[WTL] EO 14409 and NSPM-11
Explaining Trump's recent executive actions to myself
Note: This is a “writing to learn” exercise. See the following article for details.
EO 14409
The title “Promoting Advanced Artificial Intelligence Innovation and Security” frontloads the “innovation” even as it promotes security and the opening paragraphs maintains the same vibe. It refers back to Trump’s rescinding of Biden’s EOs on AI and emphasizes the importance of maintaining the private sector’s global lead. It ends the “Purpose” section with a recognition of the national security risks but is focused on cyberattacks against American governments or companies with a particular focus on IP theft rather than dangers posed directly by a misaligned AI.
Sections 2 and 3 focus respectively on hardening American “systems” and granting the Federal government (and the NSA in particular) access to frontier models. I feel like the latter section was the main focus on commentary I’ve read so far1. I however will spend more time on the former section here because I struggled to follow it more due to my lack of understanding of the structure of the executive branch.
The EO closes with calling the AG to pursue cybercrime more vigorously but I won’t have anything to say about it here.
“Upgrading American Systems for Advanced AI”
This section mandates a number of actors in the executive branch take measures to secure American against AI-enhanced cyberattacks. I’ll organize the activities by the relevant actors and will add some details on who they are where I got tripped up.
Committee on National Security Systems: This is a cross-agency committee that makes rules on “National Security Systems” which appears to be a special subset of the info systems governed by standards like NIST SP 800-53. They are called to “prioritize” cyber defense but do they not do that already?
Executive Office of the President: This groups offices whose role is to serve the President rather than implement some statue.
Director of the Office of Management and Budget: Finds funds with CISA and NCD. Also somehow helps create clearinghouse. I’m a bit confused about what roles the OMB is supposed to have outside of creating the budget.
National Cyber Director: Advises the President on cyber issues. Just about everything called for in this section is meant to be done “in coordination with” him.
Assistant to the President for National Security Affairs: This is apparently just the official name for the National Security Advisor.
Assistant to the President for Science and Technology: This is the head of OSTP.
Department of Treasury: The treasury is to make an “AI cybersecurity clearinghouse”. I’m pretty confused about what this means and why it is done by the DoT. The clearinghouse is called “Gold Eagle” and it sounds like a place for “operators of critical infrastructure” to share any vulnerabilities they find2. But then what is AI related about it?
Department of War
Director of the National Security Agency: The NSA is responsible for benchmarking models. This is a controversial choice.
Department of Homeland Security
Director of the Cybersecurity and Infrastructure Security Agency: CISA can release “Binding Operational Directives” that order agencies to take cybersecurity measures. I think it’s interesting that NIST, which is in a different department, is responsible for FIPS which establishes security practices. I guess CISA’s directives are for emergencies or evolving threats in contrast to NIST’s slowly made and comprehensive standards? CISA is called to issue a new directive to give agencies access to AI agents and tools but I’m not sure how a directive can do this. I see they instituted a directive about a week after the EO but it doesn’t seem related to AI at all3. They’re also supposed to find funds somewhere for vulnerability detection.
Department of Commerce
Director of the National Institute of Standards and Technology: I’ve become familiar with the fact that NIST publishes SPs from readings that reference various parts of 800 but I didn’t know it was part of the DoC. I’m including it in this list but it’s only mentioned in the next section. What’s notable not mentioned is CAISI, which is in the NIST, though I’ll save comments on this for the next section.
Office of Personnel Management: This sounds like it’s basically the HR office of the Federal government4. It’s mentioned here because of their Tech Force initiative focused on hiring early career techies. They care called to expand this initiative and hire more cybersecurity specialists.
This is my first time trying to read an executive order but I don’t have a clear vision of what this section calls for by reading it.
“Secure Frontier Model Deployment”
This is the section I’ve already seen commentary so I’ll just restate my understanding in my own words. The NSA will create classified benchmarks to identify “frontier models”. The government will get access to frontier models 30 days before any release. This is only about public release so hypothetically the labs could keep particularly capable models for internal usage. Giving this task to the NSA further sidelines the CAISI which has more of the benchmarking expertise.
