Field | State | Bill Number | Bill Title | Year Introduced | Status | Relevant Provision |
---|---|---|---|---|---|---|
AI regulation | California | AB 0302 | Bill Title: High-Risk Automated Decision Systems Inventory | 2023 | Signed into law | (b) (...) the Department of Technology shall conduct, (...) a comprehensive inventory of all high-risk automated decision systems that have been proposed for use, development, or procurement by, or are being used, developed, or procured by, any state agency. (c) The comprehensive inventory described by subdivision (b) shall include a description of all of the following: (1) (A) Any decision the automated decision system can make or support and the intended benefits of that use. (B) The alternatives to any use described in subparagraph (A). (2) The results of any research assessing the efficacy and relative benefits of the uses and alternatives of the automated decision system described by paragraph (1). (3) The categories of data and personal information the automated decision system uses to make its decisions. (4) (A) The measures in place, if any, to mitigate the risks, including cybersecurity risk and the risk of inaccurate, unfairly discriminatory, or biased decisions, of the automated decision system. (B) Measures described by this paragraph may include, but are not limited to, any of the following: (i) Performance metrics to gauge the accuracy of the system. (ii) Cybersecurity controls. (iii) Privacy controls. (iv) Risk assessments or audits for potential risks. (v) Measures or processes in place to contest an automated decision. |
AI regulation | California | AB 2013 | Bill Title: Artificial Intelligence Training Data Transparency | 2024 | Passed one chamber | 3111. (...) the developer of the (artificial intelligence) system or service shall post on the developer’s internet website documentation regarding the data used to train the artificial intelligence system or service, including, but not be limited to, all of the following: (a) A high-level summary of the datasets used in the development of the system or service, including, but not limited to: (...) (2) A description of how the datasets further the intended purpose of the system or service. (3) The number of data points included in datasets with estimated figures for dynamic datasets. (4) A clear definition of each category associated to data points within the datasets, including the format of data points and sample values. (5) Whether the datasets include any data protected by copyright, trademark, or patent, requiring the purchase or licensure of the data, or whether the datasets are entirely in the public domain. (6) Whether the datasets were purchased or licensed by the developer. (7) Whether the datasets include personal information, as defined in subdivision (v) of Section 1798.140. (8) Whether the datasets include aggregate consumer information, as defined in subdivision (b) Section 1798.140. (9) A description of any cleaning, processing, or other modification to the datasets by the developer, including the intended purpose of those efforts in relation to the system or service. If datasets have been merged with other datasets, the developer shall include the disclosures required by this section for the original datasets. |
AI regulation | California | AB 2930 | Bill Title: Automated Decision Tools | 2024 | Passed one chamber | 22756.3. (a) A developer shall provide a deployer with a statement regarding the intended uses of the automated decision tool and documentation regarding all of the following: (1) The known limitations of the automated decision tool, including any reasonably foreseeable risks of algorithmic discrimination arising from its intended use. (2) A description of the type of data used to program or train the automated decision tool. (3) A description of how the automated decision tool was evaluated for validity and explainability before sale or licensing. (4) A description of the deployer’s responsibilities under this chapter. |
AI regulation | Colorado | SB 21-0169 | Bill Title: Restrict Insurers' Use Of External Consumer Data | 2021 | Signed into law | SECTION 2. (...) an insurer shall not, with regard to any insurance practice: (a) Unfairly discriminate based on race, color, national or ethnic origin, religion, sex, sexual orientation, disability, gender identity, or gender expression; or (b) Pursuant to rules adopted by the commissioner, use any external consumer data and information sources, as well as any algorithms or predictive models that use external consumer data and information sources, in a way that unfairly discriminates based on race, color, national or ethnic origin, religion, sex, sexual orientation, disability, gender identity, or gender expression. (2) (a) The commissioner shall adopt rules for the implementation of this section. (...) (b) Rules adopted pursuant to this section must require each insurer to: (i) provide information to the commissioner concerning the external consumer data and information sources used by the insurer in the development and implementation of algorithms and predictive models for a particular type of insurance and insurance practice |
AI regulation | Colorado | SB 22-0113 | Bill Title: Artificial Intelligence Facial Recognition | 2022 | Signed into law | 24-18-302. (2) Except as described in subsection (8) of this section, after filing the notice of intent described in subsection (1) of this section, and prior to developing, procuring, using, or continuing to use a facial recognition service, an agency shall produce an accountability report for the facial recognition service. An accountability report must include: (...) (a) (II) A description of its general capabilities and limitations, including reasonably foreseeable capabilities outside the scope of the agency's proposed use; (b) (I) The type of data inputs that the facial recognition service uses; (II) How data is generated, collected, and processed; and (III) The type of data the facial recognition service is reasonably likely to generate |
AI regulation | Colorado | SB 24-0205 | Bill Title: Consumer Protections for Artificial Intelligence | 2024 | Signed into law | 6-1-1702. Developer duty to avoid algorithmic discrimination - required documentation. (1) On and after February 1, 2026, a developer of a high-risk artificial intelligence system shall use reasonable care to protect consumers from any known or reasonably foreseeable risks of algorithmic discrimination arising from the intended and contracted uses of the high-risk artificial intelligence system (...) (2) a developer of a high-risk artificial intelligence system shall make available to the deployer or other developer of the high-risk artificial intelligence system: (...) (b) Documention disclosing: (I) High-level summaries of the type of data used to train the high-risk artificial intelligence system; (...) (3) (a) Except as provided in subsection (6) of this section, a developer that offers, sells, leases, licenses, gives, or otherwise makes available to a deployer or other developer a high-risk artificial intelligence system on or after February 1, 2026, shall make available to the deployer or other developer, to the extent feasible, the documentation and information, through articles such as model cards, dataset cards, or other impact assessments, necessary for a deployer, or for a third party contracted by a deployer, to complete an impact assessment pursuant to section 6-1-1703 (3). |
AI regulation | Connecticut | SB 0002 | Bill Title: Concerning Artificial Intelligence | 2024 | Passed one chamber | (a) Beginning on July 1, 2025, each developer shall use reasonable care to protect consumers from any known or reasonably foreseeable risks of algorithmic discrimination. In any enforcement action brought on or after said date by the Attorney General or the Commissioner of Consumer Protection pursuant to section 9 of this act, there shall be a rebuttable presumption that a developer used reasonable care as required under this subsection if the developer complied with the provisions of this section. (b) Beginning on July 1, 2025, and except as provided in subsection (f) of this section, no developer shall offer, sell, lease, license, give or otherwise make available to a deployer a high-risk artificial intelligence system unless the developer also makes available to the deployer: (1) A general statement describing the intended uses of such high risk artificial intelligence system; and (2) Documentation (...) (B) describing (i) the type of data used to train such high-risk artificial intelligence system, (ii) how such high-risk artificial intelligence system was evaluated for performance and relevant information related to explainability before such high-risk artificial intelligence system was offered, sold, leased, licensed, given or otherwise made available to a deployer, (iii) the data governance measures used to cover the training datasets and the measures used to examine the suitability of data sources, possible biases and appropriate mitigation, (iv) the intended outputs of such high-risk artificial intelligence system, (v) the measures the developer has taken to mitigate any known or reasonably foreseeable risks of algorithmic discrimination that may arise from deployment of such high-risk artificial intelligence system, and (vi) how such high-risk artificial intelligence system will be used or monitored by an individual when such high-risk artificial intelligence system is used to make, or as a controlling factor in making, a consequential decision." |
AI regulation | District of Columbia | B25-0114 | Bill Title: Stop Discrimination by Algorithms Act | 2023 | Introduced | "Sec. 7. Auditing for Discriminatory Processing and Reporting Requirement. (a) Auditing requirement. A covered entity shall annually audit its algorithmic eligibility determination and algorithmic information availability determination practices to: (1) Determine whether the processing practices discriminate in a manner prohibited by section 4 of this act; (2) Analyze disparate-impact risks of algorithmic eligibility determinations and algorithmic information availability determinations based on actual or perceived race, color, religion, national origin, sex, gender identity or expression, sexual orientation, familial status, genetic information, source of income, or disability; (...) (5) Conduct the audits under paragraphs (1), (2), and (3) of this subsection in consultation with third parties who have substantial information about or participated in the covered entity’s algorithmic eligibility determinations and algorithmic information availability determinations, including service providers (...) (b)(1) Report. A covered entity shall annually submit a report containing the results of the audit mandated under this section to the Office of the Attorney General for the District of Columbia on a form provided by the Office of the Attorney General. The report shall contain the following information: (A) The types of algorithmic eligibility determination and algorithmic information availability determination that the covered entity makes; (B) The data and methodologies that the covered entity uses to establish the algorithms; (C) The optimization criteria of the algorithms used to make the determinations; (D) Any data or sets of data used to train the algorithms, and the source or sources of that data; (E) The methodologies the covered entity uses to render the determinations; (F) Any performance metrics the entity uses to gauge the accuracy of the assessments, including accuracy, confidence intervals, and how those assessments are obtained; (G) The frequency, methodology, and results of the impact assessments or risk assessments that the entity has conducted" |
AI regulation | Hawaii | SB 2524/HB 1607 | Bill Title: Relating to Algorithmic Discrimination | 2024 | Introduced | 5 Auditing for discriminatory processing and reporting requirement. (a) A covered entity shall annually audit its algorithmic eligibility determination and algorithmic information availability determination practices to: (1) Determine whether the processing practices discrimination in a manner prohibited under -2; (2) Analyze disparate-impact risks of algorithmic eligibility determinations and algorithmic information availability determinations based on actual or perceived race, color, religion, national origin, sex, gender identity or expression, sexual orientation, familial status, genetic information, source of income, or disability; (3) Create and retain for at least five years an audit trail that records, for each algorithmic eligibility determination: (A) The type of algorithmic eligibility determination made; (B) The data used in the determination, including the source of the data; (C) The methodology used by the entity to establish the algorithm; (D) The algorithm used to make the determination; (E) Any data or sets of data used to train the algorithm; (F) Any testing and results for model performance across different subgroups or for discriminatory effects; (G) The methodology used to render the determination; and (H) The ultimate decision rendered; (...) (b) A covered entity shall annually submit a report containing the results of the audit mandated under this section to the department of the attorney general on a form provided by the department of the attorney general. The report shall contain the following information: (1) The types of algorithmic eligibility determinations and algorithmic information availability determinations that the covered entity makes; (2) The data and methodologies that the covered entity uses to establish the algorithms; (3) The optimization criteria of the algorithms used to make the determinations; (4) Any data or sets of data used to train the algorithms, and the source or sources of the data; (5) The methodologies the covered entity uses to render the determinations |
AI regulation | Idaho | HB 0118 | Bill Title: Pretrial Risk Assessment Tools | 2019 | Signed into law | 19-1910. PRETRIAL RISK ASSESSMENT TOOLS. (1) All pretrial risk assessment tools shall be transparent, and: (a) All documents, data, records, and information used by the builder to build or validate the pretrial risk assessment tool and ongoing documents, data, records, and written policies outlining the usage and validation of the pretrial risk assessment tool shall be open to public inspection, auditing, and testing; (b) A party to a criminal case wherein a court has considered, or an expert witness has relied upon, a pretrial risk assessment tool shall be entitled to review all calculations and data used to calculate the defendant's own risk score; and (c) No builder or user of a pretrial risk assessment tool may assert trade secret or other intellectual property protections in order to quash discovery of the materials described in paragraph (a) of this subsection in a criminal or civil case. |
AI regulation | Illinois | HB 5116 | Bill Title: Automated Decision Tools Act | 2024 | Introduced | Section 10. Impact assessment. (a) On or before January 1, 2026, and annually thereafter, a deployer of an automated decision tool shall perform an impact assessment for any automated decision tool the deployer uses that includes all of the following: (1) a statement of the purpose of the automated decision tool and its intended benefits, uses, and deployment contexts; (2) a description of the automated decision tool's outputs and how they are used to make, or be a controlling factor in making, a consequential decision; (3) a summary of the type of data collected from natural persons and processed by the automated decision tool when it is used to make, or be a controlling factor in making, a consequential decision; (4) an analysis of potential adverse impacts on the basis of sex, race, color, ethnicity, religion, age, national origin, limited English proficiency, disability, veteran status, or genetic information from the deployer's use of the automated decision tool; (5) a description of the safeguards implemented, or that will be implemented, by the deployer to address any reasonably foreseeable risks of algorithmic discrimination arising from the use of the automated decision tool known to the deployer at the time of the impact assessment; (6) a description of how the automated decision tool will be used by a natural person, or monitored when it is used, to make, or be a controlling factor in making, a consequential decision; and (7) a description of how the automated decision tool has been or will be evaluated for validity or relevance. (...) Section 35. Impact assessment. (a) Within 60 days after completing an impact assessment required by this Act, a deployer shall provide the impact assessment to the Department of Human Rights. |
AI regulation | Maine | HP 1270 | Bill Title: Data Privacy and Protection Act | 2023 | Failed | §9615. Algorithms 1. Assessment required. A covered entity that is not a small business and that uses a covered algorithm in a manner that poses a consequential risk of harm to an individual or group of individuals and uses the covered algorithm solely or in part to collect, process or transfer covered data or publicly available data annually shall conduct an impact assessment of the algorithm. The impact assessment must include the following information: A. A detailed description of the design process and methodologies of the covered algorithm; B. A statement of the purpose and reasonably foreseeable uses of the covered algorithm; C. The types of data used by the covered algorithm, including the specific categories and sources of data that will be processed as input and data used to train the model that the covered algorithm relies on, if applicable; D. A description of the outputs produced by the covered algorithm; (...) 2. Design evaluation. A covered entity or service provider that develops a covered algorithm that is designed to collect, process or transfer covered data shall perform, before deploying the covered algorithm, an algorithmic design evaluation to evaluate the design, structure and inputs of the covered algorithm, including training data used to develop the covered algorithm, to reduce the risk of the potential harms identified under this section. (...) 4. Report. No later than 30 days after completing an impact assessment or evaluation under this section, a covered entity or a service provider shall submit a report of the impact assessment or evaluation to the Attorney General. |
