Requires the Department of Defense to develop a bug bounty program for AI products within 180 days. Directs briefing to Congress on program development and future plans within one year.
Analysis summaries, actor details, and coverage mappings were LLM-classified and may contain errors.
This is a binding legislative act from the United States Congress with mandatory requirements, specified timelines, and enforcement through contractual obligations.
The document has minimal coverage of approximately 2-3 subdomains, with focus on AI system security vulnerabilities (2.2) and competitive dynamics (6.4). Coverage is concentrated in security and governance domains, with implicit references to system safety and robustness.
This Act primarily governs AI use within the National Security sector, specifically the Department of Defense's incorporation of foundational AI products. It also has implications for Professional and Technical Services and Scientific Research and Development Services sectors through collaboration with agencies having cybersecurity and AI expertise.
The document primarily addresses the Verify and Validate stage through bug bounty programs designed to identify vulnerabilities in AI products. It also covers the Deploy stage by requiring contractual provisions for bug bounty participation, and the Operate and Monitor stage through ongoing vulnerability discovery and congressional oversight of program implementation.
The document explicitly mentions 'foundational artificial intelligence products' being incorporated by the Department of Defense. It does not define specific AI types, compute thresholds, or distinguish between model architectures. The focus is on AI products in general without technical specifications.
United States Congress
The document is titled 'Artificial Intelligence Bug Bounty Act of 2023' and is presented as legislation from the United States Congress, which is the legislative authority proposing this governance instrument.
Chief Data and Artificial Intelligence Officer of the Department of Defense; Secretary of Defense; congressional defense committees
The Chief Data and Artificial Intelligence Officer is responsible for developing and potentially implementing the program. The Secretary of Defense must ensure contractual compliance. Congressional defense committees provide oversight through mandatory briefings.
congressional defense committees; Chief Data and Artificial Intelligence Officer of the Department of Defense
Congressional defense committees monitor implementation through a mandatory briefing on development, implementation, and long-term plans. The Chief monitors the bug bounty programs and reports on their relevance and future plans.
Department of Defense; Chief Data and Artificial Intelligence Officer of the Department of Defense; Secretary of Defense; developers/providers of foundational artificial intelligence products
The Act primarily targets the Department of Defense and its Chief Data and Artificial Intelligence Officer who must develop and may implement the bug bounty program. It also applies to contractors and AI product developers who engage with the DoD through contracts that must allow participation in the program.
3 subdomains (3 Minimal)