On April 9, 2026, xAI — the company behind the model called Grok — sued the Colorado attorney general in federal district court, asking the judge to enjoin a state law called Senate Bill 24-205 before its 30 June effective date. Two weeks later, on April 24, the United States Department of Justice moved to intervene. The court granted the motion. The DOJ's complaint cites a single constitutional provision — the Equal Protection Clause — and a single theory: that requiring artificial-intelligence systems to avoid discrimination is itself a form of unconstitutional discrimination. That doctrinal turn — civil-rights law turned against fairness rules in code — is what is now in front of the court.
The substantive question is older than this case. Whether disparate-impact analysis can sit inside an Equal Protection framework that is, in form, about intent — that has been argued for forty years. The doctrinal vehicle is new. So is the law that has provoked it. SB24-205 is not, as it might first appear, a homegrown experiment. Architecturally, it is a near-translation of Europe's AI Act — the same developer/deployer split of obligations, the same risk-tiering logic, the same impact-assessment requirements, the same extraterritorial reach. The Justice Department's challenge is not, strictly, to a state law. It is to a transplant.
What follows reads the case as it stands today, with attention to the two filings that have moved the architecture in the past fortnight: xAI's complaint and the DOJ's complaint in intervention. Both lean on the December 2025 Executive Order that named "a new Colorado law" by all but its number — and that named, as policy, the federal government's intention to use litigation rather than legislation as its instrument of AI governance.
Continues themes from N° 03 · The EU AI Act's developer/deployer architecture returns here, transplanted into a Colorado statute — and now contested on constitutional grounds the European original never had to face.A statute modeled on Brussels
Colorado SB24-205, signed into law in May 2024 and set to take effect on 30 June 2026, is the most architecturally European piece of AI regulation any American jurisdiction has yet produced. To understand what the Justice Department is challenging, it helps to read the statute first.
The bill, formally titled Consumer Protections for Artificial Intelligence, does in miniature what the EU AI Act does in scale. It defines a category of "high-risk" AI systems — those that are "a substantial factor" in consequential decisions about individuals: employment, housing, education, financial services, health care, government services, certain insurance products. It splits the regulated population in two: developers, who train and provide AI systems, and deployers, who use them to make decisions about people. It imposes a duty on both to "use reasonable care" to protect consumers from any known or reasonably foreseeable risks of algorithmic discrimination. It mandates documentation, transparency reports to the public and to the attorney general, and annual impact assessments. It is enforceable by the state attorney general.
The substantive concept around which all this is built is algorithmic discrimination, defined by the statute as any condition in which the use of an AI system results in an unlawful differential treatment or impact that disfavors an individual or group on the basis of protected characteristics — age, race, sex, disability, religion, and so on. The definition includes one critical exemption. It does not capture AI systems used "to expand an applicant, customer, or participant pool to increase diversity or redress historical discrimination," nor systems used solely for testing.
Developers of high-risk AI systems must use reasonable care to protect against algorithmic discrimination, document the system's intended uses and known limitations, disclose information about training data and discrimination-mitigation practices to deployers, and notify the Colorado attorney general within 90 days of discovering that a deployed system has caused algorithmic discrimination.
Deployers must implement a risk-management policy modeled on a recognized framework (the NIST AI Risk Management Framework is named in the bill's drafting history), conduct annual impact assessments of each high-risk deployment, notify affected consumers when a high-risk system is used to make a consequential decision about them, and provide an opportunity to appeal that decision. Deployers with fewer than fifty employees and no internal training of high-risk systems face reduced obligations.
The architecture is recognizable to anyone who has read the EU AI Act. Both texts split developers from deployers — the EU calls them providers and deployers, but the structure is identical. Both define a category of high-risk uses that triggers heavier obligations. Both require pre-deployment impact assessment and ongoing risk-management. Both reach beyond their territory to capture systems whose outputs affect their residents. The differences are real but proportional: SB24-205 is shorter, narrower in scope, and has a softer enforcement spine — state-AG only, no certification regime, no fines tiered to global revenue. Within its scope, however, it is a state-level American restatement of the European logic.
Governor Jared Polis signed SB24-205 in May 2024 with a public statement of misgivings — calling on the legislature to refine the law before it took effect. A 2025 amendment effort to soften several of its core provisions failed. As of this writing, the law's effective date holds: 30 June 2026. xAI's lawsuit, and the federal intervention that followed, are the strongest external pressure on the statute since its enactment.
