Decoding Trump’s AI Playbook: The AI Action Plan and What Comes Next

[MUSIC] Yesterday, the White House released its long awaited AI Action Plan and signed three executive orders on AI laying out the Trump administration strategy to secure what it calls unquestioned and unchallenged US dominance across the entire AI tech stack. Framing AI is a global race for technological supremacy. The plan envisions nothing short of an industrial revolution, an information revolution, and even a renaissance all driven by AI. To achieve that vision, the plan is centered around three pillars, innovation, infrastructure, and international diplomacy and security. It calls for upscaling the workforce, revising federal rules, building high security data centers, and tightening export controls, all whilst removing what the administration views as regulatory obstacles to faster AI adoption and innovation. The plan also raises major questions. What's the role of government in steering this technology responsibly? Are we building the right guardrails as we scale up? And what message is the US sending to allies and adversaries as it charts a new course in AI policy? This is the Just Security Podcast. I'm your host, Dr. Breonna Rosen, director of the Artificial Intelligence and Emerging Technologies Initiative at Just Security, an executive director of the Oxford program for cyber and tech policy. Joining us today are three guests who bring deep expertise in national security and tech policy, Joshua Geltzer, Sam Winterlevy, and Jenny Moron. Josh served as Deputy Assistant to President Biden, Deputy White House Counsel and Legal Advisor to the National Security Council. Before that, he was Deputy Assistant to the President and Deputy Homeland Security Advisor. Josh is currently a partner at Wilmer Hale in Washington, DC, where he focuses on emerging national security issues, including AI and cyber security. Sam is a fellow in the Technology and International Affairs program at the Carnegie Endowment of International Peace. He previously was a Peace Scholar Fellow at the US Institute of Peace staff editor at Foreign Affairs and a reporter at the Economist. Jenny is Director of Policy and Engagement at the Institute for AI Policy and Strategy. She previously was a Director for Syria and Counter-Islo at the White House National Security Council, and held senior roles at the Department of State where she directed teams focused on conflict stabilization, and violence mitigation, among other issues. Josh, Sam, and Jenny, thanks so much for joining us on the show. Let's start with the big picture, because there's a lot to unpack here over the next hour, and Josh, you previewed for us what to expect on the AI Action Plan in a just security article that we published last week. I wonder if you can walk us through a bit what the AI Action Plan says about the Trump's administration's policies and priorities now that we've actually seen it, where there are any major surprises, and how closely did the plan align with your expectations? Rihanna, thanks so much for the chance to have this conversation with you, with Jenny, Sam, really grateful for the opportunity. Let me give an overview briefly of the Action Plan. It's separated into three pillars, and I think that basic organization aligns with a lot of expectations of what this plan would cover and how it would cover it. The first pillar is focused on accelerating AI innovation, and that's both at the stage of producing cutting-edge AI technology and adopting, actually using it, which gets, I think, a particular emphasis in the document. The second pillar is about building American AI infrastructure, ensuring that there's land, there's energy for the types of data centers necessary to power AI. And then the third pillar is about leaving an international AI diplomacy and security. It's about exports from American technology, it's about countering adversaries or rivals influence. And it's about one thing that I found surprising, and I'll pause here, which is an emphasis on national security risks in AI models. We've heard a lot in commentary about this administration's approach to AI that suggests a prioritization of technological uptake rather than guard rails or risks. And I think there's some truth in that, but there is quite a bit in that third pillar about not just national security and other risks associated with AI, but even a quite prominent US government role in evaluating those types of risks. And that jumped out at me as a bit of a surprise. Right, and we're going to get into a key takeaways from each of these three pillars as the conversation unfolds. But before we do that, I just want to stay at the strategic level for another minute or two, and turn to Sam to about this opening call that we heard in the plan. This call for unquestioned and unchallenged US dominance across the AI stack. Sam, you've written a lot about AI, USAI leadership and the geopolitical strategy. How does this framing kind of set the tone for the new Trump administration strategy on AI? And is it a productive way to think about global technology leadership framing it from the start as this kind of global race? Yeah, thanks so much, thanks so much, Bruno. It's a pleasure to be here with you all. So I would say every US government strategy document talks about the importance of kind of winning the AI race. I think that part of that is just kind of part of the course with a strategy document like this. I think, you know, what it means to win this race is not necessarily always kind of theorized and especially detailed ways. And I think, you know, sometimes there can be risks to framing the entire AI competition as a race, not every element of it is zero sum. There's going to be some degree of US China cooperation, some degree of US China cooperation, we kind of key to managing an AI future. But that said, I think there's kind of broad bipartisan recognition that AI really does present extremely serious national security challenges. And there's broad bipartisan consensus that there would be kind of major risks to US national security interests if US competitors were to take the lead on this technology. So I think some degree of emphasis on you know, winning a winning a race here is entirely appropriate. I mean, I would say we can maybe get into this later, but some of the framing around kind of promoting US AI exports overseas. Since somewhat I'm easily with the kind of emphasis on US dominance and some of the other elements of the administration's policy in the kind of trade domain. Some of it's kind of over use of economic leverage does not necessarily make the US the kind of most ideal partner, but technological cooperation for countries around the world. So I think that's a kind of tension between this document and some of the administrations other actions, but I think broadly a lot of this rhetoric is kind of to be expected in a strategy document like this. Right. And of course, this is not a race that can just be one once right this US has to continually develop and maintain its competitive advantage in AI, which is something that the strategy tries to lay out a roadmap for doing that throughout. And Josh and Jenny you've both served at high levels and in the US government and all three of us served in the White House National Security Council under different administrations. And I think that we we likely agree that there's much to commend in this action plan such as the focus on AI security on AI literacy workforce upscaling and government adoption of AI. But before we