Between January 2025 and March 2026, Congress introduced approximately 47 AI-related bills. According to tracking data from the Brookings Institution, fewer than a third contain statutory definitions for the core terms regulators would need to actually enforce them. The word 'undefined' has become one of the most consequential phrases in American technology governance.

Let that sink in. Congress is writing laws about a technology it cannot legally define.

The FTC Just Admitted It Cannot Do Its Job

This came into sharp focus in late March when the Federal Trade Commission formally acknowledged that it lacks the definitional authority under current law to classify certain large language model deployments as 'high-risk' for consumer protection purposes. FTC Commissioner Alvaro Bedoya called it 'a gap we cannot paper over with guidance alone' in a March 18 public address.

The phrase 'high-risk AI system' appears in at least 11 active federal bills. It carries a different operative meaning in each one. The Congressional Research Service published a side-by-side analysis in February 2026 showing the definitional chaos across these bills, and it reads like 11 different countries trying to regulate the same technology with 11 different dictionaries.

Europe Defined Its Terms. America Did Not.

The contrast with the EU is brutal. The EU AI Act dedicates 22 articles and two full annexes to defining terms before prescribing a single obligation. American legislators have historically preferred to grant agencies discretion. But critics argue that discretion without anchor definitions has paralyzed enforcement rather than enabling it. You cannot enforce a law when nobody agrees on what the words mean.

NIST's AI Risk Management Framework provides voluntary guidance on categorizing AI risk, but it is explicitly non-binding. Without statutory language that incorporates those definitions, agencies enforcing separate laws are working from incompatible taxonomies. The left hand does not know what the right hand is regulating.

Industry Is Writing Its Own Rules

In the absence of federal clarity, Big Tech is doing what Big Tech always does: writing its own rulebook. A March 2026 survey by the Information Technology Industry Council found that roughly 68 percent of major tech companies have begun drafting internal taxonomies for AI risk classification. Translation: OpenAI, Google, and Meta are deciding for themselves what counts as 'high-risk AI.' If that does not concern you, you have not been paying attention.

Meanwhile, nearly 400 AI-related bills are pending in state legislatures. California, Colorado, and Illinois have already enacted their own frameworks. The Trump administration's National Policy Framework, released March 20, explicitly recommends federal preemption of state AI laws. But preemption requires a federal standard to preempt with. And Congress cannot agree on what the standard should say because it cannot agree on what the words in the standard should mean.

The Bottom Line

America is attempting to regulate the most transformative technology since the internet by writing laws that cannot be enforced, using terms that have no legal meaning, while simultaneously trying to block states from writing clearer ones. The EU built the dictionary first and the rules second. Congress skipped the dictionary entirely and is wondering why nobody can read the rules.

At this rate, AI will regulate Congress before Congress regulates AI.