Trump’s AI Preemption Playbook.

You're listening to the Cyber Wire Network, powered by N2K. Hello, everyone, and welcome to Caveat, N2K Cyber Wire's privacy surveillance law and policy podcast. I'm Dave Bittner, and joining me is my co-host, Ben Yellen, from the University of Maryland Center for Cyber Health and Hazard Strategies. Hey there, Ben. Hello, Dave. On today's show, Ben discusses how recent executive action on AI is reshaping the relationship between federal and state policy. I've got the story of a college student suing a dating app for reappropriating her image. And later in the show, Ben's conversation with Jen Savada, Clarity's public sector general manager, former U.S. Air Force colonel. They're discussing how national cybersecurity strategies depend on public-private trust. While this show covers legal topics and Ben is a lawyer, the views expressed do not constitute legal advice. For official legal advice on any of the topics we cover, please contact your attorney. on your professional career? Earn a Master of Science in Law at University of Maryland Cary School of Law. This part-time, two-year online graduate degree program is designed for experienced professionals to understand laws and policies that impact your industry. Learn from CHHS faculty who are experts in their field. No GRE required. Learn how you can master the law without a JD at law.umaryland.edu. All right, Ben, we've got some good stuff to cover this week. You want to kick things off for us here? Sure. I got my article this week from Lawfare, a frequent source of ours. Yeah. And I have a really interesting article about how the Trump administration's executive actions have been reshaping federalism. And relevant to us, this has been done through the prism of AI regulation. So just to kind of get into the very basics in here. Please. Obviously, we have dual sovereignty in this country. So there are state governments and there is the federal government. The federal government only has enumerated powers. So it can only do what the Constitution says it can do. Whereas the states have plenary powers. So states can pretty much do whatever they want, subject to their own constitution and the United States Constitution. But in areas where there are dual sovereignty, so something that, for example, would regulate interstate commerce, federal law reigns supreme, and that gets into this notion of preemption. So if a federal law conflicts with state law in an area that the federal government is authorized to develop policy, federal law wins out. And that's something called preemption. And preemption prevents states from being able to do what they frequently want to do, which is promulgate regulations to protect the health, safety, and welfare of their citizens, including for things like AI safety, where a lot of states have tried to take the lead on putting guardrails around the use of AI within government agencies, are trying to crack down on things like deep fakes, and the federal government either threatens to preempt, or at least we have a conversation about federal action that might preempt these state laws. Generally, the way it's supposed to work is that Congress passes a law that legislates in a particular area, And either there's explicit preemption where the bill that Congress passes says this bill preempts all state law on artificial intelligence, for example, or it's implied preemption. So the regulations are so vast that courts can imply that the federal government is trying to kind of occupy that field of regulation. So that's kind of the classic model. Trump and his administration set the goal when they first came into office for the second time of having this innovation-first AI policy where the primary goal was out-competing our competitors in the development of AI tools and not being obsessed with cumbersome regulations. Right, be a global leader. Be the global leader. And they were worried that a patchwork of state laws would prevent us from being global leaders. So he's been talking pretty extensively for the past year or so about some type of federal preemption of AI regulations at the state level. They tried to stick a provision in the one big beautiful bill that would have explicitly preempted state-level AI bills. That did not make it because a lot of legislators wanted to keep the power of the states to institute their own regulations. And then in December of last year, they promulgated this executive order that didn't explicitly say that the federal government was preempting state laws, but it kind of hinted that the federal government was going to be proactive in stopping states from over-regulating AI. So they've kind of come up with a couple of creative ways to try to do that. I was going to say, can an executive order do that? I mean, they're trying to. They've backed off some of these because they're just kind of far-fetched theories, but at least what they've tried to do in the past is condition federal funding for something like broadband on states not regulating AI. So that was the one condition there. That's something that Congress could do, but having the executive branch do it post hoc is almost certainly unconstitutional. Okay. Because states have to kind of have notice that like they have an obligation, in this case their obligation to receive broadband