Gary Marcus: 1,200 US AI Bills Have No Risk Standard
Key insights
- Over 1,200 U.S. AI bills are active at state and federal levels with no shared risk definitions or measurable standards between them.
- Sonnenfeld, Marcus, and Henriques argue legislative output is outpacing governance substance, producing largely symbolic or unenforceable rules.
- The authors warn the window for effective pre-deployment AI regulation is closing as deployment accelerates faster than legislative processes respond.
Why this matters
Without a shared risk vocabulary, AI practitioners face 1,200 inconsistent compliance targets across jurisdictions, creating legal uncertainty that favors large incumbents who can absorb regulatory arbitrage costs. Founders building in regulated verticals like healthcare, hiring, or credit cannot price compliance risk when each state defines AI harm differently and no federal standard exists to anchor them. The mechanism the authors surface is the critical issue: legislative volume creates the political appearance of governance without creating the technical infrastructure to enforce anything.
Summary
The United States has over 1,200 active AI bills at state and federal levels and no coherent method for testing AI risk in any of them.
In a Fortune op-ed, Jeffrey Sonnenfeld, Gary Marcus, and Stephen Henriques argue the volume is masking a governance vacuum. Most bills lack shared definitions, measurable standards, or risk thresholds that would produce enforceable requirements, addressing surface concerns without the technical infrastructure to back them up.
Essentially: (Sonnenfeld, Marcus, Henriques) say the U.S. is generating regulatory theater at scale.
- 1,200-plus bills, no common risk vocabulary across state and federal arenas.
- Authors call for structured frameworks that separate protective regulation from political performance.
- The window for pre-deployment rules is narrowing as AI deployment outpaces legislative cycles.
Volume without substance produces the appearance of oversight while the actual risk landscape stays ungoverned.
Potential risks and opportunities
Risks
- AI startups operating across multiple states face compounding and contradictory compliance obligations as inconsistent bills become law through 2026-2027, disproportionately benefiting large incumbents who can absorb legal overhead.
- Without pre-deployment standards, post-incident liability for AI harms lands in tort courts with no statutory benchmark, creating unpredictable exposure for both developers and enterprise deployers.
- The absence of a coherent federal framework invites the EU AI Act to function as the de facto compliance standard for U.S. multinationals, ceding domestic regulatory design to Brussels by default.
Opportunities
- AI governance and compliance tooling vendors (Credo AI, Holistic AI, Arthur AI) gain expanded budget as enterprises seek systematic frameworks to navigate state-by-state regulatory variation in 2026.
- Technical standards bodies and policy institutes (NIST, RAND, Georgetown CSET) are positioned to anchor a federal AI risk evaluation working group while the pre-deployment rulemaking window remains open.
- Law firms and policy shops with dedicated AI regulatory practices (Covington, WilmerHale, Hogan Lovells) see rising demand as clients require cross-jurisdictional compliance mapping across the 1,200-bill landscape.
What we don't know yet
- Whether any of the 1,200 bills have been evaluated by independent technical bodies with AI-specific risk measurement expertise, or whether all rely on non-technical legislative staff.
- Which concrete risk evaluation framework Sonnenfeld, Marcus, and Henriques propose beyond the call for one, and whether a draft standard is forthcoming from their group.
- Whether state-level bills in advanced legislative stages in 2026 (Texas SB 2379, Colorado SB 205) could anchor a shared definitional baseline before any federal framework emerges.
Originally reported by fortune.com
Read the original article →Original headline: Fortune: The U.S. Has 1,200 AI Bills and No Good Test for Any of Them