0
Flag of California, depicting a large brown bear beside a red star, above the words "California Republic."

California: New AI laws in California – roundup of the 2025 legislative session

AI & Algorithms, California, Children, Employment Law, Healthcare, Social Media , , , , , , , ,
This article was originally published by OneTrust DataGuidance on November 24, 2025 and can be found on the DataGuidance website here.

California introduces comprehensive AI laws focusing on transparency, children’s safety, healthcare, antitrust, and law enforcement.

California has taken an aggressive stance towards artificial intelligence (AI) legislation and will likely set the standard for other US states. Back in 2024, Governor Newsom vetoed comprehensive AI safety legislation under bill SB 1047 and advised caution on regulations for this nascent and important technology. This year, Governor Newsom pressed ahead with a full slate of new AI laws. The reasons for this change in approach are many, including but not limited to the lack of federal AI legislation, the growing concern over children’s interactions with AI, especially sexualized content, and harmonization with more stringent requirements in the EU and elsewhere.

This year’s legislative session set records for the number and scope of new AI laws. For the roundup this year, Lily Li, of Metaverse Law Corporation, breaks down the new AI laws by scope and sector, noting where this may add on to existing California legislation and rulemaking from 2024-2025.

General AI safety, transparency, and risk assessments

  • SB 53: Transparency in Frontier Artificial Intelligence Act (Wiener) – Starting in January 2026, California will require large frontier AI developers to publish a framework detailing how they incorporate safety, security, and testing standards into their AI models. SB 53 also creates a mechanism for AI developers and the public to report critical safety incidents, and protects internal whistleblowers who report risks posed by frontier AI models. The law establishes significant penalties for companies that fail to comply, with fines of up to $1 million per violation.
  • AB 316: Artificial Intelligence defenses (Krell) – This amends California’s Civil Code. If a party to a lawsuit develops, modifies, or uses AI, this law prohibits them from asserting as a defense that the AI autonomously caused the harm.
  • AB 853: California AI Transparency Act (Wicks) – This bill expands the existing AI Transparency Act and modifies the effective date from January 1, 2026, to August 2, 2026. The California AI Transparency Act requires covered generative AI developers to provide an AI-detection tool to assess whether image, video, or audio content is created or altered by generative AI. This bill adds to the existing law by requiring large online platforms to embed provenance data into generated content. Starting January 1, 2028, users will also have the option to include latent disclosures on ‘capture devices’ such as cameras, video recorders, and other recorders.

This new California approach to AI transparency and safety legislation needs to be read in conjunction with the following existing laws.

  • California Privacy Protection Agency’s (CPPA’s) recently approved Cyber, Risk, ADMT, and Insurance Regulations – The CPPA’s most recently updated 127-page regulation package contains requirements governing cybersecurity audits, risk assessments, and automated decision-making technology. AI developers and systems that process personal information and meet certain California privacy thresholds will now face new cybersecurity audit and risk assessment requirements. In addition, automated and significant decisions concerning the provision or denial of financial or lending services, housing, education enrollment or opportunities, employment or independent contracting opportunities or compensation, or healthcare services will trigger significant notice, opt-out, and risk assessment requirements.
  • AB 2013: AI Training Data Transparency Act (Irwin-2024) – Passed last year, this law will require covered generative AI developers to publish online a high-level summary of the datasets used in the development of the generative AI system or service, including but not limited to whether personal information or copyrighted information is included in the training data. The law is scheduled to go into effect on January 1, 2026.