turn to what's actually in the plan, I want to turn to you Jenny to talk us through a little bit about what's missing from the plan because I noticed were things off the bat that weren't in there. First, there's a very light emphasis on guardrails. I think the only time the word guardrails came up was in terms of guardrails for protecting US AI models from adversaries. So there was a welcome focus on AI security on interpretability control robustness but this fairly light on detail on how that's going to be delivered in practice or something we'll get into a bit later on. Other things that I notice were missing. There was no focus on accountability for when things go wrong. The word accountability never even comes up in the plan. There's nothing on immigration such as the need for high skilled labor to power AI innovation despite calls for restoring domestic semi conductor manufacturing. There is no mention of using tariffs, for example, to incentivize reshoring of American chip manufacturing. And there are also some key legal debate debates, which the plan didn't weigh in on at all, which Josh, we might turn to you after Jenny for some insight into that. What stood out to you broadly speaking genius elements that might be missing from this plan before we get to what's in it? Thank you so much, Brandon. It's great to be with you Josh and Sam as well. I think you identify a couple of the things that are missing and one of the things that immediately jumped out to me is the fact that there's very little on what the companies, the leading AI companies need to do. What I'll say about that is I actually I'm not surprised by that because this is a plan for what the federal government is going to do. So while I think it is and there's a sort of a core tension there, the federal government is laying out a lot of key components, evaluations, it's going to do I think it is very important as both other guests have said that the government is taking national security and the national security risks of AI very seriously in this plan. It talks about its role and I know we'll get into that a little bit more and it doesn't talk as really at all about what it expects of the companies other than through some voluntary participation. I don't think that that is bad at this stage right because I think this is about how the government is going to take these actions. And then what is to be seen is what incentive structures they put in place how they encourage companies to participate how they use elements of the levers that the government has to encourage that participation. But I agree with you that that's missing another key piece that I just want to highlight is that as we talk about this race and look, I think the race dynamic is is a real salient part of the conversation. It's all framed in terms of geopolitical risk and there's not much in this plan about how the technology itself is likely to change the trajectory that the technology is on. It acknowledges that it's very powerful and it's moving at a very fast speed, but I think there could be a little bit more when we get into implementation about the AI itself and the emerging risks that come along with that. Right, that's a crucial point and that's something that I want to pull out a little bit more as we go through the conversation and talk about implementation and what exactly needs to be done going forward because as you rightly suggest you know these types of plans as we all know these are strategic federal government strategies but much depends on how it's implemented and you know the documents that come actually out of this AI action plan and the policies that come out of this plan going forward. So there's a key point to underscore Josh just in terms of what's missing I know there's some the plan has largely avoided sticking out a position or hasn't said stick that position on fair use AI training data some of key issues that there's ongoing litigation on right now. And don't you could briefly just say a bit about what the implications of that emission of those emissions are for developers and regulators does it reflect legal caution or is it a missed opportunity for leadership on that particular issue. I do think it's it's a notable non appearance and in some ways it's it's not surprising to see a strategy document avoid issues being litigated in the courts and at the same time this administration is not shy about weighing in on legal or legislative debates when they are tackling an issue such as this one. I think this could well have been attempting plays to a especially given the timing of its issuance it comes after about a month of three notable decisions by district judges across the country on the question you raise Brianna which is to boil it down when a AI model developer trains a model on host of materials including copyrighted materials. Whether that is protected by a doctrine and intellectual property called fair use because for example it is sufficiently transformative in what's being done by model training on these materials that that's that's protected and again to oversiplify a bit to judges said basically yes and one judge said basically no. And it might well have been something on which the administration wanted to take a view in this document now there are a wide range of views we've seen on the hill in recent days some strong outspoken advocacy in favor of the copyright holders suggesting that this model training deprive them of intellectual property rights that they should be entitled to. And we've seen on the other side of the spectrum argument including from a national security perspective that the American AI model developers need to be able to train their models and the next generation to come is widely as possible for those models to maintain their edge I think the fact that the action plan and the company executive orders didn't speak to this the president alluded to the issue briefly his remarks leaves this for now is a fight in the courts. And a really important one and these district court opinions have been meaningful and significant but I think it's the expectation of all of us who follow these issues but these issues are going to go up on appeal and there will be more to watch there. Yeah, maybe that's a good segue into pillar one on innovation because you know the action plan lays out a very ambitious push for us dominance deregulations strategic use of open weight models and this pillar but it steers clear of some of these thorny legal questions that you raise Josh and one of the things that struck me and reading through pillar one is this idea that. You know the administration will actually direct agencies to withhold some AI related federal funding from states that have overly in their words burdens and AI laws and it's and it's funny because it's almost like a way to get around the you know the 10 year moratorium so Congress stripped the 10 year moratorium on state level AI regulation from the Trump administration's one big beautiful bill. And now the administration almost seems to be kind of reviving that idea in a different form through executive action by using procurement channels and federal an AI related funding as a lever to kind of push states to regulate less on AI. And just staying on you Josh for a minute how does the strategy align with federalism what challenges if any does it raise particularly as AI related funding is likely to expand exponentially in the future. I do think you're right to draw that line between the legislative push for a 10 year and then it became five