HR9333Referred to Committee

AI Flaw Reporting and Security Enhancement Act

Share:
Introduced
In Committee
3
Passed One Chamber
4
Passed Both
5
Signed into Law
119th
Congress
2026-06-18
Introduced
2
Cosponsors
HR
Type

Sponsor

Deborah K. Ross
Deborah K. Ross
Democrat · NC · Representative
Votes with party: 99.1% (579 recorded votes)
Top industries funding sponsor:
  • Progressive Groups$78k
  • Climate & Environment$1k

Full profile: /officials/R000305

Source: Congress.gov · FEC

Cosponsors (2)

Members who have signed on to support this bill since introduction. Source: Congress.gov.

Latest Action

The most recent step in the bill's legislative path. Committee Activity below shows referrals and reports; the full action-by-action history including floor proceedings lives at Congress.gov →

Referred to the House Committee on Science, Space, and Technology.

2026-06-18

Source: Congress.gov

Committee Activity

Currently in

Plain-English Summary

The legislation would require companies that develop artificial intelligence systems to report security flaws and vulnerabilities to the government so they can be fixed before bad actors exploit them. It aims to protect the public by ensuring AI developers take responsibility for identifying and disclosing problems in their systems, similar to how software companies report security issues in other technology. The bill would affect AI companies and developers while potentially benefiting consumers and businesses that rely on AI systems.

AI-assisted summary generated from the official bill metadata (title, subjects, actions) sourced from Congress.gov. Cached and reviewed. Always verify against the official text linked below.

Full Bill Text

Verbatim text published on Congress.gov via GovInfo. Use Cmd+F / Ctrl+F to search within this excerpt.