Children’s safety, age verifications, and companion chatbots

  • SB243: Companion Chatbots (Padilla) – This law applies to chatbots that provide human-like interactions and are capable of sustaining relationships across multiple interactions. Beginning July 1, 2027, developers of these ‘companion chatbots’ will need to develop and report protocols addressing suicidal ideation and self-harm to regulators and the public. The law requires AI disclosures, referrals to suicide hotlines or crisis text lines, and break reminders. SB 243 further requires developers to institute reasonable measures to prevent the chatbot from producing visual material of sexually explicit conduct or directly stating that the minor should engage in sexually explicit conduct. The legislation includes a private right of action to individuals who suffer ‘an injury in fact’ with statutory damages of $1,000 per violation, or actual damages if greater.
  • AB 1043 – Digital Age Assurance Act (Wicks) – Starting January 1, 2027, operating systems and covered application stores will be required to obtain age data from users and pass on age bracket data to developers when users download and launch an application.
  • AB 56: Social Media Warning Law (Bauer-Kahan) – Starting January 1, 2027, covered social media platforms will need to display a warning label to minors the first time a user accesses the platform each day, after three hours of active use, as well as once per hour of cumulative active use after that. The warning label must say ‘The Surgeon General has warned that while social media may have benefits for some young users, social media is associated with significant mental health harms and has not been proven safe for young users.’
  • AB 621: Deepfake pornography (Bauer-Kahan) – This amends California’s Civil Code and expands protections against deepfake pornography. The law explicitly provides a cause of action against individuals who create or disclose deepfake pornography if they know, or reasonably should know, that the depicted individual was a minor and also provides a cause of action against individuals who knowingly facilitate or recklessly aid or abet the creation or disclosure of such nonconsensual deepfake pornography. The bill confirms that a minor cannot consent to the creation or distribution of deepfake pornography.

California’s approach to AI and children has a long and complicated history, and these new laws should be read in conjunction with the following laws on the books.

  • California Age Appropriate Design Code (Wicks) – This law was signed on September 15, 2022, and was scheduled to go into effect on July 1, 2024. Modeled after the UK Age Appropriate Design Code, this law requires businesses to conduct impact assessments, provide Privacy by Default, estimate the age of all users, and restrict dark patterns. The law was enjoined in March 2025, but is being appealed by the California Attorney General.
  • Protecting Our Kids from Social Media Addiction Act (Skinner-2024) – This law is scheduled to go into effect on January 1, 2027, and prohibits covered social media platforms from providing addictive feeds to minors without verifiable parental consent. The law has so far escaped a constitutional challenge, but may face other court challenges prior to the effective date.

Healthcare AI and chatbots

  • AB 489: Health care professions: deceptive terms or letters: artificial intelligence (Bonta) – This law prohibits AI systems from falsely indicating or implying possession of a medical license or certificate through advertising, marketing, or other functionality. AB 489 also makes AI developers directly subject to the healthcare professional licensing board or enforcement agency if they develop such a system. Each use of a prohibited term, letter, or phrase shall constitute a separate violation.

California’s approach to AI in healthcare also needs to be read in conjunction with the following laws and guidance.

  • Legal Advisory on the Application of Existing California Law to Artificial Intelligence in Healthcare – In January 2025, California Attorney General Rob Bonta issued this advisory, setting forth California’s existing consumer protection, civil rights, competition, and data privacy laws governing healthcare AI.
  • SB 1120: Physicians Make Decisions Act (Becker-2024) – This law prohibits covered healthcare service plans from denying, delaying, or changing healthcare services based, in whole or in part, on medical necessity using AI, algorithms, or other software tools. Such determinations shall require a physician or licensed healthcare professional and review of individual circumstances. This law also requires written policies and procedures governing such determinations.
  • AB 3030: Artificial Intelligence in Health Care Services (Calderon – 2024) – This law applies to health facilities, clinics, physicians’ offices, or other health group practices that use generative AI for communications about patient clinical information. Under this bill, generative AI, which pertains to clinical information, must include:
    • a disclaimer that indicates the communication was generated by AI at the beginning of the interaction; and
    • clear instructions on how the patient can contact the appropriate person.

Antitrust and pricing discrimination

  • AB 325: Cartwright Act violations (Aguiar-Curry)  This amends California’s existing antitrust law, the Cartwright Act, to explicitly cover ‘common pricing algorithms.’ The law prohibits:
    • the use or distribution of a ‘common pricing algorithm’ as part of a contract, combination in the form of a trust, or conspiracy to restrain trade or commerce; or
    • coercion to set or adopt a recommended price or term, recommended by the common pricing algorithm for the same or similar products or services.

Complaints shall not be required to allege facts tending to exclude the possibility of independent action.

Law enforcement use of AI

  • SB 524 Law Enforcement Agencies (Arreguín) – SB 524 requires law enforcement to disclose if an official report was written either fully or in part using AI, as well as retain the first draft created by AI and an associated audit trail that, at minimum, identifies both the officer who used AI to create a report and the video and audio footage used to create a report, if any. SB 524 also prohibits AI vendors from sharing, selling, or otherwise using information, except as provided in the bill (e.g., troubleshooting, bias mitigation, quality control, legal purposes, etc.).

