Subtitle E--Artificial Intelligence
SEC. 1541. MODIFICATION TO ACQUISITION AUTHORITY OF SENIOR OFFICIAL WITH PRINCIPAL RESPONSIBILITY FOR ARTIFICIAL INTELLIGENCE AND MACHINE LEARNING.

Section 808 of the William M. (Mac) Thornberry National Defense Authorization Act for Fiscal Year 2021 (Public Law 116-283; 10 U.S.C. 4001 note) is amended--
	(1) in subsection (c)(1), by striking The Secretary of Defense shall provide the Office with at least 10 full-time employees'' and inserting The Secretary of Defense shall ensure that, at any given time for the duration of the period specified in subsection (d), the Office has at least 10 full-
time employees provided by the Secretary'';
	(2) in subsection (d), by striking in each of fiscal years 2021, 2022, 2023, 2024, and 2025'' and inserting in each of fiscal years 2024 through 2029'';
	(3) by amending subsection (e)(1) to read as follows:
``(1) In general.--``(A) Plan required.--Not later than 30 days after the date of the enactment of the National Defense Authorization Act for Fiscal Year 2024, the Secretary of Defense, acting through the Under Secretary of Defense for Acquisition and Sustainment, shall submit to the congressional defense committees a plan for the delegation and exercise of the acquisition authority described in subsection (a).``(B) Demonstration required.--Not later than 90 days after the date of the enactment of the National Defense Authorization Act for Fiscal Year 2024, the Secretary of Defense, acting through the Chief Digital and Artificial Intelligence Officer of the Department of Defense, shall provide a demonstration of operational capability delivered under such authority. In addition to the matters specified in paragraph (4), such demonstration shall include a description of--
``(i) how the Chief Digital and Artificial Intelligence Officer may use the acquisition authorities available to the Chief Digital and Artificial Intelligence Officer to further the data and artificial intelligence objectives of the Department of Defense, including an inventory of requirements and funding associated with the exercise of such acquisition authorities;
``(ii) how the Chief Digital and Artificial Intelligence Officer may use the acquisition authorities of other Federal entities to further such objectives, including an inventory of requirements and funding associated with the exercise of such acquisition authorities; and
``(iii) the challenges and benefits of using the acquisition authorities described in clauses (i) and (ii), respectively, to further such objectives.''; and
	(4) in subsection (f), by striking October 1, 2025'' and inserting October 1, 2029''.
SEC. 1542. ARTIFICIAL INTELLIGENCE BUG BOUNTY PROGRAMS.

(a) Program for Foundational Artificial Intelligence Products Being Integrated Within Department of Defense.--
	(1) Development required.--Not later than 180 days after the date of the enactment of this Act and subject to the availability of appropriations, the Chief Digital and Artificial Intelligence Officer of the Department of Defense shall develop a bug bounty program for foundational artificial intelligence models being integrated into the missions and operations of the Department of Defense.
	(2) Collaboration.--In developing the program under paragraph (1), the Chief Digital and Artificial Intelligence Officer may collaborate with the heads of other Federal departments and agencies with expertise in cybersecurity and artificial intelligence.	(3) Implementation authorized.--The Chief Digital and Artificial Intelligence Officer may carry out the program developed under subsection (a).
	(4) Contracts.--The Secretary of Defense shall ensure, as may be appropriate, that whenever the Secretary enters into any contract, such contract allows for participation in the bug bounty program developed under paragraph (1).
	(5) Rule of construction.--Nothing in this subsection shall be construed to require--
		(A) the use of any foundational artificial intelligence model; or(B) the implementation of the program developed under paragraph (1) for the purpose of the integration of a foundational artificial intelligence model into the missions or operations of the Department of Defense.
(b) Briefing.--Not later than one year after the date of the enactment of this Act, the Chief Digital and Artificial Intelligence Officer shall provide to the congressional defense committees a briefing on--
	(1) the development and implementation of bug bounty programs the Chief Digital and Artificial Intelligence Officer considers relevant to the matters covered by this section; and
	(2) long-term plans of the Chief Digital and Artificial Intelligence Officer with respect to such bug bounty programs.

(c) Foundational Artificial Intelligence Model Defined.--In this section, the term ``foundational artificial intelligence model'' means an adaptive generative model that is trained on a broad set of unlabeled data sets that may be used for different tasks with minimal fine-tuning.
SEC. 1543. PRIZE COMPETITION FOR TECHNOLOGY THAT DETECTS AND WATERMARKS USE OF GENERATIVE ARTIFICIAL INTELLIGENCE.

