Trump Signs AI Cyber Executive Order

Daily Briefing — Tech Policy — June 08, 2026

Governments on three continents are rewriting the rules on who profits from AI-generated content — and Washington is discovering that "voluntary" is the only deal it can cut with its own industry.

Top Story

Trump Signs AI Cyber Executive Order — With Industry's Fingerprints All Over It

President Trump signed "Promoting Advanced Artificial Intelligence Innovation and Security" on June 2, a long-delayed order that asks AI developers to voluntarily submit frontier models for government cybersecurity review up to 30 days before public release. The word voluntarily is doing all the work: the order explicitly bars any mandatory licensing or preclearance regime, handing OpenAI, Anthropic, and Google the legal protection they lobbied for. An earlier draft gave the government 90 days to review powerful models — that window was cut to 30 after tech executives pushed back, and a planned signing ceremony in May was scrapped entirely over the same objections.

The trigger for any action at all was Anthropic's April disclosure that its Claude Mythos Preview model could autonomously identify and exploit real-world software vulnerabilities, which alarmed enough federal officials to force the White House off its fully hands-off posture. The order creates two main mechanisms: a classified NSA-run benchmarking process to define what counts as a "covered frontier model," and a Treasury-led AI cybersecurity clearinghouse to coordinate vulnerability scanning across government and critical infrastructure. Tasking Treasury Secretary Bessent — rather than the Office of the National Cyber Director or the Departments of Defense and Homeland Security, where relevant expertise actually sits — is a structural anomaly that CSIS analysts flag as evidence that political management, not technical rigor, drove the final design. White House Chief of Staff Susie Wiles was also carved out a specific role in designating covered frontier models, reinforcing the concern. The order explicitly states that any binding regulations would require an act of Congress — which, given the current legislative calendar, is a long way off.

NPR | Council on Foreign Relations | CSIS

Key Developments

UK's CMA Issues a World-First: Publishers Can Opt Out of Google's AI Search

Britain's Competition and Markets Authority announced this week that publishers — including news organisations — may opt their content out of Google's AI Overviews in UK search results. CMA Chief Executive Sarah Cardell called it a "world-first requirement" that will put publishers "in a stronger position to negotiate content deals with Google." Google, which commands over 90% of UK search traffic and controls the advertising revenue of more than 200,000 British businesses, has nine months for full compliance but is already trialling the controls. The mechanism is leverage, not payment: a publisher that opts out loses AI Overview traffic but gains a cleaner negotiating position for a paid licensing deal. Google noted, pointedly, that opting out of AI Overviews does not affect standard search rankings — meaning the threat of traffic loss is considerably blunted.

BBC News

Congress Releases Bipartisan 'Great American AI Act' — Into a Midterm Headwind

On June 4, Reps. Lori Trahan (D-MA) and Jay Obernolte (R-CA), joined by four colleagues from both parties on the House Energy and Commerce Committee, released a discussion draft of the Great American AI Act — bipartisan legislation to create a federal AI governance framework and preempt the growing patchwork of state laws. The draft is explicitly pre-introduction, circulated for stakeholder feedback before a formal bill is filed. The timing is the problem: discussion drafts released in the summer of a midterm election year have a long history of dying in committee. The parallel SECURE Data Act, a Republican-led federal privacy bill from the same committee, faces its own bipartisan deficit. And COPPA 2.0 — the Children and Teens' Online Privacy Protection Act — passed the Senate by unanimous consent in March but has sat at the House desk since March 16 without a committee referral, the most recent illustration of the House's graveyard function for tech legislation.

Rep. Trahan Press Release | Congress.gov — COPPA 2.0

UK Government Retreats on AI Copyright — Leaves Both Sides Without Clarity

Technology Secretary Liz Kendall told Parliament that the UK government "no longer has a preferred option" on AI training and copyright — a full reversal of its earlier proposal allowing AI companies to scrape copyrighted works with an opt-out mechanism. The creative sector's backlash was unusually high-profile: Elton John publicly branded the government "losers" over the original plan, Dua Lipa and the Musicians' Union organised opposition, and major labels and the News Media Association lobbied aggressively. The government's consultation found the opt-out proposal was "overwhelmingly rejected" by the creative sector. But the reversal produced no replacement policy: Kendall said the government would not reform copyright law "until we are confident that they will meet our objectives," leaving AI developers without the legal clarity they need to train on UK content and leaving artists without enforceable protections. Both sides lost.