Employment and bias

While Governor Newsom vetoed SB 7, the No Robo Bosses Act, the Governor’s veto letter pointed to the CPPA’s ADMT regulations as addressing some of the bill’s requirements. Per Governor Newsom, SB 7 is ‘partially covered’ by these regulations, as they ‘allow employees and independent contractors to better understand how their personal data is used by automated decision technology.’ In addition, the California Civil Rights Council’s recently promulgated regulations state that California’s antidiscrimination laws apply to AI workplace tools. These regulations address another concern raised in SB 7, which sought to prohibit ADS systems from inferring a worker’s protected status.

0
Flag of California, depicting a large brown bear beside a red star, above the words "California Republic."

CCPA Draft Regulations Sent for Final Approval

California, CCPA, Cybersecurity , , ,
On July 24, 2025 the California Privacy Protection Agency (CCPA) board voted 5-0 to finalize Draft Regulations to the California Consumer Privacy Act (CCPA). The CPPA sent the rulemaking package to the Office of Administrative Law, which has 30 days to approve the regulations. The rulemaking process for these Draft Regulations began in 2022, and while the regulations have been narrowed since the prior proposal, the Draft Regulations will significantly impact how companies manage automated decisionmaking technology (ADMT), conduct risk assessments, and implement cybersecurity audits. Additionally, California’s regulatory process requires the CCPA to respond to public comments with their rationale for accepting or rejecting the suggestion. This requirement provides additional context and guidance for interpreting the intent of the Draft Regulations as they go into effect. What’s New? A Summary of Key Changes The Draft Regulations contain significant changes from the prior proposal – along with a 9-page explanation of changes. Most notably, the Draft Regulations roll back several of the most highly debated elements, while streamlining and clarifying other requirements:
  • References to “Artificial Intelligence” have been removed, significantly tightening the scope of ADMT systems.
  • First-party advertising removed from ADMT definition, narrowing the requirements needed for this type of processing.
  • Risk assessments are streamlined, and the scope of the types of data processing activities that trigger risk assessments has been narrowed.
  • Cybersecurity audits are clarified, and the CPPA included a “cybersecurity audit report” which should be produced during the audit process.

ADMT: Narrower Definition, Clearer Application

The Draft Regulations significantly narrow the scope of ADMT systems. Previously, ADMT systems included any technology that “substantially facilitated” human decisionmaking. Now, the Draft Regulations limits ADMT to systems which “substantially replace” human decisions. In practical terms, this may mean that only technologies which operate without human review or override fall under the ADMT rules. Importantly, the CPPA also removed first-party behavioral advertising from the definition of ADMT. Previously, businesses raised strong concerns that including this category within the ADMT definition would impose unnecessary burdens on common advertising practices. Businesses also voiced that including first-party behavioral advertising in the definition of ADMT went beyond Proposition 24, which provides the basis for amending the CCPA.

Risk Assessments: Who, What, and When?

