platform for the AI era.
Compared to the draft previously disclosed by Politico, the final executive order is nearly identical, except the model evaluation timeline was reduced from 90 days to 30 days.
The starting point for U.S. AI regulation, strictly speaking, can be traced back to Trump's first term. In 2019, Trump signed EO 13859, launching the "American AI Initiative," which for the first time clearly positioned AI as a strategic capability requiring national support. The core logic of that period was that AI competition is fundamentally an industrial, scientific, and geopolitical contest. As long as the U.S. maintained its lead in R&D, capital, computing power, talent, and standard-setting, most risks could be gradually addressed through existing laws and industry practices without needing entirely new market-access regimes.
The Biden administration adopted a regulatory approach that placed greater emphasis on rights and risks. On one hand, it focused on AI's impact on privacy, discrimination, and consumer rights, with the 2022 "Blueprint for an AI Bill of Rights" being a representative document. On the other hand, with the rise of generative AI and frontier models, it began emphasizing testing, evaluation, reporting, and governance capacity building, culminating in EO 14110.
EO 14110 established a relatively complete federal framework around frontier model safety, red-teaming, federal agency use of AI, critical infrastructure, and consumer protection. NIST published the AI Risk Management Framework (AI RMF), OMB pushed federal agencies to establish AI governance mechanisms, and the FTC, EEOC, and DOJ emphasized that AI does not exempt existing consumer protection and anti-discrimination laws. Most attention-grabbing was the Department of Commerce's use of the Defense Production Act to require certain AI companies to report on model training and testing.
Upon taking office for his second term, Trump swiftly revoked EO 14110 and issued EO 14179, shifting the focus toward promoting innovation and national competitiveness. It aimed to clear away regulatory requirements perceived as hindering U.S. AI leadership while opposing so-called "Woke AI." The center of gravity for U.S. AI governance moved from "preventing AI risks" to "accelerating AI deployment and application." Concurrently, the White House sought to curb the fragmentation of state-level AI legislation, pushing for a more unified national policy framework to prevent disparate state laws from becoming barriers to enterprise AI deployment and maintaining U.S. leadership.
The introduction of the Trump administration's latest AI executive order signifies the U.S. government acknowledging two fundamental facts:
First, that cutting-edge frontier models, like Mythos, possess clear national security externalities. They are not merely commercial products; they can also impact cybersecurity, critical infrastructure, and even national competitiveness. The government cannot wait until a model is publicly released to react but needs mechanisms for engagement and communication at an earlier stage. If these models are indeed very powerful, then preventing their acquisition by China is essential. If diffusion to China is unavoidable, the U.S. government needs prior knowledge of these models' capabilities to formulate targeted contingency plans, ensuring that the U.S. government and military are the first to utilize them, thus maintaining absolute strategic advantage. Judging by the executive order's content, the U.S.'s primary near-term focus is the cyberattack capabilities of powerful frontier models, which explains the key roles of NSA and CISA. As for the Department of the Treasury's deep involvement and apparent leadership role, my personal guess is that the U.S. wants to specifically prevent models like Mythos from being used by malicious actors to attack the U.S. financial system.
Second, prior approval is harmful and must be avoided. If the government establishes a mandatory licensing or pre-approval system for frontier models, the first to be harmed might not be leading companies like OpenAI or Anthropic, but rather the U.S.'s own innovation ecosystem. For startups that rely on rapid trial-and-error for growth, speed is everything. Overly burdensome compliance costs often end up becoming a moat for large corporations, weakening the U.S.'s ability to continuously produce the next generation of AI innovators.
Compared to the EU, the U.S.'s cautious approach to AI regulation and its protection of the industrial ecosystem is particularly impressive. This perhaps indicates that the current administration highly respects the operational logic of capital and innovation, and recognizes that premature or heavy-handed regulatory intervention might select the wrong governance tools when AI technology is still evolving rapidly and humanity has yet to fully understand its capabilities and risks. In today's fierce global AI competition, the consequences of choosing the wrong governance tools might not just be a regulatory misstep, but a strategic risk.