[Congressional Bills 119th Congress] [From the U.S. Government Publishing Office] [H.R. 9333 Introduced in House (IH)] <DOC> 119th CONGRESS 2d Session H. R. 9333 To direct the Director of the National Institute of Standards and Technology to develop a program for the voluntary reporting of artificial intelligence flaws and the acceleration of detection and monitoring of such flaws, and for other purposes. _______________________________________________________________________ IN THE HOUSE OF REPRESENTATIVES June 18, 2026 Ms. Ross (for herself, Mr. Hurd of Colorado, and Mr. Beyer) introduced the following bill; which was referred to the Committee on Science, Space, and Technology _______________________________________________________________________ A BILL To direct the Director of the National Institute of Standards and Technology to develop a program for the voluntary reporting of artificial intelligence flaws and the acceleration of detection and monitoring of such flaws, and for other purposes. Be it enacted by the Senate and House of Representatives of the United States of America in Congress assembled, SECTION 1. SHORT TITLE. This Act may be cited as the ``AI Flaw Reporting and Security Enhancement Act''. SEC. 2. SUPPORTING VOLUNTARY REPORTING OF ARTIFICIAL INTELLIGENCE FLAWS. (a) In General.--The Director of the National Institute of Standards and Technology (NIST), in consultation with the Director of the Cybersecurity and Infrastructure Security Agency of the Department of Homeland Security, shall carry out a program to support the voluntary reporting, collection, and tracking of artificial intelligence flaws (in this section referred to as the ``program''). (b) Activities.--In carrying out the program, the Director of the NIST shall seek to convene appropriate representatives of industry, academia, nonprofit organizations, standards development organizations, civil society groups, and appropriate Federal departments and agencies to carry out the following: (1) Establish common definitions and characterizations for relevant aspects relating to artificial intelligence flaws, including consideration of the following: (A) Definitions of the following terms, as such terms relate to artificial intelligence: (i) Vulnerabilities. (ii) Failure modes. (iii) Accidents. (iv) Failures. (v) Hazards. (vi) Catastrophes. (vii) Misuse. (viii) Incidents. (ix) Adverse events. (B) Taxonomies to classify such artificial intelligence flaws based on relevant characteristics, impacts, or other appropriate criteria to enable the management and prioritization of such flaws, including the following: (i) Artificial intelligence security- related flaws. (ii) Artificial intelligence safety-related flaws. (2) Support the development of technical standards and guidance related to artificial intelligence flaws and processes for managing such flaws. (3) Support the development of methods, which may include measures of severity or risk associated with artificial intelligence flaws, to enable prioritization of remediation activities of such flaws. (4) Support the development of technical approaches which accelerate detection and monitoring of artificial intelligence flaws. (5) Identify and provide guidelines, best practices, methodologies, procedures, and processes for reporting, collecting, and tracking artificial intelligence flaws across different sectors and use cases. (6) Support the development of standardized reporting and documentation mechanisms, including automated mechanisms, that would help provide information, including public information, regarding artificial intelligence flaws. (7) Support the development of norms for appropriate disclosure and reporting of artificial intelligence flaws, including when it is appropriate to publicly disclose such flaws. (c) Development of Infrastructure for the Measurement and Monitoring of Artificial Intelligence Flaws.-- (1) In general.--In carrying out the program, the Director of NIST shall, in consultation with representatives of industry, academia, nonprofit organizations, standards development organizations, civil society groups, appropriate public sector entities, and appropriate Federal departments and agencies, develop, or enter into cooperative agreements with one or more eligible entity designated by the Director to develop, infrastructure for the voluntary reporting, collection, and tracking of artificial intelligence flaws. Such infrastructure shall include a national database of artificial intelligence
Show the remaining 425 words
flaws or the modification of an existing national database to account for such flaws, as determined appropriate by the Director. Such database may be maintained by NIST or one or more eligible entities designated by the Director (2) Considerations.--In carrying out this subsection, the Director shall consider the following: (A) Technical standards and best practices regarding machine-readability. (B) Interoperability of the infrastructure described in paragraph (1) with relevant existing standards, best practices, and systems. (C) Future updates to the infrastructure described in paragraph (1) that may include additional types of information and taxonomies relevant to new stakeholders and coordination mechanisms. (D) Relevant policies, procedures, and norms regarding dissemination of reported artificial intelligence flaws and public disclosures. (d) Report.--Not later than three years after the date of the enactment of this Act, the Director of NIST shall submit to Congress a report on the implementation of this section. Such report shall include the following: (1) Findings from the multi-stakeholder activities under subsections (b) and (c). (2) A description of the infrastructure developed pursuant to subsection (c), including a description of the national database referred to in such subsection. (3) An assessment of and recommendations for establishing reporting and collection mechanisms by which industry, academia, nonprofit organizations, standards development organizations, civil society groups, and appropriate public sector entities may voluntarily share standardized information regarding artificial intelligence flaws. (e) Definitions.--In this section: (1) Artificial intelligence.--The term ``artificial intelligence'' has the meaning given such term in section 5002 of the National Artificial Intelligence Initiative Act of 2020 (15 U.S.C. 9401). (2) Artificial intelligence flaw.--The term ``artificial intelligence flaw'' means a set of conditions or behaviors that allow the violation of an explicit or implicit policy related to the safety, security, or other undesirable effects from use of an artificial intelligence system, including artificial intelligence vulnerabilities and artificial intelligence incidents, and which is not dependent on the presence of malicious intent or related harm. (3) Artificial intelligence system.--The term ``artificial intelligence system'' has the meaning given such term in section 7223 of the Advancing American AI Act (40 U.S.C. 11301 note; as enacted as part of title LXXII of division G of the James M. Inhofe National Defense Authorization Act for Fiscal Year 2023; Public Law 117-263). (4) Eligible entity.--The term ``eligible entity'' means an institution of higher education (as such term is defined in section 101(a) of the Higher Education Act of 1965 (20 U.S.C. 1001)), a research institution (as such term is defined in section 9 of the Small Business Act (15 U.S.C. 638(e)(8)), or consortia thereof. <all>
Open clean-text viewRead on Congress.gov →

Related legislation

Bills by the same sponsor or covering overlapping subjects.