On June 2, 2026, Connecticut Governor Ned Lamont signed Senate Bill 5 into law, designated as Public Act 26-15 and also known as the Connecticut Artificial Intelligence Responsibility and Transparency Act (the “CART Act” or “Act”).1 The CART Act is among the most comprehensive state AI laws enacted to date, creating distinct obligations for employment-related automated decision tools, consumer chatbots, frontier-model developers, generative-AI provenance, and online platforms used by minors, while also addressing AI applications in healthcare through targeted carveouts and innovation initiatives.
Continue Reading Connecticut Enacts Sweeping AI Law Covering Employment, Healthcare, and Online SafetyTrump’s AI Cybersecurity Order: A Voluntary Framework with Mandatory Implications
On June 2, 2026, President Trump signed an executive order titled “Promoting Advanced Artificial Intelligence Innovation and Security” (the “Order”), which establishes a new framework for government collaboration with the AI industry on cybersecurity and the secure deployment of advanced AI models.1 While voluntary in form, the Order builds significant institutional architecture, including classified benchmarks administered by the National Security Agency (NSA) and a government-managed pre-release review window, that marks the administration’s first direct engagement with pre-deployment evaluation of frontier AI capabilities.
This alert examines the Order’s key provisions and their implications for AI developers, critical infrastructure operators, enterprises deploying AI tools, and investors in AI-driven companies.
Continue Reading Trump’s AI Cybersecurity Order: A Voluntary Framework with Mandatory ImplicationsColorado Scales Back AI Law, with Targeted Implications for Health Care
- S.B. 26-189, Concerning the Use of Automated Decision-Making Technology in Consequential Decisions, and, in Connection Therewith, Making an Appropriation (Colo. 2026) (to be codified at Colo. Rev. Stat. §§ 6-1-1701 to 1709) (effective Jan. 1, 2027), https://leg.colorado.gov/bill_files/116489/download. ↩︎
- S.B. 24-205, Consumer Protections for Artificial Intelligence, 74th Gen. Assemb., Reg. Sess. (Colo. 2024), https://leg.colorado.gov/bill_files/47770/download. ↩︎
- President Trump’s December 2025 Executive Order criticized state AI laws as a “patchwork of 50 different regulatory regimes” and cited Colorado’s algorithmic-discrimination law as an example. Exec. Order No. 14,365, Ensuring a National Policy Framework for Artificial Intelligence, 90 Fed. Reg. 58,499 (Dec. 16, 2025), https://www.federalregister.gov/documents/2025/12/16/2025-23092/ensuring-a-national-policy-framework-for-artificial-intelligence; Fact Sheet: President Donald J. Trump Ensures a National Policy Framework for Artificial Intelligence, White House (Dec. 11, 2025), https://www.whitehouse.gov/fact-sheets/2025/12/fact-sheet-president-donald-j-trump-ensures-a-national-policy-framework-for-artificial-intelligence/. ↩︎
- In the signing statement for the 2024 AI Act, Governor Polis expressed that he signed SB 24-205 “with reservations,” warning that it imposed a complex compliance regime, risked a state law patchwork that could hamper innovation and competition, and needed refinement before taking effect. Letter from Jared S. Polis, Governor of Colo., to Members of the Colo. Gen. Assemb. (May 17, 2024). https://drive.google.com/file/d/1i2cA3IG93VViNbzXu9LPgbTrZGqhyRgM/view. Governor Polis convened a Colorado AI Policy Work Group to develop a revised policy framework, producing the 2026 Act. See Press Release, Office of Governor Jared Polis, Colorado Artificial Intelligence Policy Workgroup Delivers Unanimous Support for Revised Policy Framework (Mar. 17, 2026), http://governorsoffice.colorado.gov/governor/news/colorado-artificial-intelligence-policy-workgroup-delivers-unanimous-support-revised-policy; see also S.B. 26-189, 75th Gen. Assemb., Reg. Sess. (Colo. 2026), https://leg.colorado.gov/bills/sb26-189. ↩︎
Continue Reading Colorado Scales Back AI Law, with Targeted Implications for Health Care
Newsom Signs Executive Order Establishing AI Vendor Certification and Procurement Framework
On March 30, 2026, Governor Gavin Newsom signed Executive Order N-5-26 (the “Order”), directing California state agencies to develop new certification requirements and procurement standards for companies seeking to provide AI-enabled products or services to the state.1 The Order represents the latest move in an intensifying contest between California and the federal government over the future of AI regulation in the United States.