It is precisely under this guiding philosophy that the U.S. AI executive order now before us is, in my view, on the right track in several respects:
First, it explicitly rejects prior approval, refusing to forcibly suppress the pace of technological innovation and iteration. Competition in frontier models doesn't advance on an annual basis but quarterly, even monthly. If every release required formal licensing, complete review, and external certification, the immediate consequence wouldn't be greater safety but ceding the technology timeline to bureaucratic procedure. When frontier models are still in a rapid trial-and-error phase, this time loss itself is a competitive disadvantage. In the U.S. government's view, facing China's pursuit, the U.S. cannot afford the cost of approvals slowing down iteration. As long as you don't cause catastrophic disaster, the government would rather clean up afterward than step on the brakes beforehand. This is diametrically opposed to the EU's AI Act, with its risk-tiered, heavy compliance logic.
Second, it preserves the vitality of the startup ecosystem. Many assume strict regulation constrains tech giants, but reality is often the opposite. Complex and expensive compliance requirements typically become a moat for large companies because only they can truly afford the costs. If lengthy approvals and expensive testing were required before model release, the hardest hit would be those resource-limited startup teams still engaged in rapid trial-and-error. The greatest strength of the U.S. AI ecosystem isn't just the few star companies at the table today, but the continuous "running water" pipeline beneath the table that constantly produces the next generation of innovators. This executive order attempts to have leading companies shoulder more security responsibility without applying the brakes to startups, safeguarding the safety baseline while retaining innovative vitality.
Third, it places national AI capability building at a more forward position. The U.S. isn't just saying companies are responsible for themselves; it's simultaneously building federal cyber defenses, critical infrastructure support, and AI cybersecurity collaboration mechanisms. In other words, the U.S. idea is not to bureaucratize the release of frontier models but to first modernize the government's own defensive capabilities. As long as U.S. AI models dominate globally in capability, any security problem can be defended against with superior technology. This is why the EO is led by the NSA and CISA, rather than establishing something like a new "AI Regulatory Agency." The U.S. government is essentially saying: "You all create great things, bring them to the state first for national cyber defense." This is essentially a new military-industrial complex pathway.
However, the executive order's most uncertain point remains whether "voluntary evaluation" could eventually become de facto mandatory review.
The model evaluation and reporting requirements under Biden's EO were most criticized for their insufficient legal basis; Section 7 of the Defense Production Act was clearly not a suitable legal foundation.
For the Trump administration, this remains an issue, but now the government is saying, "I won't impose mandatory review. Lend me your strongest models first (to find vulnerabilities, test cyberattacks), I'll help you with security hardening, I can also help you screen trusted partners, and increase government procurement." Companies can "voluntarily" submit their models to the government for testing 30 days in advance, and they can also choose not to submit. However, doing so means lacking government endorsement and likely losing an entry ticket to the massive procurement budgets of U.S. defense and critical infrastructure sectors. This is somewhat akin to the U.S. government using the lure of massive potential contracts to attract frontier model companies wanting government business to proactively accept model evaluation, thus neatly sidestepping the problem of insufficient legal basis.
But what are the potential problems with this? There's a famous theory in American economics called the "Bootleggers and Baptists" theory: during Prohibition, those loudly calling for a moral ban on Sunday alcohol sales were the pure-faithed Baptists. However, secretly stuffing politicians' pockets to push for Prohibition laws were the bootleggers, because once legal saloons closed on Sundays, the bootleg black market could make a fortune.
We can envision what might follow. OpenAI and Anthropic, these large companies, would be the most proactive in responding to voluntary evaluation. Because once they submit their models to NSA and CISA for testing, they become "Protected Frontier Models," receiving a government-stamped security certification. Commercially, this translates directly into a VIP pass to enter the procurement pools of the Department of Defense, federal government, and Fortune 500 companies. At this point, "voluntarily submitting for evaluation" isn't a burden but an exclusive competitive advantage.