AI regulation | Maryland | SB 0541 | Bill Title: Maryland Online Data Privacy Act of 2024 | 2024 | Signed into law | 14–4610. (B) A controller shall conduct and document, on a regular basis, a data protection assessment for each of the controller's processing activities that present a heightened risk of harm to a consumer, including an assessment for each algorithm that is used. (...) (D) (1) The Division may require that a controller make available to the Division a data protection assessment that is relevant to an investigation conducted by the Division. |
AI regulation | Massachusetts | HB 1873 | Bill Title: An Act Preventing a Dystopian Work Environment | 2023 | Introduced | (b) Before an employer or a vendor acting on behalf of an employer uses a productivity system that uses algorithms, the employer shall submit a summary of the system to the department. The summary shall include all of the following information: (i) The role and nature of the algorithm’s use. (ii) The number of workers impacted by the system. (iii) The nature of the algorithmic output. (iv) How the algorithmic output will be used in making employment-related decisions. (c) Productivity systems that use algorithms shall also be reviewed by the department of labor standards’ occupational safety and health statistics program before implementation to ensure that electronic productivity systems do not result in physical or mental harm to workers. (...) Section 4D. Restrictions on employer or vendor use of automated decision systems (...) (iv) When an employer can corroborate the ADS output and makes the hiring, promotion, termination, or disciplinary decision based on that output, a notice containing the following information shall be given to affected workers: (...) (6) A copy of any completed algorithmic impact assessments regarding the ADS in question. (...) Section 5. Algorithmic impact assessments (a) An employer that develops, procures, uses, or otherwise implements an ADS to make or assist an employment-related decision shall complete an Algorithmic Impact Assessment (AIA) prior to using the system, and retroactively for any ADS that is in place at the time this part takes effect, for each separate position for which the ADS will be used to make an employment-related decision. When an employer procures an ADS from a vendor, the employer may submit an AIA conducted by the vendor if it meets all of the requirements set forth in this chapter. (b) An “Algorithmic Impact Assessment (AIA)” means a study evaluating an ADS that makes or assists an employment-related decision and its development process, including the design and training data of the ADS, for negative impacts on workers. An AIA shall include, at minimum, all of the following: (i) A detailed description of the ADS and its intended purpose. (ii) A description of the data used by the ADS, including the specific categories of data that will be processed as input and any data used to train the model that the ADS relies on. (iii) A description of the outputs produced by the ADS, including the following: (...) (vi)The specific measures that will be taken to minimize or eliminate the identified risks. (vii)A description of the methodology used to evaluate the identified risks and mitigation measures. (viii)Any additional components necessary to evaluate the negative impacts of an ADS as determined by the department. |
AI regulation | Massachusetts | SB 0025/HB 0083 | Bill Title: Massachusetts Data Privacy Protection Act | 2023 | Introduced | (d) Covered algorithm impact and evaluation. (...) a large data holder that uses a covered algorithm in a manner that poses a consequential risk of harm to an individual or group of individuals, and uses such covered algorithm solely or in part to collect, process, or transfer covered data or publicly available data shall conduct an impact assessment of such algorithm in accordance with paragraph (1). (1) The impact assessment required under subsection (d) shall provide the following:— (i) A detailed description of the design process and methodologies of the covered algorithm; (ii) A statement of the purpose and proposed uses of the covered algorithm; (iii) A detailed description of the data used by the covered algorithm, including the specific categories of data that will be processed as input and any data used to train the model that the covered algorithm relies on, if applicable; (iv) A description of the outputs produced by the covered algorithm as well as the outcomes of their use; (...) (e) (...) a covered entity or service provider that knowingly develops a covered algorithm that is designed, solely or in part, to collect, process, or transfer covered data in furtherance of a consequential decision shall, prior to deploying the covered algorithm evaluate the design, structure, and inputs of the covered algorithm, including any training data used to develop the covered algorithm, to reduce the risk of the potential harms identified under the previous paragraph. (...) (g) A covered entity and a service provider shall:— (1) submit the impact assessment or evaluation conducted under paragraph (1) or (2) to the Attorney General not later than 30 days after completing an impact assessment or evaluation; (2) make such impact assessment and evaluation available to the legislature, upon request; and (3) make a summary of such impact assessment and evaluation publicly available in a their website or any other similar place that is easily accessible to individuals. |
AI regulation | New Jersey | AB 0537 | Bill Title: Concerning Discrimination in Automobile Insurance Underwriting | 2022 | Introduced | 1. a. An automobile insurer using an automated or predictive underwriting system shall annually provide documentation and analysis to the Department of Banking and Insurance to demonstrate that there is no discriminatory outcome in the pricing on the basis of race, ethnicity, sexual orientation, or religion, that is determined by the use of the insurer’s automated or predictive underwriting system. Additionally, an insurer shall demonstrate to the commissioner that each pricing segment is balanced and not disproportionate to the overall policyholder population. b. As used in this act, “automated or predictive underwriting system” means a computer-generated process that is used to evaluate the risk of a policyholder and determine an insurance rate. An automated or predictive underwriting system may include, but is not limited to, the use of robotic process automation, artificial intelligence, or other specialized technology in its underwriting process. |
AI regulation | New Jersey | SB 3876 | Bill Title: Concerning Automated Systems and Artificial Intelligence | 2023 | Introduced | 5. a. No later than two years after the effective date (...), the Artificial Intelligence Implementation Officer shall complete an inventory all automated systems that are used by State agencies for critical decisions. The inventory shall include the following information for each automated system: (...) (2) a description of the general capabilities of the automated system, including, but not limited to: (a) any reasonably foreseeable capability of the automated system that is outside of the State agency's intended use of the automated system; (b) whether the automated system was used, or may be used, to independently make, inform, or materially support a conclusion, decision, or judgment, and a description of the resulting impact on residents of this State; (c) each type of data input that was used by the automated system, how such inputted data was collected, generated, or processed, and the type or types of data that the automated system generated or is reasonably likely to generate; (d) whether the automated system: (i) discriminates against any individual or group of individuals in violation of State or federal law; or (ii) disproportionately impacts any individual or group of individuals, in violation of State or federal law, on the basis of any actual or perceived differentiating characteristic, including, but not limited to, race, creed, color, national origin, nationality, ancestry, age, marital status, civil union status, domestic partnership status, affectional or sexual orientation, genetic information, pregnancy, sex, gender identity or expression, disability or atypical hereditary cellular or blood trait of any individual, or liability for service in the armed forces; (e) a description of the purpose and intended use of the automated system, including, but not limited to: (i) the decision or decisions that the automated system was used to make, inform, or materially support; (ii) whether the automated system is an automated final decision system or automated decision support system; and (iii) the benefit or benefits that the automated system was purported to confer and any data or research necessary to determine whether the automated system conferred such purported benefit or benefits; and (f) how the data used or generated by the automated system was processed and stored, whether the State agency or agencies that developed, procured, or utilized the automated system intend to share access to the automated system or data with any other person, the name of such person, and why the State agency or agencies intend to share such access or data with such person. |
AI regulation | New Jersey | SB 1588/AB 4030 | Bill Title: Concerning The Use of Automated Tools to Assist with Hiring Decisions | 2024 | Introduced | b. It shall be unlawful to sell or offer for sale in the State an automated employment decision tool unless: (1) The tool is the subject of a bias audit conducted in the past year prior to selling the tool or offering the tool for sale; (2) The sale of the tool includes, at no additional cost, an annual bias audit service that provides the results of the audit to the purchaser; |
AI regulation | New York | AB 3593 | Bill Title: New York Privacy Act | 2023 | Introduced | (c) (i) A controller or processor engaged in automated decision-making affecting financial or lending services, housing, public accommodation, insurance, education enrollment, employment, health care services, or access to basic necessities, such as food and water, or engaged in assisting others in automated decision-making in those fields, must annually conduct an impact assessment of such automated decision-making that: (A) describes and evaluates the objectives and development of the automated decision-making processes including the design and training data used to develop the automated decision-making process, how the automated decision-making process was tested for accuracy, fairness, bias and discrimination; and (B) assesses whether the automated decision-making system produces discriminatory results on the basis of a consumer's or class of consumers' actual or perceived race, color, ethnicity, religion, national origin, sex, gender, gender identity, sexual orientation, familial status, biometric information, lawful source of income, or disability. (ii) A controller or processor must utilize an external, independent auditor or researcher to conduct such assessments. (iii) A controller or processor must make publicly available in a manner accessible online all impact assessments prepared pursuant to this section, retain all such impact assessments for at least six years, and make any such retained impact assessments available to any state, federal, or local government authority upon request. |
AI regulation | New York | AB 7859 | Bill Title: Automated Employment Decision Tools | 2023 | Introduced | 2. Notices required. (a) Any employer or employment agency that uses an automated employment decision tool to screen candidates who have applied for a position for an employment decision shall notify each such candidate of the following: (i) That an automated employment decision tool will be used in connection with the assessment or evaluation of such candidate; (ii) The job qualifications and characteristics that such automated employment decision tool will use in the assessment of such candidate; and (iii) Information about the type of data collected for such automated employment decision tool, the source of such data, and the employer or employment agency's data retention policy. |
AI regulation | New York | AB 8195 | Bill Title: Advanced Artificial Intelligence Licensing Act | 2023 | Introduced | § 410. Duty to register a high-risk advanced artificial intelligence system. 1. Any person who develops a high-risk advanced artificial intelligence system (...) shall have the duty to disclose the existence and function of said system to the secretary by applying for a license (...) 2. Any person developing a system (...) within the state shall disclose in writing to the secretary the development of such a system prior to active development of the system. Such writing shall set forth the names and addresses of all persons involved in the development of such system, a description of the system, the system's functions and intended use cases, and measures that will be taken to ensure that any risks posed by the system are mitigated. (...) § 417. Source code and outcome review. 1. The secretary shall conduct periodic evaluations of the source code and outcomes associated with each high-risk advanced artificial intelligence system. These examinations shall determine whether the system is in compliance with this article. The timing and frequency of these reviews shall be determined at the secretary's discretion, taking into account the potential risk posed by the system, the complexity of the system, the frequency of updates and upgrades, the complexity of such updates and upgrades, and any previous issues of non-compliance. |
AI regulation | New York | SB 2277/ AB 3308 | Bill Title: Digital Fairness Act | 2023 | Introduced | (ii) 'Automated decision system impact assessment' shall mean a study evaluating an automated decision system and the automated decision system's development processes, including the design and training data of the automated decision system, for statistical impacts on classes protected under section two hundred ninety-six of the executive law, as well as for impacts on privacy and security that includes at a minimum: (A) A detailed description of the automated decision system, its design, its training, its data, and its purpose; (...) b. The state and any governmental agency, political subdivision or public benefit corporation fo the state shall not purchase, obtain, procure, acquire, employ, use, deploy, or access information from an automated decision system unless it first engages a neutral third party to conduct an automated decision system impact assessment |
AI regulation | New York | SB 7735/AB 7906 | Bill Title: Use of Automated Decision Tools by Landlords for Making Housing Decisions | 2023 | Introduced | (b) 'Disparate impact analysis' means an impartial evaluation conducted by an independent auditor. Such disparate impact analysis shall include, but not be limited to, testing of the extent to which use of an automated decision tool is likely to result in an adverse impact to the detriment of any group on the basis of sex, race, ethnicity, or any other protected class under this article. (...) 2. It shall be unlawful for a landlord to implement or use an automated decision tool that fails to comply with the following provisions: (a) No less than annually, a disparate impact analysis shall be conducted to assess the actual impact of any automated decision tool used by any landlord to select applicants for housing within the state. Such disparate impact analysis shall be provided to the landlord. (b) A summary of the most recent disparate impact analysis of such tool as well as the distribution date of the tool to which the analysis applies shall be made publicly available on the website of the landlord prior to the implementation or use of such tool. Such summary shall also be made accessible through any listing for housing on a digital platform for which the landlord intends to use an automated decision tool to screen applicants for housing. (...) 3. (a) Any landlord that uses an automated decision tool to screen applicants for housing shall notify each such applicant of the following: (i) That an automated decision tool will be used in connection with the assessment or evaluation of such applicant; (ii) The characteristics that such automated decision tool will use in the assessment of such applicant; (iii) Information about the type of data collected for such automated decision tool, the source of such data, and the landlord's data retention policy; and (iv) If an application for housing is denied through use of the automated decision tool, the reason for such denial. |
