Some technology and policy watchers were surprised when President Donald Trump signed an executive order on June 2, 2026, establishing a framework for AI security. It seemed to move in a different direction from a December 2025 executive order that sought to create a "minimally burdensome" national framework for artificial intelligence and supersede state laws the administration saw as restrictive.
The new executive order focuses on using AI to boost the security of federal and private computer systems. It also aims to ensure that the federal government has access to major new AI models before they are released to the public, to determine if they pose a threat.
However, the order's provisions relating to the AI industry are voluntary, and it explicitly prohibits interpreting its provisions as authorizing "a mandatory governmental licensing, pre-clearance, or permitting requirement" for new AI models.
As a professor who studies responsible AI, the questions the executive order raises for me are how its new reporting structure changes the governance of AI safety, and whether the order reflects what AI safety experts see as best practices.
Potential for harm
The executive order expresses concern about AI systems that can discover software vulnerabilities and write malicious code to exploit them. It directs various government secretaries to enact cyber defenses for federal systems. It also establishes an AI cybersecurity clearinghouse in voluntary collaboration with the AI industry and operators of critical infrastructure to scan for vulnerabilities and distribute fixes.
This approach may be the Trump administration's response to the April 2026 announcement by Anthropic that its newest version of Claude, called Mythos, autonomously found hundreds of software vulnerabilities in critical systems across the U.S. and crafted attacks against them. That prompted several large financial institutions to request early access to such models.
The executive order directs various high-ranking government officials to develop and maintain a classified process for assessing whether new AI programs should be designated as frontier models, also called foundation models.
In industry parlance, a frontier model is a new, cutting edge AI model trained on massive amounts of data that can reason and autonomously use tools to initiate actions. The latest versions of ChatGPT, Claude, DeepMind and Llama fall into this category.
If a new model meets the frontier criteria, then the developer is supposed to provide the government with access to it at least 30 days before they plan to release the model. It also says developers will collaborate with the federal government to select third parties to preview covered frontier models to assess the risk to the cybersecurity of critical infrastructure.
Voluntary measures
AI companies that develop frontier AI models currently share information with the Center for AI Standards and Innovation, part of the National Institute of Standards and Technology governed by the Department of Commerce. According to the International AI safety report, most risk management initiatives around the world are largely voluntary for AI companies. This includes the Frontier AI Safety Frameworks that AI developers consult, the G7 Hiroshima AI Process endorsed by leaders of G7 countries, and the EU Code of Practice followed across Europe.
The new executive order retains the voluntary nature of AI developers reporting potential safety risks. The administration continues to argue that restrictive safety barriers could hamper innovation.
However, AI safety pioneers, including Turing Award winners Geoffrey Hinton and Yoshua Bengio, maintain that safety cannot rest solely on corporate self-regulation, because commercial pressures prioritize development speed over risk mitigation. The International AI Safety Report warns that AI risk management is still immature and that corporate safety measures have to grow with the pace of innovation.
This is the so-called "evidence dilemma": Acting too slowly leaves societies vulnerable. In creating AI safety standards, industry and government have to specify and agree on what information is required from AI model developers, such as training data and methods, "red team" practices for probing vulnerabilities, and incident reports about model theft.
Addressing the risks
Despite its lack of mandatory safety measures for the AI industry, I find it striking that the executive order acknowledges the serious potential for harm posed by AI models.
The order is also in line with expert consensus that individual technical safeguards are imperfect and can be bypassed by attackers. Instead, the order advocates for multiple, overlapping layers of protection, including hardware and computer infrastructure tracking, rigorous testing before deployment, and real-time monitoring.
The order also reflects expert opinion in noting that advanced AI tools have a fundamental duality: They can transform disciplines ranging from healthcare to defense, but they can also enable malicious hackers and cybercriminals, pose societal harms and threaten national defense.
Beyond national AI safety
International cooperation is also fundamental to AI safety.
For instance, Argentina has created nonhuman corporations run entirely by AI agents. How much safety does the new executive order provide in a world where models can be deployed from anywhere? The order makes no mention of multilateral coordination, allied engagement or globally shared governance. Indeed, the order's purpose is to "cultivate America's advanced AI-enabled capabilities" as a competitive national asset.
Bodies such as the International Atomic Energy Agency can serve as models for an international consensus on AI safety. The existing AI Safety Summit process, which held summits in the U.K. in 2023; South Korea in 2024; France in 2025; and India in 2026, is the closest approximation in practice. It involves a network of government AI safety institutes, including from the U.S. and Europe. It holds summits every six to 12 months.
Such independent, expert-led bodies could also shape expectations about protocols and norms related to AI risk.
The executive order represents a first step in acknowledging some of the AI safety risks for national security. Moving forward, I believe it is important for the U.S. government to connect such efforts with broader, independent and scientific approaches to identify and counter threats from AI.