Once leading companies like OpenAI, Google, and Anthropic have completed this "voluntary procedure," a de facto industry standard forms in the market. If startup companies or open-source models don't undergo this evaluation, not only will the government abstain from using them, but private investors and enterprise customers will also start doubting: "Does your model have backdoors? Is it unsafe? Why dare you not let the government test it?" At this moment, the originally "voluntary" nature becomes soft mandatory on the market end.
After leading companies have completed their compliance layout and can absorb the associated costs, they are very likely to become the most active supporters of regulation in the future. Because at that point, raising industry barriers aligns with their business interests. If the originally voluntary standard is eventually elevated to a mandatory standard, the most affected will not be large companies with established compliance systems but the open-source community and resource-limited startup teams. This is actually a recurring phenomenon in the tech industry: companies oppose regulation during their growth phase but begin supporting it once they've established dominance, because regulation itself becomes a new competitive barrier.
It is for this reason that earlier rumors suggested White House AI Czar David Sacks expressed concerns about the arrangements before the EO's release, worrying that the so-called "voluntary evaluation" mechanism risked evolving into a de facto mandatory requirement in the future. Reports indicated that Trump himself even temporarily delayed the EO's release because of this. Of course, there is currently no public evidence supporting these discussions and rumors. For now, it remains unknown exactly why the executive order ultimately retained this voluntary evaluation mechanism and what internal trade-offs the White House made.
Another noteworthy issue is what this means for Chinese companies currently providing model services in the U.S.
Some of China's top large models have deeply penetrated the U.S. developer ecosystem, especially through open-source communities like Hugging Face and GitHub. For instance, it's reported that numerous American startups and individual developers use DeepSeek's models. MiniMax's AI role-playing companion product, Talkie, is extremely popular among young Americans, with downloads and activity once approaching or even surpassing the U.S. native Character.ai. Kunlun Wanwei, Xingying (with Tencent investment background), and others also have numerous AI social and AI image generation apps active on the U.S. App Store charts.
First, it's almost certain that if strictly following the EO's "voluntary evaluation" requirements, these companies might not be significantly affected. It's hard to imagine them seeking business with the U.S. government, and the U.S. government likely wouldn't be comfortable awarding them contracts. These companies' models are primarily used by a large number of U.S. consumer (C-end) and business (B-end) users, not government (G-end) users.
However, in the current Washington political climate, hawks will very likely seize upon this: "This Chinese company refused to accept CISA and NSA security review; they must have hidden backdoors in their models or are stealing American data." Various U.S. national security review tools might follow one after another.
But if they do submit for voluntary evaluation, it involves what specifically needs to be submitted – does it include the most core commercial secrets (model weights, underlying architecture, training data characteristics)? It's especially pertinent considering the recipients are U.S. national security and cybersecurity agencies. Could this potentially violate China's Data Security Law, Counter-Espionage Law, and technology export control regulations? After all, providing data related to important technologies to foreign national security and cybersecurity agencies likely requires approval from the Chinese government under these laws.
Another possibility is that the U.S. government might adopt a dual-track system for AI regulation, distinguishing between domestic and foreign:
Track One applies to U.S. (and allied) models. Under the EO framework, as long as your technology is strong and your background clean, you get a pass and even large procurement orders. But this system does not apply to models from China.
Track Two establishes a separate evaluation mechanism for models from China. According to the White House's AI Action Plan published on July 23 last year, the Department of Commerce, through its AI Standards and Innovation Center (formerly the AI Safety Institute), will study China's frontier models and, where appropriate, publish evaluation reports assessing whether these models comply with China's content safety requirements and align with Chinese ideology.