dollars is to not regulate AI. And without that, it's not really a fair position for states to be in. And then the other one, which they came up with in December, which we've talked about, is they were just going to sue states. So they're going to have like a team of lawyers at DOJ. And when the states decided to regulate AI, the federal government task force would go in and try and sue that law out of existence. There's a lot of backlash to this. You know, Republicans control a lot of state governments. And, you know, even if they might be at the federal level against overregulation, they want to protect the interests of their state legislatures to regulate in this area. So there was certainly some pushback. And the Trump administration kind of implicitly recognized this when they released an updated AI framework in March, reemphasizing that the state retains authority over traditional state powers. So regulating kids' access to online AI content was an example. Or in areas of criminal law or the use of AI in state agencies. They kind of walked back this idea that the federal government will have primacy in all areas. The upshot of all of this is that we have the executive branch not just influencing AI policy outcomes, but it's changing or restructuring the conditions under which lawmaking occurs. So by setting up these sort of incentive structures, executive action for the first time, just the threat of it can discourage states from enacting laws. And that sidesteps what has traditionally happened where Congress decides one way or another whether they're going to preempt state law in a particular area. And we've seen this in a lot of states. There was an AI safety bill that came in front of the Utah state legislature, which had a lot of public support and support among lawmakers. Utah is a very red state. And the administration, you know, I don't know if it was threats or just like you really shouldn't do this, but that had a huge impact and that bill stalled. A similar thing happened in Arizona. There is now private litigation challenging a new state law from Colorado saying that federal action might preempt their comprehensive AI regulation bill. And the Department of Justice joined this lawsuit. So this is an effort not at direct preemption, but of trying to deter states from taking action. It's more of changing the incentive structure. And I think that has really big implications on the interplay between state and federal policymaking. So I found it very interesting. Yeah. Now, you're actively involved with a lot of the stuff that's going on in the Maryland legislature, particularly when it comes to these sorts of things. And obviously, Maryland is, I don't know, among the bluest of the blue, right? Certainly is, yeah. So how does a blue state like Maryland, where we live, respond to something like this? Do they say bug off or? Pretty much. Yeah. I think the Maryland legislators who are concerned about these issues have taken a defiant stance against the federal government saying like, bring it on. If you want to sue us, like we, it is in our domain to regulate artificial intelligence. They passed several bills doing so over the past couple of legislative sessions for things like election disinformation, identity fraud, deep fakes. And their general message to the federal government is we're not going to be cowed by your implicit threats. And they've also worked closely with other state legislatures to kind of figure out collectively what can we do as states to push back against this federal effort to handcuff us and to prevent us from enacting laws. So some of that is how you craft language so that it doesn't run afoul of executive orders or doesn't trigger preemption. What would it take for this to be put in front of a court to challenge the constitutionality of it? I mean, I'm still waiting for the first lawsuit from this task force from the federal government. There's going to be some state law that comes up. It's probably going to be in a blue state because I think a red state would just abandon the effort if the administration said, don't do this. So that's my guess. It's going to be in a blue state. They're going to enact a law. And the president's team at the Department of Justice will sue the state saying that this is an improper use of state power. This is an area of federal supremacy. What would actually probably happen, I'll couch it a little bit, is some private entity who would be affected by this. So an AI company would be subject to the regulations. They're going to sue. And the Justice Department is going to join that suit on behalf of that private entity. Then we'll get into a situation where courts are going to have to evaluate the full extent of state powers here. And it really depends on which judge you draw in a federal district court. But my inclination is to think that judges are quite protective of states' ability to enact policy. And particularly in these circumstances where you don't have any sort of express preemption, I think judges would be reluctant to handcuff those states. But the sort of law task force within the White House is very smart, and they could go to Amarillo, Texas or whatever. Let's just say there was a Texas regulation. There's one federal district court judge in Amarillo, Texas, who's very friendly to them. They could