Industry · Public-sector AI use, procurement, FedRAMP-AI, and agency obligations
AI Compliance for Government & Public Sector
Public-sector AI is governed by a stack that begins with OMB M-24-10 (and its successor M-25-21 procurement guidance), which obligates every federal agency to inventory rights-impacting and safety-impacting AI use cases, appoint a Chief AI Officer, and meet specific minimum risk-management practices before deployment. State-level equivalents are accelerating: California's GenAI executive order, Texas TRAIGA's government-use provisions, New York City Local Law 144 for automated employment decision tools, and a growing roster of state Chief AI Officer statutes. Procurement is the chokepoint — GSA's AI guide, the federal AI Use Case Inventory, and FedRAMP's evolving treatment of AI-enabled services mean vendors must produce documentation, model cards, and risk assessments before contract award. The EU AI Act treats public-sector AI as a high-risk category in its own right, with biometric identification, critical infrastructure, and benefits-eligibility decisions singled out. Enforcement and oversight come from agency Inspectors General, GAO, and state legislative auditors who have begun publishing AI-use audit reports. AIGI tracks every primary-source rule, OMB memo, agency inventory entry, procurement guide, and state mandate across federal, state, and local public-sector bodies. As of the most recent update, AIGI tracks 1178 primary-source items affecting government & public sector.
Who tracks this?
Typically: Agency General Counsel, Chief AI Officer, or procurement lead in a public-sector body. AIGI is built to put primary-source AI updates affecting government & public sector in front of this role daily — with citation chains, status timelines, and obligation mapping.
Coverage at a glance
- Items tracked
- 1178
- Jurisdictions
- 8
- Last update
- 6/23/2026
Most active jurisdictions for government & public sector AI
Recent government & public sector AI activity
- US guidance effective 6/23/2026
[CISA] Siemens Products using OpenSSL
CISA warns about OpenSSL vulnerabilities (CVE-2025-15467) affecting various Siemens products, including an AI Lightweight Inference Server, recommending immediate updates and countermeasures.
Authority: Cybersecurity and Infrastructure Security Agency
- US guidance effective 6/18/2026
[CISA] CISA Urges Hardening Fortinet Devices After Reports of Credential Exposure
CISA urges Fortinet customers to immediately terminate sessions, reset credentials, enable MFA, and secure management access due to reports of global credential exposure impacting FortiGate devices.
Authority: Cybersecurity and Infrastructure Security Agency
- CA legislation enacted 5/11/2026
[SF Ord.] Administrative Code - Police Surveillance Technology Policy for Electronic Location Tracking Devices
San Francisco ordinance approves a Police Department policy for electronic location tracking devices, setting authorized uses, explicit prohibitions, and requiring Board oversight and public reporting.
Authority: City and County of San Francisco Board of Supervisors
- IL news analysis introduced
ATTORNEY GENERAL RAOUL ENDORSES CHILD EXPLOITATION AND ARTIFICIAL INTELLIGENCE EXPERT COMMISSION ACT OF 2024
Illinois Attorney General Kwame Raoul endorsed the federal Child Exploitation and Artificial Intelligence Expert Commission Act of 2024, which seeks to establish a commission to investigate AI's role in child exploitation crimes and recommend safeguards.
Authority: Illinois Attorney General
- NY legislation committee 5/8/2023
[NY Legislature] A6790 (2023-2024): Prohibits the creation and dissemination of synthetic media within sixty days of an election with intent to unduly influence the outcome of
Prohibits the creation and dissemination of synthetic media within sixty days of an election with intent to unduly influence the outcome of an election.
Authority: New York Legislature
- NY legislation enacted 1/4/2024
[NY Legislature] A8488 (2023-2024): Relates to automated identification of OTDA assistance program participants
New York A8488 requires utility corporations to use automated identification and file matching to identify OTDA program participants for automatic enrollment in affordability programs, mandating secure data transmission and participant notification.
Authority: New York Legislature
- US regulation effective 12/5/2024
[BIS] Foreign-Produced Direct Product Rule Additions, and Refinements to Controls for Advanced Computing and Semiconductor Manufacturing Items
BIS issues an interim final rule adding new export controls on advanced computing, supercomputers, semiconductor manufacturing equipment, and high bandwidth memory.
Authority: U.S. Bureau of Industry and Security
- US regulation effective 1/15/2025
[BIS] Framework for Artificial Intelligence Diffusion
The U.S. Commerce Department's BIS revised export controls on advanced computing ICs and added new controls on AI model weights to protect national security, while introducing new license exceptions.
Authority: U.S. Bureau of Industry and Security
- HI news analysis
ATTORNEY GENERAL LOPEZ URGES CONGRESS TO STUDY AI AND ITS HARMFUL EFFECTS ON CHILDREN
Hawaii Attorney General Anne Lopez, as part of a bipartisan coalition of AGs, urged Congress to study AI's use in child exploitation and legislate to protect children, explicitly covering AI-generated CSAM.
Authority: Hawaii Attorney General
- US agency report 4/21/2026
[CRS] Pentagon-Anthropic Dispute over Autonomous Weapon Systems: Potential Issues for Congress
A CRS report details an ongoing dispute between the Pentagon and AI company Anthropic over the use of its generative AI models in autonomous weapon systems and a subsequent presidential directive to ban its technology from federal use.
Authority: Congressional Research Service
- US agency report effective 12/12/2023
[CRS] The AI Executive Order and Its Potential Implications for DOD
This CRS report analyzes the implications of President Biden's AI Executive Order (E.O. 14110) for the Department of Defense, detailing new directives for AI safety, security, acquisition, and talent.
Authority: Congressional Research Service
- US agency report enforcement 5/5/2026
[CRS] Federal Government and Anthropic: Considerations for AI Innovation and Competition
President Trump directed federal agencies to cease using AI technology from Anthropic, which the DOD designated a national security supply-chain risk, raising concerns about AI innovation and competition.
Authority: Congressional Research Service
+ 1166 more — start trial for full access.
Frequently asked questions
- Which AI laws apply to government & public sector?
- AI in government covers public-sector deployment rules, AI procurement standards, agency disclosure obligations, the M-24-10 federal-agency AI memo and equivalents, and state-level Chief AI Officer mandates. AIGI tracks every primary-source AI rule for federal, state, and local public-sector bodies.
- Who at a government & public sector company should track these rules?
- Agency General Counsel, Chief AI Officer, or procurement lead in a public-sector body is typically the role accountable for government & public sector-AI compliance. AIGI is designed to put primary-source updates in front of this role daily.
- How many government & public sector AI items does AIGI track?
- AIGI currently tracks 1178 primary-source items where government & public sector appears as an affected industry, spanning 8+ jurisdictions. The corpus is updated continuously.
- Which jurisdictions are most active on government & public sector AI?
- Activity varies by sub-sector. AIGI's coverage map shows per-jurisdiction depth, and each item links to its primary authority source. See /coverage for the live distribution.
- Where do AIGI's government & public sector citations come from?
- Every item on this page links to its primary government, regulator, or research source. AIGI does not paraphrase secondary commentary — our citation methodology is documented at /how-we-cite.
Related
Stay informed