If your company deploys AI systems for hiring, lending, or customer screening, you are still subject to state AI laws today, regardless of what the DOJ's new task force has said or threatened. The DOJ AI Litigation Task Force, created January 9, 2026 by Attorney General Pam Bondi under Executive Order 14365, has taken one legal action in five months: intervening in a private lawsuit over Colorado's AI Act. It has not sued California, Texas, or Illinois. An executive order alone cannot preempt state law.
The Supremacy Clause of the U.S. Constitution lets federal law override conflicting state law, but only when Congress passes a statute. The White House knows this, which is why the National Policy Framework released March 20, 2026 explicitly calls on Congress to act. Congress has not acted. State obligations remain.
What Is the DOJ AI Litigation Task Force?
President Trump signed Executive Order 14365 on December 11, 2025, directing federal agencies to challenge state AI laws that burden interstate commerce, conflict with federal regulations, or violate constitutional protections. The order also directed the Commerce Department to list state AI laws the administration considers "onerous" by March 11, 2026, and asked the FTC to issue guidance on how federal consumer protection law applies to AI.
Attorney General Pam Bondi announced the Task Force on January 9, 2026. It operates inside DOJ, chaired by the Attorney General and vice-chaired by the Associate Attorney General, with staff from the Civil Division and the Office of the Solicitor General. Its mandate: identify and challenge state AI laws inconsistent with federal policy, on theories including the Dormant Commerce Clause, the Supremacy Clause, and constitutional claims like Equal Protection.
The core argument is that a 50-state patchwork of AI regulations stifles innovation, particularly for smaller companies. That is a legitimate policy concern. Whether it produces successful federal lawsuits is a different question.
Has the DOJ Actually Sued Any States Over AI Laws?
No, at least not independently. Here is the full record as of June 17, 2026.
On April 9, 2026, xAI (Elon Musk's AI company) filed a lawsuit in federal court challenging Colorado's AI Act (SB 24-205) on constitutional grounds. On April 24, 2026, the DOJ filed a Complaint in Intervention in that existing lawsuit, becoming a party. This is the first and, as of this writing, the only federal legal action the Task Force has taken against a state AI law. On April 27, 2026, a federal magistrate judge granted a joint motion to stay enforcement of the Colorado law pending litigation.
No federal lawsuit or DOJ intervention has been filed against California's AI laws (SB 53, in effect since January 1, 2026), Texas's Responsible AI Governance Act (TRAIGA, in effect since January 1, 2026), or Illinois's AI anti-discrimination employment law (HB 3773, in effect since January 1, 2026).
The Task Force has been operational for five months. In that time, it joined one case that a private company initiated. That is the record.
State AI Law Status Table (as of June 2026)
| State / Law | Effective Date | Who It Covers | Current Status |
|---|---|---|---|
| California SB 53 (Frontier AI Transparency Act) | January 1, 2026 | Frontier AI developers with over $500M revenue | In effect. No federal lawsuit filed. Enforcement by California AG; up to $1M per violation. |
| Texas HB 149 (TRAIGA) | January 1, 2026 | Any company deploying AI systems in Texas | In effect. No federal lawsuit filed. NIST AI RMF compliance available as a safe harbor. |
| Illinois HB 3773 | January 1, 2026 | Employers using AI for hiring, promotion, or termination decisions | In effect. No federal lawsuit filed. Disparate impact standard; intent is not a defense. |
| Colorado SB 24-205 (original AI Act) | Was June 30, 2026 | Companies using high-risk AI with Colorado customers | Enforcement stayed April 27, 2026 (magistrate order). Superseded by SB 26-189; the June 30 deadline is now moot. |
| Colorado SB 26-189 (narrowed replacement) | January 1, 2027 | Companies deploying AI affecting Colorado consumers | Signed May 14, 2026. Narrower obligations: user notification, 30-day adverse outcome disclosure, data correction, meaningful human review. |
Can an Executive Order Override State AI Laws?
No. The answer is straightforward as a matter of constitutional law, even if the politics feel murkier.
Federal preemption flows from the Supremacy Clause (Article VI), which makes federal law "the supreme law of the land" and preempts conflicting state law, but only when Congress has enacted a federal statute. Executive orders are directives to federal agencies. As the Congressional Research Service has explained, they do not carry the same preemptive force as a statute. Courts presume against preemption in areas where states have traditionally regulated, and they require clear evidence of congressional intent.
The White House understands this. The National Policy Framework released March 20, 2026 is a set of legislative recommendations to Congress, explicitly asking Congress to pass a preemption statute. Congress has not done so. In fact, Congress rejected AI regulation moratoria twice: once in the 2025 reconciliation bill and again in the 2026 National Defense Authorization Act.
The risk is a common one. Companies read headlines about the Task Force and conclude that state AI compliance is probably going away. That conclusion is premature. State enforcement agencies in California, Texas, and Illinois have not paused. A bet on preemption that turns out to be wrong leaves you without documentation and without a coherent answer when a state AG or an investor asks what you have been doing.
What Colorado Actually Shows About How This Fight Plays Out
The Colorado story is instructive precisely because it did not go the way many people expected.
The original Colorado AI Act (SB 24-205) was on everyone's radar, including the White House's. EO 14365 named it explicitly as a law that "will force AI models to produce false results." The Task Force made it the first target. xAI filed suit April 9, DOJ intervened April 24, and a magistrate stayed enforcement April 27. That progression looked like a federal-preemption win in progress.