sue in that court and try and get a favorable ruling. And then you'd start to see like a body of law develop on, well, is there implied federal preemption when there's executive action? If it something that solely in executive orders if it not explicit is this something that is going to prevent states from enacting these policies I think that where the litigation is going to come up What about Congress Are they trying to brush back the executive branch and say stay in your lane? Or is this another example of them being submissive to the White House? So they did do that when this came up in the One Big Beautiful Bill debate, including a lot of Republican legislators. But there's not a lot of pushback or calls for legislative action in response to their executive orders. What we could have seen and what we didn't see is a bipartisan effort after the first Trump executive order in December to say, like, it is the official policy of Congress that these state laws will not be preempted by federal executive orders and we are defunding the unit at the Department of Justice that's promulgating these lawsuits. Like that's something they could have done. Yeah. Now, presumably Trump vetoes it. But maybe you get, you know, in a perfect world, two thirds of the House and the Senate to override that veto. But that didn't happen. I mean, I think part of it is if you're in the president's party, you kind of want to pick your battles. Like if you're going to stand up to him on one thing, is this the hill you're willing to die on? And I'm not sure there are a lot of legislators who are at that point yet. Even if in the abstract, I think most of them want states to retain that power. The other thing that's, I think, important to note here is, like, we're talking about AI because this is in our wheelhouse. But this could apply to all different types of topics, including new emerging technologies. So anything that has kind of a national reach, so things that implicate national security, economics, interstate commerce, et cetera, the executive branch can kind of take these hidden actions to disincentivize or discourage states from enacting their own regulations in this kind of, I don't want to call it coercive, but like bullying sort of way. And, you know, that could really inhibit states' abilities to be flexible and to try and regulate these technologies as best they can. And I think that that's going to be a really interesting change dynamic. So, you know, the Trump administration is certainly well known for exploring the edges of what is possible, right? How novel is this? Have other presidential administrations used an approach like this to get what they want or is this new? I think this is pretty novel. A lot of presidents have wanted for and worked to establish preemption in various areas. And this goes back to tobacco and insurance, where these are things that are kind of inherently federal, like they affect interstate commerce. And presidents have taken the lead in encouraging Congress and supporting Congress passing laws, establishing federal power over these areas. And certainly, like, presidents have been involved in the litigation against this type of thing. And it's Republican and Democratic presidents. I mean, there was an effort among states in the early 2010s to opt out of provisions of Obamacare. Oh, right. Sure. And to decline accepting Medicaid dollars, for example. And the Obama administration stood up for federal power. But their argument was the statute is the voice of that federal power. The law that was enacted. We are basing our, we are grounding our position on federal power in language that was passed by Congress. We've never had it where it's just like, let's set up a bunch of guys with figurative baseball bats. We're just standing around going like, I'd hate to see what would happen to you if it has to overburden some regulation on AI. Nice state you got there. Yeah, I'm picturing Fat Tony from The Simpsons. Shame if you lost all your highway funding. Exactly. I mean, that's what they tried to do with broadband. Right, right. So I don't think we've seen an effort quite like this. I also think, like, it's kind of working in a way. I mean, we talked about those laws that were, that didn't come to pass because of administrative pressure. The Colorado example is really interesting to me because their regulation did pass and it was signed into law by Governor Polis, a Democrat. And since he signed the law, he's kind of been like, eh, maybe we went too far. Like, I'm kind of regretting this. We might have to restructure the law. Like, all of these companies, because of how stringent the regulations are, have been like, we're leaving Colorado. Like, we can't be headquartered here because, you know, we're not going to be able to innovate given these, whatever protections have been enacted in their AI regulations. And so even the Democratic governor who signed the bill is like, whoa, like, let's, you know, maybe we're moving too fast here. Maybe this shouldn't be a race among states to see who can regulate the most because it's going to disadvantage the states from the sense of economic power. So, I mean, it just creates a lot of really interesting dynamics. Yeah, it's always interesting to me how preemption can be a tool to dial back regulations that the states have