A draft executive order on AI and cybersecurity was shelved on May 22. Here is what the seven-page document proposed for frontier models and federal agencies.

President Donald Trump yesterday postponed the signing of a seven-page executive order on artificial intelligence and national security, only hours before a scheduled White House ceremony. The draft had been circulating within the administration and among select industry representatives since at least late Tuesday, May 20. Politico obtained the document and published it online on May 22, 2026. What the draft contains is, in several ways, more detailed than the public discussion around its abrupt postponement.

Trump, speaking to reporters in the Oval Office, offered a brief explanation. According to Politico, he said: "I didn't like certain aspects of it. I postponed it."

That terseness stands in contrast to the density of the draft itself, which sets out timelines, agency responsibilities, and technical frameworks spanning cybersecurity infrastructure, voluntary AI oversight, and criminal enforcement. Whether the order is eventually signed, revised, or dropped entirely remains unclear.

What the draft order actually proposes

The document is titled "Promoting Advanced Artificial Intelligence Innovation and Security." It opens by framing advanced AI capabilities as both an asset and a source of "new national security considerations that require coordinated action across executive departments, agencies, and components."

At its core, the draft establishes three broad policy tracks. The first concerns upgrading federal information systems to integrate AI-enabled cyber defenses. The second creates a voluntary oversight framework under which developers of advanced AI models could submit their products to government review before public release. The third directs the Attorney General to prioritise enforcement of existing criminal statutes against anyone using AI to facilitate computer crimes.

None of these tracks are without precedent, but the specific implementation mechanisms are new. They are also notable for what they deliberately exclude. According to the draft, "nothing in this section shall be construed to authorize the creation of a mandatory governmental licensing, preclearance, or permitting requirement for the development, publication, release, or distribution of new AI models, including frontier models."

That sentence may be the most consequential line in the document. It signals that the administration sought to create a review apparatus while explicitly foreclosing any interpretation of that apparatus as a licensing regime. The political tension embedded in those two goals appears, at least in part, to explain why the signing was shelved.

The 30-day and 60-day timelines

The draft is structured around a series of deadlines that would begin running from the date of signing. Several agencies are given 30 days to act; others 60.

Within 30 days, according to the draft, the Committee on National Security Systems would need to "prioritize the cyber defense of National Security Systems." The Secretary of War - the document uses that title throughout, consistent with the Trump administration's renaming of the Department of Defense - would face the same 30-day window to prioritize cybersecurity across departmental information systems.

The Secretary of Homeland Security, acting through the Director of the Cybersecurity and Infrastructure Security Agency (CISA), would have 30 days to release Binding Operational Directives and related guidance covering three areas: expediting cyber defense for civilian federal government systems; establishing or expanding federal cybersecurity programmes that incorporate "AI-enabled defensive tools"; and facilitating access to cybersecurity tools and services, including "covered frontier models," for federal agencies, state and local authorities, and operators of critical infrastructure such as rural hospitals, community banks, and local utilities.

That last category is specific. The inclusion of rural hospitals and community banks indicates that the draft was aimed not only at hardening federal systems but at extending AI-powered cybersecurity tooling to institutions that have historically been underserved in this area. Critical infrastructure operators face escalating threats, and the explicit mention of these sub-sectors suggests the drafters were aware that the weakest nodes in US infrastructure are often those with the fewest security resources.

Within 30 days as well, the Secretary of the Treasury - working alongside the National Cyber Director, the Director of the NSA (housed within the "Secretary of War"), and the Director of CISA - would need to form an AI cybersecurity clearinghouse. According to the draft, this body would coordinate and de-conflict scanning for software vulnerabilities, discover and validate such vulnerabilities, and coordinate and prioritise "remediation and distribution of vulnerability patches." Participation by the AI industry and critical infrastructure operators would be voluntary.

Within 60 days, the Director of the Office of Personnel Management would expand the "U.S. Tech Force Information Cybersecurity Specialist hiring and placement pathways." The draft does not specify target hiring numbers or budget figures for this expansion.

The covered frontier model framework

Section 3 of the draft is the most architecturally complex and probably the most politically sensitive. It establishes a classification category called a "covered frontier model" and defines a voluntary process through which AI developers could engage with the federal government before releasing advanced models.

The Secretary of the Treasury, the Secretary of War through the NSA Director, and the Secretary of Homeland Security through the CISA Director would have 60 days from signing to develop and maintain "a classified benchmarking process to assess the advanced cyber capabilities of AI models." This process would determine which models meet the threshold to be designated covered frontier models. The determination would be made by the Director of NSA, in consultation with the National Cyber Director, the Assistant to the President for Science and Technology, the Director of CISA, and representatives of the Department of War.

Why Treasury? The draft does not explain this choice, and it is one of the details that drew scrutiny from observers who questioned whether Treasury has relevant technical expertise in AI model evaluation.