BBC News

Australia's 2.25% Platform Levy Advances; Meta Invokes the Free Trade Agreement

Meta formally submitted to the Australian government that its News Bargaining Incentive — a levy of 2.25% on Australian revenues for platforms that fail to strike deals with news publishers — is "poorly designed," "economically incoherent," and in violation of Australia's free trade agreement with the United States. The Albanese government estimates the scheme would generate A$200–250 million (approximately US$143–178 million) annually for domestic media, distributed based on journalist headcount. The scheme's structural gap is its own undoing in the long run: it targets Meta, Google, and ByteDance by name but explicitly excludes AI developers like OpenAI that increasingly divert search traffic from publishers without appearing in the framework. Publishers who understand the economics note the omission undercuts the policy's core rationale. The legislation must still pass Parliament.

Al Jazeera

EU Delays High-Risk AI Act Deadlines; Bans Nudifier Apps

The European Parliament in late March voted 569–45 to adopt amendments simplifying the AI Act's implementation timeline, and the Cyprus EU Presidency reached a provisional agreement with Parliament negotiators on the final text in May. The headline change: obligations on high-risk AI systems — covering biometrics, critical infrastructure, education, employment, law enforcement, and border management — are now set to apply from December 2, 2027, roughly a year later than the original schedule. Systems covered by existing EU sectoral safety legislation get a further extension to August 2028. The one hardening: MEPs added a new ban on "nudifier" AI applications that generate non-consensual sexually explicit imagery of identifiable real people — an addition that carries immediate moral clarity but represents a narrow carve-out in a broader package built around delay and flexibility for industry.

CNA Cyprus — European Parliament Press Release | CNA Cyprus — EP/Council Agreement

By the Numbers

30 days — Trump's pre-release AI model review window. Down from 90 days in the original draft; voluntary, not mandatory; applies only to undefined "covered frontier models" pending a classified NSA benchmarking process that doesn't yet exist. NPR

404–14 — House vote passing S.254 on June 3 under suspension of rules. Not an AI bill — it protects Alaska Native ivory sales — but it illustrates the contrast: bipartisan supermajorities exist for narrow, tangible, non-threatening legislation, while every comprehensive tech bill stalls. GovTrack

A$200–250M — Estimated annual revenue for Australian media under the News Bargaining Incentive levy. Meta argues zero of it is legitimately owed. Al Jazeera

Coming Up

• November 2026 (Midterms): Congressional elections determine whether the Great American AI Act, NO FAKES Act, and SECURE Data Act have any viable legislative path in the 120th Congress — or get tabled for another two-year cycle.
• Nine months from this week: Google's compliance deadline with CMA's UK publisher opt-out requirements. The CMA has indicated it expects "important parts" of the framework well before the deadline.
• December 2, 2027: EU AI Act high-risk system obligations take effect for biometrics, law enforcement, employment, and border management applications — a hard date for every firm operating in the EU.

The Story Everyone Missed

The US Just Closed the Chinese Chipco Loophole — and Acknowledged the Hardware Already Shipped

The Bureau of Industry and Security issued guidance on June 1 clarifying that US export controls on advanced Nvidia chips apply to Chinese-headquartered companies regardless of where their subsidiaries are physically located. Clear enough. But buried in the same notice: companies that already purchased controlled chips under the post-Biden ambiguity "don't have to stop using them" — a de facto grandfather clause. Former State Department tech policy official Chris McGuire put it plainly on the record: "Chinese companies have been buying these chips, very likely at scale. And because BIS has not updated export control regulations to clearly state what it IS enforcing, all of this was legal." Washington closed the loophole in writing on June 1. The Blackwell GPUs it was meant to stop are already in Chinese data centres. The policy gap isn't the new clarification — it's the months of ambiguity that followed Trump's May 2025 decision to scrap Biden's AI Diffusion Framework before replacing it with anything.

Al Jazeera

Diplomat Briefing — Daily political intelligence. Read more: Today's stories