Sec. 207. Certification of critical-impact artificial intelligence systems
1,644 words·~7 min read·
/bill/118/s/3312/rs/section-207A research copy — for the controlling text, always check the official state or federal source. Not legal advice.
Not later than 180 days after the date of enactment of this Act, the Secretary shall establish an advisory committee to provide advice and recommendations on TEVV standards and the certification of critical-impact artificial intelligence systems. The advisory committee established under this section shall advise the Secretary on matters relating to the testing and certification of critical-impact artificial intelligence systems, including by— providing recommendations to the Secretary on proposed TEVV standards to ensure such standards— maximize alignment and interoperability with standards issued by nongovernmental standards organizations and international standards bodies; are performance-based and impact-based; and are applicable or necessary to facilitate the deployment of critical-impact artificial intelligence systems in a transparent, secure, and safe manner; reviewing prospective TEVV standards submitted by the Secretary to ensure such standards align with recommendations under subparagraph (A); upon completion of the review under subparagraph (B), providing consensus recommendations to the Secretary on— whether a TEVV standard should be issued, modified, revoked, or added; and if such a standard should be issued, how best to align the standard with the considerations described in subsection (c)(2) and recommendations described in subparagraph (A); and reviewing and providing advice and recommendations on the plan and subsequent updates to the plan submitted under subsection (b).
The advisory committee established under this subsection shall be composed of not more than 15 members with a balanced composition of representatives of the private sector, institutions of higher education, and non-profit organizations, including— representatives of— institutions of higher education; companies developing or operating artificial intelligence systems; consumers or consumer advocacy groups; and enabling technology companies; and any other members the Secretary considers to be appropriate.
Not later than 1 year after the date of enactment of this Act, the Secretary shall establish a 3-year implementation plan for the certification of critical-impact artificial intelligence systems. The Secretary shall periodically update the plan established under paragraph (1). The plan established under paragraph
(1)shall include— a methodology for gathering and using relevant, objective, and available information relating to TEVV; a process for considering whether prescribing certain TEVV standards under subsection
(c)for critical-impact artificial intelligence systems is appropriate, necessary, or duplicative of existing international standards; if TEVV standards are considered appropriate, a process for prescribing such standards for critical-impact artificial intelligence systems; and an outline of standards proposed to be issued, including an estimation of the timeline and sequencing of such standards. In developing the plan required under paragraph (1), the Secretary shall consult the following: The National Artificial Intelligence Initiative Office. The interagency committee established under section 5103 of the National Artificial Intelligence Initiative Act of 2020 ( 15 U.S.C. 9413 ). The National Artificial Intelligence Advisory Committee. Industry consensus standards issued by non-governmental standards organizations. Other departments, agencies, and instrumentalities of the Federal Government, as considered appropriate by the Secretary. Upon completing the initial plan required under this subsection and upon completing periodic updates to the plan under paragraph (2), the Secretary shall submit the plan to the advisory committee established under subsection
(a)for review. Upon completing the plan required under this subsection, the Secretary shall submit to the relevant committees of Congress a report containing the plan. The Secretary may not issue TEVV standards under subsection
(c)until the date of the submission of the plan under paragraphs
(5)and (6). The Secretary shall issue TEVV standards for critical-impact artificial intelligence systems. Each standard issued under this subsection shall— be practicable; meet the need for safe, secure, and transparent operations of critical-impact artificial intelligence systems; with respect to a relevant standard issued by a non-governmental standards organization that is already in place, align with and be interoperable with that standard; provide for a mechanism to, not less frequently than once every 2 years, solicit public comment and update the standard to reflect advancements in technology and system architecture; and be stated in objective terms. In issuing TEVV standards for critical-impact artificial intelligence systems under this subsection, the Secretary shall— consider relevant available information concerning critical-impact artificial intelligence systems, including— transparency reports submitted under section 203(a); risk management assessments conducted under section 206(a); and any additional information provided to the Secretary pursuant to section 203(a)(1)(B); consider whether a proposed standard is reasonable, practicable, and appropriate for the particular type of critical-impact artificial intelligence system for which the standard is proposed; consult with relevant artificial intelligence stakeholders and review industry standards issued by nongovernmental standards organizations; pursuant to paragraph (1)(B)(iii), consider whether adoption of a relevant standard issued by a nongovernmental standards organization as a TEVV standard is the most appropriate action; and consider whether the standard takes into account— transparent, replicable, and objective assessments of critical-impact artificial intelligence system risk, structure, capabilities, and design; the risk posed to the public by an applicable critical-impact artificial intelligence system; and the diversity of methodologies and innovative technologies and approaches available to meet the objectives of the standard. Before finalizing a TEVV standard issued under this subsection, the Secretary shall submit the TEVV standard to the advisory committee established under subsection