year moratorium or preemption of state level AI laws which has you indicated almost became federal law but didn't quite. And there are calls on the hill to revive that effort in future legislative vehicles. But you see here just as you said Brianna I think executive attempt to do something similar and I think it's one of the more legally interesting legally tricky parts of the action plan. So the action plans pillar one just as you said calls on the office of management and budget to work with the parts of executive branch that have AI related discretionary funding and consider whether to withhold that funding. So if they regard a state's AI regulatory climate or regulatory regime the two phrases used as hindering the effectiveness of that funding or award. And just as as Jenny said before so much here needs to be walked in the actual implementation because there's one way to read that that says of course the executive branch doesn't want to award funds that will be wasted or undercut by. So on the other hand there's a way to read that that really raises some very tricky constitutional questions about whether these funding streams these grant streams are being exploited in essence as a matter of federal policy to attempt to coerce or common beer states to take particularly legal approaches when they are otherwise entitled to take other approaches. And you think that is one to watch in its implementation not just for what it means as a matter of policy but for some tricky legal questions are correct. Right and of course that's also putting that into broader context that the AI action plan overall calls for removing references to misinformation DEI climate change from federal AI standards and also aims to promote what it refers to as ideological objectivity in large language model. There's kind of this broader push beyond just trying to dictate it seemingly to states to to be to decrease regulation there's this broader push towards you know deregulation in this space in particular ways and one of the other ways that the action plan tries to do this is through federal procurement channel so there's the federal funding lever but then there's also the procurement channel lever. Where in pillar one there's a mandate that government should only contract with LLM developers who systems are quote unquote objective and free from quote unquote top down ideological bias and I think that top down phrase is quite key there because of course as you all know bias can emerge from the training data itself as a model adapts and learns so it's not not just being set at the kind of developer company level. But given how contested some topics are like climate science and other topics and it's very difficult to kind of define what objective truth is when it comes to these systems and what are Jenny if you can walk us through a bit whether this is a workable standard and how we should think about this in terms of the potential first amendment implications of enforcing it. I think i'm going to defer the first amendment implications to Josh but I am looking at this I think Brianna you hit the nail on the head part of the question is really back to the interpretability of what these models are in fact doing why they say the things they do so I think the standard is going to be difficult I think the way that they wrote. The executive order seems to give some space for figuring out the top down component as you mentioned the developers need to show sort of what they put into their training data but to me the most important piece of this is that it really shines a light on how difficult it is. To develop these systems and to understand what they are doing and so as we go forward with this and if they're going to want to continue to take this approach investment in R&D which is another part of the plan seems to me like a really critical part of the equation here. Yeah, and i mean Josh do you have any thoughts on the on the first amendment question that you want to weigh in on briefly there. I do think you pointed to another another legally treat the action plan and a company EO that was focused on this this anti woke notion just briefly the. The case law suggests that with respect to procurement the courts often give the executive branch significant latitude when the government is spending its own money to in essence adopt a viewpoint in doing so but the courts have also said on the other side of the spectrum that when procurement is being exploited kind of used to reach beyond the scope of the contracting program let's say to reach out and alter private companies or other entities. Operations more broadly that goes too far if it touches on constitutional protected issues such as things of expressive content or or value as as model training seems to be and so I do think this approach to procurement which is given a little more detail and the accompanying EO is one where there will be legal fights to come potentially. The EO calls for again the Office of Management and Budget to issue further guidance for implementation within 120 days and that guidance among other resources I think will be worth watching especially for those seeking to continue contracting with begin contracting with the government for AI products and services. Certainly you think to track as we look at implementation going forward i want to shift gears slightly under the same pillar because another big emphasis in the document is this focus on championing us led open source ecosystem this idea that open source and open way models which are freely available for anyone to download or modify anywhere in the world has this real geostrategic benefits. In terms of spreading us values and projecting both soft and hard power so want to turn to use some for a minute to without getting into all the details of the open source versus close source debate which we could have a whole podcast on separately. In your view does the plan generally strike the right balance between promoting open source innovation and preventing adversaries from exploiting that openness because as we'll get to in a little bit later in the conversation there is also quite a heavy focus on an AI security which is welcome. Yes so the plan is as you pointed out it's generally very positive on the benefits of open rate models it recognizes correctly I think that there are real risks to seeding the kind of open source landscape worldwide to Chinese firms who are currently kind of very competitive if not at the very in the lead on the open source when it comes to open source models and the rest government I think does have an interest in making sure that. The open source models that may underpin a lot of global standards are American rather than Chinese and the plan lays out kind of various ways to increase investment and open models and I think those proposals have been generally well received by by the expert community the works on those issues I would say that. Realistically I think the government has kind of relatively limited leaders here when it comes to kind of promoting open source I think most of these decisions you know it can incentivize open source of the margin but I think most of those decisions are going to be commercial ones by the companies and I think you you know you're right the while in general the plan is quite attuned to the kind of national security risks of some of these models it doesn't say anything about the risks of open source models I think that's. There's a and I think this kind of speaks to a broader continuity across administrations I think