AI regulation | New York | SB 8209/AB 8129 | Bill Title: New York Artificial Intelligence Bill of Rights | 2023 | Introduced | § 404. Safe and effective systems. 1. New York residents have the right to be protected from unsafe or ineffective automated systems. These systems must be developed in collaboration with diverse communities, stakeholders, and domain experts to identify and address any potential concerns, risks, or impacts. 2. Automated systems shall undergo pre-deployment testing, risk identification and mitigation, and shall also be subjected to ongoing monitoring that demonstrates they are safe and effective based on the intended use, mitigation of unsafe outcomes including those beyond the intended use, and adherence to domain-specific standards. (...) 6. Independent evaluation and reporting that confirms that the system is safe and effective, including reporting of steps taken to mitigate potential harms, shall be performed and the results made public whenever possible. § 405. Algorithmic discrimination practices. 1. No New York resident shall face discrimination by algorithms, and all automated systems shall be used and designed in an equitable manner. 2. The designers, developers, and deployers of automated systems shall take proactive and continuous measures to protect New York residents and communities from algorithmic discrimination, ensuring the use and design of these systems in an equitable manner. 3. The protective measures required by this section shall include proactive equity assessments as part of the system design, use of representative data, protection against proxies for demographic features, and assurance of accessibility for New York residents with disabilities in design and deployment. 4. Automated systems shall undergo pre-deployment and ongoing disparity testing and mitigation, under clear organizational oversight. 5. Independent evaluations and plain language reporting in the form of an algorithmic impact assessment, including disparity testing results and mitigation information, shall be conducted for all automated systems. 6. New York residents shall have the right to view such evaluations and reports. (...) § 407. Notice and explanation. 1. New York residents shall be informed when an automated system is in use and New York residents shall be informed how and why the system contributes to outcomes that impact them. 2. Designers, developers, and deployers of automated systems shall provide accessible plain language documentation, including clear descriptions of the overall system functioning, the role of automation, notice of system use, identification of the indivdiual or organization responsible for the system, and clear, timely, and accessible explanations of outcomes. |
AI regulation | New York | SB 7623/AB 8328 | Bill Title: Electronic Monitoring and Automated Employment Decision Tools | 2024 | Introduced | (c) An employer shall not sell, transfer, or disclose employee data collected via an electronic monitoring tool to any other entity unless it is required to do so under state or federal law, or necessary to do so to comply with a bias audit of an automated employment decision tool pursuant to subdivision four of this section. (...) 4. (a) It shall be unlawful for an employer to use an automated employment decision tool for an employment decision unless such tool has been the subject of a bias audit. Bias audits for automated employment decision tools must: (i) be conducted no more than one year prior to the use of such tool, or where the tool was in use by the employer before this act became a law, within six months of this act becoming a law; and (ii) be conducted by an independent and impartial party with no financial or legal conflicts of interest; (iii) identify and describe the attributes and modeling techniques that the tool uses to produce outputs; (...) (x) be submitted in its entirety or an accessible summary form to the department for inclusion in a public registry of such audits within sixty days of completion and distributed to employees who may be subject to the tool." |
AI regulation | Oklahoma | HB 3577 | Bill Title: Artificial Intelligence Utilization Review Act | 2024 | Passed committee | B. An insurer shall submit the artificial intelligence-based algorithms and training data sets that are being used or will be used in the utilization review process to the Department for transparency. The insurer shall submit an attestation to the Department, annually by December 31, in the manner and form prescribed by the Department on its website certifying that these artificial intelligence-based algorithms and training data sets have minimized the risk of bias based on the covered person's race, color, religious creed, ancestry, age, sex, gender, national origin, handicap or disability, and adhere to evidence-based clinical guidelines. |
AI regulation | Oklahoma | HB 3835 | Bill Title: Ethical Artificial Intelligence Act | 2024 | Introduced | A. (...) a deployer of an automated decision tool must complete and document an impact assessment for any automated decision tool the deployer uses that includes all of the following: 1. A statement of the purpose of the automated decision tool and its intended benefits, uses, and deployment contexts; 2. A description of the automated decision tool's outputs and how they are used to make, or be a controlling factor in making, a consequential decision; 3. A summary of the types of data collected from natural persons and processed by the automated decision tool when it is used to make, or be a controlling factor in making, a consequential decision; 4. A statement of the extent to which the deployer's use of the automated decision tool is consistent with or varies from the statement required of the developer by Section 5 of this act; 5. An assessment of the reasonably foreseeable risks of algorithmic discrimination arising from the use of the automated decision tool known to the deployer at the time of the impact assessment; 6. A description of the safeguards implemented, or that will be implemented, by the deployer to align use of the automated decision tool with principles of ethical artificial intelligence and to address any reasonably foreseeable risks of algorithmic discrimination arising from the use of the automated decision tool; 7. A description of how the automated decision tool will be used by a natural person, or monitored when it is used, to make, or be a controlling factor in making, a consequential decision; and 8. A description of how the automated decision tool has been or will be evaluated for validity or relevance. (...) D. Upon the request of the Office of the Attorney General, a developer or deployer must provide any impact assessment that it performed pursuant to this section to the office of the Attorney General. |
AI regulation | Pennsylvania | HB 1663 | Bill Title: Artificial Intelligence Utilization Review Act | 2023 | Introduced | (b) Transparency.--An insurer shall submit the artificial intelligence-based algorithms and training data sets that are being used or will be used in the utilization review process to the department for transparency. The department shall implement a process that allows the department to certify that these artificial intelligence-based algorithms and training data sets have minimized the risk of bias based on the covered person's race, color, religious creed, ancestry, age, sex, gender, national origin, handicap or disability and adhere to evidencebased clinical guidelines. |
AI regulation | Rhode Island | HB 5734 | Bill Title: Insurers' Use of External Consumer Data and Information Sources, Algorithms, and Predictive Models | 2023 | Introduced | (2) Rules adopted pursuant to this section shall require each insurer to: (i) Provide information to the director or commissioner concerning the external consumer data and information sources used by the insurer in the development and implementation of algorithms and predictive models for a particular type of insurance and insurance practice; (ii) Provide an explanation of the manner in which the insurer uses external consumer data and information sources, as well as algorithms and predictive models using external consumer data and information sources, for the particular type of insurance and insurance practice; (iii) Establish and maintain a risk management framework or similar processes or procedures that are reasonably designed to determine, to the extent practicable, whether the insurer's use of external consumer data and information sources, as well as algorithms and predictive models using external consumer data and information sources, unfairly discriminates based on race, color, national or ethnic origin, religion, sex, sexual orientation, disability, gender identity, or gender expression; (iv) Provide an assessment of the results of the risk management framework or similar processes or procedures and actions taken to minimize the risk of unfair discrimination, including ongoing monitoring; (...) (a) The director or the commissioner may examine and investigate an insurer's use of an external consumer data and information source, algorithm, or predictive model in any insurance practice. Insurers shall cooperate with the director and commissioner and the department of business regulation (the "department") in any examination or investigation under this section. |
AI regulation | Rhode Island | HB 6286 | Bill Title: Generative Artificial Intelligence Models | 2023 | Introduced | 6-59-4. Registration with the attorney general. (a) Any company operating a large-scale generative artificial intelligence model shall register with the attorney general within ninety (90) days of the effective date of this chapter. (b) The registration shall include the following information: (1) The name and contact information of the company; (2) A description of the large-scale generative artificial intelligence model, including its capacity, training data, intended use, design process and methodologies; and (3) Information on the company's data collection, storage and security practices. (c) The attorney general shall maintain a public registry of all companies registered under this chapter. |
AI regulation | Rhode Island | HB 7521 | Bill Title: Automated Decision Tools | 2024 | Introduced | 42-166-4. Statement of intended uses of automated decision tools. (a) A developer shall provide a deployer with a statement regarding the intended uses of the automated decision tool and documentation regarding all of the following: (1) The known limitations of the automated decision tool, including any reasonably foreseeable risks of algorithmic discrimination arising from its intended use; (2) A description of the type of data used to program or train the automated decision tool; and (3) A description of how the automated decision tool was evaluated for validity and explainability before sale or licensing. |
AI regulation | South Carolina | SB 4696 | Bill Title: Technology Transparency | 2023 | Introduced | (g) Impact assessment of automated decision systems. (1) Prior to utilizing an automated decision system, an employer shall create a written impact assessment of the system that includes, at a minimum: (A) a detailed description of the automated decision system and its purpose; (...) (2) An employer shall provide a copy of the assessment prepared pursuant to subdivision (1) of this subsection (g) to an employee upon request. |
AI regulation | Vermont | HB 0410 | Bill Title: Relating to the Use and Oversight of Artificial Intelligence in State Government | 2021 | Signed into law | (b) Inventory. The Agency of Digital Services shall conduct a review and make an inventory of all automated decision systems that are being developed, employed, or procured by State government. The inventory shall include the following for each automated decision system: (1) the automated decision system’s name and vendor; (2) a description of the automated decision system’s general capabilities, including: (A) reasonably foreseeable capabilities outside the scope of the agency’s proposed use; and (B) whether the automated decision system is used or may be used for independent decision-making powers and the impact of those decisions on Vermont residents; (3) the type or types of data inputs that the technology uses; how that data is generated, collected, and processed; and the type or types of data the automated decision system is reasonably likely to generate; |
AI regulation | Vermont | HB 0114 | Bill Title: Relating to Restricting Electronic Monitoring of Employees and Employment-Related Automated Decision Systems | 2023 | Introduced | (1) Prior to utilizing an automated decision system, an employer shall create a written impact assessment of the system that includes, at a minimum: (A) a detailed description of the automated decision system and its purpose; (...) (2) An employer shall provide a copy of the assessment prepared pursuant to subdivision (1) of this subsection (g) to an employee upon request. |
AI regulation | Vermont | HB 0710 | Bill Title: Relating to Regulating Developers and Deployers of Certain Artificial Intelligence Systems | 2024 | Introduced | (b) Except as provided in subsection (e) of this section, no developer of a high-risk artificial intelligence system shall offer, sell, lease, give, or otherwise provide a high-risk artificial intelligence system to a deployer unless the developer provides to the deployer all of the following: (...) (3) documentation describing: (A) the type of data used to program or train the high-risk artificial intelligence system;" |
AI regulation | Virginia | HB 0747 | Bill Title: Artificial Intelligence Developer Act | 2024 | Introduced | § 59.1-604. Operating standards for developers of high-risk artificial intelligence systems. (...) B. Each developer that offers, sells, leases, gives, or otherwise makes available to a deployer a high-risk artificial intelligence system shall make available to the deployer information and documentation in the developer's possession, custody, or control that is reasonably required to complete an impact assessment. (...) § 59.1-606. Operating standards for deployers. (...) C. Except as provided in this subsection, no deployer shall deploy or use a high-risk artificial intelligence system to make a consequential decision unless the deployer has completed an impact assessment for such high-risk artificial intelligence system. The deployer shall complete an impact assessment for a high-risk artificial intelligence system (i) before the deployer initially deploys such high-risk artificial intelligence system and (ii) not later than 90 days after each significant update to such high-risk artificial intelligence system. Each impact assessment completed pursuant to this subsection shall include, at a minimum: 1. A statement by the deployer disclosing (i) the purpose, intended use cases and deployment context of, and benefits afforded by the high-risk artificial intelligence system and (ii) whether the deployment or use of the high-risk artificial intelligence system poses a reasonably foreseeable risk of algorithmic discrimination and, if so, (a) the nature of such algorithmic discrimination and (b) the steps that have been taken, to the extent feasible, to mitigate such risk; 2. For each post-deployment impact assessment completed pursuant to this section, the extent to which the high-risk artificial intelligence system was used in a manner that was consistent with, or varied from, the developer's intended uses of such high-risk artificial intelligence system; 3. A description of (i) the data the high-risk artificial intelligence system processes as inputs and (ii) the outputs such high-risk artificial intelligence system produces; (...) F. The Attorney General may require that a developer disclose to the Attorney General any statement or documentation described in this chapter if such statement or documentation is relevant to an investigation conducted by the Attorney General. The Attorney General may also require that a deployer disclose to the Attorney General any risk management policy designed and implemented, impact assessment completed, or record maintained pursuant to this chapter if such risk management policy, impact assessment, or record is relevant to an investigation conducted by the Attorney General. |
AI regulation | Washington | SB 5356 | Bill Title: Establishing Guidelines for Government Procurement and Use of Automated Decision Systems | 2023 | Introduced | (2) A public agency intending to newly develop or procure an automated decision system (...) must as a condition of use of such system, at least one month prior to procurement of, or if internally developed, implementation of such a system produce and file with the office an algorithmic accountability report for that system as described in subsection (4) of this section. (...) (3) An agency intending to develop or procure an automated decision system for implementation after January 1, 2026, must, as a condition of use of such automated decision system, submit an algorithmic accountability report as described in subsection (4) of this section and obtain a finding by the algorithmic accountability review board pursuant to (d) of this subsection. (a) The office must post the algorithmic accountability reports on their public website and invite public comment on the algorithmic accountability report for a period of no less than 30 days. (4) Each algorithmic accountability report must include clear and understandable statements of the following: (...) (b) A description of the automated decision system's general capabilities, including reasonably foreseeable capabilities outside the scope of the agency's proposed use and whether the automated decision system is used or may be used to deploy or trigger any weapon; (...) (d)(i) The type or types of data inputs that the technology uses; (ii) how that data is generated, collected, and processed; and (iii) the type or types of data the system is reasonably likely to generate; |