Last year, foreign media also reported that officials from the Department of Commerce and other government agencies were evaluating whether certain Chinese models exhibited issues like complying with China's content safety requirements and propaganda. The fact that the action plan included this point indicates these actions were not random or sporadic; the U.S. plans to set up an official evaluation system specifically targeting the values orientation of Chinese models.
Under China's "Interim Measures for the Management of Generative Artificial Intelligence Services," the output of Chinese-developed AI models must "embody the core socialist values" and must not contain content subverting state power or undermining national unity. The U.S. Department of Commerce has precisely seized upon this. They don't need to prove Chinese models are secretly collecting U.S. user data. They just need to administer a standard "American political exam" to Chinese large models (for example, asking them sensitive political questions). If a Chinese model answers according to Chinese law, reflecting China's official stance, the Department of Commerce might directly rule that the model is controlled by China, thereby triggering tools like the ICTS (Information and Communications Technology and Services) rules to block it.
Full English translation of the Executive Order "Promoting Advanced Artificial Intelligence Innovation and Security"
By the authority vested in me as President by the Constitution and the laws of the United States of America, it is hereby ordered as follows:
Section 1. Purpose.
The United States sustains its global leadership in the artificial intelligence (AI) industry, relying on the substantial talent pool and innovative strength of its AI sector, while also benefiting from our refusal to stifle innovation through heavy-handed, burdensome regulation. This Administration has removed the administrative shackles placed by the previous administration on those developing AI in the United States, vigorously supports AI innovation, promotes the adoption of AI applications across government and various industries, and has achieved rapid growth in AI-related technology and investment.
Advanced AI technology can enhance our Nation’s comprehensive strength, but it also introduces entirely new national security risks that require coordinated efforts across executive departments and agencies to address. As technology iterates, this Administration will continue deepening public-private cooperation to promote the rapid deployment of safe, reliable, cutting-edge technologies to counter various national security threats. We will continue implementing a cybersecurity strategy centered on American interests, fortifying the foundation of national security and solidifying the United States' leading position in global AI.
It is the policy of the United States to work with the private sector to co-advance the modernization of government and enterprise information systems, strengthening their defenses against foreign threats; to protect domestic technological achievements and intellectual property against theft and misappropriation by hostile actors; and to cultivate core capabilities in domestic frontier AI technology, achieving both innovative development and security governance for AI.
Section 2. Upgrading United States Information Systems for Frontier Artificial Intelligence.
(a) Within 30 days of the date of this order, the Committee on National Security Systems shall, in accordance with the purposes of this order, prioritize the hardening of cyber defenses for national security systems, as defined in 44 U.S.C. 3552 (b)(6)(A), and implement supporting measures promptly.
(b) Within 30 days of the date of this order, the Secretary of Defense shall, in accordance with applicable regulations, prioritize the cybersecurity upgrades and defense hardening of Department of Defense information systems.
(c) Within 30 days of the date of this order, the Secretary of Homeland Security, through the Director of the Cybersecurity and Infrastructure Security Agency (CISA), after consulting with the Director of the Office of Management and Budget (OMB), the Assistant to the President for National Security Affairs, and the National Cyber Director, shall issue binding operational directives and accompanying guidance to accomplish the following:
i. accelerate and prioritize the cyber protection of Federal civilian executive branch information systems to ensure the smooth operation of critical national governmental functions;
ii. establish new or expand existing Federal programs and cybersecurity service offerings to empower the development and deployment of AI-assisted security tools;
iii. enable access to cybersecurity tools and services for agencies across all levels, State, local, Tribal, and territorial governments, and critical infrastructure operators (including rural hospitals, community banks, and local utility providers), making available controlled frontier model access where necessary.