there's a very different rhetoric on open source between this plan and the Biden administrations actions in some respect but I think the substantive differences are actually much more modest so you know you could say the kind of vibes of the Biden administration or a little bit more skeptical in some respects of open source models but the Biden administrations Department of Commerce released a report that was also very positive on open on open rate models so I think there's actually a lot of continuity across administrations here on the benefits of a kind of robust open source community. Yeah I think that's that's right and we'll get into this discussion a little bit deeper and in pillar three to when we talk about kind of the strategy for AI diffusion and what that means building a an AI US AI ecosystem that the rest of the world the dots. One other thing that struck me in the in pillar number one was of course there's this big push on. Work force upscaling AI literacy and integrating AI into federal workflows and I think you know there's a couple of positive and long overdue aspects of the plan that struck me here like the call for joint duty I see net assessments examining the comparative level of adoption of AI tools not just by the US but we actually it's competitors and an adversaries national security ecosystems that's something that's long overdue that I think is critical in terms of from a national security perspective. But there were other elements that slightly concern me a bit I guess because they they weren't fully fleshed out in this document at least such as the call for automating operational workflows in DUD without any kind of corresponding discussion of what the real should be for that and I want to turn to you Jenny because you've worked in government and different aspects of national security for a long time what stood out to you most in this discussion on enabling AI adoption whether in the federal government or more broadly in the American workforce. I think like you I think that promoting the adoption internally is good I think I was also struck by the same provision of the net assessments both within the US government and then in other countries on on what they're doing because I think if we don't have a sense of what other countries are doing there's no way that we're going to be able to keep up I think that's a basic truism. So I broadly speaking I think it does a good job of outlining where the Department of Defense needs to go and the types of things that it needs to be investing in and thinking about the challenges without any discussion of our rails as you point out. I think you could end up seeing some quite uneven adoption and some automating of workflows that without really understanding what's behind them and the implications that that could have and so I you know there was large sections and again we'll get to it later but on evaluations and on test beds and on and I think those are going to be critically important to even help inform not just sort of what the frontier companies are doing what companies are doing. But how do you choose is to integrate this into its own systems and once again I think that the idea of adoption only works when paired with some of the other components of the plan such as ensuring the systems are secure and reliable give their very high stakes usage right and so and again that those parts are underscacified. But they provide the hook that I think that DOD means to really lean into figuring out where and when and how they can use these systems. One thing I would also point out and this is more on the congressional side of life but the NDAA that is in the Senate right now has a lot on AI for DOD particularly around in somebody's cleaning up the whole variety of different shops and efforts that they have underway and how the services are approaching DOD or AI in different ways. And so I think when paired if you think about what's happening in the Senate and some of the provisions there along with the action plan it actually does give DOD some pretty clear direction. Yeah that's really good point Jenny and I think just as you say you know this idea of adoption across the interagency and what does that look like and how can the Trump administration ensure that there's some kind of coherent adoption more broadly you can see elements of that a little bit foreshadowed in the action plan but I think you're right to point out that there will be that there's other areas where that guidance is being developed and in greater depth but certainly a key area to watch going forward. And the other point that you made about you know we can't have robust and AI integration into federal workers without talking about AI security I think that that brings us to one of the plans strongest points in my view which is this call to invest in interpretability control robustness there's quite a bit on AI security throughout different pillars. Especially for frontier models used in sensitive national security contest such as in defense or intelligence and the term secure by design appears several times in the document but I think my question reading that is is kind of what does that what is that going to mean beyond the rhetoric it sounds really good on paper. But in terms of the practical steps that they're taking and some I wonder if you can walk us through this a little bit because you know they outlined a DARPA research program they outlined a plan hackathon but there didn't seem to be much roadmap beyond that like the sentiment for increasing AI security was good but do you think that the follow through the groundwork that's actually laid out in the document is sufficient for the kind of breakthroughs in AI security that we need or do you think it falls short of what's required. Given what's at stake here. Yeah so I think as you point out a lot of this is going to depend on implementation I think the plan strikes all the right notes when it comes to interpretability research control research. Rebusiness of AI systems and I think you know a lot of the AI safety community who've generally been quite critical of the administration of actually welcomed many elements of this plan because of that. I think in general the plan highlights safety interventions and kind of safety research under the under the framing of kind of keep evaluating systems to speed up adoption and I think that's a totally fine kind of rhetorical shift to make. That will depend on follow through I think in particular staffing and funding add what was formerly noticed US AI Safety Institute is now the kind of center for AI standards and innovation. There was a lot of doubt about whether that would survive the incoming trouble administration I think this plan signals that not only has it survived but the government is really kind of doubling down on its role in evaluating kind of frontier models for national security risks and hopefully this will lead to. You know the center being able to engage with industry initially more research efforts attract more high scale talent kind of with renewed confidence moving forward but I think a lot will depend on the kind of follow through on the kind of hiring authorities on the funding that they get so I think there's a lot there's a lot that's kind of extremely sensible a lot to light in this regard but it will all depend on implementation. Yeah I agree with that completely the sentiments are all there but a lot will depend on the implementation it's also interesting that a lot of it also depends on future funding and how that's