Governing the Algorithm: AI Ethics, Critical Infrastructure, and Texas's Emerging Policy Response

By: David Stone

April 2026

Artificial intelligence (AI) is rapidly transforming the protection and management of critical infrastructure in the United States, including in Texas, where sectors such as energy, transportation, water systems, and public safety are increasingly dependent on data-driven technologies. While AI offers significant benefits, such as predictive analytics, automated threat detection, and enhanced system resilience, it also introduces a complex array of ethical and societal challenges. These challenges include algorithmic bias and discrimination, lack of transparency and accountability, heightened vulnerability to disinformation, and the erosion of public trust. State-level policy responses, including emerging frameworks such as the Texas Responsible Artificial Intelligence Governance Act (TRAIGA), attempt to address these risks, though they remain incomplete and evolving.

            One of the most significant ethical concerns surrounding AI in critical infrastructure is the issue of bias and discrimination. AI systems rely on large datasets to make predictions and decisions, but these datasets often reflect historical inequalities and social biases. When deployed in infrastructure contexts, such as emergency response prioritization, predictive policing, or resource allocation, AI can inadvertently reinforce disparities across racial, socioeconomic, or geographic lines. For example, systems trained on historical data may systematically under-serve marginalized communities or misidentify risks in ways that disproportionately affect vulnerable populations. These outcomes are particularly concerning in infrastructure settings, where decisions can have life-or-death consequences. The perception of algorithmic objectivity further complicates the issue, as biased outcomes may be viewed as neutral or scientifically justified, thereby obscuring underlying inequities.

            Closely related to bias is the problem of opacity, often referred to as the "black box" nature of AI systems. Many advanced AI models, particularly those based on deep learning, operate in ways that are not easily interpretable by human users. In critical infrastructure protection, this lack of transparency undermines accountability and complicates oversight. When an AI system fails, whether by missing a cyber threat, triggering a false alarm, or making an incorrect prediction, it can be difficult to determine why the failure occurred or who is responsible. This creates a governance gap, especially when public agencies rely on private vendors for AI tools. Without clear mechanisms for auditing and explaining AI decisions, both regulators and the public are left with limited means to evaluate system performance or ensure compliance with legal and ethical standards.

In addition to these internal system challenges, AI introduces new external threats, particularly in the realm of disinformation. Advances in generative AI have enabled the creation of highly realistic deepfakes, synthetic media, and automated content that can be deployed at scale to manipulate public perception. In the context of critical infrastructure, disinformation campaigns can have tangible and potentially severe consequences. For example, false information about power outages, water contamination, or emergency responses can induce panic, disrupt service usage patterns, or undermine compliance with official guidance. The increasing sophistication and accessibility of these tools mean that both state and non-state actors can exploit AI to destabilize infrastructure systems indirectly by targeting public trust and behavior.

A broader societal challenge is the erosion of trust. Critical infrastructure depends on public confidence in the systems and institutions that manage it. When AI systems are viewed as biased, opaque, or susceptible to manipulation, trust in infrastructure governance may decline. This can result in reduced compliance with emergency directives, skepticism toward official communications, and resistance to technological innovation. In a state like Texas, where infrastructure systems are both expansive and highly interdependent, particularly in the energy sector, such a loss of trust can have cascading effects across multiple domains.

State-level policy responses in Texas and across the United States reflect an increasing awareness of these challenges, though they remain fragmented and largely reactive. The broader U.S. approach to AI governance is characterized by a decentralized, sector-specific model that relies on a combination of federal guidance, agency regulations, and state initiatives. Unlike the European Union’s comprehensive AI Act, there is no unified federal framework governing AI deployment, leaving states to develop their own policies based on local priorities and concerns [i].

Within this context, TRAIGA represents an effort to begin structuring AI oversight at the state level, though its scope remains relatively limited. Consistent with broader trends in U.S. state-level AI policy, these frameworks often reflect general principles such as fairness, transparency, and accountability; however, in the case of TRAIGA, these concepts are not explicitly codified in the statute itself and are instead addressed more indirectly through advisory mechanisms and limited regulatory provisions. Rather than mandating specific practices like bias testing or algorithmic impact assessments, the legislation relies more heavily on advisory bodies, agency discretion, and an intent-based approach to liability, encouraging responsible use without imposing comprehensive enforcement mechanisms. As a result, while the framework acknowledges risks related to bias and discrimination, it leaves significant gaps in how those risks are operationally addressed.

The effectiveness of these measures, however, is limited by several factors. First, many state-level policies prioritize guidance and voluntary compliance over enforceable standards. This can result in uneven implementation across agencies and sectors, particularly when private vendors are involved. Second, regulatory frameworks often struggle to keep pace with the rapid evolution of AI technologies. As new capabilities emerge, such as more advanced generative models or autonomous decision-making systems, existing rules may quickly become outdated or insufficient. Lastly, there is a lack of coordination across states, leading to a patchwork of regulations that vary in scope, rigor, and enforcement mechanisms [ii].

Addressing AI-driven disinformation presents an additional challenge for policymakers. While some states have enacted laws targeting deepfakes in political contexts, broader protections against AI-generated misinformation in infrastructure settings remain underdeveloped. Effective responses require not only regulatory measures but also technological solutions, such as AI-based detection systems, as well as public education and media literacy initiatives. Policymakers are increasingly recognizing that governance must extend beyond technical systems to include the broader information ecosystem in which those systems operate.

Despite these limitations, state-level initiatives in Texas and elsewhere represent an important step toward more comprehensive AI governance. Emerging approaches emphasize the need for explainable AI, independent auditing mechanisms, and participatory oversight involving multiple stakeholders, including government agencies, private sector actors, and civil society. Some proposals also advocate for risk-based regulation, in which high-stakes applications, such as those involving critical infrastructure, are subject to stricter requirements and scrutiny.

The integration of AI into critical infrastructure protection in Texas presents both significant opportunities and profound ethical and societal challenges. Issues of bias, opacity, disinformation, and trust highlight the need for robust governance frameworks that go beyond technical performance to address broader social impacts. While state-level policies such as TRAIGA aim to mitigate these risks, they remain part of an evolving and incomplete regulatory landscape. Ensuring the safe and equitable use of AI in critical infrastructure will require continued policy innovation, stronger accountability mechanisms, and a holistic approach that integrates technical, legal, and societal considerations.

Resources

[i] Tatevik Davtyan, The U.S. Approach to AI Regulation: Federal Laws, Policies, and Strategies Explained, 16 J. Law, Tech. & the Internet 223 (2025).

[ii] Payvand Khastkhodaei, The Double-Edged Sword of AI in Elections: Navigating Risks and Opportunities in Washington State, 16 Seattle J. Tech., Envtl. & Innovation L. art. 2 (2026).