The voluntary framework itself would allow developers to do three things. First, they could engage the government to determine whether a model under development meets the covered frontier model designation. Second - and this is the provision that generated the most discussion - they could provide the federal government with access to covered frontier models "for a period of up to 90 days before they plan to release such models to other trusted partners." This access would be subject to "appropriate confidentiality, cybersecurity, insider-risk, and intellectual-property protection, use, and nondisclosure requirements." Third, developers and the government could collaborate to select "trusted partners" who would receive early access to covered frontier models, with an explicit goal of promoting "secure innovation and strengthening the cybersecurity of critical infrastructure."

The 90-day pre-release window is significant. It would, if adopted in practice, give the NSA and CISA a substantial period to probe advanced AI systems for cybersecurity vulnerabilities before those systems reach commercial markets or allied governments. Companies that currently conduct voluntary testing through the National Institute of Standards and Technology's Center for AI Standards and Innovation would potentially be operating within a separate, classified process under this order.

Criminal enforcement provisions

Section 4 of the draft is brief but direct. It instructs the Attorney General to prioritise enforcement of four existing federal statutes against anyone who uses AI to illegally access or damage computer systems, or who uses AI agents "to unlawfully access data or information that is subsequently used for a criminal or unlawful purpose."

The statutes cited are 18 U.S.C. 1028 (identity fraud), 18 U.S.C. 1030 (the Computer Fraud and Abuse Act), 18 U.S.C. 1343 (wire fraud), and all other applicable federal criminal laws. No new offences are created. The order would not make AI-assisted hacking a distinct crime; it would instead signal to prosecutors that cases involving AI should be treated as enforcement priorities.

Why it was pulled

According to reporting by Politico and Axios, the decision to postpone came after several prominent technology figures pushed back on the draft. Those reported to have opposed elements of the order include Elon Musk, Mark Zuckerberg, and David Sacks, the former White House AI and Crypto Adviser. OpenAI was reported to have supported the order. The White House shared the draft with private sector representatives as recently as Tuesday evening, May 20, leaving a narrow window for objections before the planned Thursday ceremony.

Some of the reported concerns centred on the 90-day pre-release review window and whether it could delay product timelines or prevent AI companies from sharing models with allied countries conducting their own safety testing. Others questioned whether the involvement of Treasury in AI model evaluation was appropriate or well-designed.

Trump's own framing was competitive rather than procedural. According to Axios, he said: "I think it gets in the way of - you know, we're leading China, we're leading everybody, and I didn't want to do anything to get in the way of that lead."

That framing echoes the logic of earlier executive orders on AI from the current administration. The January 23, 2025 order, which revoked Biden-era AI restrictions, was explicitly premised on the idea that regulatory requirements slowed innovation. The March 22, 2026 White House AI policy framework, covered by PPC Land, similarly urged Congress to preempt state-level AI regulations in the name of competitive advantage.

Context: Anthropic, the Department of War, and the broader tension

The draft order does not name any specific company. But its focus on cybersecurity risks from frontier models sits directly within a set of disputes that have defined the US AI policy landscape over the past several months.

In February 2026, the Trump administration issued a directive ordering federal agencies to stop using Anthropic's technology. The designation followed Anthropic's refusal to remove two restrictions from its Claude usage policy - a prohibition on use for mass surveillance of Americans and a prohibition on use in fully autonomous lethal weapons. The federal court proceedings that followed produced a preliminary injunction in March 2026 blocking the blacklist, which was subsequently reversed at the appeals court level in April. As of this writing, oral arguments in a D.C. Circuit case involving a separate supply chain risk designation were heard on May 19, 2026.

The draft order's covered frontier model framework would have created a formal channel for the government to evaluate advanced AI systems - including those from companies like Anthropic - before they reach the market. Whether that framework would have resolved or intensified the existing tensions is an open question. The voluntary nature of the framework suggests an attempt to avoid the confrontational posture of the supply chain risk designations, but the classified benchmarking process and 90-day access window would have given the NSA substantial visibility into commercial AI development pipelines.

Anthropic's own approach to transparency for frontier models, proposed in July 2025, called for public disclosure requirements targeting companies meeting specific revenue thresholds of 100 million dollars annually or spending thresholds of 1 billion dollars in research and development or capital expenditure. That proposal was aimed at companies large enough to develop genuinely frontier models while avoiding regulatory burdens on smaller developers - a framing that partially overlaps with the logic of the draft executive order's covered frontier model category.

Implications for marketing technology and digital advertising

The marketing technology industry may not appear to be the primary audience for an executive order on AI and national security. The connection is nonetheless real and increasingly direct.

PPC Land's coverage of the White House's March 2026 AI policy framework highlighted how that document's provisions - including federal preemption of state AI regulations, intellectual property rules, and workforce development - cut directly across digital advertising and marketing technology. The same is true here, though the mechanism is different.

Marketing technology platforms increasingly rely on frontier AI models for ad targeting, creative generation, audience modelling, and automated bidding. If the federal government establishes a classification regime for covered frontier models - even a voluntary one - it creates a new layer of policy uncertainty for any company deploying those models in commercial products. The 90-day pre-release window, in particular, could affect the cadence at which new AI capabilities become available to advertising platforms and the companies that use them.