allocated and staffing when you know the Trump administration has actually cut a lot of research funding in. Science the sciences and you know has tried to limit high scale immigration that might be needed to conduct some of this research so it'll be interesting to see how it plays out in practice Jenny wonder if you you talked a little bit about the evaluations and bound the AI security earlier so do you want to add anything to this because it really is a central part of the plan that I think is quite quite positive. I think what I would note is that we also think that this part of the plan is quite positive in terms of building an evaluation ecosystem you know echoing Sam it puts a lot on Casey I think in a positive way but you know again this is a small organization that is not codified that it is yet to see if it is going to live up to the hopes and dreams in this plan It is going to need probably significantly more funding and staff and make sure that it has the right authorities to do all of these things as well. But the evaluations in particular please to see the national security evaluations and the coordination with the elements of the IC with DOD with DOE because I think that type of holistic look is very important to remain focused on. At this time I think another component to foster the evaluations and I feel like a broken record here but the investments we need to acknowledge that some of the things that we want to do in this plan or that the administration wants to do in this plan. Don't yet have the technology and the science behind them either right if you want secure by design and high security data centers and you want to be able to do the evaluation science you need to invest in the ability in the technologies that are going to make that possible. So I think as a complement to the evaluation section is what we're looking for what comes out of the national AI R&D strategy that is forthcoming and that was referenced in the plan to really see where government is making those investments and whether they're going to be able to keep up. And that strategy is going to be critical to see how this actually plays out in practice and whether they're going to make the investments as you say they'll be required to actually achieve the goals which we, which we all agree are admirable goals but it's all depends on the implementation in this in there. One more thing on the evaluations. This plan of course it is all everything and participation is all voluntary by the companies and you know we've heard again and again companies saying they they want this they want it AC they want Casey they want that standard setting and so I think there's every reason to assume that there will be broad participation and eager participation. But I think again watching that space it particularly as evaluations become more complex and as capabilities emerge that may have higher risks figuring out how to ensure that companies state engaged in that process I think is going to be really critical. Yeah there's not a lot of detail on strengthening public private partnerships but not that you would expect that in this kind of high level strategy document but that will certainly be something that needs to be flesh out more. If we're going to actually increase AI security to a significant extent particularly because I know the companies have the technology and all of the developments but if we're going to get to higher security levels the government will have a key role to play in terms of building the right incentive structures and making sure that actually happens in practice. Because the commercial incentive structures as you know don't don't always get us to to the security levels that might be needed in certain cases. I think that ties nicely into pillar two on building American AI infrastructure because there's a theme of security throughout the infrastructure as well so this is focused as as you mentioned on the outset Josh on the infrastructure needed to support rapid AI development from compute and energy to the high security data centers. And Josh your and I talked about this a little bit in our last podcast when we were talking about the emerging Trump a trans strategy terms emerging strategy on AI now it has emerged. And here this plan seems to lay out of even more ambitious strategy building on previous executive orders for expanding domestic AI infrastructure through faster permitting energy development and federal land access primarily. And it's quite clear that we need to do this in some ways right because you know anthropic estimates that by 2028 the US AI sector could require at least 50 gigawatts of power which is roughly the output of 24 Hoover dam so it. It just underscores how energy and land intensive scaling up at this level will be but I wonder if you can walk us through briefly what are the strategic environmental governance challenges of scaling up this quickly. And even more importantly have we reached the limits of what executive action alone can realistically achieve in this space. I think you've you've teed it up perfectly and it does pick up on on the conversation you and I had previously on this past in which quite early in this administration the Trump's energy department hold forward a late by initiative to make available federal land for the private sector to use to meet all those needs you just described so well and so. The action plan goes further still it was accompanied yesterday by another executive order called accelerating federal permitting of data center infrastructure which though it technically revoked the late by in fact move forward the overall effort just as the earlier RFI from the Department of Energy had done. And I think what you see from the combination of the action plan and the executive order is a sense of wanting to cut through the delays the obstacles the challenges that exist even when the federal government wants to boost the private sector in using American land land here domestically and energy resources to power the next generation and the generation beyond that of AI that said cutting through permitting it sounds abstract but permitting all different types of permits stand for something they serve and promote some sorts of values and these things are tradeoffs so when one eliminates or reduces the permits required by let's say an environmental regime. When he's hitting a different balance between AI infrastructure development and environmental protection or permits are there to promote foster clean energy use one is striking a different balance between ensuring that there's energy available for AI data centers and overall promoting clean energy this administration while overall wanting to power domestic AI infrastructure development has definitely struck that balance in a different place from its predecessor. And I think what you see here is a further push to try to get private sector investment domestically made more feasible less less slow down bog down by by some of those other constraints but as I say constraints have values behind them and they're striking that in a different place also one more thing around which is this sits side by side with this administration's push to make available foreign resources energy resources and land available to domestic companies for AI infrastructure that's what we saw from President Trump's big deals he announced on his trip earlier this year to Saudi Arabia and to the Emirates and I'm not sure there's a contradiction of that one believes the US private sector needs a whole lot of land that