This is part of an ongoing series of Covington blogs on the AI policies, executive orders, and other actions of the Trump Administration. The first blog summarized key actions taken in the first weeks of the Trump Administration, including the revocation of President Biden’s 2023 Executive Order 14110 on the “Safe, Secure, and Trustworthy Development and Use of AI” and the release of President Trump’s Executive Order 14179 on “Removing Barriers to American Leadership in Artificial Intelligence” (“AI EO”). This blog describes actions on AI taken by the Trump Administration in February 2025.Continue Reading February 2025 AI Developments Under the Trump Administration

Ryan Burnette
Ryan Burnette is a government contracts and technology-focused lawyer that advises on federal contracting compliance requirements and on government and internal investigations that stem from these obligations. Ryan has particular experience with defense and intelligence contracting, as well as with cybersecurity, supply chain, artificial intelligence, and software development requirements.
Ryan also advises on Federal Acquisition Regulation (FAR) and Defense Federal Acquisition Regulation Supplement (DFARS) compliance, public policy matters, agency disputes, and government cost accounting, drawing on his prior experience in providing overall direction for the federal contracting system to offer insight on the practical implications of regulations. He has assisted industry clients with the resolution of complex civil and criminal investigations by the Department of Justice, and he regularly speaks and writes on government contracts, cybersecurity, national security, and emerging technology topics.
Ryan is especially experienced with:
Government cybersecurity standards, including the Federal Risk and Authorization Management Program (FedRAMP); DFARS 252.204-7012, DFARS 252.204-7020, and other agency cybersecurity requirements; National Institute of Standards and Technology (NIST) publications, such as NIST SP 800-171; and the Cybersecurity Maturity Model Certification (CMMC) program.
Software and artificial intelligence (AI) requirements, including federal secure software development frameworks and software security attestations; software bill of materials requirements; and current and forthcoming AI data disclosure, validation, and configuration requirements, including unique requirements that are applicable to the use of large language models (LLMs) and dual use foundation models.
Supply chain requirements, including Section 889 of the FY19 National Defense Authorization Act; restrictions on covered semiconductors and printed circuit boards; Information and Communications Technology and Services (ICTS) restrictions; and federal exclusionary authorities, such as matters relating to the Federal Acquisition Security Council (FASC).
Information handling, marking, and dissemination requirements, including those relating to Covered Defense Information (CDI) and Controlled Unclassified Information (CUI).
Federal Cost Accounting Standards and FAR Part 31 allocation and reimbursement requirements.
Prior to joining Covington, Ryan served in the Office of Federal Procurement Policy in the Executive Office of the President, where he focused on the development and implementation of government-wide contracting regulations and administrative actions affecting more than $400 billion dollars’ worth of goods and services each year. While in government, Ryan helped develop several contracting-related Executive Orders, and worked with White House and agency officials on regulatory and policy matters affecting contractor disclosure and agency responsibility determinations, labor and employment issues, IT contracting, commercial item acquisitions, performance contracting, schedule contracting and interagency acquisitions, competition requirements, and suspension and debarment, among others. Additionally, Ryan was selected to serve on a core team that led reform of security processes affecting federal background investigations for cleared federal employees and contractors in the wake of significant issues affecting the program. These efforts resulted in the establishment of a semi-autonomous U.S. Government agency to conduct and manage background investigations.
January and February 2025 Cybersecurity Developments Under the Biden and Trump Administrations
This is the first in a new series of Covington blogs on cybersecurity policies, executive orders, and other actions of the new Trump Administration. This blog describes key cybersecurity developments that took place in January and February 2025. Below, we outline three developments affecting cybersecurity in January and February 2025, including one from the Biden Administration, which has not been rescinded.
Biden Administration Issues Second Cybersecurity Executive Order
On January 16, in one of the final acts of the Biden Administration, the White House issued Executive Order (”EO”) 14144 on “Strengthening and Promoting Innovation in the Nation’s Cybersecurity.” EO 14144 expands on the National Cybersecurity Strategy and EO 14028, Improving the Nation’s Cybersecurity, which we first previously wrote about here. This new EO requires a range of additional security enhancements to U.S. government and supporting digital infrastructure, including improving accountability for software and cloud service providers, strengthening the security of Federal communications and identity management systems, and promoting innovative developments and use of emerging technologies for cybersecurity across agencies and with the private sector. Continue Reading January and February 2025 Cybersecurity Developments Under the Biden and Trump Administrations
U.S. Federal and State Governments Moving Quickly to Restrict Use of DeepSeek
Last month, DeepSeek, an AI start-up based in China, grabbed headlines with claims that its latest large language AI model, DeepSeek-R1, could perform on par with more expensive and market-leading AI models despite allegedly requiring less than $6 million dollars’ worth of computing power from older and less-powerful chips. Although…
Continue Reading U.S. Federal and State Governments Moving Quickly to Restrict Use of DeepSeek
FY2025 NDAA: Congressional Efforts to Bolster U.S. Resilience Against Chinese Tech and Influence
The FY 2025 National Defense Authorization Act (“NDAA”) sustains Congress’s continued focus on countering China’s expanding influence and enhancing U.S. resilience in an era of great power competition. This year’s legislation reflects the practice of carrying the State Department and Intelligence Authorization Acts within the NDAA—marking the third consecutive year that these critical measures have been advanced in tandem. The Foreign Relations and Intelligence Committees in both chambers of Congress have increasingly adopted the Armed Services Committees’ playbook, embedding China-focused legislation modeled on past defense measures in their respective authorizations. This blog examines key provisions designed to address what Congress views as strategic challenges posed by China while closing loopholes that could confer military, economic, or technological advantages to Beijing. We divide these provisions into the following five categories: (1) provisions that address potential security risks linked to Chinese-origin technology; (2) provisions that limit the transfer of U.S. technology or data to China; (3) so-called “time to choose” provisions that curtail Department of Defense (“DoD”) engagement with third parties that engage with China; (4) provisions that tackle a range of broader geopolitical concerns; and (5) studies and reports to identify emerging issues and concerns.