(d) Within 30 days of the date of this order, the Secretary of the Treasury, in coordination with the National Cyber Director, the Secretary of Defense through the Director of the National Security Agency (NSA), and the Secretary of Homeland Security through the Director of CISA, shall establish the AI Cybersecurity Information Sharing Center. With the voluntary participation of the AI industry and critical infrastructure operators, this Center shall coordinate software vulnerability scanning efforts, complete vulnerability verification, and uniformly schedule and advance vulnerability remediation and patch distribution, avoiding duplicative or conflicting efforts among stakeholders.
(e) Within 30 days of the date of this order, the Director of the Office of Management and Budget, jointly with the National Cyber Director and the Director of CISA, shall conduct a review to identify unused funds within existing Federal grant programs and allocate such funds to support entities applying for research and development projects focused on frontier AI vulnerability detection technologies.
(f) Within 60 days of the date of this order, the Director of the Office of Personnel Management shall broaden the channels for recruiting and establishing positions for cybersecurity specialists within the United States Digital Service / Technology Transformation Services (or the relevant successor initiative).
Section 3. Controlled Deployment of Frontier Models.
Within 60 days of the date of this order, the Secretary of the Treasury, the Secretary of Defense through the Director of the NSA, and the Secretary of Homeland Security through the Director of CISA, in collaboration with the White House Chief of Staff, the National Cyber Director, the Assistant to the President for Science and Technology (APST), the Secretary of Commerce through the Director of the National Institute of Standards and Technology (NIST), and, as needed, other Federal departments, shall carry out the following work:
(a) Establish and operate a classified evaluation system to verify the advanced cyber offense and defense capabilities of AI models, define the criteria for such determination, and establish the threshold for designating models as "Protected Frontier Models"; evaluation results shall be shared with AI developers and researchers as appropriate. This designation process shall be led by the Director of the NSA, in conjunction with the National Cyber Director, the APST, the Director of CISA, and relevant representatives from the Department of Defense.
(b) Jointly establish a voluntary cooperation framework with AI companies, whereby participating companies can:
i. proactively engage the Federal Government to verify whether their proprietary models meet the criteria for "Protected Frontier Models";
ii. provide Protected Frontier Models to the Federal Government up to 30 days prior to releasing them to other trusted partners, contingent upon compliance with confidentiality, cybersecurity, insider threat program requirements, intellectual property protections, and the terms of non-disclosure agreements;
iii. work with the Federal Government to select early access deployment partners, leveraging compliant pilot programs to advance secure innovation and bolster critical infrastructure cybersecurity.
(c) Nothing in this section shall be construed to mandate that the development, publication, release, distribution, or dissemination of any artificial intelligence, including frontier models, shall require a prior government license, pre-approval, or specific authorization.
Section 4. Combatting Criminal Actors.
The Attorney General shall, pursuant to 18 U.S.C. 1028, 1030, 1343, and other applicable Federal criminal law, prioritize the prosecution of any individuals who unlawfully access or damage computer systems using AI, or who utilize such unlawful access to commit other criminal offenses with the aid of AI. These offenses include breaches of public or private information systems and the use of AI-powered agents for the illicit exfiltration of data used in furtherance of any criminal activity.
Section 5. General Provisions.
(a) Nothing in this order shall be construed to impair or otherwise affect:
i. the authority granted by law to an executive department or agency, or the head thereof; or
ii. the functions of the Director of the Office of Management and Budget relating to budgetary, administrative, or legislative proposals.
(b) This order shall be implemented consistent with applicable law and subject to the availability of appropriations approved by Congress.
(c) This order is not intended to, and does not, create any right or benefit, substantive or procedural, enforceable at law or in equity by any party against the United States, its departments, agencies, or entities, its officers, employees, or agents, or any other person.
(d) The Department of Defense is directed to cover the costs associated with the publication of this order.
DONALD J. TRUMP
THE WHITE HOUSE,
June 2, 2026.
The article is for academic discussion and research exchange only. Related judgments do not represent any company's or institution's stance, nor do they constitute any commercial or investment advice. Please indicate the source when reprinting.