a whole lot of energy than making available foreign foreign resources and domestic ones might be what's needed to meet or even approach those growing needs but I just think it's worth putting in context that there's a domestic push and a foreign push happening in parallel. Yeah, I really like how you lay that out Josh and I think you're absolutely right. I guess on the floor inside there are a few other questions or challenges that that raises in terms of AI security securing data centers and advanced AI models that might be overseas and also questions surrounding sovereignty and you know respect for national national policies and infrastructure. So I think there's there's a whole host of challenges on the foreign side that will have to get into as those plans unfold further and so you know that the on the keeping on the infrastructure side one of the other key points in pillar to was about this call for building high security data centers for military and intelligence purposes and of course this is really necessary it's it's actually it's very it's long overdue because AI is already being used to process some of the country's money. It's some of the country's most sensitive data right it's already being integrated into military and intelligence work streams and this raises some key challenges and concerns surrounding the potential for adversarial access manipulation data poisoning and so forth. Jenny, I wonder if you can walk us through a bit why this is necessary and and what challenges this might raise in terms of oversight transparency and the in the militarization of compute and maybe also touch a little bit on the bolstering the cyber security of critical infrastructure as well and whether the plan goes for enough in that space. These are all great and very critical questions to consider and you know like you said these systems are already being integrated and we've seen even in just recent weeks announcements from DOD on partnerships with open AI. Anthropic and XAI also has a has a new contract with DOD so these systems this isn't a hypothetical this isn't future case they're being used they're being used now they are acquiring access to frontier systems and will be tweaking them and using them for all kinds of applications and so that's why it's really important that we make sure that there are these high security data centers and what we mean by that is. Data centers that can resist all of the things that you just said infiltration from foreign adversaries cyber attacks. So that's not the only thing that can resist into data poisoning so that you are confident that the that the model weights are not being tampered with that's going to also take important controls internally in terms of who has access to these systems and to maintaining the systems. Earlier one of the challenges with data center security is that some of the technology that that you're we're really going to want to secure the model it's just ensure cyber security here is still in development right so this question of what can be done now and a lot can be done now and I think that needs to be done to the extent possible and also this needs to be paired with building that next generation technology that is going to be able to keep pace with the security as the cyber attacks cyber security attacks. More advanced as well on the cyber security pieces one of the components that I appreciate about the plan is that it acknowledges the importance of cyber security and the need for better info sharing the creation of the AI info sharing and analysis center is very I think important in this regard. Does it go far enough look I think it's a start I think we'd love to see critical thinking about AI as a critical infrastructure because it is likely to underpin so much it's going to get integrated into the economy in a really at a fundamental level. And so we need to be thinking about it at that type of scale and I think this plan starts to move in that direction but there's still ways to go. Yeah absolutely and you know the point that you raised a couple times throughout I think is so key that we need to be preparing not only for the technology that we have now today but the technology that we're going to have tomorrow that we're going to have a year from now. Which gets which is really important in the realm of AI security as you know because when we talk about securing the most sensitive data that the US has we need to be operating at a very high security level like it. If we're talking about the ran framework like at an SL 5 SL 4 SL 5 level which the private sector it's not something that it can do alone it doesn't have the requisite call of the requisite national security insights procedures threat intel insights to do that and also the incentive structures aren't there so I think the action plan rightly highlights the key area where there needs to be a lot of focus right now before we get to any you know potential a GI future. About protecting these advanced systems from intrusion from theft from manipulation I think that you know as we've said throughout the devil is in the details and you know there's there's not detail here which we wouldn't expect there to be on how those private public sector partnerships will emerge what are potential trade offs in terms of them the administration wanting to go really fast in terms of scaling up adoption and innovation but also you know that can come at a cost of security because. As you know Jenny and you know well Josh as well you know when you're trying to secure these types of facilities that can often be like a lengthy process just in terms of even getting clear and says at the right level for the right personnel so there's a lot more to unpack here going forward and I think on the on the cyber security side probably there's not enough in the document now to tell us whether whether they're on the right path information sharing is great but you know considering the fact that the administration has been. And cutting some cyber security resource spending more broadly I think there's a real question there going forward about yes it's the sentiment is right we need to increase cyber security of critical infrastructure but how are we going to do that if when the administration is cutting funding for cyber defenses when there's no clear road map yet for the private public sector collaboration there but I think that all remains to be determined and the and the. The sentiment is is a correct one is you as you rightly point out Jenny and want to shift now to pillar three looking at you know leading and international diplomacy and I security so this is all about. How the US is approaching international leadership balancing its efforts to promote US technology abroad with growing national security concerns particularly surrounding China and I want to turn back to you Sam because. You've talked a lot about this in some of your work and the administration has outlined essentially a dual strategy here as it has all along promoting American AI abroad while tightening expert controls to protect national security but you know moves like the recent policy reversal and controlling the export of NVIDIA is advanced age 20 chips to China have raised legitimate questions about what the strategy actually is so walk us through a little bit how the administration is balancing AI diffusion with. Security and what message this might be sending to allies competitors and industry. Yeah so I think this question of how to kind of balance the promotion of AI exports overseas with the desires