Four flags, and a speech claim
xAI's complaint, filed eleven weeks before the law would take effect, asks the District of Colorado to enjoin SB24-205 on four constitutional grounds. Three are familiar federal-preemption-and-due-process arguments. The fourth, and most ambitious, is the claim that an AI model's outputs are protected speech.
The complaint, captioned xAI Corp. v. Philip J. Weiser, was filed in the U.S. District Court for the District of Colorado on April 9, 2026. It asks for declaratory and injunctive relief on four counts.
The First Amendment claim is the most ambitious. It contends that Grok's output is expressive speech, and that SB24-205 compels xAI to alter that speech to conform to a state-mandated viewpoint about fairness and equity. Compliance, the complaint says, would require redesigning, retraining, or constraining the model — recalibrating what information to include in responses, hard-coding additional guardrails, or re-weighting training datasets. The legal theory is that those technical adjustments are not just engineering choices but compelled editorial decisions, and that the disclosure obligations layered on top compound the compelled-speech problem with a viewpoint-discrimination problem.
The Dormant Commerce Clause claim argues that SB24-205 reaches extraterritorially: it applies to any AI system that affects "even a single Colorado resident," regardless of where the system was developed, trained, or deployed. xAI argues this fails the Pike balancing test — that the burden on interstate commerce, including the potential need to retrain models nationwide rather than carve out a Colorado-only version, is "clearly excessive" relative to any speculative local benefit.
The Due Process claim is the most technical and may be the most decisive in the short term. It argues that SB24-205 is unconstitutionally vague: terms like "algorithmic discrimination," "high-risk artificial intelligence system," "reasonable care," and "substantial factor" are not defined with the precision developers need to know what compliance looks like. The complaint's argument is the standard vagueness one — that fair notice is a constitutional minimum, and that a statute leaving developers without a clear standard while granting the attorney general open-ended enforcement discretion violates that minimum.
The Equal Protection claim is the structural setup for what the DOJ would pick up two weeks later. It targets the diversity-redress carveout, arguing that exempting AI systems that "expand pools to increase diversity or redress historical discrimination" codifies a racial classification — preferring some pools over others on the basis of protected characteristics — without the compelling justification strict scrutiny demands.
The four counts are not equally novel. The vagueness argument is workmanlike administrative-law and could plausibly carry an injunction on its own. The Commerce Clause claim has the most precedent on its side; courts have struck down state laws with similar single-resident extraterritorial reach. The First Amendment argument is the one whose acceptance would most thoroughly reshape AI regulation in the United States, by establishing a precedent that algorithmic outputs are constitutionally protected speech against compelled modification — a position with consequences that go well beyond Colorado, and well beyond fairness rules. The Equal Protection argument is what the federal government will adopt and amplify two weeks later.
How fairness became discrimination
The Justice Department's complaint in intervention, filed on April 24, narrows the case to a single clause and a single argument. The clause is Equal Protection. The argument is that requiring fairness in AI systems necessarily compels the kind of demographic-conscious engineering the clause forbids.
The DOJ's path into the case runs through a particular statutory authority. The relevant provision is 42 U.S.C. § 2000h-2, a section of the Civil Rights Act of 1964 that allows the United States to intervene in any action raising Equal Protection issues, provided the Attorney General certifies that the case is "of general public importance." The Acting Attorney General did so. The court granted the intervention. The mechanism is unusual; the Justice Department does not, as a matter of routine, intervene in private constitutional suits. It does so when the federal government has a policy interest in the doctrine being shaped.
42 U.S.C. § 2000h-2 was enacted as part of the Civil Rights Act of 1964 to allow the federal government to participate in private lawsuits raising Equal Protection issues — originally, suits about racial discrimination in public accommodations and education. The provision requires only that the Attorney General certify the case as one of general public importance; once certified, the United States enters as a party with the same standing as the original litigants.
The provision has historically been used sparingly and on the side of plaintiffs alleging civil-rights violations — schoolchildren, hospital patients, voters. Using it to enter on the constitutional side of an AI company against a state's algorithmic-discrimination law is an inversion of that historical pattern. The government's interpretation of the statute is straightforward; what is novel is the choice to use it this way.
The complaint advances two counts, both rooted in the Equal Protection Clause.
The first is what the government calls compelled discrimination. The argument runs as follows. SB24-205 imposes liability for algorithmic outcomes that produce a "differential impact" on protected groups — disparate-impact liability based on, in the DOJ's phrase, "statistics alone." The only way to reliably avoid such outcomes is for developers to engineer their AI systems with explicit attention to demographic results — re-weighting training data, adjusting output distributions, hard-coding adjustments to ensure protected-class parity. In domains the DOJ characterizes as "zero-sum" — hiring, admissions, lending — adjusting an algorithm to reduce disparate impact on one group necessarily means reducing access for another. The act of correcting a statistical disparity, the government argues, is the act of intentionally treating individuals differently on the basis of protected characteristics. Disparate-impact compliance is therefore disparate treatment in disguise. And disparate treatment is precisely what the Equal Protection Clause forbids.
