Global Tech Policy Tracker — 2026-06-01

Top Story

1 sources

whitehouse.gov

whitehouse.gov

Historic DOJ Challenge to Colorado AI Law Marks Turning Point in U.S. AI Governance

In a watershed moment for AI regulation, the U.S. Department of Justice has blocked Colorado's revised AI transparency law—the first-ever federal challenge to a state AI statute. This confrontation reflects deepening tensions between the Trump administration's preference for national AI policy coordination and state-level regulatory ambitions.

Colorado's law, which had been significantly watered down following intense industry pushback, required companies and government agencies to disclose how AI systems help make "consequential" decisions on hiring, loans, and housing. The DOJ's intervention signals the Trump administration's intent to prevent a 50-state patchwork of AI rules—a concern echoed by venture capital figures like David Sacks and Marc Andreessen, who have urged a hands-off approach to AI regulation.

Meanwhile, OpenAI has published a compliance framework aligned with the EU AI Act, while Perplexity AI faces a major copyright lawsuit from CNN over alleged scraping of 17,000 news articles. These three fronts—federal preemption, EU standardization, and content liability—now define the global AI governance landscape as of June 2026.

1 sources

forbes.com

forbes.com

New Legislation & Regulatory Actions

Connecticut: Employment AI Disclosure Law

• What happened: Connecticut enacted a new law requiring employers and governments to disclose how AI systems are used in hiring, promotion, and termination decisions. The law expands employment-specific AI governance beyond the disclosure obligations found in earlier state laws.
• Who it affects: Employers, staffing agencies, government HR departments, and job applicants in Connecticut
• Status: Recently enacted (reported May 29, 2026)
• Why it matters: This marks a shift toward sectoral AI regulation in the U.S., targeting the employment sector where AI bias concerns are most acute. It signals states are moving beyond general "consequential decisions" language to regulate specific high-impact use cases.

EU AI Act: Simplification and Timeline Relief (Provisional Agreement)

• What happened: The European Parliament and Council reached a provisional agreement on May 7, 2026, to amend and simplify the AI Act, delaying high-risk AI compliance deadlines from August 2026 to December 2027. The deal includes new prohibitions on "nudifier" apps and clarifies overlap with machinery regulations.
• Who it affects: AI providers, machinery manufacturers, and enterprises across EU member states
• Status: Provisional agreement reached; formal votes and ratification pending (May 2026)
• Why it matters: The 16-month extension provides breathing room for GPAI (general-purpose AI) model providers and high-risk system deployers, but maintains the EU's commitment to risk-based AI governance. The simplification aims to reduce compliance burden while keeping core protections intact.

Global AI Legislation Surge: 145 Laws Passed in 2025

• What happened: A new analysis reports that 145 AI-related laws were enacted across the world in 2025, with shadow AI, compliance requirements, and consumer requests creating mounting pressure on privacy and compliance teams.
• Who it affects: Global enterprises, startups, privacy teams, and in-house counsel in every jurisdiction
• Status: Enacted; data published June 1, 2026
• Why it matters: The sheer velocity of AI lawmaking (145 laws in one year) reveals regulatory fragmentation is accelerating. Privacy teams report that AI compliance is now inseparable from broader privacy risk management, demanding new tools and processes.

Enforcement & Penalties

• EU AI Act Fines (Scheduled to Begin): Under Article 99 of the EU AI Act, prohibited AI practices face fines up to €35 million or 7% of global turnover (whichever is higher), while high-risk non-compliance carries fines up to €15 million or 3% of turnover. Although enforcement deadlines have not yet passed (high-risk compliance deadline now December 2027), no formal fines have been levied as of June 2026. These penalties exceed typical GDPR fines, raising stakes for board-level attention.

• CNN v. Perplexity AI (Copyright Lawsuit): CNN filed suit against Perplexity AI for scraping approximately 17,000 news articles without authorization, marking the first major copyright test case against an AI search company. This action is part of a broader wave of publisher litigation against LLM training practices.

Industry Response

• OpenAI: EU AI Act Compliance Framework Published: OpenAI released a formal compliance framework aligned with the EU AI Act, signaling acceptance of Europe's regulatory regime and positioning itself to meet the December 2027 high-risk AI deadlines. This move contrasts with some U.S. firms' resistance to stricter rules.

• Privacy and Compliance Teams Under Strain: Industry reports indicate that privacy teams are overwhelmed by the 145 new AI laws enacted in 2025, with "shadow AI" (unauthorized AI deployments within enterprises) and consumer data subject access requests adding to compliance burden. Many organizations lack adequate AI risk governance and remediation tools.

Region Scorecard

Analysis: What This Means

• Federal Preemption Risk for State AI Laws: The DOJ's Colorado challenge signals the Trump administration will use federal authority to block state AI rules deemed obstacles to "national" AI policy. Companies should prepare for legal uncertainty around which state AI laws will survive court challenges. Compliance teams should prioritize federal guidance over state-specific requirements where conflict emerges.

• EU Compliance Becomes Global Standard: OpenAI's move to align with the EU AI Act suggests American firms accept Europe's framework as the de facto global baseline. The 16-month extension (to December 2027) gives enterprises time to build GPAI risk assessment and documentation systems. Non-compliance fines (up to 7% of global turnover) rival existential risks, warranting board-level investment in AI governance infrastructure.

• Copyright Liability for AI Trainers: The CNN v. Perplexity case opens a second legal front against LLM makers on copyright grounds, independent of regulatory fines. Companies should audit training data sources and publish transparency reports on data licensing to mitigate reputational and legal risk.

• Privacy Teams Must Integrate AI Governance: The surge in AI laws (145 in 2025) overlaps heavily with privacy regulations (GDPR, CCPA, etc.). Privacy teams should build AI inventory tools, conduct bias audits on automated decision-making, and establish cross-functional AI risk committees to manage both compliance and operational risk.

What to Watch Next Week

• EU AI Act Formal Ratification Vote: The provisional agreement on amendments must pass formal votes in the European Parliament and Council; formal publication of the text could occur by late June 2026.
• White House AI Cybersecurity Executive Order: Reports indicate an imminent White House draft focused on AI cybersecurity standards and federal vetting of frontier AI models; publication expected imminently.
• State AI Law Litigation: Watch for additional federal challenges to Illinois, California, and other state AI bills modeled on Colorado's framework.

Sources:

• TechTimes (May 31, 2026): "AI Regulation 2026 Opens Three Fronts"
• IAPP (April 2026): "EU Agrees to Amend AI Act"
• Forbes (May 29, 2026): "Connecticut's AI Law Signals New Phase of Employment AI Regulation"
• Help Net Security (June 1, 2026): "145 AI Laws Passed in 2025"
• Secure Privacy (April 26, 2026): "EU AI Act 2026: Key Compliance Requirements"