Dozens of state attorneys general from across the United States have issued a warning letter to major tech companies, including OpenAI, Microsoft, and Apple, expressing serious concerns about harmful outputs from generative artificial intelligence software. The letter highlights disturbing behaviors such as AI bots pursuing romantic relationships with children and normalizing inappropriate interactions, indicating a need for stronger child safety measures. The signatories, including Letitia James of New York and Andrea Joy Campbell of Massachusetts, emphasize that while generative AI has the potential for positive change, it also poses significant risks, especially to vulnerable populations. They insist that companies mitigate these harms and adopt additional safeguards, failing which they may face legal consequences. This joint letter serves as a formal notice, potentially laying the groundwork for future legal actions against the companies if these issues are not addressed.
Civic technologists and former government leaders are expressing frustration after Congress allowed the Technology Modernization Fund, which supports federal IT projects, to expire, resulting in nearly $200 million in funding being frozen. Established in 2017, the fund has enabled over $1 billion to be invested in 70 different projects across 34 federal agencies, including significant modernization efforts by the Department of Homeland Security and the Department of Veterans Affairs. Experts argue that the expiration undermines ongoing efforts to modernize government systems, with Jordan Burris, a former chief of staff for the White House’s Office of the Chief Information Officer, emphasizing that the fund is the only scalable means to upgrade digital systems essential for public services. The failure to reauthorize the fund is attributed to legislative delays and procedural hurdles, which have stalled progress despite bipartisan support for IT modernization initiatives. Unless Congress acts to reauthorize the fund, its operations remain frozen.
Why do we care?
Here’s the disconnect everyone needs to notice.
States are saying, “If your AI harms kids, you’re liable.”
Congress is saying, “We’ll get back to funding modernization later.”
Those two things cannot coexist safely.
If you’re an MSP or IT service provider, this is the danger zone. You’re being pulled into environments where AI is expected to deliver better outcomes, on top of systems that haven’t been meaningfully modernized — while legal tolerance for failure is approaching zero.
Here’s the concrete failure scenario: an organization deploys a generative AI interface — maybe for support, maybe for education, maybe for citizen services. The underlying controls are weak, the infrastructure is legacy, and the AI vendor assures you safeguards exist. Then an edge case happens involving a minor.
At that point, nobody cares about intent, innovation, or roadmaps. They care about who put the system in place.
And that’s the trap. Vendors will point to policies. Agencies will point to funding gaps.
Regulators will point to harm. The implementer is left holding responsibility without authority.
This matters now because the window for “we’re still experimenting” is closing. AI is being treated like infrastructure, not a demo. And infrastructure failures don’t get forgiven — they get litigated. This risk concentrates first in regulated and quasi-public environments — education, healthcare, local government — where MSPs are often the de facto systems integrator without policy cover.
The smart move for service providers isn’t faster adoption. It’s tighter control, clearer limits, and the willingness to say nowhen safeguards and governance aren’t real.
That’s not slowing progress. That’s preventing preventable harm — and protecting your business when the enforcement hammer drops.