The second count is what the government calls authorized discrimination. It targets the same diversity-redress carveout xAI flagged. The argument is shorter: by exempting AI systems used to "expand pools to increase diversity or redress historical discrimination," the statute affirmatively permits intentional differential treatment based on protected classes. Without a compelling government interest narrowly tailored, that permission cannot survive strict scrutiny.
Both counts depend on the same conceptual move: a re-coupling of disparate-impact methodology with disparate-treatment liability. For four decades the two have been treated as legally distinct. Disparate-impact analysis — the analytical tool civil-rights enforcement has used to identify and remedy facially neutral practices that operate to harm protected groups — was understood as compatible with, and complementary to, the Equal Protection Clause's prohibition on intentional discrimination. The DOJ's complaint argues that this distinction collapses when the entity being regulated is a designed system. Where a hiring panel might apply a facially neutral test that happens to disadvantage women, an AI developer who knows the model produces disparate outputs and adjusts the model to fix them is doing something different: choosing, with intent, to treat groups differently. That is the inversion.
This is, on its own terms, an aggressive reading of Equal Protection doctrine — and one that contradicts forty years of civil-rights enforcement, in which disparate-impact methodology has been understood as a tool to root out discrimination, not as a form of it. Whether the District of Colorado will accept it is the question. Whether the Tenth Circuit will, on the inevitable appeal, is the more important one. The DOJ's filing concedes nothing about that history; it presents the inversion as straightforward.
Litigation as policy
The intervention is not a one-off. It sits inside a federal architecture for AI policy that, in the current administration, is being built through executive orders and litigation rather than through Congress.
The DOJ's complaint in intervention is candid about its policy provenance. It cites the Executive Order signed on December 11, 2025, Ensuring a National Policy Framework for Artificial Intelligence — the order that, by name, identified Colorado's then-pending law as a "problematic state law" and asserted that it "may even force AI models to produce false results to avoid a 'differential treatment or impact' on protected groups." The same order established what it called the AI Litigation Task Force, an interagency body with the explicit and only mission of challenging state AI laws inconsistent with the executive's policy. The Colorado intervention is, in effect, that task force's first major filing.
Executive Order 14XXX, "Ensuring a National Policy Framework for Artificial Intelligence," was signed on 11 December 2025. It directed federal agencies to refrain from regulatory action that could create "cumbersome regulation" of U.S. AI companies, and named several state laws — including, by description, Colorado's not-yet-effective SB24-205 — as inconsistent with the federal policy posture.
Most consequentially, the order established the AI Litigation Task Force, an interagency body led by the Civil Rights Division of the Justice Department, "whose sole responsibility shall be to challenge State AI laws inconsistent with the policy set forth in this Executive Order." The task force does not have authority to make rules; its instrument is litigation. The Colorado filing is its first appearance on a docket.
The architecture above the case is therefore not, despite appearances, a Justice Department response to a private suit. It is the activation of a litigation strategy decided several months earlier. The March 2026 National AI Legislative Framework, the administration's articulation of what it does want from American AI policy, expressed the same posture in a different idiom: U.S. AI companies must be free to innovate without "cumbersome regulation," and where federal legislation is not forthcoming, the courts are the appropriate venue for setting the terrain.
It is worth being precise about what this is and what it is not. Congress has not passed an AI law. The federal AI policy of the United States, as a matter of statute, remains the patchwork of sectoral rules that already existed before generative models — the FTC's authority over deceptive practices, the EEOC's enforcement of employment-discrimination law, the FDA's oversight of medical devices, the SEC's market-integrity rules. What the executive branch is now doing is asserting, through executive order and through targeted litigation, a federal policy line that displaces state regulation without producing federal regulation in its place. The Colorado intervention is the most concrete instance of that strategy yet.
The pattern is not new in U.S. constitutional history — federal preemption-by-litigation is older than the Republic — but its application to AI policy is. Where the European Union has spent four years legislating an AI Act and is now spending a fifth amending it (see N° 03 of this collection), the United States is producing AI policy through executive order, litigation strategy, and filings like the one the District of Colorado is now considering. The doctrine is being set by judges, not by legislators.
