DHS Framework for AI in Critical Infrastructure (Roles and Responsibilities)
United States · DHS Framework (Nov. 14, 2024)
DHS released a voluntary framework that lays out the responsibilities of cloud providers, AI developers, AI deployers, critical-infrastructure owners, and civil society for the safe and secure use of AI in U.S. critical infrastructure sectors — including grid, water, financial services, and healthcare.
Technical detail
DHS, 'Roles and Responsibilities Framework for Artificial Intelligence in Critical Infrastructure' (Nov. 14, 2024). Targets the 16 critical-infrastructure sectors, organized around five role categories: cloud and compute infrastructure providers, AI developers, critical infrastructure owners and operators, civil society, and the public sector. Implements EO 14110 § 4.3(a)(iv) directives that survived the EO's revocation.
Who is protected: Consumers, workers, and patients dependent on AI-augmented critical-infrastructure operations
Who must comply: Voluntary; targeted to the 16 critical-infrastructure sectors and their AI vendors
Key facts
| Jurisdiction | United States |
|---|---|
| Level | Federal |
| Status | In effect |
| Protection strength | Limited protection |
| Effective date | 2024-11-14 |
| Enacted | 2024-11-14 |
| Citation | DHS Framework (Nov. 14, 2024) |
| Enforced by | Department of Homeland Security; CISA (sector risk management agency coordination) |
| Private right of action | No — agency enforcement only |
| Penalties | No direct penalties; informs sector-specific regulation |
| Topics | government use of AI · data-center siting and energy · automated decision-making · consumer protection |
| Last verified | 2026-06-17 |
| Official source | DHS Framework for AI in Critical Infrastructure (Nov. 2024) ↗ |
More AI rules in United States
- FTC Act Section 5 (unfair/deceptive AI) · In effect
- TAKE IT DOWN Act · In effect
- FCRA (AI in credit & background checks) · In effect
- ECOA / Regulation B (AI credit discrimination) · In effect
- Title VII / ADA (AI hiring) · In effect
- COPPA + 2025 Rule (childrens data) · In effect
Related government use of AI rules elsewhere
- SB 53 (Frontier AI Safety) · In effect
- RAISE Act · Enacted (not yet in effect)
- TRAIGA · In effect
- Kentucky SB 4 (AI Governance) · In effect
- KS AI Foreign Platforms Ban · In effect
- MT Right to Compute Act · In effect
See something wrong or out of date? Submit a correction — every entry must carry a verifiable official source.