On Monday, California Governor Gavin Newsom signed the Transparency in Frontier Synthetic Intelligence Act into regulation, requiring AI firms to reveal their security practices whereas stopping in need of mandating precise security testing. The regulation requires firms with annual revenues of no less than $500 million to publish security protocols on their web sites and report incidents to state authorities, but it surely lacks the stronger enforcement enamel of the invoice Newsom vetoed final 12 months after tech firms lobbied heavily towards it.
The laws, S.B. 53, replaces Senator Scott Wiener’s earlier try at AI regulation, often known as S.B. 1047, that may have required security testing and “kill switches” for AI programs. As a substitute, the brand new regulation asks firms to explain how they incorporate “nationwide requirements, worldwide requirements, and industry-consensus finest practices” into their AI growth, with out specifying what these requirements are or requiring impartial verification.
“California has confirmed that we are able to set up laws to guard our communities whereas additionally guaranteeing that the rising AI {industry} continues to thrive,” Newsom mentioned in an announcement, although the regulation’s precise protecting measures stay largely voluntary past fundamental reporting necessities.
In line with the California state authorities, the state houses 32 of the world’s prime 50 AI firms, and greater than half of worldwide enterprise capital funding for AI and machine studying startups went to Bay Space firms final 12 months. So whereas the just lately signed invoice is state-level laws, what occurs in California AI regulation can have a a lot wider influence, each by legislative precedent and by affecting firms that craft AI programs used all over the world.
Transparency as a substitute of testing
The place the vetoed SB 1047 would have mandated security testing and kill switches for AI programs, the brand new regulation focuses on disclosure. Corporations should report what the state calls “potential crucial security incidents” to California’s Workplace of Emergency Companies and supply whistleblower protections for workers who elevate security considerations. The regulation defines catastrophic threat narrowly as incidents probably inflicting 50+ deaths or $1 billion in harm by means of weapons help, autonomous felony acts, or lack of management. The lawyer basic can levy civil penalties of as much as $1 million per violation for noncompliance with these reporting necessities.
