Establishes competitive processes for AI, cloud, and data infrastructure procurement by the Department of Defense, prioritizing security and data rights. Requires updates to regulations for data protection and penalties. Mandates reports on AI market competition and innovation to congressional committees.
Analysis summaries, actor details, and coverage mappings were LLM-classified and may contain errors.
This is a binding federal statute enacted by Congress with mandatory obligations, enforcement mechanisms including fines and contract termination, and specific regulatory requirements for the Department of Defense.
The document has minimal coverage of risk domains, with primary focus on competitive dynamics (6.4) and governance failure (6.5). It addresses security vulnerabilities (2.2) through data protection requirements and touches on malicious actors (4.2) through weapon development context. Coverage is concentrated in socioeconomic and security domains rather than AI safety or discrimination risks.
This document primarily governs the National Security sector through Department of Defense AI procurement. It also governs the Information sector (cloud providers, data infrastructure providers) and Scientific Research and Development Services sector (foundation model providers) as these entities are the targets of the procurement regulations.
The document primarily covers the Deploy and Operate and Monitor stages of the AI lifecycle, with emphasis on procurement processes, data protection during deployment, and ongoing monitoring of market competition. It also addresses aspects of Plan and Design through competitive procurement requirements and Build and Use Model through data rights provisions.
The document explicitly defines and covers AI, foundation models, cloud computing, and data infrastructure. It provides specific technical thresholds for foundation models (1 billion parameters) and addresses both general-purpose AI capabilities and security-relevant AI systems. There is no explicit mention of generative AI, predictive AI, open-weight models, or specific compute thresholds in FLOPs.
United States Congress (Senate and House of Representatives)
The document is a Congressional Act enacted by both chambers of the U.S. Congress, as indicated by the opening enactment clause.
Department of Defense, Secretary of Defense, Chief Digital and Artificial Intelligence Office, component acquisition executives
The Secretary of Defense is given authority to enforce contracting provisions, the Chief Digital and Artificial Intelligence Office must update DFARS regulations, and component acquisition executives can issue exemptions with notification requirements.
Chairman of the Joint Chiefs of Staff, Under Secretary of Defense for Acquisition and Sustainment, congressional defense committees, Assistant to the Secretary of Defense for Public Affairs
The Chairman of the Joint Chiefs of Staff, coordinating with the Under Secretary, must submit annual reports to congressional defense committees assessing competition and market dynamics, with public disclosure requirements.
Cloud providers, data infrastructure providers, foundation model providers, covered providers (those with DoD contracts totaling at least $50,000,000 in any of the 5 previous fiscal years)
The Act applies to companies providing cloud computing, data infrastructure, and foundation models to the Department of Defense, with specific focus on 'covered providers' meeting the $50M threshold.
8 subdomains (1 Good, 7 Minimal)