(a)for review. Before issuing any TEVV standard under this subsection, the Secretary shall provide an opportunity for public comment. In developing a TEVV standard under this subsection, the Secretary may, as determined appropriate, advise, assist, and cooperate with departments, agencies, and instrumentalities of the Federal Government, States, and other public and private agencies. The Secretary shall specify the effective date of a TEVV standard issued under this subsection in the order issuing the standard. Subject to subparagraph (C), a TEVV standard issued under this subsection may not become effective— during the 180-day period following the date on which the TEVV standard is issued; and more than 1 year after the date on which the TEVV standard is issued. Subparagraph
(B)shall not apply to the effective date of a TEVV standard issued under this section if the Secretary— finds, for good cause shown, that a different effective date is in the public interest; and publishes the reasons for the finding under clause (i). Nothing in this subsection shall be construed to authorize the Secretary to impose any requirements on or take any enforcement actions under this section or section 208 relating to a critical-impact AI organization before a TEVV standard relating to those requirements is prescribed. The Secretary may exempt, on a temporary basis, a critical-impact artificial intelligence system from a TEVV standard issued under subsection
(c)on terms the Secretary considers appropriate. An exemption under subparagraph (A)— may be renewed only on reapplication; and shall conform to the requirements of this paragraph. The Secretary may begin a proceeding to grant an exemption to a critical-impact artificial intelligence system under this paragraph if the critical-impact AI organization that deployed the critical-impact artificial intelligence systems applies for an exemption or a renewal of an exemption. The Secretary shall publish notice of the application under clause
(i)and provide an opportunity to comment. An application for an exemption or for a renewal of an exemption under this paragraph shall be filed at such time and in such manner and contain such information as the Secretary may require. The Secretary may grant an exemption under this paragraph upon finding that— the exemption is consistent with the public interest and this section; and the exemption would facilitate the development or evaluation of a feature or characteristic of a critical-impact artificial intelligence system providing a safety and security level that is not less than the TEVV standard level. Not later than 30 days after the date on which an application is filed under this subsection, the Secretary may make public information contained in the application or relevant to the application, unless the information concerns or is related to a trade secret or other confidential information not relevant to the application. The Secretary shall publish in the Federal Register a notice of each decision granting or denying an exemption under this subsection and the reasons for granting or denying that exemption, including a justification with supporting information for the selected approach. Subject to paragraph (2), with respect to each critical-impact artificial intelligence system of a critical-impact AI organization, the critical-impact AI organization shall certify to the Secretary that the critical-impact artificial intelligence system complies with applicable TEVV standards issued under this section. A critical-impact AI organization may not issue a certificate under paragraph
(1)if, in exercising reasonable care, the critical-impact AI organization has constructive knowledge that the certificate is false or misleading in a material respect. Upon learning that a critical-impact artificial intelligence system deployed by a critical-impact AI organization does not comply with the requirements under this section, the Secretary shall— immediately— notify the critical-impact AI organization of the finding; and order the critical-impact AI organization to take remedial action to address the noncompliance of the artificial intelligence system; and may, as determined appropriate or necessary by the Secretary, and if the Secretary determines that actions taken by a critical-impact AI organization are insufficient to remedy the noncompliance of the critical-impact AI organization with this section, take enforcement action under section 208. If a critical-impact AI organization finds that a critical-impact artificial intelligence system deployed by the critical-impact AI organization is noncompliant with an applicable TEVV standard issued under this section or the critical-impact AI organization is notified of noncompliance by the Secretary under paragraph (1)(A)(i), the critical-impact AI organization shall— without undue delay, notify the Secretary by certified mail or electronic mail of the noncompliance or receipt of the notification of noncompliance; take remedial action to address the noncompliance; and not later than 10 days after the date of the notification or receipt under subparagraph (A), submit to the Secretary a report containing information on— the nature and discovery of the noncompliant aspect of the critical-impact artificial intelligence system; measures taken to remedy such noncompliance; and actions taken by the critical-impact AI organization to address stakeholders affected by such noncompliance.
Connectionstraces to 1
Traces to 1 document
Citation graph
cites case law
Sec. 207
Certification of critical-impact artificial intelligence systems
Cites 1Cited by 0 across 0 sources