(a) Establishment.--Not later than 270 days after the date of the enactment of this Act, under the authority of section 4025 of title 10, United States Code, the Secretary of Defense shall establish a prize competition designed to evaluate technology
(including applications, tools, and models) for generative artificial intelligence detection and generative artificial intelligence watermarking, for the purposes of--
	(1) facilitating the research, development, testing, evaluation, and competition of such technologies to support the Secretaries of the military departments and the commanders of combatant commands in warfighting requirements; and
	(2) transitioning such technologies, including technologies developed pursuant to pilot programs, prototype projects, or other research and development programs, from the prototyping phase to production.
(b) Participation.--The participants in the prize competition under subsection (a) may include federally funded research and development centers, entities within the private sector, entities within the defense industrial base, institutions of higher education, Federal departments and agencies, and such other categories of participants as the Secretary of Defense considers appropriate.
(c) Designation.--The prize competition under subsection (a) shall be known as the ``Generative AI Detection and Watermark Competition''.
(d) Administration.--The Under Secretary of Defense for Research and Engineering shall administer the prize competition under subsection (a).
(e) Framework.--Not later than 120 days after the date of the enactment of this Act, the Secretary of Defense shall provide to the congressional defense committees a briefing on the framework to be used in carrying out the prize competition under subsection (a).(f) Annual Briefings.--Not later than October 1 of each year until the date of termination under subsection (g), the Secretary of Defense shall provide to the congressional defense committees a briefing on the results of the prize competition under subsection (a).
(g) Termination.--The authority to carry out the prize competition under subsection (a) shall terminate on December 31, 2025.
(h) Definitions.--In this section:
	(1) The term ``generative artificial intelligence detection'' means, with respect to digital content, the positive identification of the use of generative artificial intelligence in the generation of such content.
	(2) The term ``generative artificial intelligence watermarking'' means, with respect to digital content, embedding within such content data conveying attribution of the generation of such content to generative artificial intelligence.
SEC. 1544. PLANS, STRATEGIES, AND OTHER MATTERS RELATING TO ARTIFICIAL INTELLIGENCE.

(a) In General.--The Secretary of Defense, in consultation with the Deputy Secretary of Defense, shall--

	(1) establish and document procedures, including timelines, for the periodic review of the 2018 Department of Defense Artificial Intelligence Strategy, or any successor strategy, and associated annexes of the military departments to assess the implementation of such strategy and whether any revision is necessary;	(2) issue Department of Defense-wide guidance that defines outcomes of near-term and long-term strategies and plans relating to--
		(A) the adoption of artificial intelligence;
		(B) the adoption and enforcement of policies on the ethical use of artificial intelligence systems; and
		(C) the identification and mitigation of bias in artificial intelligence algorithms;
	(3) issue Department-wide guidance regarding methods to monitor accountability for artificial intelligence-related activity, including artificial intelligence performance indicators and metrics;	(4) develop a strategic plan for the development, use, and cybersecurity of generative artificial intelligence, including a policy governing the use of, and the defense against adversarial use of, generative artificial intelligence;
	(5) assess technical workforce needs across the future years defense plan to support the continued development of artificial intelligence capabilities, including recruitment and retention policies and programs;
	(6) assess the availability and adequacy of the basic artificial intelligence training and education curricula, including efforts developed or authorized pursuant to section 256 of the National Defense Authorization Act for Fiscal Year 2020 (133 Stat. 1290; Public Law 116-92), available to the broader civilian workforce of the Department and military personnel to promote artificial intelligence literacy to the nontechnical workforce and senior leadership with responsibilities adjacent to artificial intelligence technical development;	(7) develop and issue a timeline and guidance for the Chief Digital and Artificial Intelligence Officer of the Department and the Secretaries of the military departments to establish a common lexicon for artificial intelligence-related activities;
	(8) develop and implement a plan to protect and secure the integrity, availability, and privacy of artificial intelligence systems and models, including large language models, data libraries, data repositories, and algorithms, in training, development, and production environments;
	(9) ensure the fulfilment of the statutory requirement to establish data repositories under section 232 of the National Defense Authorization Act for Fiscal Year 2022 (Public Law 117-81; 10 U.S.C. 4001 note), as amended by section 212 of the National Defense Authorization Act for Fiscal Year 2023 (Public Law 117-263; 136 Stat. 2466);	(10) develop and implement a plan--
		(A) to identify commercially available and relevant large language models; and
		(B) to make such models available, as appropriate, on classified networks;
	(11) develop a plan to defend the personnel, organizations, and systems of the Department against adversarial artificial intelligence, including an identification of organizations within the Department capable of providing to cyber red teams of the Department capabilities for operational and developmental needs;
	(12) develop and implement a policy for use by contracting officials to protect the intellectual property of commercial entities that provide artificial intelligence algorithms to a data repository specified in paragraph (9), including a policy for how to address data rights in situations in which governmental and commercial intellectual property may be mixed when such artificial intelligence algorithms are deployed in an operational environment;	(13) issue guidance and directives governing how the Chief Digital and Artificial Intelligence Officer of the Department shall exercise authority to access, control, and maintain, on behalf of the Secretary, data collected, acquired, accessed, or used by components of the Department consistent with section 1513 of the James M. Inhofe National Defense Authorization Act for Fiscal Year 2023 (Public Law 117-263; 10 U.S.C. 4001 note); and
	(14) clarify guidance on the instances for, and the role of human intervention and oversight in, the exercise of artificial intelligence algorithms for use in the generation of offensive or lethal courses of action for tactical operations.
(b) Ethical and Responsible Artificial Intelligence.--
	(1) Process.--The Secretary of Defense, acting through the Chief Digital and Artificial Intelligence Officer, shall develop and implement a process--
		(A) to assess whether a given artificial intelligence technology used by the Department of Defense is in compliance with a test, evaluation, verification, and validation framework that--
			(i) operationalizes responsible artificial intelligence principles; and
			(ii) is validated and selected by the Chief Digital and Artificial Intelligence Officer for purposes of this subsection;
		(B) to report and remediate any artificial intelligence technology that is determined not to be in compliance with the framework selected pursuant to subparagraph (A); and
		(C) in a case in which efforts to remediate such technology have been unsuccessful, to discontinue the use of the technology until effective remediation is achievable.	(2) Additional requirements.--In developing and implementing the process under paragraph (1), the Secretary of Defense shall--
		(A) develop clear criteria against which the compliance of an artificial intelligence technology with the framework selected pursuant to subparagraph (A) of such paragraph may be assessed under such subparagraph, taking into consideration--
			(i) similar criteria previously developed by the Secretary; and
			(ii) the identification of potential vulnerabilities in systems and infrastructure of the Armed Forces that could be exploited by adversarial artificial intelligence applications used by the People's Republic of China, the Russian Federation, or other foreign adversaries;
		(B) take steps to integrate such process across the elements of the Department of Defense, including the combatant commands; and
		(C) provide information on such process to members of the Armed Forces and civilian personnel of the Department that are--
			(i) responsible for developing and deploying artificial intelligence technologies;
			(ii) end users of such technologies, including members of the Army, Navy, Air Force, Marine Corps, or Space Force who use such technologies in military operations; or(iii) otherwise determined relevant by the Secretary.
(c) Deadline; Briefing.--
	(1) Deadline.--The Secretary shall complete the requirements under this section by not later than 120 days after the date of enactment of this Act.
	(2) Briefing.--Not later than 150 days after the date of the enactment of this Act, the Secretary shall provide to the congressional defense committees a briefing on the implementation of this section.
SEC. 1545. STUDY TO ANALYZE VULNERABILITY FOR ARTIFICIAL INTELLIGENCE-ENABLED MILITARY APPLICATIONS.