The criminal enforcement provisions in Section 4 are also relevant. AI agents are already deployed across advertising technology infrastructure, including in automated bid management systems, data pipeline orchestration, and lead generation tools. An executive order directing the Attorney General to prioritise enforcement against AI-assisted unauthorised data access would, if signed, raise the stakes for any advertising technology operator running agentic systems that touch external data sources. The relevant statutes - the Computer Fraud and Abuse Act and wire fraud provisions - are broad enough to capture a range of conduct that might otherwise be considered a civil rather than criminal matter.

The EU AI Act's progression, where a provisional agreement on May 7, 2026 pushed high-risk compliance deadlines to 2027, demonstrates that the pace and architecture of AI regulation continues to shift. The postponement of the US draft order does not create a stable regulatory environment - it creates an uncertain one, which carries its own costs for planning and investment.

What happens next

The draft order was never signed. It carries no legal force in its current form. Trump's comments suggest it may be revised and re-introduced rather than abandoned entirely, but no timeline has been given.

The document dated "May XX, 2026" - the date field was left blank in the draft - would have set a series of deadlines running from signing. The 30-day windows for CISA guidance and the AI cybersecurity clearinghouse would now begin from whatever future date a revised order might be signed, if at all. The 60-day deadline for the covered frontier model benchmarking framework would shift accordingly.

For the AI industry, the immediate uncertainty is whether the eventual version of this policy will look like the current draft, be substantially revised, or be replaced by a different approach. Leading frontier models already undertake voluntary testing through NIST's Center for AI Standards and Innovation. The question the draft raised - and left unanswered - is whether that voluntary architecture is sufficient given the pace at which AI cybersecurity capabilities are advancing.

Timeline

  • January 23, 2025 - President Trump signs Executive Order 14179 revoking Biden-era AI requirements, directing an AI Action Plan, and signalling a deregulatory approach to AI development
  • July 7, 2025 - Anthropic proposes a transparency framework for frontier AI models requiring public disclosure from companies above specific revenue and R&D spending thresholds
  • July 23, 2025 - Trump administration releases a 28-page AI Action Plan alongside three executive orders designed to advance US global AI dominance
  • February 27, 2026 - Presidential directive orders all federal agencies to stop using Anthropic's technology, following a dispute over Claude usage restrictions covering mass surveillance and autonomous weapons
  • March 22, 2026 - White House releases a seven-pillar national AI policy framework urging Congress to preempt state AI laws and establish a unified national standard
  • March 26, 2026 - US District Judge Rita F. Lin grants a preliminary injunction blocking the federal government from blacklisting Anthropic, finding the Department of War lacked legal authority for the supply chain risk designation
  • April 8-9, 2026 - A federal appeals court reverses the preliminary injunction, allowing the Pentagon blacklist of Anthropic to proceed while litigation continues
  • May 7, 2026 - EU Council and Parliament reach a provisional agreement under Omnibus VII, pushing high-risk AI Act compliance deadlines to 2027
  • May 19, 2026 - Oral arguments in the D.C. Circuit case over a separate Anthropic supply chain risk designation are heard by a three-judge panel
  • May 20, 2026 - The White House shares a draft of the AI cybersecurity executive order with private sector representatives
  • May 22, 2026 - President Trump postpones the signing of the executive order hours before the planned White House ceremony; Politico publishes the draft document

Summary

Who: President Donald Trump and the executive branch, including the NSA, CISA, the Department of War, the Department of the Treasury, the Office of Management and Budget, and the Office of Personnel Management. AI developers and critical infrastructure operators would be the primary private-sector stakeholders affected.

What: A seven-page draft executive order titled "Promoting Advanced Artificial Intelligence Innovation and Security" was obtained and published by Politico after its planned signing was abruptly postponed. The draft proposed a voluntary framework for federal review of advanced AI models up to 90 days before release, a new AI cybersecurity clearinghouse, agency directives for AI-enabled cyber defense, and criminal enforcement priorities for AI-assisted computer crimes.

When: The order was expected to be signed on Thursday, May 22, 2026, at a White House ceremony. Trump postponed the signing hours beforehand, citing unspecified concerns about the order's content.

Where: The draft order would have operated across US federal government systems, civilian federal agencies, state and local authorities, and critical infrastructure operators. The covered frontier model framework would have created a classified government review process for advanced commercial AI models.

Why: The administration sought to address concerns that advanced AI systems from companies such as Anthropic could enable significant cyberattacks or otherwise cause harm if they reached adversarial hands before receiving government security review. The postponement followed reported industry pushback, particularly over the 90-day pre-release access window, with opposition attributed to Elon Musk, Mark Zuckerberg, and David Sacks. Trump said he did not like certain aspects of the order and cited concerns about US competitive standing relative to China.

Share this article
The link has been copied!