enacted. Right. So you understand the theory of it. Like, it is better to have uniformity. Right. That's a reason why we have a federal government. I'm no historian, but like, I'm sure some history teachers out there are like, read what happened with the Articles of Confederation. Right. It's too fragmented. But all of that depends on Congress stepping in and deciding collectively, like, this is an area of federal power. It's something that's been given to us by the Constitution. and we're going to either expressly or implicitly claim that power and prevent states from acting in conflict with it. So that's usually the avenue. And, you know, I think here the conflict arises because the executive branch isn't saying to states explicitly, like, you can't pass laws. Every law you pass, we're going to sue you. But it just kind of hangs over states as they consider these pieces of legislation. Right. And the executive branch of the White House also, correct me if I'm wrong here, also is not going to Congress and saying we would really love it for you to whip up a bill to address this. Yeah, like they tried that and it failed. Right. So, you know, they could try it again. Yeah. I don't think they're going to. I think it's sort of this method of if it ain't broke, don't fix it from their perspective. Like if we are able to intimidate states out of doing these things, then we don't need to use our political capital to get Congress to pass something. So I think it's going to be incumbent on blue states to go out and say like, challenge accepted. Yeah, right. Take your best shot. Right, exactly. Maybe it's California. You know, it's like Gavin Newsom has some mean tweets. And maybe that can be part of the fight that he takes on. Maybe it's us here in Maryland. Right. But, yeah, it's just really interesting. Yeah, it is. All right. Well, we will have a link to that story. Again, this is from the folks at Lawfare Media. Always interesting stuff that they present. So worth your time. My story this week is much lighter and yet also serious. Is it, though? I don't know. I guess we'll see. We'll let our listeners be the judge. Well, so this is a story of a young woman named Kaylin Lunglaufer who set out to be a TikTok influencer. Who among us has not set out to be a... Yes, me. So she graduated from high school and posted a video on TikTok addressing her followers as she was heading off to attend the University of Tennessee. where she wanted to continue being a TikTok influencer. So she gets on campus and starts doing all the things that we all do when we go to college, meeting people and going to class and doing social things. And at some point, someone in her dorm informs her that he saw an ad with her promoting a dating app. obviously against her will and consent. Without her knowledge. Right. Right. So this dating app, which is called Meet, M-E-E-T-E, because of course it is, this dating app had a video of her that they had evidently or allegedly, according to her lawyer, scraped from her TikTok account. They replaced her voice. They made it seem as though she was saying things she was not seeing. And perhaps most importantly, made it seem like she was on this dating app and she was out there looking for friends with benefits. Which she was not. Which she was not. And that's pretty dangerous because, like, if that message gets out there in an environment of a college campus, then, like, people are going to look at her a certain way and are going to act around her in a certain way, that's unwelcome because it's not actually her in the ad. Exactly. Exactly. And so when it gets to the point where people are actually coming up to her in response to this ad campaign, which she was unaware of, you know, that's when she checked it out, contacted a lawyer and started taking action here. Um, now, another wrinkle to this is that she and her attorney are alleging that not only did the dating platform, uh, just use her information without her permission, use her video without her permission, they're contending that they geofenced the ads. So it's being shown basically in a very limited geographic area around this campus. Right. So it's not like she's featured in a national ad because she's part of like a stock image. Right, exactly. It's narrowly targeted. Yeah. So people that she would be likely interacting with or crossing paths with day to day are allegedly more likely to see this ad because the accusation that they're making, that the plaintiffs are making here, is that people walking around campus will see this ad and they'll say, wait, I recognize. I recognize this person. Oh, it's like, oh, she's using this app? I know her. She's that influencer on TikTok. Right. And, oh, she's looking for friends with benefits. Well, this is the dating app for me. What's interesting about this is, like, my first impression when seeing this was, oh, okay, they used AI and, like, had her say things that she didn't say. That's not what happened here. It was normal 2010s-style editing tools appropriating her image. And then the advanced technology was the use of geofencing to make it specifically apply to this campus. You know, having these, like, very targeted ads, which could enable things like harassment or reputational harm. Luckily for her, she's in the state of Tennessee, which has this groundbreaking