AI regulation | Washington | HB 1951 | Bill Title: Promoting Ethical Artificial Intelligence by Protecting Against Algorithmic Discrimination | 2024 | Introduced | "Sec. 2. (1) (...) a deployer of an automated decision tool must complete and document an impact assessment for any automated decision tool the deployer uses that includes all of the following: (a) A statement of the purpose of the automated decision tool and its intended benefits, uses, and deployment contexts; (b) A description of the automated decision tool's outputs and how they are used to make, or be a controlling factor in making, a consequential decision; (c) A summary of the types of data collected from natural persons and processed by the automated decision tool when it is used to make, or be a controlling factor in making, a consequential decision; (d) A statement of the extent to which the deployer's use of the automated decision tool is consistent with or varies from the statement required of the developer by section 3 of this act; (e) An assessment of the reasonably foreseeable risks of algorithmic discrimination arising from the use of the automated decision tool known to the deployer at the time of the impact assessment; (...) (2) (...) a developer of an automated decision tool must complete and document an impact assessment of any automated decision tool that it designs, codes, or produces that includes all of the following: (a) A statement of the purpose of the automated decision tool and its intended benefits, uses, and deployment contexts; (b) A description of the automated decision tool's outputs and how they are used, as intended, to make, or be a controlling factor in making, a consequential decision; (c) A summary of the types of data collected from natural persons and processed by the automated decision tool when it is used to make, or be a controlling factor in making, a consequential decision; (d) An assessment of the reasonably foreseeable risks of algorithmic discrimination arising from the intended use or foreseeable misuse of the automated decision tool; (...) Sec. 3. A developer must provide a deployer with a statement regarding the intended uses of the automated decision tool and documentation regarding all of the following: (1) The known limitations of the automated decision tool, including any reasonably foreseeable risks of algorithmic discrimination arising from its intended use; (2) A description of the types of data used to program or train the automated decision tool; and (3) A description of how the automated decision tool was evaluated for validity and the ability to be explained before sale or licensing. Sec. 4. A developer must make publicly available, in a readily accessible manner, a clear policy that provides a summary of both of the following: (1) The types of automated decision tools currently made available to others by the developer; and (2) How the developer manages the reasonably foreseeable risks of algorithmic discrimination that may arise from the use of the automated decision tools it currently makes available to others. |
AI regulation | New York | SB 7623A | Bill Title: Boundaries on Technology Act | 2023 | Introduced | § 1011. Automated employment decision tools; impact assessments. 1. It shall be unlawful for an employer with one hundred or more employees to use an automated employment decision tool for an employment decision unless such tool has been the subject of an impact assessment. Impact assessments for automated employment decision tools must: (...) (b) be conducted by an impartial party with no financial or legal conflicts of interest; (c) identify and describe the attributes and modeling techniques that the tool uses to produce outputs; (...) (h) be submitted in its entirety or an accessible summary form to the department for inclusion in a public registry of such impact assessments within sixty days of completion, and distributed to employees who may be subject to the tool. |
AI regulation | New York | SB 5641 | Bill Title: Automated Employment Decision Tools | 2023 | Introduced | § 752. Requirements for a deployer of an automated employment decision tool. 1. Within one year of the effective date of this section, and annually thereafter, a deployer shall perform an impact assessment for any automated employment decision tool that such deployer uses. 2. The impact assessment required pursuant to subdivision one of this section shall include, but not be limited to: (a) A statement of the purpose of the automated employement decision tool and its benefits, uses, and deployment contexts; (b) A description of the automated employment decision tool's output and how such output is the controlling factor in a consequential employment decision; (c) A summary of the type of data collected from an individual and processed by the automated employment decision tool when such tool is the controlling factor in a consequential employment decision; (...) § 753. Requirements for a developer of an automated employment decision tool. 1. A developer shall provide a deployer with a statement regarding the intended use of the automated employment decision tool and documentation regarding: (a) The known limitations of the consequential automated decision tool, including any reasonably foreseeable risk of unlawful discrimination arising from its intended use; (b) A description of the type of data used to program or train the automated employment decision tool; and (c) A description of how the automated employment decision tool was evaluated for validity and explainability before sale or licensing. |
Data privacy | California | AB 0352 | Bill Title: Health Information | 2023 | Signed into law | (c) (1) A business (...) that electronically stores or maintains medical information on the provision of sensitive services, including, but not limited to, on an electronic health record system or electronic medical record system, on behalf of a provider of health care, health care service plan, pharmaceutical company, contractor, or employer, shall develop capabilities, policies, and procedures (...) to enable all of the following: (A) Limit user access privileges to information systems that contain medical information related to gender affirming care, abortion and abortion-related services, and contraception only to those persons who are authorized to access specified medical information. (B) Prevent the disclosure, access, transfer, transmission, or processing of medical information related to gender affirming care, abortion and abortion-related services, and contraception to persons and entities outside of this state in accordance to this part. (C) Segregate medical information related to gender affirming care, abortion and abortion-related services, and contraception from the rest of the patient’s record. (D) Provide the ability to automatically disable access to segregated medical information related to gender affirming care, abortion and abortion-related services, and contraception by individuals and entities in another state. |
Data privacy | Maryland | HB 0812/SB 0786 | Bill Title: Reproductive Health Services Protected Information and Insurance Requirements | 2023 | Signed into law | (3) (II) Except as provided in subparagraph (III) of this paragraph, the Secretary may adopt restrictions on the disclosure of abortion care or other sensitive health services under subparagraph (I) of this paragraph that are applicable only to disclosures by health information exchanges or electronic health networks to out-of-state treating providers, out-of-state business entities, other health information exchanges, or other electronic health networks. (III) Any regulations adopted by the Secretary to implement restrictions on the disclosure of Mifepristone data under subsection (B) of this section shall apply to disclosures of data to recipients located in the State and outside the State. |
Data privacy | Montana | SB 0351 | Bill Title: Genetic Information Privacy Act | 2023 | Signed into law | (7) Genetic data and biometric samples of Montana residents collected in the state may not be stored within the territorial boundaries of any country currently sanctioned in any way by the United States office of foreign asset control or designated as a foreign adversary under 15 CFR 7.4 (a). Genetic data or biometric data of Montana residents collected in the state may only be transferred or stored outside the United States with the consent of the resident. |
Kids' online safety | California | AB 2273 | Bill Title: Age Appropriate Design Code Act | 2022 | Signed into law | 1798.99.31. (a) A business that provides an online service, product, or feature likely to be accessed by children shall take all of the following actions: (1) (A) Before any new online services, products, or features are offered to the public, complete a Data Protection Impact Assessment for any online service, product, or feature likely to be accessed by children and maintain documentation of this assessment as long as the online service, product, or feature is likely to be accessed by children. A business shall biennially review all Data Protection Impact Assessments. (B) The Data Protection Impact Assessment required by this paragraph shall identify the purpose of the online service, product, or feature, how it uses children’s personal information, and the risks of material detriment to children that arise from the data management practices of the business. The Data Protection Impact Assessment shall address, to the extent applicable, all of the following: (i) Whether the design of the online product, service, or feature could harm children, including by exposing children to harmful, or potentially harmful, content on the online product, service, or feature. (ii) Whether the design of the online product, service, or feature could lead to children experiencing or being targeted by harmful, or potentially harmful, contacts on the online product, service, or feature. (iii) Whether the design of the online product, service, or feature could permit children to witness, participate in, or be subject to harmful, or potentially harmful, conduct on the online product, service, or feature. (iv) Whether the design of the online product, service, or feature could allow children to be party to or exploited by a harmful, or potentially harmful, contact on the online product, service, or feature. (v) Whether algorithms used by the online product, service, or feature could harm children. (vi) Whether targeted advertising systems used by the online product, service, or feature could harm children. (vii) Whether and how the online product, service, or feature uses system design features to increase, sustain, or extend use of the online product, service, or feature by children, including the automatic playing of media, rewards for time spent, and notifications. (viii) Whether, how, and for what purpose the online product, service, or feature collects or processes sensitive personal information of children. (...) (4) (A) For any Data Protection Impact Assessment completed pursuant to paragraph (1), make the Data Protection Impact Assessment available, within five business days, to the Attorney General pursuant to a written request. |
Kids' online safety | Illinois | HB 3880 | Bill Title: Children Privacy Protection and Parental Empowerment Act | 2023 | Introduced | (a) A business that provides an online service, product, or feature likely to be accessed by children shall take all of the following actions: (1) Before any new online services, products, or features are offered to the public, complete a Data Protection Impact Assessment for any online service, product, or feature likely to be accessed by children and maintain documentation of this assessment as long as the online service, product, or feature is likely to be accessed by children. A business shall biennially review all Data Protection Impact Assessments. The Data Protection Impact Assessment required by this paragraph shall identify the purpose of the online service, product, or feature, how it uses children's personal information, and the risks of material detriment to children that arise from the data management practices of the business. The Data Protection Impact Assessment shall address, to the extent applicable, all of the following: (...) (E) whether algorithms used by the online product, service, or feature could harm children; (...) (4) For any Data Protection Impact Assessment completed as required by paragraph (1), make the Data Protection Impact Assessment available, within 5 business days, to the Attorney General pursuant to a written request. |
Kids' online safety | New Mexico | SB 0068 | Bill Title: Age Appropriate Design Code Act | 2024 | Failed | B. The data protection impact assessment required by this section shall identify the purpose of an online product, service or feature and how the online product, service or feature uses children's personal data and determine whether the online product, service or feature is designed and offered in an age-appropriate manner consistent with the best interest of children who are accessing or reasonably likely to access the online product, service or feature by examining at least the following: (4) whether algorithms used by the online product, service or feature would be inconsistent with the best interest of children reasonably likely to access the online product, service or feature; (...) (4) within seven business days of a written request by the attorney general, provide a data protection impact assessment to the attorney general pursuant to such a request; provided that the attorney general may, in the attorney general's discretion, extend the time allowed for a covered entity to produce a data protection impact assessment. |
Kids' online safety | South Carolina | HB 4842 | Bill Title: South Carolina Age Appropriate Design Code Act | 2024 | Introduced | (B) A data protection impact assessment required by this section must identify the purpose of the online service, product, or feature; how it uses children's personal data; and determine whether the online service, product, or feature is designed and offered in an age-appropriate manner consistent with the best interests of children that are reasonably likely to access the online product by examining at least the following: (...) (4) whether algorithms used by the product, service, or feature could harm children or would result in: reasonably foreseeable and material physical or financial harm to the child; reasonably foreseeable and severe psychological or emotional harm to the child; a highly offensive intrusion on the reasonable privacy expectations of the child; or discrimination against the child based upon race, color, religion, national origin, disability, sex, or sexual orientation; (...) (4) within five business days of a written request by the Attorney General, provide the Attorney General with a copy of any data protection impact assessment. The Attorney General may, in his discretion, extend beyond seven business days the amount of time allowed for a covered entity to produce a data protection impact assessment; |
Kids' online safety | Texas | HB 0018 | Bill Title: Securing Children Online through Parental Empowerment Act | 2023 | Signed into law | Sec. 509.053. DIGITAL SERVICE PROVIDER DUTY TO PREVENT HARM TO KNOWN MINORS. (a) In relation to a known minor’s use of a digital service, a digital service provider shall develop and implement a strategy to prevent the known mino ’s exposure to harmful material and other content that promotes, glorifies, or facilitates: (1) suicide, self-harm, or eating disorders; (2) substance abuse; (3) stalking, bullying, or harassment; or (4) grooming, trafficking, child pornography, or other sexual exploitation or abuse. (b) A strategy developed under Subsection (a): (1) must include: (A) creating and maintaining a comprehensive list of harmful material or other content described by Subsection (a) to block from display to a known minor; (B) using filtering technology and other protocols to enforce the blocking of material or content on the list under Paragraph (A); (...) (G) except as provided by Section 509.058, making available the digital service provider’s algorithm code to independent security researchers; (...) Sec. 509.056. USE OF ALGORITHMS. A digital service provider that uses algorithms to automate the suggestion, promotion, or ranking of information to known minors on the digital service shall: (1) make a commercially reasonable effort to ensure that the algorithm does not interfere with the digital service provider’s duties under Section 509.053; and (2) disclose in the digital service provider’s terms of service, privacy policy, or similar document, in a clear and accessible manner, an overview of: (A) the manner in which the digital service uses algorithms to provide information or content; (B) the manner in which algorithms promote, rank, or filter information or content; and (C) the personal identifying information used as inputs to provide information or content. |
Kids' online safety | Utah | HB 0311 | Bill Title: Utah Social Media Regulation Act | 2023 | Signed into law | (2) (...) a social media company shall not use a practice, design, or feature on the company's social media platform that the social media company knows, or which by the exercise of reasonable care should know, causes a Utah minor account holder to have an addiction to the social media platform. (...) (b) A social media company shall not be subject to a civil penalty for violating this section if the social media company, as an affirmative defense, demonstrates that the social media company: (i) instituted and maintained a program of at least quarterly audits of the social media company's practices, designs, and features to detect practices, designs, or features that have the potential to cause or contribute to the addiction of a minor user; and (ii) corrected, within 30 days of the completion of an audit described in Subsection (3)(b)(i), any practice, design, or feature discovered by the audit to present more than a de minimus risk of violating this section. |
