Secure Artificial Intelligence Act of 2024 or the Secure A.I. Act of 2024
This bill directs federal agencies to establish mechanisms to manage security and safety risks related to the use of artificial intelligence (AI).
Specifically, the bill directs the National Institute of Standards and Technology (NIST) and the Cybersecurity and Infrastructure Agency (CISA) to develop a database to track AI-related safety and security incidents. The agencies must enable individuals and entities to confidentially share information about incidents that pose an increased risk of harm to people or property or unauthorized access to and manipulation of AI platforms. In determining which incidents warrant inclusion in the database, NIST must prioritize those that involve critical infrastructure or widely used AI systems, and incidents that could significantly impact the American people or economy. Employers may not retaliate against employees for their involvement in reporting an AI incident or any investigation that follows.
The bill also directs the National Security Agency to establish an AI Security Center to foster AI security research and develop guidance for the prevention and mitigation of counter-AI. Under the bill, counter-AI means unauthorized efforts to extract information from or manipulate an AI system.
Finally, NIST and CISA are directed to incorporate AI vulnerabilities into specified federal databases. NIST must convene a multi-stakeholder group to evaluate existing voluntary reporting standards for AI security vulnerabilities and CISA must convene a group to consider best practices for addressing AI-related risks to the supply chain.