kind of control and advanced technology that could have major national security implications is a kind of tension that the administration grappled with and it's one of the term administration is also confronting and I think. Here there are kind of really three big tensions between we both within the action plan and between the action plan and the kind of broader action to the administration and the first is the kind of one that you pointed towards. With regards to the H 20 chip so the action plan points out that advance AI compute is essential to the AI era denying our adversaries access to this resource is a matter of. Geo strategic competition and national security but that comes you know I think roughly a week after the administration approved the sale of these age 20 chips to China which is. Not in videos most powerful chip but it is an extremely powerful chip that's designed for inference for running AI models which is becoming increasingly kind of central to the competition so that seems to be an example of. It's actions the administration kind of prioritizing the preservation of the US companies market share overseas over the preservation of US is kind of compute advantage over China. I think the second big tension here is that the action plan calls quite emphatically for the tightening of semiconductor manufacturing equipment controls so these are controls on kind of component subsystems controls on. Equipment it could be used by Chinese companies like Huawei to expand their domestic capacity to build chips and you know the action plan comes out in favor of that. But in its broader actions the administration has done very little to crack down on that and I think that's partly because of the broader trade conflict with China where the administration is clearly trying to de-escalate that conflict. That issue because of China's control over railroads minerals because the administration seems to want to prioritize de-escalation and securing kind of presidential visit to Beijing. And so I think in that context the administration will struggle to roll out the kind of robust semiconductor manufacturing equipment controls that the action plan calls for and then just briefly I think the kind of third tension here is. The one we kind of alluded to earlier in the discussion of AI dominance as the framing but this this action plan puts a big emphasis on the value of getting other countries to adopt the US tech stack building a kind of AI alliance based on US values US technology and so forth. And again, that's a slightly awkward fit not with it's certainly not awkward fit with the administration's kind of it's a promotion efforts in places like the Gulf, but it is an awkward fit with some of the administration's more kind of coercive economic tools in the broader kind of trade war with kind of with countries like Europe and elsewhere where you're starting to see more anxiety and prime capital is about kind of dependence on US cloud providers. And so there's a little bit of a tension there between you know US kind of flexing its muscles in the economic policy domain elsewhere and the desire here to get all these countries you know using the US tech stack and I think those are some tensions that are going to be you know that I think they reflect tensions within the administration. They're going to continue to play on the kind of coming months and I think that's something to try moving forward. Yeah, absolutely, I mean the distribution diffusion of American technologies seems like a worthwhile goal, but to build that ecosystem unit based around US values, but they there seem to be a little bit more on the detail on the expert controls and you know the aspiration for US allies to adopt US technology and align or the US ecosystem but but not a lot of details on how they would incentivize US allies to do that given as you mentioned. Some of the other trade wars that are ongoing and questions and concerns about technological sovereignty, which is a key concern in Europe in the UK and elsewhere. So I think it will be a challenge going forward is easier said than done as with a lot of these things, but just to follow up on something you said so you mentioned China and of course when we're talking about the global AI race, we're often talking about the contest between US and China. This strategy struck me as being fairly balanced on China overall and not much of a shift from the Biden administration besides perhaps a little bit of rhetoric and curious and if you saw that any differently. And also if you can briefly talk a little bit about why it's so important that the action plan to focus on exporting the full AI stack as opposed to just raw chips or frontier models. Yeah, so I think in its rhetoric on China, I think there's a lot of continuity with the Biden administration. A lot of the export controls on China were actually started in the first Trump administration they were expanded in the kind of Biden administration and. It remains to be seen in our future under the under the current Trump administration, but I think there's a lot of there's been there has been kind of bipartisan consensus on the importance of kind of limiting China's access to advance AI computing power across administrations. For a while now, so I don't think it's surprising that the action plan kind of strikes some similar notes to past US strategy documents in this regard. I think on the point about the importance of providing full stack AI solutions, I think. It sort of remains to be seen how that will be implemented. I think there's a kind of couple of ways to think about that one is as a response to a sense that. While the United States may be leading when it comes to the development of kind of frontier AI models, the kind of most powerful, most exquisite models. China has a really competitive hand to play when it comes to promoting AI solutions below the frontier. And one way China has done that in the technological domain elsewhere is through these kind of complete deal packages that China will bring to other countries. So this emphasis here in the action plan on promoting a kind of full AI stack solution could be interpreted as a way to kind of try to respond to this kind of deal package approach. The China is brought to bear elsewhere. I think another way to think about the full AI stack solution as opposed to just selling chips. When you sell chips directly just on their own, that comes with risks of chip diversion potentially to China to kind of get around export controls or remote access by China or by other US competitors to the data centers in which those chips are housed. If instead you're exporting a kind of full AI stack understood as potentially a chips packaged in a US data center operated by US hyperscaler tied to applications that might work with the kind of local government or a local company. This kind of meeting a specific economic and political need there. I think you can mitigate some of the rest of chip diversion chips mugling it but by focusing on this kind of complete package as opposed to just having chips over directly without any supervision or any any oversight. I think again the devil there is really going to be in the details. The golf deals got some pushback from some quarters including myself in some publications because some of the safeguards are not necessarily fully flashed out yet. And so how this kind of full stack AI export solution really materializes I think a lot of that will depend on the details and I think that is a way to kind of balance the promotion of