act called the Elvis Act. Yes, we've talked about the Elvis Act. We have. Obviously, it's an acronym. And I don have it at my disposal right now but it like eliminating likeness something something something Yeah And that is a law that intended to protect individuals intellectual property rights But that also includes things like protection from defamation or anything similar to that that exists in common law in Tennessee. So she might be able to win a lawsuit under that statute where she's saying that there is an unauthorized appropriation of her likeness that's robbing her of her intellectual property because somebody is using it without her consent. Yeah, I mean, it seems like a pretty clear-cut case for reputational damage. It certainly does, especially since she's a TikTok influencer, but she's also a private citizen. And this is not something where it's like anybody can say anything about her. it's in the discourse. Like, we don't want to hurt public conversation. They're literally stealing her likeness. I mean, that's what our intellectual property laws are designed to prevent. She also is filing a federal suit under the Lanham Act, which is a U.S. law governing trademark rights. So, you know, the value of the trademark is your symbol, especially if you're an influencer, your image, your likeness has some type of monetary value the same way that the The McDonald's Arch has monetary value. Like it represents you and it represents a certain reputation. And the Lanham Act exists to prevent these types of things from happening. Now, it might be a more difficult case because you have to establish that there was a trademark here. I don't think she – I have no idea if she went through the process of like trademarking her name and license before any of this happened. But I do think she has a pretty good case here. So she's seeking three quarters of a million dollars in punitive damages, as well as any revenue tied to the ads that featured her likeness. This article, and this is from the folks over at CyberScoop, talks about who they're going after. And that is a company called Quantum Communications Development, which is based in the Virgin Islands, as well as Chinese. Virgin Islands is well known for those giant data centers and the location of the tech industry, right? So there's a couple of Chinese companies as well. And it's interesting to me, a judge has ordered representatives from all three to appear for depositions in the United States. How do you think that's going to go, Ben? Yeah, that's a problem. That's a big problem. it's going to make this lawsuit a lot harder because she is suing out-of-state entities. It doesn't fully immunize out-of-state entities from the law. You can get judgments against international defendants, but then the problem is trying to enforce those judgments. So, you know, normally if somebody doesn't pay up on a civil lawsuit in this country, like you can send a sheriff to collect their property. and that secures the judgment that you've won. You can't really do that in China as far as I know. So that might be one of those things where she wins the case, but because of this extraterritorial element here, she's not actually going to get the money that she deserves from winning the case. Yeah. Now, I guess the thing that really fascinated me and sets this apart is the allegations of geofencing to target people to view the ads that they were trying to get people close to her physical location to benefit from that. That's just... It's weird. Yeah. And I can certainly see why this could be a tool used for harassment. I mean, especially for it to be done without her consent. It would be completely different if she was like, I'm a TikTok influencer and I got a, you know, so I'm part of a paid partnership with this dating app. Right. And, like, I'm the it girl on this campus, so they can use my likeness. You know, we'll both make some money out of it. Right. Like, that's not what happened here. No. And that's why it's pretty disturbing. The extra yucky part where they're, you know, making her appear that she's more promiscuous, perhaps, than she actually is. Like, that's just gross. Right, that's full reputational damage. That's defamation. Yeah. And that's why I think she has such a solid case here. The allegation in the civil complaint is that the defendants acted with actual malice, which is a legal term of art, but it means these companies either knew or should have known that she never consented to the use of her likeness and that they were manipulating her in ways that were not representative of her TikTok videos. So at least the allegation imputes actual malice, actual knowledge on the part of these companies that they know what they're doing here. I wonder how often these things are just the result of some low-level workers' laziness, right? Like somebody was sent out to go find me an image of a pretty young woman to be our spokesmodel. spokesmodel. And rather than generating something out of whole cloth using AI or finding a stock photo, they spent two minutes on TikTok, found someone, said, oh, she's pretty. Let's use her. That totally could have happened. Yeah. And now here we are. And that's the thing is there are actually easy ways to put a good looking person on a dating app and you mentioned them. It's like an AI person does