Right to repair | Alabama | HB 0261 | Bill Title: Alabama Consumer Repair Bill of Rights Act | 2024 | Introduced | Section 3. (a) As used in this section "documentation, parts, or embedded software" means any documentation, parts, embedded software, embedded software for agricultural equipment, firmware, tools, or, with owner authorization, data, that are intended for use with the equipment or any part, including updates to documentation, parts, embedded software, embedded software for agricultural equipment, firmware, tools, or, with owner authorization, data. (b) Except as provided in subsection (c): (1) For the purpose of providing services for equipment in the state, an original equipment manufacturer, with fair and reasonable terms and costs, shall make available to an independent repair provider or owner of the manufacturer's equipment the documentation, parts, or embedded software, including updates to the documentation, parts, or embedded software. (2) With respect to equipment that contains an electronic security lock or other security-related function, a manufacturer, with fair and reasonable terms and costs, shall make available to independent repair providers and owners the documentation, parts, or embedded software needed to reset the lock or function when disabled in the course of providing services. The manufacturer may make the documentation, parts, or embedded software available to independent repair providers and owners through appropriate secure release systems. |
Right to repair | Alaska | SB 0112 | Bill Title: Digital Right to Repair Act | 2023 | Introduced | Sec. 45.45.800. Digital product diagnosis, maintenance, and repair. (a) A digital product manufacturer shall, as required under AS 45.45.800 - 45.45.890, make available to an independent service provider or owner of a digital product manufactured, sold, or leased by or on behalf of the manufacturer any documentation, parts, and tools necessary for the diagnosis, maintenance, or repair of the digital product. (b) The documentation, parts, and tools made available under (a) of this section must include any changes made by the digital product manufacturer to update, fix, or improve a computer program, including the program's data, or firmware used in the product or part. Sec. 45.45.810. Security features. If a digital product contains an electronic security lock or other security-related feature that is disabled during the diagnosis, maintenance, or repair of the product, the digital product manufacturer shall make available to the independent service provider or owner of the product the documentation, tools, and parts necessary to reset the security-related feature. The manufacturer may use appropriate secure release systems to make the documentation, tools, and parts available. |
Right to repair | Arizona | SB 1536 | Bill Title: Right to Repair Act | 2024 | Introduced | 44-8032. Manufacturers; requirements; exception A. Notwithstanding any other law, a manufacturer of an electronic or appliance product shall make available to the product owner all of the following: 1. Service and repair faciliites. 2. Service dealers. 3. Sufficient documentation and functional parts and tools including any updates, on fair and reasonable terms, to affect the diagnosis, maintenance or repair of a product. |
Right to repair | California | SB 0244 | Bill Title: Right to Repair Act | 2023 | Signed into law | 42488.2. (a) Notwithstanding any other law, every manufacturer of an electronic or appliance product with a wholesale price to the retailer, or to others outside of direct retail sale, of not less than fifty dollars ($50) and not more than ninety-nine dollars and ninety-nine cents ($99.99), shall make available to owners of the product, service and repair facilities, and service dealers, sufficient documentation and functional parts and tools, inclusive of any updates, on fair and reasonable terms, to effect the diagnosis, maintenance, or repair of a product for at least three years after the last date a product model or type was manufactured, regardless of whether the three-year period exceeds the warranty period for the product. |
Right to repair | Colorado | Bill Title: HB 22-1031 | Bill Title: Consumer Right To Repair Powered Wheelchairs | 2022 | Signed into law | 6-1-1503. Powered wheelchair manufacturer obligations regarding services - exemptions. (1) Except as provided in subsection (2) of this section: (a) For the purpose of providing services for equipment in the state, an original equipment manufacturer shall, with fair and reasonable terms and costs, make available to an independent repair provider or owner of the manufacturer's equipment any documentation, parts, embedded software, firmware, or tools that are intended for use with the equipment or any part, including updates to documentation, parts, embedded software, firmware, or tools. (b) With respect to equipment that contains an electronic security lock or other security-related function, a manufacturer shall, with fair and reasonable terms and costs, make available to independent repair providers and owners any documentation, parts, embedded software, firmware, or tools needed to reset the lock or function when disabled in the course of providing services. The manufacturer may make the documentation, parts, embedded software, firmware, or tools available to independent repair providers and owners through appropriate secure release systems. |
Right to repair | Colorado | HB 23-1011 | Bill Title: Consumer Right To Repair Agricultural Equipment | 2023 | Signed into law | 6-1-1503. Equipment manufacturer obligations regarding services - exemptions. (1) Except as provided in subsection (2) of this section: (a) For the purpose of providing services for equipment in the state, an original equipment manufacturer shall, with fair and reasonable terms and costs, make available to an independent repair provider or owner of the manufacturer's equipment any documentation, parts, embedded software, embedded software for agricultural equipment, firmware, tools, or, with owner authorization, data that are intended for use with the equipment or any part, including updates to documentation, parts, embedded software, embedded software for agricultural equipment, firmware, tools, or, with owner authorization, data. (b) With respect to equipment that contains an electronic security lock or other security-related function, a manufacturer shall, with fair and reasonable terms and costs, make available to independent repiar providers and owners any documentation, parts, embedded software, embedded software for agricultural equipment, firmware, tools, or, with owner authorization, data needed to reset the lock or function when disabled in the course of providing services. The manufacturer may make the documentation, parts, embedded software, embedded software for agricultural equipment, firmware, tools, or, with owner authorization, data available to independent repair providers and owners through appropriate secure release systems. |
Right to repair | Colorado | HB 24-1121 | Bill Title: Consumer Right to Repair Digital Electronic Equipment | 2024 | Signed into law | 6-1-1503. Manufacturer obligations regarding services - exemptions. (1) Except as provided in subsections (2) and (5) of this section: (a) (I) For the purpose of providing services for digital electronic equipment, agricultural equipment, or powered wheelchairs in the state, an original equipment manufacturer shall, with fair and reasonable terms and costs, as applied to agricultural equipment or powered wheelchairs, or fair and reasonable terms and costs for digital electronic equipment, make available to an independent repair provider or owner of the manufacturer's digital electronic equipment, agricultural equipment, or powered wheelchair any documentation, parts, embedded software, embedded software for agricultural equipment, firmware, or tools that are intended for use with the digital electronic equipment, agricultural equipment, or powered wheelchair or any part, including updates to documentation, parts, embedded software, embedded software for agricultural equipment, firmware, or tools. (II) A manufacturer shall make available to an independent repair provider or owner, on fair and reasonable terms, any documentation, embedded software, tool, part, or other device or implement that the manufacturer provides for effecting the services of maintenance, repair, or diagnosis on the manufacturer's electronic equipment. (III) With respect to parts, a manufacturer complies with the subsection (1)(a) if a contractor makes the parts available to an independent repair provider or owner on behalf of the manufacturer. (a.5) For the purpose of providing services for agricultural equipment in the state, a manufacturer shall, with fair and reasonable terms and costs and with owner authorization, make data available to an independent repair provider or owner, including updates to the data. (b) (I) With respect to agricultural equipment or a powered wheelchair that contains an electronic security lock or other security-related function, a manufacturer shall, with fair and reasonable terms and costs, as applied to agricultural equipment or powered wheelchairs, make available to independent repiar providers and owners any documentation, parts, embedded software, embedded software for agricultural equipment, firmware, tools, or, with owner authorization, data needed to reset the lock or function when disabled in the course of providing services. The manufacturer may make the documentation, parts, embedded software, embedded software for agricultural equipment, firmware, tools, or, with owner authorization, data available to independent repair providers and owners through appropriate secure release systems. |
Right to repair | Connecticut | HB 6083 | Bill Title: Establishing a Right to Repair Motorized Wheelchairs | 2023 | Introduced | That the general statuses be amended to provide that: (1) A motorized wheelchair manufacturer shall provide to a motorized wheelchair owner or independent repairer all parts, embedded software, firmware, tools and technical documentation necessary for the owner or repairer to perform diagnostic, maintenance and repair work on the wheelchair; (2) any failure to provide such parts, software, firmware, tools and technical documentation constitutes an unfair or deceptive act or practice within the meaning of the Connecticut Unfair Trade Practices Act; and (3) no such manufacturer shall be required to divulge any trade secret to an owner or independent repairer. |
Right to repair | Connecticut | SB 0003 | Bill Title: Concerning Consumer Protection | 2024 | Passed both chambers | (b) (1) Notwithstanding any other provision of the general statutes, the manufacturer of an electronic or appliance product shall make available, on fair and reasonable terms, to the owners of such product, service and repair facilities and service dealers documentation and functional parts and tools, inclusive of any updates thereto, that are sufficient to effect the diagnosis, maintenance or repair of such product |
Right to repair | Delaware | HB 0041 | Bill Title: Delaware Digital Right to Repair Act | 2023 | Passed committee | § 2503G. Requirements. (a) For digital electronic equipment, and parts for such equipment, sold or used in this State, an original equipment manufacturer shall make available, for purposes of diagnosis, maintenance, or repair, to any independent repair provider, or to the owner of digital electronic equipment manufactured by or on behalf of, or sold by, the original equipment manufacturer, on fair and reasonable terms, documentation, parts, and tools, inclusive of any updates to information or embedded software. Nothing in this section requires an original equipment manufacturer to make available a part if the part is no longer available to the original equipment manufacturer. (b) For equipment that contains an electronic security lock or other security-related function, the original equipment manufacturer shall make available to the owner and to independent repair providers, on fair and reasonable terms, any special documentation, tools, and parts needed to reset the lock or function when disabled in the course of diagnosis, maintenance, or repair of the equipment. Such documentation, tools, and parts may be made available through appropriate secure release systems. |
Right to repair | Florida | HB 0533/SB 0422 | Bill Title: Agricultural Equipment Fair Repair Act | 2023 | Failed | (2) For equipment sold and used in this state, the original equipment manufacturer shall make available diagnostic and repair documentation, including repair technical updates and updates and corrections to embedded software, to any independent repair provider or owner of equipment manufactured by such original equipment manufacturer. The information must be made available for no charge or provided in the same manner as the original equipment manufacturer makes such diagnostic and repair documentation available to an authorized repair provider. Thereafter, the original equipment manufacturer is not responsible for the content and functionality of such aftermarket diagnostic tools, diagnostics, or service information systems. (3) Original equipment manufactured by the original equipment manufacturer which is sold or used in this state to provide security-related functions may not exclude from information provided to an owner or independent repair provider any diagnostic, service, and repair documentation necessary to reset a security-related electronic function. If such documentation is excluded under this section, the documentation necessary to reset an immobilizer system or a security-related electronic module must be obtained by an owner or independent repair provider through the appropriate secure data release systems. |
Right to repair | Georgia | SB 0243 | Bill Title: Right to Repair Act | 2023 | Introduced | "10-1-951. As used in this article, the term: (...) (2) 'Diagnostic and repair information' means any information provided to an authorized repair provider by the manufacturer of a digital electronic product for the purposes of diagnosis, service, maintenance, or repair of the digital electronic product. Such term includes manuals, diagrams, reporting output, service code descriptions, repair technical updates, diagnostic software, service access passwords, updates and corrections to firmware, and any related information or documentation. (...) 10-1-952. (a) A manufacturer shall: (1) Make diagnostic and repair information that is provided to an authorized repair provider available to an indpendent repair provider in the same manner and without any additional charge; (2) Make a part that is provided to an authorized repair provider available for purchase by an independent repair provider upon fair and reasonable terms; provided, however, that a manufacturer is under no obligation to make available a part that is not available to the manufacturer or the authorized repair provider; and (3) Make a diagnostic repair tool that incorporates the same diagnostic repair capabilities made available to an authorized repair provider available for purchase by an independent repair provider upon fair and reasonable terms." |
Right to repair | Hawaii | SB 1105/HB 0645 | Bill Title: State Right-to-Repair Law | 2023 | Introduced | s -2 Requirements. (a) For digital electronic equipment, and parts for the equipment, sold or used in the State, an original equipment manufacturer shall make available; for purposes of diagnosis, maintenance, or repair; to any independent repair provider or owner of digital electronic equipment manufactured by or on behalf of; or sold by; the original equipment manufacturer; on fair and reasonable terms; documentation, parts, and tools, inclusive of any updates to information or embedded software. Nothing in this section requires an original equipment manufacturer to make available a part if the part is no longer available to the original equipment manufacturer. (b) For equipment that contains an electronic security lock or other security—related function, the original equipment manufacturer shall make available to the owner and independent repair providers, on fair and reasonable terms, any special documentation, tools, and parts needed to reset the lock or function when disabled in the course of diagnosis, maintenance, or repair of the equipment. The documentation, tools, and parts may be made available through appropriate secure release systems. |