Continue Reading FY2025 NDAA: Congressional Efforts to Bolster U.S. Resilience Against Chinese Tech and Influence
January 2025 AI Developments – Transitioning to the Trump Administration
This is the first in a new series of Covington blogs on the AI policies, executive orders, and other actions of the new Trump Administration. This blog describes key actions on AI taken by the Trump Administration in January 2025.
Outgoing President Biden Issues Executive Order and Data Center Guidance for AI Infrastructure
Before turning to the Trump Administration, we note one key AI development from the final weeks of the Biden Administration. On January 14, in one of his final acts in office, President Biden issued Executive Order 14141 on “Advancing United States Leadership in AI Infrastructure.” This EO, which remains in force, sets out requirements and deadlines for the construction and operation of “frontier AI infrastructure,” including data centers and clean energy facilities, by private-sector entities on federal land. Specifically, EO 14141 directs the Departments of Defense (“DOD”) and Energy (“DOE”) to lease federal lands for the construction and operation of AI data centers and clean energy facilities by the end of 2027, establishes solicitation and lease application processes for private sector applicants, directs federal agencies to take various steps to streamline and consolidate environmental permitting for AI infrastructure, and directs the DOE to take steps to update the U.S. electricity grid to meet the growing energy demands of AI.
On January 14, and in tandem with the release of EO 14141, the Office of Management and Budget (“OMB”) issued Memorandum M-25-03 on “Implementation Guidance for the Federal Data Center Enhancement Act,” directing federal agencies to implement requirements related to the operation of data centers by federal agencies or government contractors. Specifically, the memorandum requires federal agencies to regularly monitor and optimize data center electrical consumption, including through the use of automated tools, and to arrange for assessments by certified specialists of data center energy and water usage and efficiency, among other requirements. Like EO 14141, Memorandum M-25-03 has yet to be rescinded by the Trump Administration.Continue Reading January 2025 AI Developments – Transitioning to the Trump Administration
FAR Council Proposes New FAR CUI Rule
On January 15, 2025, the Federal Acquisition Regulation (“FAR”) Council proposed a new FAR Controlled Unclassified Information (“CUI”) rule (“proposed rule”) to establish uniform requirements for handling CUI with broad applicability to solicitations and contracts across the federal government.
The proposed rule, in development for roughly a decade, represents a…
Continue Reading FAR Council Proposes New FAR CUI RuleNovember 2024 Developments Under President Biden’s Cybersecurity Executive Order and National Cybersecurity Strategy
This is part of a series of Covington blogs on the implementation of Executive Order 14028, “Improving the Nation’s Cybersecurity,” issued by President Biden on May 12, 2021 (the “Cyber EO”). The first blog summarized the Cyber EO’s key provisions and timelines, and the subsequent blogs described the actions taken…
Continue Reading November 2024 Developments Under President Biden’s Cybersecurity Executive Order and National Cybersecurity StrategyDepartment of Defense Publishes Notice of Proposed Rulemaking on Disclosure of Computer and Source Code to Foreign Entities
On November 15, 2024, the Department of Defense (“DoD”) published a Notice of Proposed Rulemaking (“Proposed Rule”) entitled “Defense Federal Acquisition Regulation Supplement: Disclosure of Information Regarding Foreign Obligations.” The Proposed Rule would impose new disclosure obligations on “Offeror[s]” (pre-award) and “Contractor[s]” (post-award) that are triggered in certain…
Continue Reading Department of Defense Publishes Notice of Proposed Rulemaking on Disclosure of Computer and Source Code to Foreign EntitiesNovember 2024 Developments Under President Biden’s AI Executive Order
This is part of an ongoing series of Covington blogs on the implementation of Executive Order No. 14110 on the “Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence” (the “AI EO”), issued by President Biden on October 30, 2023. The first blog summarized the AI EO’s key provisions and related OMB guidance, and subsequent blogs described the actions taken by various government agencies to implement the AI EO from November 2023 through October 2024. This blog describes key actions taken to implement the AI EO during November 2024 and potential implications of the 2024 U.S. election. We will discuss developments during November 2024 to implement President Biden’s 2021 Executive Order on Cybersecurity in a separate post. Continue Reading November 2024 Developments Under President Biden’s AI Executive Order
October 2024 Developments Under President Biden’s Cybersecurity Executive Order and National Cybersecurity Strategy
This is part of a series of Covington blogs on implementation of Executive Order 14028, “Improving the Nation’s Cybersecurity,” issued by President Biden on May 12, 2021 (the “Cyber EO”). The first blog summarized the Cyber EO’s key provisions and timelines, and the subsequent blogs described the actions taken by…
Continue Reading October 2024 Developments Under President Biden’s Cybersecurity Executive Order and National Cybersecurity Strategy