US AI exports with mitigation of some of the risks of diversion and this use but it has to be done well by the interagency process. It's really interesting and you wrote of course a great article on the on the golf AI deals for security a little while back which encourage people to read but the point that you know there are economic reasons for exporting the full stack but also security reasons and looking into those potential trade offs with more broadly I think is quite a good point as the US tries to build up its own AI ecosystem and export that and get other countries to adopt that more broadly rather than China or some other countries AI ecosystem. But I mean so a threat that's run throughout this conversation throughout all of the pillars is this idea that implementation is going to be critical going forward. I think we generally agree that you know many of the aspects of the action plan are commendable and balanced and generally where the technology sector academia and others see the need for this to unfold. And there are a few areas that we also highlighted that are missing in this action plan but I want to end the conversation and implementation so I mean as with any federal any sweeping federal strategy much depends on what happens next and we've talked about it a bit throughout the conversation but just to recap and by way of kind of concluding the discussion. I wonder if we can each go around briefly and just say what signs do you think we should be looking forward to gauge whether the action plan will lead to meaningful policy change in the space or remain more symbolic and start maybe with Josh and then Jenny and then closing with Sam. I'll take one one of these which is dollars to watch the money because strategies are good and they're important and they give those who serve in the executive branch a sense of direction as well as those beyond in the private sector. And on the hill a sense of where the executive branch is attempting to go but dollars matter a lot and dollars matter a lot especially for this type of strategic level document and when it comes to fostering new work workplace training as as AI changes the American workplace when it comes to building as Jenny was talking about the sort of secure facilities where there might be enhanced public private collaboration using cutting edge AI. When it comes to making possible the sort of development domestically that sometimes can be comparatively expensive which is why there's an effort to offshore certain operations. If dollars flow towards what are described as priorities here those priorities are more likely to get realized in a meaningful way in a way that kind of bends the bends the curve of America's AI promise if those what set out here is implemented even implemented in a coordinated way but without resources behind it that's going to look very different. Jenny what what's your views on implementation going forward what's one of the key things we should be watching you mentioned a couple. Yeah I mean obviously what Josh said is completely correct and I believe somebody has said a plan without a budget is just a press release and so I think that is a really important component other things i'm going to be watching I mean one of the things that has already struck me. Is we have this plan we've talked about a lot of components in it a lot of the components we are talked about we're not in any of the eos that were released yesterday right so what other implementation hooks or direction are going to be given to agencies will we see some of these other components show up in future executive orders will there be NSC processes run around them you know agencies are put on the hook. In some way by being called out in the action plan but there are a lot of strategies in the federal government a lot of very good ones a lot of things that have a lot of the right rhetoric. But what actually takes priority ends up being decided by by leadership in agencies by where they put the dollars and by where they put these additional hooks and so that's what i'm going to be watching. So what struck you in terms of what's needed next to implement some of these policy changes. Yes I would completely agree with what Josh and Jenny said about about budget I think deadlines there was an interesting kind of lack of deadlines for a lot of the actions in the in the plan I think the the final thing I would be tracking just going to pick up what my last answer earlier is the importance of controls on semiconductor equipment. A lot of this plan is framed around the kind of you need for the U.S. to win this race with China one of the U.S. is kind of key advantages in this competition is its access to advanced a computing power and the kind of key way to maintain that advantage is by. Controlling China's ability to come into the individualized semiconductor manufacturing equipment supply chain and so. For the administration to kind of turn this rhetoric into reality I think it's going to need to find some way to resume a kind of cadence of export controls up export control updates export control tight men just even even the backdrop of a kind of broader. Discalation and trade tensions with China and how the administration kind of gets out of this this kind of corner it's back itself into where it may struggle to impose new controls for fear of triggering renewed Chinese retaliation on critical minerals and my words I think that's going to be a really big challenge for the administration but I think that's essential for the kind of putting into practice some of the stuff the plan talks about maintaining U.S. dominance in the AI competition. What's the funding streams look out for deadlines and other policy processes that would actually drive implementation forward like future executive orders and other policy levers and looking more closely at the export control space going forward particularly controls on semiconductor manufacturing components. These are all three key things that we'll be looking at amongst other things as the Trump administration goes forward to implement this AI action plan. Well we've covered quite a bit of ground in the past hour obviously there's a lot more we can say on each of these components but we've covered some of the strategy on innovation and infrastructure on how the Trump administration plans to lead in terms of international diplomacy and AI security and I think it's it's the contours of the Trump administration's policies and priorities for AI are now becoming quite clear and going forward the question will be how did they begin to resource. And implement these priorities what does implementation look like in practice in terms of not only you know the funding and resources question but also what are the guard rails what accountability mechanisms will be put in place. What actions will they take to work with the private sector to actually strengthen the security in practice going forward so a lot to unpack in this in this podcast and thank you so much for all taking for the time to join us and share your insights as. I continue to shape our world will be here at just security to unpack what it means for national security democratic governance and the public good more broadly. I'm Dr. Bruno Rosen and this episode was produced by Isaac Rubenschein with support from Clara apt I want to extend a really special thank you to Joshua Gelser Sam Winter levy and Jenny Ron for sharing their invaluable insights with us today. And to all of our listeners for being part of the conversation. Thank you so much.