December 2025 handed us a masterclass in how fast the rules of the internet can change when Washington decides to pay attention. The decisions being made right now — on AI, on data privacy, on who controls the pipes — will shape what technology looks like for the next decade. If you’re not watching this closely, you’re already behind.
The folks at Tech Policy Press dropped their December 2025 roundup and it reads less like a policy digest and more like a dispatch from a slow-motion collision. Multiple regulatory fronts are moving at once. Congress is squabbling. The White House wants to look tough on Big Tech while simultaneously not spooking Silicon Valley investors. It’s a mess. A consequential, expensive, absolutely predictable mess.
The AI Rules Fight Is Getting Ugly
The AI governance debate in Washington has officially left the “thoughtful discussion” phase and entered the “everyone is yelling past each other” phase. On one side, you have tech companies lobbying hard for a federal preemption bill — essentially a federal standard weak enough to override tougher state-level rules. On the other side, you have state attorneys general who watched what happened with social media and have zero interest in letting Congress defang them again.
The preemption argument goes like this: a patchwork of 50 different state AI laws would be a compliance nightmare for companies building national products. That’s true. It’s also completely self-serving. The same companies arguing for regulatory consistency spent years fighting any regulation at all. Now that regulation is coming regardless, they want to pick the referee.
California, unsurprisingly, is the flashpoint. After Governor Newsom vetoed SB 1047 last year, there was a brief moment where people thought the state might back off. Instead, California came back with sharper, more targeted proposals. The federal response? Still largely incoherent.
Data Privacy: Still Waiting for the National Standard
Here’s a fun fact: the United States remains one of the only developed democracies without a comprehensive federal data privacy law. In December 2025, that’s still true. The American Privacy Rights Act has been stuck in committee purgatory, weighed down by disagreements over private right of action — meaning whether individual citizens can sue companies directly, or whether enforcement stays in the hands of regulators.
Tech companies hate the private right of action provision. Consumer advocates say without it, the law has no teeth. Both sides are right. That’s what makes it so hard. And meanwhile, your data is still being sold, scraped, and profiled while Congress argues about procedure.
The EU comparison is brutal here. While Europe has been dealing with its own growing pains — EU child safety efforts are stalling as ePrivacy protections expire and age verification systems get hacked — at least they have a framework to fight over. The US is still debating whether to build the house at all.
The Hot Take
The tech industry’s loudest complaints about government overreach are the strongest argument for government overreach. Every time a company cries “innovation will die” in response to regulation, what they’re actually saying is: “our business model depends on the rules staying exactly as permissive as they are right now.” That’s not a defense of progress. That’s incumbents protecting market position. A real market — one that actually rewarded better, safer, more ethical products — wouldn’t need to lobby this hard against accountability.
The Geopolitical Wildcard
US tech policy doesn’t exist in a vacuum. December 2025 made that clearer than ever. The ongoing tension with China over semiconductors, data flows, and platform access keeps reshaping the domestic conversation in ways that don’t always make sense. And amid a fragile trade truce with the US, China is sharpening its own economic tools ahead of any Trump engagement — which means American tech companies operating globally are caught between two governments, each demanding loyalty the companies can’t fully deliver.
The TikTok situation remains the most visible example of this tension. Whatever your position on the ban, the underlying question — who gets to own the infrastructure that carries American attention — is not going away. It’s going to keep forcing messy, imperfect choices.
What Actually Changed This Month
Beyond the gridlock, a few concrete things did move in December. The FTC signaled renewed interest in algorithmic accountability. The FCC got louder on broadband access equity. And a handful of bipartisan senators introduced yet another kids’ online safety bill, which the podcast app industry is already watching closely given how ad-targeting rules could shift if the bill gains traction.
Small moves. But they add up. Policy rarely changes in one dramatic moment — it shifts in inches, then suddenly sprints.
The stakes heading into 2026 are real. Whoever controls the regulatory story controls the internet’s next chapter. Right now that story is being written by lobbyists, stalled committees, and a handful of state-level officials willing to act when federal leaders won’t. That’s not a system working well. But it is a system worth understanding — because ignoring it means watching someone else make every decision that affects your digital life.