On June 2, 2026, President Trump signed an executive order titled "Promoting Advanced Artificial Intelligence Innovation and Security." It does three concrete things: it orders the Cybersecurity and Infrastructure Security Agency (CISA) to issue binding operational directives within 30 days to harden civilian federal networks with AI-enabled defensive tools; it stands up a Treasury-, NSA-, and CISA-led "AI cybersecurity clearinghouse" to coordinate vulnerability scanning and patch distribution across critical infrastructure; and it creates a voluntary framework under which frontier AI developers can give the government early access to powerful models — up to 30 days before public release — for security evaluation.
The headline worth printing is not that Washington is regulating AI. It is that, on the model-evaluation question, the administration chose the lightest plausible instrument. That is the correct call.
The Steelman for Mandatory Review
The case for compelling pre-release testing is not frivolous, and it deserves to be stated at full strength. Frontier systems are now demonstrating real offensive cyber capability: the order itself is animated by evaluations showing advanced models can identify and exploit software vulnerabilities at speed. If a model that can autonomously discover zero-days ships to the open market before any defender has seen it, the attacker's head start is measured in the window between release and patch. A mandatory review regime — the kind the EU's AI Act gestures toward for high-risk systems — would guarantee that the government's defenders are never the last to know. From a pure risk-reduction standpoint, voluntary disclosure has an obvious hole: the labs most likely to cut corners are the least likely to volunteer.
That is a serious argument. It is also why the design details matter more than the binary of "regulation: yes or no."
Why Voluntary Is Still the Right Frame
Mandatory premarket approval for software is a profound step, and the United States has never imposed it on general-purpose code. A licensing regime would hand a government bottleneck veto power over release schedules, advantage incumbents who can staff compliance departments, and — critically — freeze a capability snapshot that is obsolete within months. The Cato Institute, assessing the order, grants that the voluntary structure "may hasten both adoption and development of AI" precisely by avoiding mandatory premarket approval. That is the pro-innovation dividend: the frontier keeps moving, and the government buys situational awareness without buying a chokepoint.
The CISA and clearinghouse provisions are the strongest part of the order, and notably the least controversial. Hardening federal civilian systems and coordinating patch distribution to "rural hospitals, community banks, and local utilities" — the order's own examples — is defensive, additive, and imposes nothing on private developers. Even Cato, generally skeptical of executive cyber mandates, does not object to these measures. Using AI to defend the systems that AI-empowered attackers will target is the single most defensible thing government can do here.
Where the Order Is Underbaked
The weakness is not the voluntary choice — it is the absence of rules around how the voluntary process runs. Three gaps stand out.
First, transparency. The benchmarking is to run substantially through the NSA, an agency whose default is classification. As Cato warns, "the more information that the NSA withholds, the more likely it is that the process will be scrutinized and questioned." A security review that no one outside the room can audit invites exactly the distrust it is meant to dispel. Doc McConnell of Finite State put the cyber-community view bluntly to Federal News Network: "The path to stronger cybersecurity is more information sharing, not less."
Second, timelines and leverage. The order leaves open when developers should engage and how long the government may take to evaluate a submitted model. "Voluntary" with undefined response windows is an invitation to informal pressure — a lab eager for federal contracts will not lightly decline a request to hand over a model, and the order's disclaimers do nothing to foreclose that. Voluntariness on paper can become coercion in practice.
Third, rights and oversight. The order is about defense, but the government's expanding appetite for AI tools carries its own hazards. Testifying to the House Homeland Security Committee on June 4, EFF's Dr. Matthew Guariglia warned that "the question is not how do we rein in AI, it's how do we rein in the agencies" deploying it — and that government secrecy plus proprietary black boxes "prevents the public and lawmakers from knowing when AI models make mistakes." The clearinghouse will pool sensitive vulnerability data across Treasury, NSA, and CISA; that pooling needs published handling rules, not just an org chart.
The Fix Is Legislative, Not Architectural
The right response is not to scrap the voluntary model for a mandatory one. It is to give the voluntary model rule-of-law guardrails. Congress should codify what the order leaves vague: public benchmarking standards so the criteria are knowable, defined response timelines so evaluation cannot become indefinite delay, and an explicit prohibition on contract retaliation so "voluntary" stays voluntary. Those three additions would preserve the speed advantage of a non-mandatory regime while removing the opacity and leverage problems that make critics — reasonably — nervous.
The administration picked the proportionate instrument. The 30-day CISA directive and the clearinghouse are unambiguously good cyber policy. The frontier-model framework is a sound default wrapped in too much discretion. Tighten the discretion, publish the rules, and this becomes a model other jurisdictions should copy rather than a precedent they should fear.