NSPM-11
I remember hearing about executive orders in civics classes but never national security memorandums. This memo opens with a similar tone to the EO. It says AI is an important industry that shouldn’t be hampered. Then it jumps to stating the importance of using AI in the military and intelligence.
The Policy section states that “all AI technologies adopted” should be controllable. It also states that the tech should never be used in a way that violates the laws or violates free speech. Both of these are somewhat assuring.
The memo says the Secretary of War should update DOD Directive 3000.09 (I guess they still use the term “DOD” in spite of calling it everywhere else the Department of War for legal reasons) but I’m curious what the update should be. I hope it wouldn’t involve weakening the necessity of human oversight. The memo also states that the DoD and DNI should terminate contracts that violate the Policy section of the memo. Reading the plain language of that section, I can’t see how Anthropic violates it. A prohibition on the government using AI for unlawful purposes doesn’t require private actors to provide all lawful services. That said, I’m not sure how to read this without Anthropic in mind given that’s the major example of the DoD breaking a contract with an AI provider.
This memo restates the call for the CNSS to update the policy on AI use in national security systems. Does this perform a different function than what the executive order did? I guess the OMB can issue its own memorandums and did in OMB memorandum M-25-21. The memo points to it as inspiration for CNSS’s policy. What is in that memo and what is the purpose of an OMB memo? Does it have the weight of something like a CISA directive?
This memo replaces Biden’s NSM-25. I’m surprised it was still in effect given the flurry of executive actions Trump carried out early in his presidency.
The DoD and DNI are to work together to speed up procurement, acquire sufficient compute, and create “AI data and model exchanges” which I think means just making it easier to share models and data across agencies. The part that sounds most interesting to me is the IC working with labs to secure data centers against attacks. It says they should support “joint security research and development (R&D) that the private sector cannot undertake alone”. My understanding from my skimming of the RAND model weight security report was that SL5 is not only difficult but impossible without government support. If this is a step in the direction of providing that support, this is a big deal. However, I still don’t understand what exact parts of SL5 need government support. I also don’t think this obligates the labs themselves to take more measures to secure their models.
The OPM is called to work with other agencies to create an “AI National Security Strategic Reserve of non-governmental AI talent”. This sounds larger in scale than the Tech Force initiative expansion described in the EO but I’m not sure that’s right. I do wonder how they plan to hire more people without additional funds. Shouldn’t the order of operations start with going to Congress to request more headcount? They are also to work with the DNI and DoD to train existing federal employees to use AI.
Finally, it ends by calling the NSA and DNI to create “standardized AI national security Test, Evaluation, Verification, and Validation methodologies”. I wonder what exactly this means. Is it a standard like FIPS but applied to the military and IC?
Remaining questions
How should one read an executive order? What is the legal power of an EO in contrast to informally asking a secretary or director to look into something?
What is the status of each of the time bound provisions? We’re past 30 days but not yet to 60 or 120.
How should I read a national security memorandum? What is the purpose and legal weight of a NSPM in contrast to an EO?
What elements of SL5 need government support? Does the NSM provide the impetus and means for the federal government to support frontier security research?
What is the “classified annex” mentioned in the NSPM? I guess it’s an addition to the NSPM that isn’t made publicly available?
Is a National Security Memorandum (aka NSM-25) the same thing as a National Security Presidential Memorandum (e.g. NSPM-11)? I’ve been using them interchangeably.
I have in mind this Zvi blog post and this Transformer article.
https://www.cyberdefensemagazine.com/inside-gold-eagle-the-white-houses-new-ai-driven-clearinghouse-for-critical-infrastructure/
https://www.cisa.gov/news-events/directives/bod-26-04-prioritizing-security-updates-based-risk
https://en.wikipedia.org/wiki/United_States_federal_civil_service