Continue Reading Newsom Signs Executive Order Establishing AI Vendor Certification and Procurement FrameworkOn the Eighth Day of Data… AI Regulation – A 2025 Recap and a Look Ahead to 2026
In 1950, reflecting on the future of machine intelligence, Alan Turing observed: “We can only see a short distance ahead, but we can see plenty there that needs to be done.” With several large language models, most notably OpenAI’s GPT-4.5, passing the Turing Test in 2025, some governments have taken steps towards stricter regulation this year, with others still working to determine what “needs to be done” for AI regulation in the year ahead.
Most notably, this year saw key provisions of the EU AI Act—the world’s first comprehensive AI-dedicated law—take effect. However, instead of seeing the “Brussels effect” with AI regulation, going into 2026, the global approach appears to be leaning towards that of the UK and U.S., which have led the charge for a looser regulatory environment in recent years.
Continue Reading On the Eighth Day of Data… AI Regulation – A 2025 Recap and a Look Ahead to 2026On the Fourth Day of Data… All is Calm, All is Bright? Securing Agentic AI Before the Lights Go Out
As 2025 draws to a close and some organizations slip into a quieter holiday rhythm, their AI systems continue humming in the background—summarizing customer inquiries, triaging security alerts, generating code, and synchronizing records across critical systems. Within that uninterrupted activity, however, lies a less festive truth: agentic AI introduces cyber risks of unprecedented complexity and novelty, beyond what conventional architectures were designed to manage.
Agentic AI—the class of systems that can reason, plan, act, and adapt toward goals with reduced human oversight—promises measurable gains across legal services, finance, healthcare, and supply chain operations. But the same autonomy that drives new efficiencies also creates a distinctly complex cybersecurity risk profile. By initiating actions, calling tools, exchanging data with other agents, and escalating privileges to meet objectives, autonomous systems expand the attack surface and introduce “digital insiders” that can err at scale, leak data silently, and even be co-opted by threat actors. For those advising on governance, cyber preparedness, and emerging-tech strategy, the takeaway is clear: companies need a practical, defensible program tailored to agentic environments—one that reduces the likelihood and blast radius of failures before a single misaligned step turns out all the lights.
Continue Reading On the Fourth Day of Data… All is Calm, All is Bright? Securing Agentic AI Before the Lights Go OutOn the Third Day of Data… This Omnibus Is on a Diversion: Highlights of the EU’s Digital Omnibus Proposal
The publication of the EU Digital Omnibus Proposal (“Omnibus”) on 19 November set out a two-part package of simplifications to its data protection rulebook. Pitched as a means to reduce regulatory friction and foster innovation, the initiative represents the EU’s ambition to reap the benefits of the digital revolution.
Following the Draghi report’s warning that the EU was trailing behind US and Chinese markets due to overregulation, the EU has course corrected its approach to digital regulation, overhauling its flagship data legislation to strengthen its position in the global market. The Omnibus thus forms part of the Commission’s wider promise to reduce administrative burdens by at least 25% for all businesses—and at least 35% for small and medium-sized enterprises (“SMEs”)—by 2029.
Continue Reading On the Third Day of Data… This Omnibus Is on a Diversion: Highlights of the EU’s Digital Omnibus ProposalOn the Second Day of Data… Trump Attempts to Preempt State AI Regulation Through Executive Order
Following several unsuccessful attempts to secure federal preemption of state artificial intelligence regulations through Congress, President Trump turned to executive action, signing a sweeping executive order last Thursday night, entitled “Ensuring a National Policy Framework for Artificial Intelligence”. The Executive Order directs federal agencies to challenge state laws regulating AI, with the stated
On the First Day of Data… AI Integration Considerations for Asset Managers
As firms face rising data volumes, competitive pressure, and regulatory scrutiny, asset managers are increasingly turning to tools driven by artificial intelligence for everything from investment research and portfolio construction to risk modeling and operational efficiency.
In a recent whitepaper, Ropes & Gray partners Melissa Bender, Amy Jane Longo, Fran Faircloth, Megan
R&G Tech Studio Presents: AI Innovation vs. Safety—Insights on Trump’s New Executive Order
On this episode of the R&G Tech Studio podcast, Ropes & Gray partners and co-leaders of the firm’s AI initiative, Megan Baca and Ed McNicholas, delve into the key implications of President Trump’s new AI Executive Order 14179, contrasting it with the previous Biden administration’s approach to AI regulation. They explore the nuances of AI