not have those protected intellectual property interests. So you can do that. Or yeah, like go to the creative commons and search good looking woman and put that on there. Like there's a reason that in a lot of memes that are shared billions of times on the internet, there are good looking people who don't have any claim to sue anybody because their likeness has been stolen. It's all about how that image, whether it's in public domain or not. All right. Well, we will have a link to that story in the show notes. Again, that is from the fine folks over at CyberScoop. So please do go check that out. It's an interesting read. All right. I tell you what, let's take a quick break here. We will be right back after this message from our show sponsors. Ben, you recently had the pleasure of speaking with Jen Savada, who is the Public Sector General Manager at Clarity. She's also a former U.S. Air Force colonel. And your conversation centered on national security strategies and how they depend on public-private trust. Here's Ben with Jen Savada. Trust is one of the most important things between government and the private sector in order to enable cybersecurity in particular to work. the way that it really manifests itself is in both the government being honest about what's going on, sharing information, sharing ways to combat what is going on from a cyber perspective. And then from a private sector face of this is actually being able to share what they're seeing, how they're being attacked, what the implications are for what they've done and how it's impacted their business. Both sides have to be able to share the information without fear of reprisal or blame or any sort of finger pointing. And that's what takes time. And that's what's the most important thing to do. And it all starts with openness and transparency. So you've had the advantage in your career of working in both the public and private sectors. So are there, since you've kind of had your foot on both sides, are there misconceptions that are worth addressing both about the public sector and the private sector? Yes, I'll give you one big one for each one. The first one is when you're in government, there's also always this misperception that you can't talk to the private sector. Oh, we can't talk to them. You know, they're just going to sell us something and we don't want to interfere with an acquisition or procurement because we want to be fair to everyone. When in reality, it's encouraged that you talk to the private sector. Private sector is often ahead in technology development. They have different experiences. They're being, in a cyber perspective, they're being attacked in different ways and different types of information are being collected. Then if you look at it from the other perspective, the private industries often think that government is there to take their information or use it in a manner that they don't see fit. But as we know, there's laws that have to be followed. There are policies that guide the interactions that happen. And I think that oftentimes it's a perception that we're not in this just for our own revenue generation. We're actually in this for the mission. And being able to have that shared common interest is really important. About that shared common interest, I think sometimes there's this perception that the public sector is kind of resource and talent constrained, that if you want to make the big bucks, you'll go into the private sector. So the private sector comes in, they're the innovators, right? How do you bridge that gap and leverage those private sector resources without creating some type of dependency or unnecessary risk? And this is something we've seen just recently with the Anthropic deal with the Pentagon, where we have this excellent public-private partnership that kind of falls apart. So what are kind of your thoughts on that? I think a lot of it is based on how you look at procuring software capabilities, technology, and working with different companies. There are easy ways to get vendor lock-in, as the government likes to call it, but then there are also easy ways to collaborate. And some of the ways, if we look at a larger program that's going on in the U.S. government, is Golden Dome, where there's over 2,000 different companies that have been included in the contract negotiations and contract award. And if you think about looking at it from that perspective, that you want to get the best of the breed, but you also want to keep competition lively and maybe a little bit spicy, that's a way for the government to continue to be able to use and choose the best that's out there while having access to it and not being confined to one or two vendors. And do you see there still being kind of structural barriers that prevent the full development of that relationship? So something within federal regulations that prevents agencies from fully leveraging these private sector capabilities? Are there regulations you change or laws that you change? Can you speak a little on that? So I think that from a cybersecurity perspective, there are some limitations that can impact governments negatively. And one of the big ones is looking at foreign ownership of cyber companies. Many cyber companies that are the best in the business are foreign-based. If you think about the Israeli cyber talent