Two Federal AI Frameworks, One Compliance Decision: How to Build Your Program Before Congress Decides

Two federal documents now define the shape of US AI regulation. Neither is law. Both matter.

On March 20, 2026, the White House published a national AI legislative framework, a four-page blueprint directing Congress to act across seven areas: child safety, community protections, intellectual property, free speech, innovation, workforce development, and federal preemption of state AI laws. The document is a set of recommendations, not a statute. It cannot compel anything on its own. On March 18, Senator Marsha Blackburn (R-TN) introduced the TRUMP AMERICA AI Act, formally, “The Republic Unifying Meritocratic Performance Advancing Machine Intelligence by Eliminating Regulatory Interstate Chaos Across American Industry Act”, a 291-page bill that legal analysts at Fox Rothschild describe as “the first comprehensive federal framework for artificial intelligence regulation in the United States.” The bill has been introduced. It has not passed.

What these two documents share is at least as significant as where they diverge. Both assert that federal governance of AI should supersede the state-by-state patchwork that has defined AI compliance planning through 2025 and into 2026. Both carve out child safety as a priority area. Both reflect a governing philosophy that AI innovation should not be choked by regulatory friction. That convergence creates a zone of emerging consensus, a set of compliance commitments that appear directionally safe to build toward regardless of which framework, if either, ultimately advances through Congress.

The harder work is in the fault lines.

The Three Compliance Fault Lines

Three areas separate the two frameworks in ways that create genuine, near-term compliance planning decisions. These aren’t abstract policy debates. They’re operational choices about where to invest compliance resources while the legislative outcome remains uncertain.

Fault Line 1: Copyright and AI Training

The White House Framework takes no legislative stance on whether training AI models on copyrighted content constitutes fair use. According to Sullivan & Cromwell’s March 20 analysis, the Framework “leav[es] questions as to whether training AI models on copyrighted content violates existing copyright laws or constitutes ‘fair use,’ to ongoing judicial resolution.” The Blackburn Bill goes the other direction entirely. Per Fox Rothschild’s analysis of the introduced bill, it would establish a federal right of publicity with no fair use protection for unauthorized reproduction in AI training or inference. These two positions aren’t in tension, they’re incompatible. Courts may eventually resolve the training question one way. The Blackburn Bill would resolve it legislatively before the courts finish the job. Neither outcome is settled. What is settled: the question is live, the risk is real, and any organization training AI systems on third-party content is operating in an unresolved legal environment that two proposed federal frameworks have now addressed in opposite directions.

Fault Line 2: Liability

The White House Framework, per Sullivan & Cromwell’s characterization, urges a “light-touch” regulatory approach. On liability specifically, it does not establish or call for a private right of action against AI developers or deployers. The Blackburn Bill does. According to Fox Rothschild’s coverage, among the bill’s most significant provisions is a federal products liability framework for AI systems that includes a private right of action. That’s not a minor procedural detail. A private right of action means individuals and organizations could sue AI developers directly, not wait for a regulator to act. If enacted, that provision would reshape the litigation exposure calculus for every company deploying AI systems that touch consumers. It hasn’t been enacted. But it’s been introduced by a senior Senate Republican, and its existence as a proposed standard is itself a liability signal worth factoring into current risk assessments.

Fault Line 3: State Law Preemption

This is where the two frameworks diverge most consequentially for compliance operations. The White House Framework, as analyzed by Sullivan & Cromwell, urges Congress to adopt a federally unified regime centered on preemption of state AI laws, the logic being that a 50-state patchwork of AI regulations creates unworkable compliance burdens and chills innovation. The Blackburn Bill takes a narrower view: it does not preempt generally applicable state laws. It preempts conflicting state child safety laws specifically, and stops there. Coverage from Brownstein Hyatt corroborates this distinction. The practical consequence: if Congress adopts the White House’s preemption model, the state-level compliance programs many organizations have been building, programs tracking Colorado’s AI Act, Texas’s emerging framework, California’s various AI bills, could become partially redundant. If Congress adopts the Blackburn model, or passes nothing at all, those state programs remain essential. No organization should be winding down state-law compliance investment on the assumption that federal preemption is coming. That assumption is not supported by either the current legislative trajectory or the Blackburn Bill’s text.

Where They Agree: What You Can Build to Now

The convergence between the two frameworks isn’t nothing. Both treat child safety protections as a federal priority that should not be left to state-by-state variation. Both reflect a governing consensus that AI systems pose specific risks to minors that warrant targeted federal intervention. If your organization deploys AI systems that interact with users under 18, or that could reach minors, that bipartisan federal consensus is a reliable signal. Build to the stricter child safety standard. Neither framework is walking back on that commitment.

Both frameworks also reflect a shared assumption that AI innovation should continue, that the regulatory objective is risk management, not development restriction. That doesn’t mean compliance is optional. It means the compliance frameworks being proposed are oriented toward disclosure, auditing, and accountability rather than categorical prohibitions on AI development categories. Organizations building toward transparency, documentation, and third-party auditability are building in the right direction regardless of which legislative approach prevails.

What Compliance Teams Should Do Before Congress Decides

Congressional passage of either framework is uncertain. No timeline is confirmed. No vote count exists. What follows isn’t contingent on either passing, it’s what the current landscape, including both proposed frameworks, already demands of organizations serious about AI governance.

First: Audit your training data practices against the more restrictive copyright standard. The Blackburn Bill’s proposed elimination of fair use protection for AI training isn’t law. But it’s a proposed federal standard introduced by a sitting Senator, and it reflects a legal argument that’s actively being litigated in parallel. Any organization that hasn’t reviewed its training data for third-party copyright exposure should do that review now, not because the Blackburn Bill will pass, but because the legal question is genuinely open and the proposed standard is plausible.

Second: Map your state-law compliance programs before assuming preemption. The White House’s preemption push is aspirational, not enacted. The Blackburn Bill doesn’t support it. Do not reduce investment in state-law compliance programs based on expectations of federal preemption. Instead, document which state requirements your current program addresses, so that if preemption does arrive, you can identify what becomes redundant and what remains. Preparation for preemption is not the same as acting as if preemption has already happened.

Third: Begin assessing bias audit readiness. The Blackburn Bill’s third-party annual bias audit requirement for high-risk AI products, if enacted, would require advance preparation that organizations cannot do in the weeks following passage. Third-party auditors need time to schedule. Audit frameworks need to be selected. Documentation needs to be assembled. The requirement isn’t law today. It is a proposed standard with bipartisan conceptual support in principle, even if this specific bill faces an uncertain path. Beginning an internal readiness assessment now costs less than scrambling after enactment.

TJS Synthesis

Two federal AI frameworks in 48 hours sounds like clarity. It isn’t. What it actually represents is a negotiation in public, between an executive branch pushing for a lean, innovation-first federal layer and a Senate legislator proposing a comprehensive, liability-heavy framework that preserves state-law complexity rather than eliminating it. The gap between them is not merely rhetorical. It maps directly onto compliance investment decisions: training data practices, liability exposure design, and state-law program architecture.

The most dangerous response to this landscape is paralysis, waiting to see which framework wins before making compliance decisions. The second most dangerous response is over-indexing on the framework that feels most likely to pass, and building exclusively to that standard. GovTech’s coverage of what the framework could mean for states captures the uncertainty well: nobody knows yet what federal preemption would look like in practice, and state governments are watching. The organizations that will manage this transition best are those building compliance programs that are modular, structured around documented capabilities, third-party audit readiness, and transparent data practices that hold up regardless of which legislative model ultimately shapes federal AI law.