Right to repair | Hawaii | SB 1172 | Bill Title: Medical Device Right to Repair Act | 2023 | Introduced | § -3 Requirements. (a) Each original equipment manufacturer shall make available to each applicable owner and independent repair provider, on fair and reasonable terms: (1) Documentation, parts, and tools, including any updates to information or embedded software, used in the inspection, diagnosis, maintenance, or repair of the applicable equipment; provided that nothing in this paragraph shall be construed as requiring an original equipment manufacturer to make available a part that is no longer available to the original equipment manufacturer; and (2) Training courses and materials regarding the operation, inspection, diagnosis, maintenance, and repair of the powered medical equipment. (b) For powered medical equipment containing an electronic security lock or other security—related function, the original equipment manufacturer shall make available to each applicable owner and independent repair provider, on fair and reasonable terms, any special documentation, tools, and parts needed to reset any lock or function that is disabled during the inspection, diagnosis, maintenance, or repair of the equipment; provided that the original equipment manufacturer may make available the special documentation, tools, and parts through appropriate secure release systems. |
Right to repair | Hawaii | SB 2700 | Bill Title: Right to Repair Act | 2024 | Introduced | § -2 Requirements. (a) Notwithstanding any other law to the contrary, each manufacturer of an electronic or appliance product that is sold to the retailer or any other person or business outside of direct retail sale at a wholesale price of: (1) Not less than $50 and not more than $99.99 shall make available to each applicable owner of the product, service and repair facility, and service dealer, sufficient documentation and functional parts and tools, including any updates thereof, on fair and reasonable terms, to effect the diagnosis, maintenance, or repair of a product for at least three years after the last date that a product model or type was manufactured, regardless of whether the three-year period exceeds the warranty period for the product; and (2) More than $99.99 shall make available to each applicable owner of the product, service and repair facility, and service dealer, sufficient documentation and functional parts and tools, including any updates thereof, on fair and reasonable terms, to effect the diagnosis, maintenance, or repair of a product for at least seven years after the last date that a product model or type was manufactured, regardless of whether the seven-year period exceeds the warranty period for the product. |
Right to repair | Illinois | HB 3601 | Bill Title: Educational Technology Right to Repair Act | 2023 | Introduced | Section 10. Requirements. (a) For educational technology equipment and parts for educational technology equipment that are sold or used in this State, an original equipment manufacturer shall make available to any independent repair provider and owner of educational technology equipment manufactured by on behalf of, or sold by such original equipment manufacturer, on fair and reasonable terms, any documentation, parts, and tools, required for the diagnosis, maintenance, or repair of educational technology equipment and parts for educational technology equipment, inclusive of any updates to information. The documentation parts and tools shall be made available either directly by the original equipment manufacturer or via an authorized repair provider. (b) For equipment that contains an electronic security lock or other security-related function, the original equipment manufacturer shall make available to any owner and independent repair provider, on fair and reasonable terms, any special documentation, tools, and parts needed to access and reset the lock or function when disabled in the course of diagnosis, maintenance, or repair of educational technology equipment. The documentation, tools, and parts may be made available through appropriate secure release systems. (c) For educational technology equipment sold or used in this State, an original equipment manufacturer shall provide functional parts to effect the repair of equipment for at least 10 years after the date a product model or type was manufactured. (d) For educational technology equipment sold or used in this State, an original equipment manufacturer operating system developer shall provide necessary software updates of equipment for at least 10 years after the date a product model or type was manufactured. |
Right to repair | Illinois | HB 3602 | Bill Title: Powered Wheelchair Right to Repair Act | 2023 | Introduced | Section 10. Requirements. (a) For powered wheelchairs and parts for powered wheelchairs that are sold or used in this State, an original equipment manufacturer shall make available to any independent repair provider and owner of a powered wheelchair manufactured by on behalf of, or sold by such original manufacturer, on fair and reasonable terms, any documentation, parts, and tools required for the diagnosis, maintenance, or repair of such a pwoered wheelchair and parts for the powered wheelchair, inclusive of any updates to information. The documentation parts and tools shall be made available either directly by the original equipment manufacturer or via an authorized repair provider. (b) For equipment that contains an electronic security lock or other security-related function, the original equipment manufacturer shall make available to any owenr and independent repair provider, on fair and reasonable terms, any special documentation, tools, and parts needed to access and reset the lock or function when disabled in the course of diagnosis, maintenance, or repair fo the powered wheelchair. The documentation, tools, and parts may be made available through appropriate secure release systems. |
Right to repair | Illinois | SB 2669 | Bill Title: Agricultural Equipment Repair Bill of Rights Act | 2024 | Introduced | Section 10. Services for agricultural equipment; documentation. (a)(1) Except as provided in subsection (b), for the purpose of providing services for equipment in this State, an original equipment manufacturer shall, with fair and reasonable terms and costs, make available to an independent repair provider or owner of the manufacturer's equipment any documentation, parts, embedded software, firmware, or tools that are intended for use with the equipment or any part, including updates to documentation, parts, embedded software, firmware, or tools. (2) With respect to equipment that contains an electronic security lock or other security-related function, a manufacturer shall, with fair and reasonable terms and costs, make available to independent repair providers and owners any documentation, parts, embedded software, firmware, or tools needed to reset the lock or function when disabled in the course of providing services. The manufacturer may make the documentation, parts, embedded software, firmware, or tools available to independent repair providers and owners through appropriate secure release systems. |
Right to repair | Illinois | SB 2680 | Bill Title: Right to Repair Act | 2024 | Introduced | Section 10. Right to repair. (a) Notwithstanding any other law, every manufacturer of an electronic or appliance product with a wholesale price or direct sales price of more than $50 and less than $100 shall make service and repair facilities available to owners of the product. The manufacturer shall make available to service and repair facilities and service dealers sufficient documentation and functional parts and tools, inclusive of any updates, on fair and reasonable terms, to effect the diagnosis, maintenance, or repair of a product for at least 3 years after the last date a product model or type was manufactured, regardless of whether the 3-year period exceeds the warranty period for the product. (b) Notwithstanding any other law, every manufacturer of an electronic or appliance product with a wholesale price or direct sales price of $100 or more shall make service and repair facilities available to owners of the product. The manufacturer shall make available to service and repair facilities and service dealers sufficient documentation and functional parts and tools, inclusive of any updates, on fair and reasonable terms, to effect the diagnosis, maintenance, or repair of a product for at least 7 years after the last date a product model or type was manufactured, regardless of whether the 7-year period exceeds the warranty period for the product. |
Right to repair | Indiana | SB 0053 | Bill Title: Access to Product Repair Resources | 2023 | Introduced | Sec. 13. As used in this chapter, "service documentation" means information, including: (1) manuals; (2) schematics; (3) diagrams; (4) report output; (5) service code descriptions; (6) technical updates; (7) service access passwords; and (8) information necessary to reset or unlock a security related function; that is provided by a manufacturer to an authorized service provider for the performance of diagnostic, maintenance, or repair service on the consumer electronic device or agricultural equipment. (...) Sec. 17. (a) Except as provided in section 18 of this chapter, a manufacturer that sells or leases a consumer electronic device or a piece of agricultural equipment in Indiana must do the following: (1) Subject to subsection (b), provide the service documentation for the consumer electronic device or agricultural equipment to an independent service provider for, or to an owner of, the consumer electronic device or agricultural equipment: (A) within the amount of time within which; (B) in the format in which; and (C) at no cost or at a price that is not more than the price at which; the manufacturer provides the service documentation to an authorized service provider for the consumer electronic device or agricultural equipment. |
Right to repair | Indiana | HB 1155 | Bill Title: Access to Product Repair Resources for Agricultural Equipment | 2024 | Introduced | Sec. 9. As used in this chapter, "service documentation" means information, including: (1) manuals; (2) schematics; (3) diagrams; (4) report output; (5) service code descriptions; (6) technical updates; (7) passwords neededto access repair or diagnostic functions; and (8) information necessary to reset or unlock a security related function, with the permission of the owner; that is provided by a manufacturer to an authorized service provider for theperformance ofdiagnostic,maintenance, or repair service on a piece of agricultural equipment. (...) Sec. 13. (a) Except as provided in section 14 of this chapter, a manufacturer thatsells or leases a piece of agricultural equipment in Indiana must do the following: (1) Subject to subsection (b), provide the service documentation for the agricultural equipment to an independentservice provider for, or to an owner of, the piece of agricultural equipment: (A) within the amount of time within which; (B) in the format in which; and (C) at no cost or at a price that is not more than the price at which; the manufacturer provides the service documentation to an authorized service provider for the piece of agricultural equipment. |
Right to repair | Iowa | HB 0587 | Bill Title: Iowa Right to Repair Act | 2023 | Introduced | Sec. 3. 554G.3 Requirements. 1. An original equipment manufacturer of a hand-held electronic communication device, home appliance, or motor vehicle shall make diagnostic and repair information, including repair technical updates and embedded software updates and corrections, available to any independent repair provider or interest holder of digital electronic equipment manufactured by an original equipment manufacturer for no charge or in the same manner as the manufacturer makes such diagnostic and repair information available to authorized repair providers after the hand-held electronic communication device, home appliance, or motor vehicle is six years old. 2. An original equipment manufacturer that sells any diagnostic and repair information to any independent repair provider or to any interest holder in a format that is standardized with other original equipment manufacturers, and on terms and conditions more favorable than the manner and the terms and conditions pursuant to which the authorized repair provider obtains the same diagnostic and repair information, shall not require an authorized repair provider or interest holder to ocntinue purchasing diagnostic and repair information in a proprietary format, unless such proprietary format includes diagnostic and repair inforamtion or functionality that is not available in such standardized format. |
Right to repair | Kentucky | HB 0698 | Bill Title: Right to Repair Agricultural Equipment | 2024 | Introduced | (2) An original equipment manufacturer shall provide services for agricultural equipment in the Commonwealth with fair and reasonable terms and costs, and make available to an independent repair provider or owner of the manufacturer's equipment any documentation, parts, embedded software, firmware, tools, or with owner authorization, data that is intended for use of the equipment or part, including updates to documentation, parts, embedded software, firmware, tools, or owner-authorized data. (3) A manufacturer shall make equipment containing an electronic security lock or other security-related function available with fair and reasonable terms and costs to independent repair providers and owners including documentation, parts, embedded software, firmware, tools, or owner-authorized data needed to reset the lock or function when disabled while providing services. The manufacturer shall make the documentation, parts, embedded software, firmware, tools, or owner authorized data available to independent repair providers and owners through appropriate secure release systems. |
Right to repair | Maine | SP 0608 | Bill Title: Right to Repair Electronic Equipment | 2023 | Passed one chamber | 2. Requirements. An original equipment manufacturer shall, with respect to any digital electronic equipment sold or used in this State, make available on fair and reasonable terms to the owner of the equipment or to any independent repair provider: A. Parts, tools and documentation necessary to repair the digital electronic equipment, including any updates to information or embedded software; and B. If the digital electronic equipment contains an electronic security lock or other security-related function, any parts, tools and documentation needed to reset the lock or function when disabled in the course of diagnosis, maintenance or repair of the equipment. |
Right to repair | Maryland | HB 0712 | Bill Title: Farm Equipment Repair | 2023 | Failed | 14–4503. (a) For farm equipment, or parts for farm equipment, manufactured by an original equipment manufacturer or on its behalf, or sold or otherwise supplied by it, and sold used in the state, the original equipment manufacturer shall, on fair and reasonable terms, make available to an independent repair provider or owner of the farm equipment documentation, parts, and tools, inclusive of any updates, for purposes of diagnosis, maintenance, or repair of the farm equipment. (b) (1) subject to paragraph (2) of this subsection, a farm equipment manufacturer that sells farm equipment that contains a security–related function shall make available to an owner or independent repair provider, on fair and reasonable terms, any special documentation, tools, and parts needed to reset the lock or function. (2) if necessary for security purposes, a farm equipment manufacturer may provide information necessary to reset an immobilizer system or security–related electronic module through a secure data release system. |
Right to repair | Massachusetts | Chapter 93J | Bill Title: Massachusetts Right to Repair Act | 2012 | Signed into law | Section 2. Commencing with new motor vehicle model year 2015 and thereafter, no manufacturer of a motor vehicle may sell or lease or offer for sale or lease, directly or through a dealer, a new motor vehicle without affording to the owner access to the same diagnostic and repair information relative to said new motor vehicle that the manufacturer makes available to its dealers and authorized repair facilities. The manufacturer shall maintain a diagnostic and repair information system which shall enable the owner of the motor vehicle or the owner's designated independent repair facility, the capability to utilize such system via the worldwide web or other electronically available manufacturer repair information system on a hourly, daily, monthly or yearly subscription basis at cost and terms that are no greater than fair market value and nondiscriminatory as compared with the terms and costs charged to dealers or authorized repair facilities. Manufacturers shall provide access to their diagnostic and repair information system through a non-proprietary vehicle interface that complies with SAE J2534 as required by the United States Environmental Protection Agency in 40 CFR § 86.1808-01(f). The manufacturer's diagnostic and repair information system shall provide the same diagnostic and repair information, including technical updates, which the manufacturer makes available to its dealers and authorized motor vehicle repair facilities. |
Right to repair | Massachusetts | SB 2478/SB 0142/HB 0360 | Bill Title: Portable Wireless Device Repair Act | 2023 | Introduced | Section 2. Manufacturers of portable wireless devices, or parts for such equipment, manufactured by it or on its behalf, or sold or otherwise supplied by it in the Commonwealth, shall make available to owners of such devices and to independent repair providers, on fair and reasonable terms, documentation, parts, and tools, inclusive of any updates, for purposes of diagnosis, maintenance, or repair of such devices. Nothing in this subsection requires a manufacturer to make available a part that is no longer available to the manufacturer. |
Right to repair | Michigan | HB 4673 | Bill Title: Agricultural Equipment Repair Act | 2023 | Passed committee | Sec. 5. An original equipment manufacturer or authorized repair provider of agricultural equipment that is sold or used in this state on or after the effective date of this act shall make available to an independent repair provider or owner, on fair and reasonable costs and terms, any part, tool, or documentation needed to diagnose, maintain, or repair the agricultural equipment. |
