Two things happened in the same policy space within two weeks of each other. On March 20, 2026, the White House released a National Policy Framework for Artificial Intelligence that explicitly called for federal preemption of state AI laws imposing “undue burdens” on AI development. On April 1, 2026, California Governor Gavin Newsom signed an executive order establishing independent AI governance standards for state agencies, and, according to CalMatters, directing California to conduct independent reviews of federal supply chain risk designations affecting AI companies.
These aren’t parallel developments. They’re a collision.
The White House Framework: What it says about states
The Framework, released March 20, is not a law. It’s a set of legislative recommendations to Congress, non-binding in itself, but significant as a statement of the executive branch’s policy objectives. One of those objectives is explicit: Congress should pass legislation that would preempt state AI laws imposing undue burdens on AI development and deployment.
Multiple independent legal analyses confirmed this preemption language as a direct feature of the Framework, not an inference. As reporting covered in this hub’s earlier Framework briefs established, the document outlines seven legislative objectives spanning children’s safety, community protections, intellectual property, free speech, innovation, workforce concerns, and federal supremacy on AI regulation.
The Commerce Department was tasked with evaluating state AI laws characterized as “onerous.” That evaluation has not been publicly released as of publication. What the evaluation finds, and whether it triggers any legislative action, is a critical variable in how this conflict develops.
The California EO: What it does and doesn’t do
Newsom’s April 1 executive order operates on two tracks.
The first track is operational: it directs California state agencies to develop recommendations for contract standards addressing specific high-risk AI capabilities. Those capabilities include AI that could generate child sexual abuse material, violate civil liberties, or enable discrimination, unlawful detention, and surveillance. This isn’t binding on private companies yet, it’s a directive to agencies to develop the standards that will govern AI procurement. When those standards are published, AI vendors selling to California government will face concrete compliance requirements.
The second track is political. According to CalMatters’ reporting, the order addresses a federal designation of AI company Anthropic as a supply chain risk, directing California to conduct independent reviews of such federal determinations rather than accepting them automatically. That specific federal designation has not been independently confirmed beyond this single source and should be treated as reported, not established fact, until further verification. But the posture is clear: California is asserting the authority to second-guess federal AI security determinations on its own turf.
The stakeholder map
This conflict isn’t just government versus government. Specific entities are positioned throughout.
The federal government is advocating for a single national AI governance framework, primarily to prevent a patchwork of state laws from creating compliance complexity for AI developers. The Framework’s preemption language reflects sustained lobbying from industry groups who argue that 50 different state AI regimes are unworkable.
California has been the most assertive state on AI governance for years. Governor Newsom vetoed SB 1047, the most comprehensive state AI safety bill, in 2024. He’s also signed several narrower AI bills. His pattern is consistent: resist broad safety mandates that could chill AI development in California’s tech economy, but assert state authority over specific high-risk applications and procurement standards. The April 1 EO fits this pattern exactly.
Anthropic finds itself named in the middle of a federal-state dispute, according to CalMatters’ reporting. The company has a complex relationship with federal policy: it has pursued federal contracts and government partnerships while simultaneously being cited as a potential security concern. Its position in this specific dispute requires independent confirmation before further analysis.
AI companies operating in California are the practical stakeholders. They need to comply with whatever standards California’s agencies eventually publish, and simultaneously track whether Congressional action on preemption could override those standards.
Three scenarios: What compliance teams should plan for
The federal-state conflict has no guaranteed resolution path. Three scenarios are plausible.
Scenario A, Congress acts on preemption. If Congress passes legislation incorporating the White House Framework’s preemption objective, state AI laws that impose undue burdens on AI development could be narrowed, preempted, or voided. California’s procurement standards for state agencies, set by executive order rather than statute, might survive if they govern state government purchasing rather than private conduct. But the California posture of independent review of federal security designations would likely not survive a clear statutory preemption framework. Compliance posture: watch for legislative movement, maintain dual-track awareness, don’t anchor compliance programs entirely in California-specific rules.
Scenario B, Congress doesn’t act. If federal legislation doesn’t materialize, which is the historical baseline for AI regulation in the US Congress, states continue to legislate. California’s EO takes effect for state agencies, procurement standards develop, and the preemption threat remains theoretical. Other states may follow California’s assertive posture or defer to federal direction. The AI governance landscape becomes more fragmented, not less. Compliance posture: build programs that can accommodate state-by-state variation; treat California as the most demanding standard and design to it.
Scenario C, Conflict reaches courts. Preemption fights ultimately get resolved in federal courts when Congress acts and states resist, or when private parties challenge state laws as preempted by existing federal authority. Courts have been reluctant to find implied federal preemption of state AI laws without clear Congressional intent. Litigation creates years of uncertainty. Compliance posture: document your reasoning for every jurisdiction-specific compliance decision; build version-controlled compliance programs that can adapt to judicial outcomes without complete redesign.
What to watch
Four developments will determine how this conflict resolves.
First: the Commerce Department’s evaluation of state AI laws. When, or if, it’s released, it will identify which state provisions the federal government considers “onerous” enough to target for preemption. That list will tell compliance teams where the specific fault lines are.
Second: Senator Blackburn’s proposed legislation, referred to in sources as the “TRUMP AMERICA AI Act,” which would reportedly codify the president’s executive order on AI. The bill’s current status, committee assignment, co-sponsors, hearing schedule, has not been confirmed as of publication and should be verified before any compliance significance is assigned to it.
Third: the specific procurement standards California agencies publish in response to the April 1 EO. Those standards are the tangible compliance output of the EO for AI vendors.
Fourth: whether other states follow California’s lead in asserting independent AI governance authority or defer to federal direction as the preemption debate develops.
TJS synthesis
The federal-state AI governance conflict is structural, not episodic. It reflects two genuinely incompatible positions: a federal government that wants to promote AI development through regulatory uniformity, and a state government that wants to shape AI procurement and security determinations on its own terms. Both positions have legal support and political momentum behind them. Neither is going away.
For compliance teams, the practical answer isn’t to pick a side, it’s to build for uncertainty. That means documenting compliance decisions with jurisdictional reasoning, tracking both federal legislative movement and California agency publications, and avoiding compliance architectures that assume either preemption or state primacy as a guaranteed outcome. The organizations that navigate this well will be the ones that treated both tracks as real simultaneously, rather than betting on one resolution path before the courts and Congress have finished their work.