While risk assessments remain a key part of the Draft Regulations, the CPPA has refined when they apply and what they must include. Who Needs to Conduct a Risk Assessment? Under the Draft Regulations, covered businesses that fall under the California Consumer Privacy Act (CCPA) “whose processing…presents significant risk to consumers’ privacy” must conduct a risk assessment. However, the newest version of the Regulations narrows what processing activities present “significant risk.” These activities include but are not limited to:
  • Selling or sharing personal information, which may require specific contractual obligations per the CCPA and current CCPA Regulations.
  • Processing sensitive personal information, as defined in the CCPA, including financial information, precise geolocation, health information and children’s personal information.
  • Using automated decisionmaking technology for a “significant decision” concerning a consumer, including those that impact availability of financial or lending services, housing, education enrollment or opportunities, employment or independent contracting opportunities or compensation, or healthcare services.
  • Using automated processing to profile a consumer through systematic observation when the individual is acting as an educational program application, job applicant, student, employee, or independent contractor for the covered business.
  • Using automated processing to profile a consumer based on their presence in a sensitive location, including healthcare facilities, domestic violence shelters, food pantries, housing/emergency shelters, educational institutions, political party offices, legal services offices, union offices, and places of worship.
  • Using personal information to train AI that could be used to make significant decisions concerning consumers, train facial- or emotional-recognition or other technology to verify a consumer’s identify or conducts physical or biological identification or profiling of a consumer.
While these risk assessments no longer apply to the previous expanded version of ADMT, they will apply to processing if the technology substantially replaces human decisionmaking for “significant decisions.” For example, if a covered business videotapes job interviews and uses AI to determine who to hire without human involvement, the covered business must conduct a risk assessment because of its use of ADMT for a significant decision concerning the consumer. What is Required for a Risk Assessment? As part of an effort to streamline and clarify the risk assessments required under the Draft Regulations, the CPPA defined a “risk assessment report” as the document that every covered business is required to create upon conducting the assessment. The CPPA provides a newly articulated goal for risk assessments: “[R]estricting or prohibiting the processing of personal information if the risks to privacy of the consumer outweigh the benefits resulting from processing to the consumer, the business, other stakeholders, and the public.” Additionally, the addition of the risk assessment report and changes in requirements may ease compliance efforts. To complete a risk assessment, a covered business should document, among other things:
  • The purpose of processing, the types of data involved, and any sensitive categories of personal information.
  • How the business plans to use the data, or otherwise collect, disclose or process the information, along with the retention period for the information.
  • How the business interacts with consumers, and whose data they process, along with the number of consumers whose information will be processed.
  • The disclosures made to consumers, and any other disclosures that the covered business plans to make, along with the names of service provides, contractors, or third parties to whom the information will be disclosed and the purpose for that disclosure.
  • The benefits, negative impacts, and safeguards of the planned processing.
  • Whether or not the business will initiate the processing subject to the risk assessment.
  • The individuals who provided information, as well as who the document was reviewed and approved by.
  If a covered business is using ADMT, the business must also identify:
  • The logic of the ADMT, including any assumptions or limitations of the logic; and
  • The output of the ADMT and how the covered business will use that output to make a significant decision.
The CPPA also clarifies that the risk assessment process may include involvement by external parties. Finally, a covered business must submit the following risk assessment information, among other things, to the Agency:
  • The business’s contact information, the information of the person submitting the assessment, and the date of certification.
  • The time period covered by the submission, and the number of risk assessments conducted or updated during that time.
  • Whether the risk assessments involved the processing of each of the categories of personal information identified in the CCPA.
  • A specific attestation, which certifies the business conducted a risk assessment for the processing activities involving significant decisions, subject to the penalty or perjury.
The individual submitting the information to the Agency must be a member of the covered business’s executive management team who is: 1) directly responsible for the business’s risk assessment compliance; 2) has sufficient knowledge to provide accurate information regarding the assessment; and 3) has the authority to submit the assessment information to the Agency. In addition, the Agency or Attorney General may require a covered business to submit its risk assessment reports at any time, within 30 days of the request. When Should Risk Assessments Be Conducted? According to the Proposed Rules, a covered business must conduct and document a risk assessment before beginning any processing activities that present a significant risk to consumers’ privacy. At least once every three years, the covered business must review and update their assessment. The covered business must also update a risk assessment whenever there is a material change relating to the processing activity, no later than 45 days from the material change. The covered business must retain its risk assessments – including original and updated versions – for as long as the processing continues or for five years after the completion of the risk assessment, whichever is later. What if I Have Already Conducted A Risk Assessment? There have been significant changes to the Draft Regulations regarding how covered businesses can use comparable assessments to satisfy the risk assessment criteria. New additions provide that a covered business may use a risk assessment that it has prepared for another purpose, provided that the assessment contains or is paired with all the required information to meet the Proposed Regulation’s requirements.

Cybersecurity Audits: Who, What, and When?