Right to repair | Michigan | SB 0686 | Bill Title: Digital Electronic Equipment Repair Act | 2024 | Introduced | Sec. 3. (1) Except as otherwise provide in this section, for digital electronic equipment and parts for the equipment, sold or used in this state, an original equipment manufacturer shall make available, for the purposes of the diagnosis, maintenance, or repair of the equipment, to any independent repair provider or to the owner of the digital electronic equipment manufactured by or on behalf of, or sold or otherwise supplied by, the original equipment manufacturer, on fair and reasonable terms, documentation, parts, and tools, inclusive of any updates to information or embedded software. This subsection does not require an original equipment manufacturer to make available a part if the part is no longer available to the original equipment manufacturer. (2) Except as otherwise provided in this section, for digital electronic equipment that contains an electronic security lock or other security-related function, the original equipment manufacturer shall make available to independent repair providers and the owner, on fair and reasonable terms, any special documentation, tools, and parts needed to disable the lock or function and to reset it when disabled in the course of the diagnosis, maintenance, or repair of the equipment. The documentation, tools, and parts described in this subsection may be made available by means of an appropriate secure system. |
Right to repair | Minnesota | HB 1337/SB 1598 | Bill Title: Digital Fair Repair Act | 2023 | Signed into law | Subd. 3. Requirements. (a) For digital electronic equipment and parts for the equipment sold or used in Minnesota, an original equipment manufacturer must make available to any independent repair provider or to the owner of digital electronic equipment manufactured by or on behalf of, or sold by, the original equipment manufacturer, on fair and reasonable terms, documentation, parts, and tools, inclusive of any updates to information or embedded software, for diagnostic, maintenance, or repair purposes. Nothing in this section requires an original equipment manufacturer to make available a part, tools, or documentation if it is no longer available to the original equipment manufacturer. |
Right to repair | Minnesota | SB 5318/HB 4800 | Bill Title: Requiring an Original Equipment Manufacturer to Facilitate the Repair of Farm Equipment | 2024 | Introduced | Subd. 3. Requirements. (a) For digital electronic equipment, farm equipment, and parts for the equipment sold or used in Minnesota, an original equipment manufacturer must make available to any independent repair provider or to the owner of digital electronic equipment or farm equipment manufactured by or on behalf of, or sold by, the original equipment manufacturer, on fair and reasonable terms, documentation, parts, and tools, inclusive of any updates to information or embedded software, for diagnostic, maintenance, or repair purposes. Documentation, parts, and tools must be made available either directly by the original equipment manufacturer or an authorized repair provider or distributor. Nothing in this section requires an original equipment manufacturer to make available a part, tools, or documentation if it is no longer available to the original equipment manufacturer. (b) Such parts, tools, and documentation shall be made available within 60 days after the first sale of the digital electronic equipment or farm equipment in Minnesota. (c) A farm equipment manufacturer must make available tools, software, and documentation for farm equipment to owners at no charge. If a physical tool is requested, a farm equipment manufacturer may charge a fee to pay for reasonable, actual costs incurred to prepare and send a physical tool. |
Right to repair | Mississippi | SB 2005 | Bill Title: Right to Repair Act | 2023 | Failed | (c) For the purpose of providing services for equipment in this state, an original equipment manufacture shall, with fair and reasonable terms and costs, make available to an independent repair provider or owner of the manufacturer's equipment, any documentation, parts, embedded software for agricultural equipment, firmware, tools, or, with owner authorization, data that is intended for use with the equipment or any part of the equipment, including updates to any documentation, parts, embedded software for agricultural equipment, firmware, tools, or, with owner authorization, data. (d) With respect to agricultural equipment that contains an electronic security lock or other security-related function, a manufacturer shall, with fair and reasonable terms and costs, make available to independent repair providers and owners any documentation, parts, embedded software for agricultural equipment, firmware, tools, or, with owner authorization, data, needed to reset the lock or function when disabled in the course of providing services. The manufacturer may make the documentation, parts, embedded software for agricultural equipment, firmware, tools, or, with owner authorization, data, available to independent repair providers and owners through appropriate security release systems. |
Right to repair | Missouri | HB 1618 | Bill Title: Digital Fair Repair Act | 2024 | Introduced | 407.3002. 1. (1) For digital electronic equipment and parts for such equipment that are sold or used in this state, the original equipment manufacturer shall, on fair and reasonable terms, make available to: (a) Any independent repair provider; or (b) The owner of digital electronic equipment manufactured by or on behalf of, or sold by, the original equipment manufacturer, any documentation, parts, and tools, inclusive of any updates to information or embedded software, for purposes of diagnosis, maintenance, or repair. (...) (2) For equipment that contains an electronic security lock or other security related function, the original equipment manufacturer shall, on fair and reasonable terms, make available to: (a) Any independent repair provider; or (b) The owner of digital electronic equipment manufactured by or on behalf of, or sold by, the original equipment manufacturer, any special documentation, parts, and tools needed to reset the lock or security-related function when disabled in the course of diagnosis, maintenance, or repair of the equipment. Such documentation, parts, and tools may be made available through appropriate secure release systems. |
Right to repair | Missouri | HB 2475/SB 1472 | Bill Title: Relating to Product Repair Requirements | 2024 | Introduced | 407.653. 1. Owners of products purchased or used in this state and independent repair providers shall have the right to: (1) Access the same diagnostic and repair information of products manufactured by the manufacturer as the manufacturer makes available to authorized repair providers. Such information shall be provided in the same manner and time as provided to authorized repair providers. Such information shall include, but not be limited to, repair technical updates, diagnostic software, service access passwords, updates and corrections to firmware, and related documentation |
Right to repair | Missouri | HB 2800 | Bill Title: Right to Repair for Certain Products | 2024 | Passed committee | 2. (1) For motorcycles and parts for motorcycles that are sold or used in this state, an original equipment manufacturer shall make available to any independent repair provider and owner of a motorcycle manufactured by or on behalf of, or sold by such original equipment manufacturer, on fair and reasonable terms, any documentation, parts, and tools required for the diagnosis, maintenance, or repair of such a motorcycle and parts for the motorcycle, inclusive of any updates to information. The documentation, parts, and tools shall be made available either directly by the original equipment manufacturer or via an authorized repair provider. (2) For equipment that contains a motorcycle security lock or other security related function, the original equipment manufacturer shall make available to any owner and independent repair provider, on fair and reasonable terms, any special documentation, tools, and parts needed to access and reset the lock or function when disabled in the course of diagnosis, maintenance, or repair of the motorcycle. The documentation, tools, and parts may be made available through appropriate secure release systems. 3. With respect to equipment that contains an electronic security lock or other security-related function, a manufacturer shall, with fair and reasonable terms and costs, make available to independent repair providers and owners any documentation, parts, embedded software, firmware, or tools, or, with owner authorization, data needed to reset the lock or function when disabled in the course of providing services. The manufacturer may make the documentation, parts, embedded software, firmware, or tools, or, with owner authorization, data available to independent repair providers and owners through appropriate secure release systems. |
Right to repair | Montana | HB 0195 | Bill Title: Powered Wheelchair Right to Repair Act | 2022 | Failed | Section 3. Responsibilities and duties of powered wheelchair manufacturers. (1) The original equipment manufacturer shall provide any independent repair provider and owner with documentation, parts, and tools in a way that enables the efficient and cost-effective diagnosis, maintenance, and repair of powered wheelchairs that are sold or used in this state. (2) For powered wheelchairs that contain electronic security locks or other security functions, the original equipment manufacturer shall make available to any independent repair provider and owner documentation, parts, and tools needed to access and reset the security lock or security function when disabled to facilitate diagnosis, maintenance, or repair. The documentation, parts, and tools may be made available through appropriate secure release systems. |
Right to repair | Montana | HB 0475 | Bill Title: Agricultural Right to Repair Act | 2023 | Failed | Section 3. Requirements. (1) For agricultural equipment and parts for agricultural equipment that are sold or used in this state, an original equipment manufacturer shall make available to any owner or independent repair provider of equipment manufactured by or on behalf of or sold or otherwise supplied by the original equipment manufacturer, on fair and reasonable terms, any documentation, parts, and tools required for the diagnosis, maintenance, or repair of the equipment and parts for the equipment, inclusive of any updates to information. The documentation, parts, and tools must be made available either directly by the original equipment manufacturer or via an authorized repair provider. (2) For equipment that contains an electronic security lock or other security-related function, the original equipment manufacturer shall make available to any owner or independent repair provider, on fair and reasonable terms, any special documentation, parts, and tools needed to access and reset the lock or function when disabled during diagnosis, maintenance, or repair of the equipment. The documentation, parts, and tools may be made available through appropriate secure release systems. |
Right to repair | Montana | SB 0347 | Bill Title: Agricultural Right to Repair Act | 2023 | Failed | Section 1. Obligations of manufacturer -- general -- provisions -- repair -- limitations -- definitions. (1) (a) A manufacturer shall ensure that any farmer, including any staff or independent technician, and any independent repair facility that provides assistance to farmers in the state, has electronic access on fair and reasonable terms to any tools, specialty tools, software, and documentation used in effecting the services of diagnosis, maintenance, or repair of agricultural equipment, including: (i) software; (ii) manuals; (iii) product service demonstrations, training, seminars, or clinics; (iv) on-board diagnostics through a diagnostic port or wireless interface; (v) other publications with information on service, parts, operation, and safety; and (vi) embedded software required to authorize a repair and return agricultural equipment to full, working order. |
Right to repair | New Hampshire | HB 1071 | Bill Title: Educational Technology Right to Repair Act | 2024 | Failed | 358-T:2 Requirements. I. For educational technology equipment and parts for educational technology equipment that are sold or used in this state, an original equipment manufacturer shall make available to any independent repair provider and owner of educational technology equipment manufactured by or on behalf of, or sold by such original equipment manufacturer, on fair and reasonable terms, any documentation, parts, and tools, required for the diagnosis, maintenance, or repair of educational technology equipment and parts for educational technology equipment, inclusive of any updates to information. The documentation parts and tools shall be made available either directly by the original equipment manufacturer or via an authorized repair provider. II. For equipment that contains an electronic security lock or other security-related function, the original equipment manufacturer shall make available to any owner and independent repair provider, on fair and reasonable terms, any special documentation, tools, and parts needed to access and reset the lock or function when disabled in the course of diagnosis, maintenance, or repair of educational technology equipment. The documentation, tools, and parts may be made available through appropriate secure release systems. |
Right to repair | New Jersey | AB 3612 | Bill Title: Right to Repair Farm Equipment and Lawn Mowers | 2022 | Failed | 2. a. A manufacturer of farm equipment or lawn mowers sold, offered for sale, or used in this State shall make available: (1) to any independent repair provider or owner of farm equipment or lawn mowers manufactured by that manufacturer, the same diagnostic, service, or repair documentation, including repair technical updates and updates and corrections to embedded software, at no charge or in the same manner and in the same timeframe as the manufacturer makes diagnostic, service, or repair documentation available to an authorized repair provider; and (2) farm equipment, lawn mowers, or service parts, including any updates to the embedded software, for purchase by the owner, an authorized agent, or any independent repair provider under fair and reasonable terms. |
Right to repair | New Jersey | SB 1723 | Bill Title: Fair Repair Act | 2024 | Introduced | 2. a. An original equipment manufacturer of equipment sold, offered for sale, or used in this State shall make available: (1) to any independent repair provider or owner of equipment manufactured by the original equipment manufacturer, the same diagnostic, service, or repair documentation for no charge or in the same manner and in the same timeframe as the original equipment manufacturer makes diagnostic, service, or repair documentation available to its authorized repair providers; and (2) for purchase by the owner, an authorized agent, or any independent repair provider, equipment or service parts, inclusive of any updates to the embedded software of the equipment, under fair and reasonable terms. |
Right to repair | New York | SB 4104/AB 7006 | Bill Title: Digital Fair Repair Act | 2021 | Signed into law | 2. Requirements. (a) For digital electronic equipment and parts for such equipment that are sold or used in this state, an original equipment manufacturer shall make available to any independent repair provider and owner of digital electronic equipment manufactured by or on behalf of or sold by such original equipment manufacturer, on fair and reasonable terms, any documentation, parts, and tools required for the diagnosis, maintenance, or repair of such digital electronic equipment and parts for such equipment. Such documentation, parts, and tools shall be made available either directly by such original equipment manufacturer or via an authorized repair provider. (b) For equipment that contains an electronic security lock or other security-related function, the original equipment manufacturer shall make available to any owner and independent repair provider, on fair and reasonable terms, any special documentation, tools, and parts needed to access and reset the lock or function when disabled in the course of diagnosis, maintenance, or repair of such equipment. Such documentation, tools, and parts may be made available through appropriate secure release systems. |
Right to repair | North Carolina | HB 0752 | Bill Title: Medical Equipment Right to Repair Act | 2023 | Introduced | § 66-500.1. Duties of original equipment manufacturer. Any OEM that manufactures medical imaging equipment or medical radiation therapy equipment that is used in this State is required to do the following: (1) Make available to any hospital or independent repair provider any support documentation, parts, or tools necessary to perform diagnostic, maintenance, or repair services of the manufacturer's medical imaging or radiation therapy equipment |
Right to repair | Ohio | SB 0073 | Bill Title: Digital Fair Repair Act | 2023 | Introduced | Sec. 1350.02. (A)(1) For digital electronic equipment and parts sold or used in this state, an original equipment manufacturer shall make available for purposes of diagnosis, maintenance, or repair any documentation, parts, and tools, including any updates to information or embedded software, to both of the following on fair and reasonable terms: (a) Any independent repair provider; (b) The owner of digital electronic equipment manufactured by or on behalf of, or sold or otherwise supplied by, the original equipment manufacturer. |