and cyber companies, they are out there and they're the best that they can be. There's a process that's called foci mitigation. It's foreign ownership, control, and influence. And oftentimes within government, you have to have that process completed before you can work with the U government There needs to be a way for there to be this interim step where hey we want your technology and your capabilities but we know you committed to foci mitigation and you haven't gotten there yet, but how do we use your technology without delaying the impact it can have on positively helping the government? And have you seen that gap bridge successfully where our government has worked with foreign owners of a company to try and mitigate those issues? I have, but the challenge is that it takes time. And time is often what we don't have. If we think about how fast cyber moves in particular, if you wait a year for this technology to be available because all the possible challenges and possible threats have been mitigated, you've lost out and you might have actually done more damage to the U.S. government. Kind of switching gears a little bit, I think the focus is always on the federal government. But my pet issue is state and local governments and state and local cybersecurity. So I was wondering if I could pick your brain on that a little bit. In terms of things like critical infrastructure, we're seeing a lot of cybersecurity responsibilities shift to state CISOs or offices of information technology or even some local folks. Is this something that you see creating operational risk and how can we help mitigate those risks for our state and local folks? It is creating risk. And it's not only the state and local folks, but a lot of our power grids and other components of critical infrastructure are run by co-ops and private companies. So how do we create an entire ecosystem that is able to protect all of that critical infrastructure? Some of the challenges I see are budgets. The budgets in the state and local governments are very small, municipalities in particular, for water and power. We have all of the regulations that are out there, like NERC-SIP, that drives what should be done. But at the same time, it's really challenging for these governments to understand, follow, track, and implement these regulations. And then they're looking at the differences between what do I need to do federally versus what do I need to do at the state and local level? And what is my prioritization? Kind of honing in on that cost issue a little bit, because I think, you know, state governments, most of them are required to balance their budgets annually, unlike the federal government. And there's just a limited number of resources that go around. And if you're not investing in cyber, maybe you're investing in, you know, healthcare or something else that's more politically palatable. What's kind of the pitch you make to state and local lawmakers about investing in cybersecurity for critical infrastructure? Yeah, the first thing I say is that critical infrastructure is so important and cybersecurity saves lives. If we look at New York, New Jersey, for example, the Port Authority of New York, New Jersey, they are responsible for the Lincoln and Holland tunnels. During rush hour, they have 35,000 vehicles in those tunnels at one time. If the smoke inhalation system goes down, they have seven minutes until people start to die. And when you put that into the lives of their constituents, of the people who are in their communities, it starts to sink in and make an impact. All right, I'm taking the ferry from now on. Right. All right. Switching gears a little bit again. How do you see the government industry relationship evolving over the next several years? And do you think it's kind of dependent on the political climate or is this something that's agnostic to what happens in federal elections? It's just kind of a constant challenge. So I don't know if it's necessarily a political issue, but I think it is an administration issue where different administrations, doesn't matter what political party you're affiliated with, have different views and philosophies on public-private partnerships and how to integrate commercial technology into government. We're seeing in our current environment that there's a focus on non-traditional companies getting away from the larger defense contractors, trying to drive innovation, increase speed and increase efficiency. I think that we'll continue to see that move over the next three to five years. And as we go, we'll see better and better technology being available to the government and being able to make decisions more broadly across all departments, not just the Department of War, looking at Social Security Administration, the IRS, all of the VA and others. It's really going to impact how we look and how we think and how we do. And can you talk a little bit about the context of the AI revolution, just how that changes these public-private partnerships and what are the novel concerns that those present and has it changed your perspective on building these relationships? Yes, absolutely. So AI is really about trust and risk and where you are on the scale between the two. What we're seeing is that you have to have trust that the AI is going to provide you the information that you