There are so many updates on the regulation front today.
The US Copyright Office has denied artist Jason M. Allen’s request for copyright protection for an award-winning image he created with the generative AI system Midjourney. The office stated that the science-fiction-themed image was not entitled to copyright protection because it was not the product of human authorship. This image won the Colorado State Fair’s art competition, which received national attention as the first AI-generated work to win the contest. Allen told the office that he “input numerous revisions and text prompts at least 624 times to arrive at the initial version of the image” using Midjourney and altered it with Adobe Photoshop. The Copyright Office has previously rejected copyrights for AI-generated work, including images created by artist Kris Kashtanova and computer scientist Stephen Thaler.
It’s not just the Copyright office. The Federal Trade Commission (FTC) is making a case for aggressive antitrust enforcement and has outlined several practices that could trigger government intervention. The FTC foresees antitrust exposure where “incumbents that offer both compute services and generative AI products” wield such arrangements to discriminate against new entrants. The FTC appears poised to scrutinize exclusive deals involving compute resources, such as graphical processing units, that are key to competing for generative AI markets.
Eight more companies, including Adobe, IBM, Palantir, Nvidia, and Salesforce, have pledged to follow safety, security, and trust standards for artificial intelligence (AI), joining Amazon, Google, Microsoft, and others in an industry-led effort on safeguards. The companies have committed to testing and other security measures, but these are not regulations or enforced by the government.
There’s also more activity at the state level on AI, joining California. Kansas has introduced a new policy for generative artificial intelligence that prioritizes citizen data and privacy while remaining flexible enough to adapt to innovations. The policy requires responses generated by AI to be reviewed by human operators for accuracy, appropriateness, privacy, and security before being acted upon or disseminated. The policy applies to all businesses involving the state, including developing software code, written documentation, correspondence, research, summarizing and proofreading documents, and making business decisions. The policy is treated as a living document, allowing for adjustments as generative AI improves.
And know that lobbyists are working here too – Politico gives insight on work to influence state-level AI bills in California, Connecticut, New York, Massachusetts, and Illinois in an effort to stave off stricter rules on companies. The industry is concerned that states often act faster than Washington on tech issues and can impose stricter rules. The lobbyists hope to nip strict AI regulations in the bud and neutralize the threat of new rules from state capitols, regardless of where Washington ends up. However, consumer advocates are concerned that industry will dominate the discussion and that states like California and New York are “places to do model policy” on AI.
And this model works — Washington state’s My Health, My Data (MHMD) law, which provides expansive health data privacy protections, has become a model for other states. The law includes a ban on using GPS technology to show when a mobile device enters an area near a health provider, a guarantee that Washingtonians can request health care data deletion and a prohibition on collecting and sharing health data without explicit consent. The law’s success shows that strong, narrowly targeted data privacy legislation can pass when stronger comprehensive bills cannot, and health data privacy has emerged as a particularly voter-friendly issue. Nevada and Connecticut have since passed health data privacy laws modeled after MHMD.
And a quick update on state privacy laws — including the Indiana Consumer Data Protection Act, the Iowa Consumer Data Protection Act, the Montana Consumer Data Privacy Act, the Oregon Consumer Privacy Act, the Tennessee Information Protection Act, and the Texas Data Privacy and Security Act. Additionally, several states have passed laws specific to children’s online safety, such as the Utah Social Media Regulation Act and Texas’s Securing Children Online through Parental Empowerment (SCOPE) Act.
Providers should be aware of these laws’ requirements and effective dates to ensure compliance. There’s so much meat here, and noting that the state level in the US will be moving faster and more efficiently, yet also have much more ability to be influenced. State legislators are far more accessible and looking for expertise from the market to guide them.
The takeaway on the AI block here is that there will be compliance. This won’t be social media all over again.
Note that the Copyright Office is laying down a precedent. AI-generated works don’t get a copyright. This is important for those who consider intellectual property their asset. You can’t protect it if it comes from an AI. Details like this will be valuable in helping customers.

