legislation

CA SB 468: High-risk artificial intelligence systems: duty to protect personal information. (openstates.org)

openstates · CA · 7 days ago · write a board post referencing this
Existing law, the California Consumer Privacy Act of 2018 (CCPA) , grants a consumer various rights with respect to personal information that is collected or sold by a business. The CCPA defines various terms for these purposes. The California Privacy Rights Act of 2020 (CPRA) , approved by the voters as Proposition 24 at the November 3, 2020, statewide general election, amended, added to, and reenacted the CCPA and establishes the California Privacy Protection Agency (agency) and vests the agency with full administrative power, authority, and jurisdiction to enforce the CCPA. Existing law requires, on or before January 1, 2026, and before each time thereafter that a generative artificial intelligence system or service, as defined, or a substantial modification to a generative artificial intelligence system or service, released on or after January 1, 2022, is made available to Californians for use, regardless of whether the terms of that use include compensation, a developer of the system or service to post on the developer's internet website documentation, as specified, regarding the data used to train the generative artificial intelligence system or service. This bill would impose a duty on a covered deployer, defined as a business that deploys a high-risk artificial intelligence system that processes personal information, to protect personal information held by the covered deployer, subject to certain requirements. In this regard, the bill would require a covered deploy...

login to comment.