The Brussels Effect, contested
The Brussels Effect is the political-science thesis that EU regulation, by virtue of market access, becomes de facto global standard. Colorado's statute was the closest American example of that thesis arriving on U.S. soil. The DOJ's intervention is the closest test of whether it can land.
For two decades the political scientist Anu Bradford has argued that European regulation diffuses globally not by treaty or persuasion but through the structure of the global market: companies that need to access EU consumers find it cheaper to apply EU standards to their global operations than to maintain dual product lines. The thesis explains GDPR's reach into California, EU product-safety standards in American supermarkets, and — until now — the gravitational pull of the EU AI Act on American state legislation. SB24-205 was not borrowed from Brussels by accident. It was borrowed because Brussels had done the architectural work first, and Colorado's drafters could read what worked.
The Brussels Effect, named in Anu Bradford's 2020 book of the same title, is the observation that EU regulation often becomes de facto global through market structure rather than through political export. A multinational company facing a stricter rule in its largest market — privacy under GDPR, chemical safety under REACH, product standards under CE marking — typically finds it more efficient to apply that rule to all its products globally than to run two production lines.
What Bradford's thesis implies for AI is that the EU AI Act would, over time, set a global default for high-risk AI compliance — whether or not other jurisdictions formally adopted it. SB24-205 is one of the first U.S. state laws that visibly absorbs that default. Whether it survives the federal challenge is, in Bradford's vocabulary, a test of whether the Effect has limits at constitutional borders.
What the DOJ's intervention now contests is whether that effect can land in U.S. constitutional space. The argument is not that the EU model is unwise — the federal complaint does not engage with whether the substantive architecture is good policy. It argues that the architecture, when adopted by an American state, runs into a constitutional clause the EU does not have to respect. Equal Protection, in the DOJ's framing, is the firewall that stops the Brussels Effect at the Atlantic.
The piece on the AI Act trilogue published in this collection two weeks ago described a Europe negotiating its own architecture's coherence — whether to fragment the horizontal AI Act with sectoral exceptions, whether to push back compliance dates. That negotiation now reads differently in light of Colorado. While the EU is renegotiating the AI Act's reach, an American transplant of the same logic is being challenged in a federal court on the grounds that the logic itself — a developer/deployer split, risk-tiering, disparate-impact accountability — cannot survive the American constitutional order. Whether the EU's framework will hold in Brussels and whether its transplant will hold in Denver are formally two unrelated questions. Substantively, they are the same question seen from two sides of a regulatory frontier.
This is, in the most literal sense, the constitutional question that any American state-level AI regulation will face. New York City's AI bias-audit law, Illinois's AI Video Interview Act, and California's pending efforts in this space all rest on the same disparate-impact-aware methodology that SB24-205 codifies. If the District of Colorado — and behind it, the Tenth Circuit, and behind that, the Supreme Court — accepts the DOJ's theory, the constitutional ceiling on state AI regulation is set lower than any of those laws assumed. The Brussels Effect, in that scenario, runs into Equal Protection and stops there.
If the court does not accept the theory — or if the injunction does not issue before June 30, and SB24-205 enters into force as written — the answer is not that the Brussels Effect prevails. It is that the question is unsettled, and the federal litigation strategy is in for several years of state-by-state, circuit-by-circuit work.
What is uncertain. Whether the District of Colorado will issue a preliminary injunction before 30 June. Whether xAI's First Amendment theory — model output as protected speech against compelled modification — will hold up on its own merits even if the Equal Protection theory does not. Whether the Tenth Circuit, on the inevitable appeal, will narrow or broaden the doctrine the District sets. Whether other state AI laws — New York City's bias-audit ordinance, Illinois's, California's pending bills — will be the next federal targets, and how quickly.
What is not uncertain. American AI policy in this administration will not arrive through Congress. It will arrive through executive orders, through targeted litigation, and through filings like the DOJ's complaint in this case. The doctrinal terrain is being shifted before it is settled. The Brussels Effect, to the extent it had begun to land in U.S. state legislation, is now actively being pushed back at the federal level — not on policy grounds but on constitutional ones.
What the reader is left with is a constitutional fight that is, in substance, a model fight. Two governance models for AI sit on either side of it. The European-derived model, in which fairness and impact-assessment are required ex ante and enforced through documentation, certification, and disparate-impact accountability. And the model the federal government is now articulating, in which fairness rules of the first kind are themselves constitutionally suspect, because they presuppose demographic-conscious engineering. The Colorado court will not formally rule on which model is right. It will, in deciding xAI's motion, rule on which model can be implemented under the Fourteenth Amendment. That is a smaller question and a much larger one at once.