need in a timely manner and the format that you need it. But you also have to understand that AI is not perfect and you have to be able to accept the risk that is within AI. If we don't use AI, we are behind. If we don't use AI in everything we do, we are behind. And all of our competitors and even in the private sector, they're all using AI. So the U.S. government has to have it as an integral part of what they do. One of the things that I really am interested in is, you know, the difference between human in the loop, human on the loop, and, you know, human leading in these types of situations. And I think we still have to have humans, people leading in the decision making, leading in understanding why something happened rather than the what happened, and then trying to figure out the what next, and being able to make the decisions related to that. And sometimes it's so hard to balance because the capability is amazing. You might have a great use case, but when you're dealing with something like autonomous weapon systems, like you can't be too cautious. Yeah, I would agree with you. And if we take it to cybersecurity, do you want an AI to say, you know what, I think that's a nation state cyber attack. I'm going to, you know, return fire in a cyber perspective and shut down the entire country's, you know, utilities. That can cause problems. Yeah, international incident that we do not want. Are there models or frameworks in terms of forming these public-private partnerships that you recommend or rely on, whether that's here in the U.S. or maybe in the European Union or somewhere else around the world? I would say that everybody is building frameworks. FBI has frameworks related to critical infrastructure. We have organizations like the ISACs who are looking at how do we bring non-profit, state and local, federal, as well as commercial entities together. It's something that is becoming more and more prevalent, which is a good thing. I do think that we need to figure out what are the outcomes that need to come through those entities in order to drive the actual capabilities and relationships. And what do you look for for those outcomes? Like if you put together a bulleted list of outcomes, what's on that list? So I think from an outcome perspective, it needs to be focused on how do we drive innovation? How do we drive security? How do we build trust? and how do we continue to evolve into something that enables all aspects of the government to do a better job of getting to what matters and accomplishing the mission. And do you think just for people like yourself who you've served in the Air Force and have gone into the private sector, do you think it helps to have that dual experience? And for more people who've had experience in both sectors, the better the harmonization of the relationship could be? Like, do you think that's made a big difference in your work? It has been the best experience for me to have both the Air Force and government as well as industry. I now see it from both sides. I understand what the challenges are. It helps me to be able to try to figure out how to problem solve and bring people together to come to a resolution. And then on the flip side, it also enables me to have patience. where I am now working at Clarity, trying to work with the government. And then we have government shutdowns and we have budget constraints and we have continuing resolutions or state and local, we have entities that are dealing with, they're waiting for their grant funding. They're waiting for the state budget to be approved. I understand that it's not a fast process. And so I can be more patient. I think I can be a better partner and overall have better outcomes for both the government as well as my company. Well, Jen Savada, thank you so much for joining us on the Caveat Podcast. We hope you'll come back again sometime. Oh, thank you, Ben. I appreciate it. Yeah, interesting stuff, Ben. Interesting conversation. I really enjoyed hearing what Jen had to say about this stuff. I mean, she has a very, I guess, a robust background, right? Absolutely. To talk about this sort of stuff. So it's really interesting to get her perspective. And I think we sometimes underappreciate the importance of public-private collaboration. When you have, they kind of have their own competitive advantages. The private sector is better at innovating, doing things quickly. You know, they can develop great threat intelligence tools. But if the public sector is not using them at the Department of Defense or wherever, like they're not going to be useful to protect our national security. So it's incumbent that we really focus on building these partnerships to ensure our resilience. Yeah, absolutely. All right. Well, again, our thanks to Jen Savada from Clarity for joining us. We do appreciate her taking the time. And that is Caveat, brought to you by N2K CyberWire. We'd love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like our show, please share a rating and review in your favorite podcast app. Please also fill out the survey in the show notes or send an email to caveat at n2k.com. This episode is produced by Liz Stokes. Our executive producer is Jennifer Iben. The show is mixed by Trey Hester. Peter Kilby is our publisher. I'm Dave Bittner. And I'm Ben Yellen. Thanks for listening. Thank you.