(a) Study.--Not later than one year after the date of the enactment of this Act, the Secretary of Defense shall complete a study to assess the functionality of artificial intelligence-enabled military applications, research and development needs related to such applications, and vulnerabilities to the privacy, security, and accuracy of such applications.
(b) Elements.--The study under subsection (a) shall include the following:
	(1) An assessment of research and development efforts, including transition pathways, needed to advance explainable and interpretable artificial intelligence-enabled military applications, including the capability to assess the architectures, data models, and algorithms underlying such applications.	(2) An assessment of any potential risks to the privacy, security, or accuracy of the architectures, data models, or algorithms underlying artificial intelligence-enabled military applications, including the following:
		(A) Individual foundational artificial intelligence models, including the adequacy of existing testing, training, and auditing for such models to ensure such models may be properly assessed over time.
		(B) The interactions of multiple artificial intelligence-enabled military applications and how such interactions may affect the ability to detect and assess new, complex, and emergent behavior among individual agents, as well as the collective effect of such interactions on risks to the privacy, security, and accuracy of such applications over time.
		(C) The effect of increased agency in artificial intelligence-enabled military applications and how such increased agency may affect the ability to detect and assess
new, complex, and emergent behavior, as well risks to the privacy, security, and accuracy of such applications over time.	(3) An assessment of the survivability and traceability of decision support systems that are integrated with artificial intelligence-enabled military applications and used in a contested environment.
	(4) An identification of existing artificial intelligence metrics, developmental, testing and audit capabilities, personnel, and infrastructure of the Department of Defense, including test and evaluation facilities of the Department, needed to enable ongoing assessment under paragraphs (1) through (3).
	(5) An identification of any research gaps necessary to be filled to sufficiently carry out the assessments and identifications required under paragraphs (1) through (3) that are not currently, or not sufficiently, funded within the Department of Defense.
(c) Interim Briefing.--Not later than 180 days after the date of the enactment of this Act, the Chief Digital and Artificial Intelligence Officer shall provide to the congressional defense committees a briefing on the interim findings of the study under subsection (a).
(d) Final Report.--
	(1) Submission.--Not later than one year after the date of the enactment of this Act, the Secretary of Defense shall submit to the congressional defense committees a final report on the findings with respect to the study conducted pursuant to subsection (a).
	(2) Form.--The final report under paragraph (1) shall be submitted in unclassified form, but may include a classified annex.

(e) Foundational Artificial Intelligence Model Defined.--In this section, the term ``foundational artificial intelligence model'' means an adaptive generative model that is trained on a broad set of unlabeled data sets that may be used for different tasks with minimal fine-tuning.