Then the Colorado legislature did something the Task Force probably did not anticipate: it rewrote the law itself. Governor Polis signed SB 26-189 on May 14, 2026, repealing and reenacting the original AI Act with a significantly narrowed scope. The three most burdensome obligations (risk management programs, impact assessments, and the duty to prevent algorithmic discrimination) are gone. What remains is a narrower set of operational duties: user notification, 30-day adverse outcome disclosure, data correction, and meaningful human review. The new law takes effect January 1, 2027.
The Colorado case may now become moot before any court rules on preemption. The challenged law has been replaced. Other states watching this fight did not see the Task Force prevail in court; they saw a legislature voluntarily narrow its law under political pressure. Those are very different signals for what comes next.
Decision Framework
Which state laws actually apply to your AI systems? Map each AI system to the decisions it influences (hiring, lending, insurance, customer screening) and the states where those decisions affect people. Texas TRAIGA covers any company doing business in Texas. Illinois HB 3773 covers employment decisions affecting Illinois employees. California SB 53 applies to frontier model developers with over $500M revenue. That map determines how much you need to do today.
If a state AG sent a civil investigative demand tomorrow, what would you produce? Documentation of decision logic, disparate impact testing, vendor contracts, and governance policies. The absence of documentation is not a legal defense. It is a negotiating weakness and an investor red flag.
Are you building your governance program around the NIST AI Risk Management Framework? Texas TRAIGA explicitly offers NIST AI RMF compliance as a safe harbor. The White House National Policy Framework cited it as the preferred federal standard. Aligning to NIST AI RMF gives you a defensible position under both state laws and the federal framework simultaneously.
What will investors ask about state AI compliance at your next diligence? Investors in 2026 are asking about state AI exposure regardless of what the DOJ does next. The absence of a governance program is a diligence finding whether or not preemption eventually arrives.
If preemption eventually arrives, is your compliance investment wasted? No. NIST AI RMF-aligned governance, disparate impact testing, and human oversight documentation make AI systems more defensible in any regulatory environment. Over-compliance for a period is a far better position than being caught without documentation while a state enforces.
Who Should Care
This question matters for any company deploying AI systems in California, Texas, or Illinois today, or any company planning to reach Colorado consumers in 2027. It matters for founders building AI-assisted hiring or lending tools, because state enforcement does not care about your headcount. And it matters for investors and boards: the DOJ's Colorado intervention is not a clean signal that state compliance is optional. The Task Force has taken one action in five months. State enforcement agencies are still running. The Colorado legislature's response showed political pressure can produce state-level revision; it did not produce a court ruling preempting anyone.
Practical Takeaways
If you use AI for hiring, promotion, or termination in Illinois, build disparate impact testing into your evaluation cycle now. Illinois HB 3773 applies a disparate impact standard regardless of intent. A state enforcement inquiry starts with whether you have testing records, not whether discrimination was intentional. Do this before an inquiry lands.
If you deploy AI systems in Texas, document your NIST AI RMF alignment before your next compliance review. Texas TRAIGA explicitly offers NIST AI RMF compliance as a safe harbor defense. The NIST AI RMF Govern and Map functions are the starting points. This is a defense you can build before any enforcement action; there is no reason to wait.
If you have Colorado customers, take the June 30 deadline off your roadmap entirely. SB 26-189 replaced the original Colorado AI Act. The new obligations (user notification, 30-day adverse outcome disclosure, data correction, meaningful human review) take effect January 1, 2027. Update your compliance calendar accordingly.
If your AI vendor contracts do not address state law obligations, add that to your next vendor review. Texas TRAIGA and Illinois HB 3773 impose obligations on companies deploying AI, not just the developers who built it. Clarify who is responsible for compliance, what audit rights you have over AI outputs, and what happens if a state enforcement inquiry arrives. Document any gaps vendors won't address.
Do not read the Colorado intervention as permission to pause on California, Texas, or Illinois compliance. The Task Force has not sued those states. Their laws are in effect. State enforcement agencies have not slowed down. The Colorado case tells you the Task Force will act when it has a target; it does not tell you other state obligations are suspended.
Build an AI systems inventory before your next investor diligence cycle. Map which AI systems you deploy, what decisions they influence, which states are affected, and what documentation exists for each. This is typically the first ask from a technical diligence team. See the companion piece on building your state AI compliance file for a practical framework while preemption plays out.
Watch the Colorado xAI litigation for the Task Force's first substantive ruling. If the case proceeds rather than being dismissed as moot, you will get a ruling on the Equal Protection and Dormant Commerce Clause theories the DOJ is relying on. That ruling, expected late 2026 or 2027, is the most important near-term signal on whether federal preemption litigation is a real compliance lever or a political pressure tool.
Closing Perspective
Here is what I keep coming back to when founders ask whether they can wait out the federal-state fight: the DOJ Task Force is real, the litigation pressure is real, and Colorado showed that federal pressure can produce legislative revision without a court ruling. But none of that changes what California, Texas, and Illinois are doing today. Those laws are in effect. State enforcement agencies are staffed and operational. Congress has rejected AI moratoria twice. The most likely near-term outcome is not preemption; it is a slow court fight that produces limited rulings on specific legal theories while state laws continue to apply in the meantime.
The founders who come out of this well are the ones who built a governance baseline now and did not have to explain to an investor, a state AG, or a prospective enterprise customer why they spent 2026 waiting to see how it turned out. Federal preemption, if it comes at all, is a multi-year project that requires Congress to act. State enforcement is available right now. Invest accordingly.
This article is for informational purposes only and does not constitute legal advice. Every company’s situation is different, and you should consult with qualified legal counsel before making compliance decisions based on the developments discussed here.