Among the added definitions is the “cybersecurity audit report” – the document that covered businesses must create as part of the cybersecurity audit. Similar to changes regarding risk assessments, this inclusion was part of the streamlining and clarification efforts of the CPPA. The scope and requirements of the cybersecurity audit – and the resulting audit report – have also been modified. Who Needs to Complete a Cybersecurity Audit? According to the Draft Regulations, every covered business whose processing of information presents a “significant risk” to consumers’ security must complete a security audit. While this language is similar to the requirements of the risk assessment, “significant risk” is defined slightly differently in the context of a cybersecurity audit. According to the Draft Regulations, a “significant risk” that warrants a cybersecurity audit includes but is not limited to covered businesses which:
  1. Derive 50% of more of its annual revenue from selling or sharing consumer’s personal information; or
  2. Had a gross annual revenue of $25M in the preceding calendar year (adjusted for inflation), and
    1. Processed the information of 250,000 or more consumers or households in the last year; or
    2. Processed the sensitive information of 50,000 or more consumers in the last year.
Covered businesses that are required to complete a cybersecurity audit must do so using a “qualified, objective, independent processional (‘auditor’) using procedures and standards accepted in the profession of auditing.” This audit may be internal or external to the covered business, but a qualified auditor must have knowledge of cybersecurity and know how to audit a business’s cybersecurity program, according to the changes in the Draft Regulations. What Should the Cybersecurity Audit Assess? Initially, the cybersecurity audit must assess how the covered business’s cybersecurity program protects personal information against unauthorized access, destruction, use, modification and disclosure, as well as how the program protects against unauthorized activity resulting in the loss of availability to that information. The cybersecurity audit must also assess the strength of a covered business’s cybersecurity program across such as, but not limited to:
  • Authentication and encryption;
  • Access control and account management;
  • Software and hardware inventories;
  • Patch and configuration management;
  • Network security, antivirus, and antimalware;
  • Incident response and business continuity;
  • Vendor oversight;
  • Data retention and disposal; and
  • Employee and contractor training.
The covered business’s auditor must also create a detailed cybersecurity audit report, documenting:
  • What was assessed and why. The report should describe the processes, activities, and components of the business’s cybersecurity program, the criteria used for the audit, along with the specific evidence examined to make decisions and assessments.
  • Evidence reviewed. The report must also include why these elements were appropriate for the audit, and how the evidence examined supports the findings.
  • Gaps or weaknesses found. The report should describe, in detail, the status of any gaps or weaknesses and any additional components that the auditor deemed to increase the risk of unauthorized activity. The report should also document the business’s plan to address these gaps and/or weaknesses.
  • Auditor information and certification. The report should also include the auditor’s information, as well as a statement by the highest-ranking auditor that certifies that they completed an independent review of the business’s cybersecurity program and information system, exercised objective and impartial judgement on all issues within the scope of the audit and did not rely primarily on assertations or attestations by business management to create the audit.
When Should Cybersecurity Audits Be Conducted? The final determination of when a covered business must conduct their first cybersecurity audit is based on the business’s annual gross revenue. If a business meets the audit thresholds, it may be time to start thinking about a compliance plan. First audit reports will be due:
  • April 1, 2028, for covered businesses with over $100 million in gross annual revenue;
  • April 1, 2029, for covered businesses with $50 million to $100 million in gross annual revenue; and
  • April 1, 2030, for covered businesses with under $50 million in revenue.
Each audit must cover the previous calendar year from January to January, with reports completed within the following three months. What if I Have Already Conducted A Cybersecurity Audit? As with the risk assessment, a covered business may use a cybersecurity audit, assessment, or evaluation that it has prepared for another purpose – provided that the audit meets all the requirements of the Draft Regulations, on its own or through supplemental information. The Draft Regulations provide, as an example, that a covered business may use the NIST Cybersecurity Framework 2.0 “and meets all the requirements of this Article.”

What Comes Next?

On July 24, 2025, the CPPA sent the rulemaking package to the Office of Administrative Law, which has 30 days to approve the regulations. The CPPA’s Draft Regulations signal a more measured approach to emerging technologies, such as AI. Still, these Draft Regulations carry out the CPPA’s mandate to issue regulations, reinforcing the agency’s commitment to privacy and security. For executives, the potential adoption of the Draft Regulations could be a strategic inflection point: Whether they are responsible for legal, compliance, data governance or information security, these Draft Regulations should prompt a reassessment of data practices, internal documentation and audit readiness. The publication of these Draft Regulations is also an opportunity to engage more deeply with operational teams. These rules will require clear cross-functional coordination, and organizations that begin building these bridges sooner will be better positioned to meet regulatory expectations and reinforce consumer trust in coming years. Compliance Deadlines: Compliance with these Draft Regulations will be required once they are approved by the Office of Administrative Law. The deadlines include:
  • ADMT Regulations: January 1, 2027
  • Privacy Risk Assessments: December 31, 2027
  • Cybersecurity Audits:
    • For businesses with $100+ million in annual gross revenue: April 1, 2028.
    • For businesses between $50 million and $100 million in annual gross revenue: April 1, 2029.
    • For businesses with less than $50 million in annual gross revenue: April 1, 2030.