IE11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

Lawmakers to Consider Artificial Intelligence, Cybersecurity Bills

Proposed laws that would create two new state entities around artificial intelligence and a third body on cybersecurity awareness and education are among the pieces of legislation now under discussion in the statehouse.

The California Capitol building as seen from the front.
Lawmakers seek to address issues around artificial intelligence, advanced technologies and cybersecurity in bills now under consideration by the Legislature — several of which name the California Department of Technology in their titles.

Proposed legislation this session would stand up a working group and a specific office on artificial intelligence (AI), and a council on cybersecurity. It would also examine planning for AI research, systems assessments and IT procurement. Among the takeaways:

  • State Senate Bill 313, from Sen. Bill Dodd, D-Napa, would create an Office of Artificial Intelligence within the California Department of Technology (CDT) — as its title in the California Legislative Information website, “Department of Technology: Office of Artificial Intelligence: state agency public interface: use of AI” implies. The bill would make law the California AI-ware Act and establish the office, giving it the “power and authority” to guide the “design, use, and deployment of automated systems by a state agency” to make sure all such AI systems are created “in a manner that is consistent with state and federal laws and regulations regarding privacy and civil liberties and that minimizes bias and promotes equitable outcomes for all Californians.” The bill would require state agencies that use “generative artificial intelligence” to communicate directly with people to let them know the interaction is being done via AI — and would require the agencies to also let people know how they can reach a human from the agency. (In 2021, Dodd’s SB 109 created the Office of Wildfire Technology Research and Development within the California Department of Forestry and Fire Protection.) On Wednesday, legislators referred SB 313 to the Senate Appropriations Committee; a hearing has not yet been set.
  • SB 721, from Sen. Josh Becker, D-Menlo Park, would create the California Interagency AI Working Group with a sunset of Jan. 1, 2030. The group would be charged with reporting to the Legislature “as prescribed” on AI — including with recommendations on a definition of AI “as it pertains to its use in technology for use in legislation.” It would also be charged with studying the implications of using AI for data collection to “inform testing and evaluation”; determining the “relevant agencies” to develop and oversee AI policy and its implementation; and determining “proactive steps” to prevent AI-assisted misinformation campaigns, among other areas. The group would have 10 members: two members each appointed by the governor; by the state Senate president pro tem; by the Assembly speaker; and by the state attorney general; and one member each appointed by the California Privacy Protection Agency and by CDT. The group would be chaired by the “director of technology” and its members would be Californians with expertise in “at least two” areas of computer science, AI, the tech industry, workforce development and data privacy. The bill was referred Wednesday to Senate Appropriations; a hearing date hasn’t been set.
  • SB 398, from Sen. Aisha Wahab, D-Hayward, is titled “Department of Technology: advanced technology: research,” and would enact the Artificial Intelligence for California Research Act. It would require CDT, with Legislative appropriation, to “develop and implement a comprehensive research plan to study the feasibility of using advanced technology to improve state and local government services.” The bill would further require the plan to also have an analysis of AI’s potential benefits and risks in government services; and would mandate CDT report its findings to the Legislature by Jan. 1, 2026. Among the plan’s areas of analysis are the examination of “virtual assistants powered by an AI language system” to assist unemployment and disability insurance claimants; of a rental assistance chatbot; of AI in assisting disaster victims in applying for relief funds; and of AI’s use in public records requests. On Tuesday, lawmakers referred the bill to the Senate Committee on Governmental Organization; a hearing date has not yet been set.
  • State Assembly Bill 1667, from Assemblymember Jacqui Irwin, D-Thousand Oaks, and bearing “Department of Technology” in its title or informational heading, would create the California Cybersecurity Awareness and Education Council within CDT — a council of 15 to be appointed by Feb. 1. The council would be charged with researching “ways to increase cybersecurity awareness and education of students, families, and other adults,” to help people “learn and use healthy cybersecurity practices,” and create a larger, more diverse workforce with cybersecurity training. The bill would also require the council propose a strategy to engage residents in its “effort to improve cybersecurity practices and strengthen cyber infrastructure.” The council would have to report by July 1, 2024, on “approaches the state can take to raise awareness of and increase education regarding cybersecurity,” including in K-12 schools, higher education and the workplace; and ways to use “social media, marketing campaigns, and the news media” effectively to boost cybersecurity awareness. The bill would become “inoperative” Feb. 1, 2025, and would be repealed Jan. 1, 2026. It was re-referred Thursday to the Assembly Committee on Privacy and Consumer Protection, which will consider it at 1:30 p.m. Tuesday.
  • AB 792, from Assemblymember Josh Hoover, R-Folsom, and also bearing “Department of Technology” in its title, would change the timing of when CDT reports to the Legislature on contracts for IT or telecommunication goods and services for which it negotiates. Currently, CDT reports annually by Jan. 1; the bill would change that to annually by Feb. 1. The bill has been referred to the Assembly Committee on Privacy and Consumer Protection; a hearing has not yet been set.
  • One bill that will likely not go forward this session is AB 302, from Assemblymember Christopher M. Ward, D-San Diego. Titled “Department of Technology: high-risk automated decision systems: inventory,” it would require CDT, working with interagency organizations, to do a “comprehensive inventory of all high-risk automated decision systems ... proposed for use, development, or procurement by, or are being used, developed, or procured by, state agencies.” The bill defines high-risk automated decision systems as those systems that are used to “assist or replace human discretionary decisions that have a legal or similarly significant effect, including decisions that materially impact access to, or approval for, housing or accommodations, education, employment, credit, health care, and criminal justice.” The bill was placed in suspense Wednesday — the day before the California State Auditor issued a report critical of CDT for, among other things, failing to guide the state’s IT needs.
Theo Douglas is Assistant Managing Editor of Industry Insider — California.