On Monday, California Governor Gavin Newsom signed the Transparency in Frontier Synthetic Intelligence Act into legislation, requiring AI firms to reveal their security practices whereas stopping in need of mandating precise security testing. The legislation requires firms with annual revenues of not less than $500 million to publish security protocols on their web sites and report incidents to state authorities, but it surely lacks the stronger enforcement tooth of the invoice Newsom vetoed final yr after tech firms lobbied closely towards it.
The laws, S.B. 53, replaces Senator Scott Wiener’s earlier try at AI regulation, often known as S.B. 1047, that may have required security testing and “kill switches” for AI programs. As a substitute, the brand new legislation asks firms to explain how they incorporate “nationwide requirements, worldwide requirements, and industry-consensus finest practices” into their AI improvement, with out specifying what these requirements are or requiring unbiased verification.
“California has confirmed that we are able to set up rules to guard our communities whereas additionally guaranteeing that the rising AI {industry} continues to thrive,” Newsom stated in a press release, although the legislation’s precise protecting measures stay largely voluntary past fundamental reporting necessities.
Based on the California state authorities, the state homes 32 of the world’s prime 50 AI firms, and greater than half of world enterprise capital funding for AI and machine studying startups went to Bay Space firms final yr. So whereas the just lately signed invoice is state-level laws, what occurs in California AI regulation can have a a lot wider affect, each by legislative precedent and by affecting firms that craft AI programs used around the globe.
Transparency as an alternative of testing
The place the vetoed SB 1047 would have mandated security testing and kill switches for AI programs, the brand new legislation focuses on disclosure. Corporations should report what the state calls “potential essential security incidents” to California’s Workplace of Emergency Companies and supply whistleblower protections for workers who increase security considerations. The legislation defines catastrophic threat narrowly as incidents probably inflicting 50+ deaths or $1 billion in harm by weapons help, autonomous felony acts, or lack of management. The lawyer basic can levy civil penalties of as much as $1 million per violation for noncompliance with these reporting necessities.
