Skip to content
Tiatra, LLCTiatra, LLC
Tiatra, LLC
Information Technology Solutions for Washington, DC Government Agencies
  • Home
  • About Us
  • Services
    • IT Engineering and Support
    • Software Development
    • Information Assurance and Testing
    • Project and Program Management
  • Clients & Partners
  • Careers
  • News
  • Contact
 
  • Home
  • About Us
  • Services
    • IT Engineering and Support
    • Software Development
    • Information Assurance and Testing
    • Project and Program Management
  • Clients & Partners
  • Careers
  • News
  • Contact

The complex patchwork of US AI regulation has already arrived

As artificial intelligence adoption has surged in the past year, many voices have called for regulation to protect people from adverse machine decisions — and regulatory bodies are responding with a complex patchwork of emerging statutes and mandates that CIOs will need to navigate to ensure their AI strategies are compliant wherever their organizations do business.

For example, the US White House has released a blueprint for an AI bill of rights, and the European Parliament passed the wide-ranging AI Act in March, regulating AIs used in the European Union.

Meanwhile, leaders from Microsoft, Google, and OpenAI have all called for AI regulations in the US, and the US Chamber of Commerce, often opposed to business regulation, has called on Congress to protect human rights and national security as AI use expands.

However, Congress, mired in partisan infighting, seems unlikely to move forward on serious AI legislation anytime soon. The 118th session of Congress, covering 2023 and 2024, may end up as the least productive session in US history, with only 47 bills passed and becoming law between the beginning of 2023 and April 1 of this year.

But Congress’ inaction doesn’t mean AI regulation isn’t evolving apace in the US. Sixteen states had already enacted AI-related legislation as of late January, and state legislatures have already introduced more than 400 AI bills across the US this year, six times the number introduced in 2023.

Many of the bills are targeted both at the developers of AI technologies and the organizations putting AI tools to use, says  Mahdavi, a lawyer with global law firm BCLP, which has established an AI working group. And with populous states such as California, New York, Texas, and Florida either passing or considering AI legislation, companies doing business across the US won’t be able to avoid the regulations.

Enterprises developing and using AI should be ready to answer questions about how their AI tools work, even when deploying automated tools as simple as spam filtering, Mahdavi says. “Those questions will come from consumers, and they will come from regulators,” she adds. “There’s obviously going to be heightened scrutiny here across the board.”

California and Connecticut lead the pack

One state to watch is California, partly because of its large population that interacts with businesses across the US, and partly because the state legislature there tends to be ahead of the pack on consumer protection issues.

“These laws tend to have extra-territorial reach,” Mahdavi says. “Because of the size of California’s economy, most businesses in the US are going to be targeting California, are going to be doing business in California.”

Senate Bill 1047, introduced in the California State Legislature in February, would require safety testing of AI products before they’re released, and would require AI developers to prevent others from creating derivative models of their products that are used to cause critical harms.

Another state to keep an eye on is Connecticut, where the legislature has high interest in AI regulation, Mahdavi adds. AI legislation proposed in Connecticut also has served as a model for lawmakers in other states.

Last year, the Connecticut General Assembly passed Senate Bill 1103, which regulates state procurement of AI tools. This year, lawmakers in the state are considering Senate Bill 2, which would require organizations deploying AI for consequential “high-risk” decisions to develop risk management policies. Developers would need to disclose how their AIs could be used to discriminate against people.

The comprehensive SB 2 would also require organizations deploying AI to take reasonable care to protect state residents against algorithmic discrimination, and it would require companies using AI to inform the people affected when AI tools make consequential decisions about them.

The bill would also prohibit distribution of deceptive election materials generated by AI and require companies using synthetic media content to disclose it was manipulated by the AI. The Connecticut bill is “super ambitious, and they try to tackle a variety of issues,” Mahdavi says.

Three types of AI bills

Most state bills targeting AI fall into three categories, according to Mahdavi.

The first category includes pure transparency bills, generally covering both the development of AI and the output of its use. These bills, introduced in California, New York, Florida, and other states, often require organizations using AI to tell the public when they’re interacting with AI models and require AI developers and users to disclose the data sets used to train large AIs. Other transparency bills regulate the use of AI by political campaigns.

The second category focuses on specific sectors, particularly high-risk uses of AI to determine or assist with decisions related to employment, housing, healthcare, and other major life issues. For example, New York City Local Law 144, passed in 2021, prohibits employers and employment agencies from using an AI tool for employment decisions unless it has been audited in the previous year. A handful of states, including New York, New Jersey, and Vermont, appear to have modeled legislation after the New York City law, Mahdavi says.

The third category of AI bills covers broad AI bills, often focused on transparency, preventing bias, requiring impact assessment, providing for consumer opt-outs, and other issues. These bills tend to impose regulations both on AI developers and deployers, Mahdavi says.

Addressing the impact

The proliferation of state laws regulating AI may cause organizations to rethink their deployment strategies, with an eye on compliance, says Reade Taylor, founder of IT solutions provider Cyber Command. 

“These laws often emphasize the ethical use and transparency of AI systems, especially concerning data privacy,” he says. “The requirement to disclose how AI influences decision-making processes can lead companies to rethink their deployment strategies, ensuring they align with both ethical considerations and legal requirements.”

But a patchwork of state laws across the US also creates a challenging environment for businesses, particularly small to midsize companies that may not have the resources to monitor multiple laws, he adds.

A growing number of state laws “can either discourage the use of AI due to the perceived burden of compliance or encourage a more thoughtful, responsible approach to AI implementation,” Taylor says. “In our journey, prioritizing compliance and ethical considerations has not only helped mitigate risks but also positioned us as a trusted partner in the cybersecurity domain.”

The number of state laws focused on AI have some positive and potentially negative effects, adds Adrienne Fischer, a lawyer with Basecamp Legal, a Denver law firm monitoring state AI bills. On the plus side, many of the state bills promote best practices in privacy and data security, she says.

“On the other hand, the diversity of regulations across states presents a challenge, potentially discouraging businesses due to the complexity and cost of compliance,” Fischer adds. “This fragmented regulatory environment underscores the call for national standards or laws to provide a coherent framework for AI usage.”

Organizations that proactively monitor and comply with the evolving legal requirements can gain a strategic advantage. “Staying ahead of the legislative curve not only minimizes risk but can also foster trust with consumers and partners by demonstrating a commitment to ethical AI practices,” Fischer says.

Mahdavi also recommends that organizations not wait until the regulatory landscape settles. Companies should first take an inventory of the AI products they’re using. Organizations should rate the risk of every AI they use, focusing on products that make outcome-based decisions in employment, credit, healthcare, insurance, and other high-impact areas. Companies should then establish an AI use governance plan.

“You really can’t understand your risk posture if you don’t understand what AI tools you’re using,” she says.

Artificial Intelligence, Compliance, Government, Regulation


Read More from This Article: The complex patchwork of US AI regulation has already arrived
Source: News

Category: NewsApril 5, 2024
Tags: art

Post navigation

PreviousPrevious post:EU and US agree to chart common course on AI regulationNextNext post:Cisco-led consortium to spread AI expertise in the workforce

Related posts

휴먼컨설팅그룹, HR 솔루션 ‘휴넬’ 업그레이드 발표
May 9, 2025
Epicor expands AI offerings, launches new green initiative
May 9, 2025
MS도 합류··· 구글의 A2A 프로토콜, AI 에이전트 분야의 공용어 될까?
May 9, 2025
오픈AI, 아시아 4국에 데이터 레지던시 도입··· 한국 기업 데이터는 한국 서버에 저장
May 9, 2025
SAS supercharges Viya platform with AI agents, copilots, and synthetic data tools
May 8, 2025
IBM aims to set industry standard for enterprise AI with ITBench SaaS launch
May 8, 2025
Recent Posts
  • 휴먼컨설팅그룹, HR 솔루션 ‘휴넬’ 업그레이드 발표
  • Epicor expands AI offerings, launches new green initiative
  • MS도 합류··· 구글의 A2A 프로토콜, AI 에이전트 분야의 공용어 될까?
  • 오픈AI, 아시아 4국에 데이터 레지던시 도입··· 한국 기업 데이터는 한국 서버에 저장
  • SAS supercharges Viya platform with AI agents, copilots, and synthetic data tools
Recent Comments
    Archives
    • May 2025
    • April 2025
    • March 2025
    • February 2025
    • January 2025
    • December 2024
    • November 2024
    • October 2024
    • September 2024
    • August 2024
    • July 2024
    • June 2024
    • May 2024
    • April 2024
    • March 2024
    • February 2024
    • January 2024
    • December 2023
    • November 2023
    • October 2023
    • September 2023
    • August 2023
    • July 2023
    • June 2023
    • May 2023
    • April 2023
    • March 2023
    • February 2023
    • January 2023
    • December 2022
    • November 2022
    • October 2022
    • September 2022
    • August 2022
    • July 2022
    • June 2022
    • May 2022
    • April 2022
    • March 2022
    • February 2022
    • January 2022
    • December 2021
    • November 2021
    • October 2021
    • September 2021
    • August 2021
    • July 2021
    • June 2021
    • May 2021
    • April 2021
    • March 2021
    • February 2021
    • January 2021
    • December 2020
    • November 2020
    • October 2020
    • September 2020
    • August 2020
    • July 2020
    • June 2020
    • May 2020
    • April 2020
    • January 2020
    • December 2019
    • November 2019
    • October 2019
    • September 2019
    • August 2019
    • July 2019
    • June 2019
    • May 2019
    • April 2019
    • March 2019
    • February 2019
    • January 2019
    • December 2018
    • November 2018
    • October 2018
    • September 2018
    • August 2018
    • July 2018
    • June 2018
    • May 2018
    • April 2018
    • March 2018
    • February 2018
    • January 2018
    • December 2017
    • November 2017
    • October 2017
    • September 2017
    • August 2017
    • July 2017
    • June 2017
    • May 2017
    • April 2017
    • March 2017
    • February 2017
    • January 2017
    Categories
    • News
    Meta
    • Log in
    • Entries feed
    • Comments feed
    • WordPress.org
    Tiatra LLC.

    Tiatra, LLC, based in the Washington, DC metropolitan area, proudly serves federal government agencies, organizations that work with the government and other commercial businesses and organizations. Tiatra specializes in a broad range of information technology (IT) development and management services incorporating solid engineering, attention to client needs, and meeting or exceeding any security parameters required. Our small yet innovative company is structured with a full complement of the necessary technical experts, working with hands-on management, to provide a high level of service and competitive pricing for your systems and engineering requirements.

    Find us on:

    FacebookTwitterLinkedin

    Submitclear

    Tiatra, LLC
    Copyright 2016. All rights reserved.