Right to repair | Oklahoma | SB 0869 | Bill Title: Digital Fair Repair Act | 2023 | Introduced | A. For digital electronic equipment, and parts for such equipment, sold or used in this state, an original equipment manufacturer shall make available to any independent repair provider and owner of digital electronic equipment manufacturer by or on behalf of or sold by such original equipment manufacturer, on fair and reasonable terms, any documentation, parts, and tools required for the diagnosis, maintenance, or repair of such digital electronic equipment and parts for the equipment. The documentation, parts, and tools shall be made available either directly by such original equipment manufacturer or by an authorized repair provider. B. For equipment that contains an electronic security lock or other security-related function, the original equipment manufacturer shall make available to the owner and to independent repair providers, on fair and reasonable terms, any special documentation, tools, and parts needed to reset the lock or function when disabled in the course of diagnosis, maintenance, or repair of the equipment. |
Right to repair | Oregon | SB 1596 | Bill Title: Right to Repair Consumer Electronic Equipment | 2024 | Signed into law | (2)(a) An original equipment manufacturer shall make available to an owner or an independent repair provider on fair and reasonable terms any documentation, tool, part or other device or implement that the original equipment manufacturer makes available to an authorized service provider for the purpose of diagnosing, maintaining, repairing or updating consumer electronic equipment that the original equipment manufacturer makes or sells and that is sold or used in this state. |
Right to repair | Pennsylvania | SB 0744 | Bill Title: Right-to-Repair Act | 2023 | Introduced | "Section 3. Provision. For equipment and parts for the equipment that are sold or used in this Commonwealth: (1) An OEM shall make available, on fair and reasonable terms, documentation, parts and tools required for the purpose of diagnosis, maintenance or repair, including updates to information, to an independent repair provider or to the owner of the equipment manufactured by or on behalf of or sold or supplied by the OEM. |
Right to repair | Rhode Island | HB 7095 | Bill Title: Digital Electronics Right to Repair Act | 2024 | Introduced | 6-60-2. Requirements. (a) For digital electronic equipment and parts for such equipment that are sold or used in this state, an original equipment manufacturer shall make available to any independent repair provider and owner of digital electronic equipment manufactured by on behalf of, or sold by such original equipment manufacturer, on fair and reasonable terms, any documentation, parts, and tools, required for the diagnosis, maintenance, or repair of such digital electronic equipment and parts for this equipment, inclusive of any updates. The documentation, parts and tools shall be made available either directly by such original equipment manufacturer or via an authorized repair provider or distributor. |
Right to repair | Rhode Island | HB 7229 | Bill Title: Agricultural Equipment Right to Repair Act | 2024 | Introduced | 6-60-3. Agricultural equipment manufacturer's duty. For electronics-enabled agricultural equipment, and parts for such equipment, sold or used in this state, an original equipment manufacturer shall make available, for purposes of diagnosis, maintenance, or repair of such equipment, to any independent repair provider, or to the owner of electronics-enabled agricultural equipment manufactured by or on behalf of, sold or otherwise supplied by, the original equipment manufacturer, on fair and reasonable terms, documentation, parts, and tools, inclusive of any updates to information or embedded software. |
Right to repair | Rhode Island | SB 2840 | Bill Title: Consumer Wheelchair Right to Repair | 2024 | Introduced | (a) For the purpose of providing service and repair of equipment specified in subsection (h) of this section, an original equipment manufacturer shall, with fair and reasonable terms and costs, make available to an independent repair provider or owner of the manufacturer's equipment in this state, any documentation, parts, embedded software, firmware, or tools that are intended for use with the equipment or any part, including updates to documentation, parts, embedded software, firmware, or tools. |
Right to repair | South Dakota | SB 0194 | Bill Title: Fairness in Repairs of Equipment Sold or Used in this State | 2023 | Introduced | For digital electronic equipment and parts for the equipment that are sold or used in this state, an original equipment manufacturer shall make available to any independent repair provider and owner of digital electronic equipment manufactured by or on behalf of, or sold by the manufacturer, on fair and reasonable terms, any documentation, parts, and tools, required for the diagnosis, maintenance, or repair of the equipment and parts for the equipment, inclusive of any updates to information. The documentation, parts, and tools must be made available either directly by the manufacturer or via an authorized repair provider. For equipment that contains an electronic security lock or other security-related function, the original equipment manufacturer shall make available to any owner and independent repair provider, on fair and reasonable terms, any special documentation, tools, and parts needed to access and reset the lock or function when disabled in the course of diagnosis, maintenance, or repair of the digital electronic equipment. The documentation, tools, and parts may be made available through appropriate secure release systems. |
Right to repair | Tennessee | SB 1252/HB 1470 | Bill Title: Consumer Wheelchair Repair Bill of Rights Act | 2024 | Introduced | 47-18-3203. Powered wheelchair manufacturer obligations regarding services – exemptions. (a) (1) For the purpose of providing services for equipment in the state, an original equipment manufacturer shall, with fair and reasonable terms and costs, make available to an independent repair provider or owner of the manufacturer's equipment any documentation, parts, embedded software, firmware, or tools that are intended for use with the equipment or any part, including updates to documentation, parts, embedded software, firmware, or tools. (2) With respect to equipment that contains an electronic security lock or other security-related function, a manufacturer shall, with fair and reasonable terms and costs, make available to independent repair providers and owners any documentation, parts, embedded software, firmware, or tools needed to reset the lock or function when disabled in the course of providing services. The manufacturer may make the documentation, parts, embedded software, firmware, or tools available to independent repair providers and owners through appropriate secure release systems. |
Right to repair | Tennessee | SB 2035/HB 2029 | Bill Title: Right to Repair | 2024 | Introduced | 47-18-5702. (a) Subject to subsections (b)-(f), a manufacturer shall, with fair and reasonable terms and costs: (1) For the purpose of providing services for agricultural equipment in this state, make available to an independent repair provider or owner of the manufacturer's equipment any documentation, parts, embedded software, firmware, tools, or, with owner authorization, data that are intended for use with the equipment or part, including updates to documentation, parts, embedded software, firmware, or tools; and (2) With respect to agricultural equipment that contains an electronic security lock or other security-related function, make available to an independent repair provider and owner any documentation, parts, embedded software, firmware, tools, or, with owner authorization, data needed to reset the lock or function when disabled in the course of providing services. The manufacturer may make the documentation, parts, embedded software, firmware, tools, or, with owner authorization, data available to an independent repair provider and owner through appropriate secure release systems. |
Right to repair | Texas | HB 0515 | Bill Title: Diagnosis, Maintenance, and Repair of Electronics-Enabled Heavy Equipment | 2023 | Introduced | Sec. 121.002. REQUIREMENTS FOR ORIGINAL EQUIPMENT MANUFACTURERS. (a) For electronics-enabled heavy equipment, including parts for that equipment, sold or used in this state, the original equipment manufacturer of the equipment or part shall make available on fair and reasonable terms to any independent repair provider or to an owner of electronics-enabled heavy equipment manufactured by or on behalf of, sold by, or supplied by the original equipment manufacturer: (1) documentation, replacement parts, and tools; and (2) for equipment containing an electronic security lock or other security-related function, any special documentation, replacement part, or tool needed to disable and reset the lock or function when disabled in the course of diagnosis, maintenance, or repair of the equipment. |
Right to repair | Texas | HB 1606 | Bill Title: Diagnosis, Maintenance, and Repair of Digital Electronic Equipment | 2023 | Introduced | Sec. 122.003. REQUIREMENTS FOR ORIGINAL EQUIPMENT MANUFACTURERS. (a) For digital electronic equipment, including parts for that equipment, sold or used in this state, the original equipment manufacturer of the equipment or part shall make available on fair and reasonable terms to any independent repair provider or to an owner of digital electronic equipment manufactured by or on behalf of, sold by, or supplied by the original equipment manufacturer: (1) documentation, replacement parts, and tools, including any updates to information or embedded software, for that equipment or replacement part; and (2) for equipment containing an electronic security lock or other security-related function, any special documentation, replacement part, or tool needed to disable and reset the lock or function when disabled in the course of diagnosis, maintenance, or repair of the equipment. |
Right to repair | Texas | SB 1654 | Bill Title: Diagnosis, Maintenance, and Repair of Electronics-Enabled Implements of Agriculture | 2023 | Introduced | Sec. 121.003. REQUIREMENTS FOR ORIGINAL EQUIPMENT MANUFACTURERS. An original equipment manufacturer shall make available on fair and reasonable terms to any owner or independent repair provider: (1) any part, tool, software, or documentation, including any updates to information or embedded software, for that equipment or part; and (2) for equipment containing an electronic security lock or other security-related function, any part, tool, or documentation required to disable or enable an electronic security lock or other security-related function of an electronics-enabled implement of agriculture. |
Right to repair | Utah | SB 0269 | Bill Title: Right to Repair Agricultural Equipment | 2024 | Failed | 13-70-2. Equipment manufacturer obligations regarding services -- Exemptions. (1) For the purpose of providing services for agricultural equipment in the state, an original agricultural equipment manufacturer shall, with fair and reasonable terms and costs, make available to an independent repair provider or owner of agricultural equipment manufactured by the manufacturer: (a) documentation, parts, embedded software, embedded software for agricultural equipment, firmware, or tools; (b) with consent of the owner of the agricultural equipment, data intended for use with the agricultural equipment or a part of the equipment; or (c) an update to an item described in Subsection (1)(a) or, with the consent of the owner of the agricultural equipment, Subsection (1)(b). (2) (a) For agricultural equipment that contains an electronic security lock or another security related function, a manufacturer shall, with fair and reasonable terms and costs, make available to an independent repair provider or an owner of agricultural equipment manufactured by the manufacturer, documentation, parts, embedded software, embedded software for agricultural equipment, firmware, or tools, or, with consent of the equipment owner, data needed to reset the lock or function when disabled in the course of providing services. |
Right to repair | Vermont | HB 0081 | Bill Title: Fair Repair Act | 2023 | Passed one chamber | § 4052. AVAILABILITY OF PARTS, TOOLS, AND DOCUMENTATION (a) Duty to make available parts, tools, and documentation. (1) An original equipment manufacturer shall offer for sale or otherwise make available to an independent repair provider or owner the parts, tools, and documentation that the original equipment manufacturer offers for sale or otherwise makes available to an authorized repair provider. (2) If agricultural or forestry equipment includes an electronic security lock or other security-related function that must be unlocked or disabled to perform diagnosis, maintenance, or repair of the equipment, an original equipment manufacturer shall make available to an independent repair provider or owner any parts, tools, and documentation necessary to unlock or disable the function and to reset the lock or function after the diagnosis, maintenance, or repair is complete. |
Right to repair | Vermont | HB 0656 | Bill Title: Right to Repair Wheelchair Act | 2024 | Introduced | § 6203. REQUIREMENTS (a) For equipment used in this State, the OEM of the equipment shall make available either directly by the OEM or through an authorized repair provider to independent repair providers and owners of powered wheelchairs on fair and reasonable terms: (1) any documentation, parts, and tools required for the diagnosis, maintenance, or repair of the powered wheelchairs, inclusive of any updates to information; (2) the purchase of equipment or service parts, inclusive of any updates to the embedded software of the equipment or service parts; and (3) the purchase of all diagnostic repair tools incorporating the same diagnostic, repair, and remote communications capabilities that the OEM makes available to its own repair or engineering staff or any authorized repair provider without requiring authorization or internet access for use or operation of the tool or imposing impediments to access or use of the tools to diagnose, maintain, or repair and enable full functionality of digital electronic equipment. (b) For equipment that contains an electronic security lock or other security-related function, the OEM shall make available to the owner or independent repair provider, on fair and reasonable terms, any special documentation, tools, or parts needed to access and reset the lock or function when disabled in the course of diagnosis, maintenance, or repair of the equipment. The documentation, tools, and parts may be made available through an appropriate secure release system. |
Right to repair | Washington | SB 6276/HB 1933 | Bill Title: Right to Repair Act | 2024 | Introduced | Sec. 3. (1) Effective January 1, 2025, an original manufacturer of digital electronic products and parts for such products that are manufactured for the first time and first sold or leased in this state on or after January 1, 2021, shall make available to any independent repair provider and owner, on fair and reasonable terms, any parts, tools, and documentation required for the diagnosis, maintenance, or repair of such products and parts for such products. Such parts, tools, and documentation shall be made available either directly by the original manufacturer or via an authorized repair provider or authorized third-party provider. For a product that requires deactivating a lock for purposes of repair, the original manufacturer shall make available to any independent repair provider or owner, with the express permission of the owner, on fair and reasonable terms, any special parts, tools, and documentation needed to access and reset the lock or function when disabled in the course of diagnosis, maintenance, or repair of such product. Such parts, tools, and documentation may be made available through an appropriate secure release system. |
Right to repair | West Virginia | HB 4605 | Bill Title: Agricultural Right to Repair Act | 2024 | Introduced | §19-39-3. Requirements. (a) For agricultural equipment and parts for such equipment that are sold or used in this state, an original equipment manufacturer shall make available to any independent repair provider and owner of equipment manufactured by on behalf of, or sold by such original equipment manufacturer, on fair and reasonable terms, any documentation, parts, and tools, required for the diagnosis, maintenance, or repair of such equipment and parts for such equipment, inclusive of any updates to information. Such documentation parts and tools shall be made available either directly by such original equipment manufacturer or via an authorized repair provider. (b) For equipment that contains an electronic security lock or other security-related function, the original equipment manufacturer shall make available to any owner and independent repair provider, on fair and reasonable terms, any special documentation, tools, and parts needed to access and reset the lock or function when disabled in the course of diagnosis, maintenance, or repair of such equipment. Such documentation, tools, and parts may be made available through appropriate secure release systems. |
Right to repair | West Virginia | SB 0306 | Bill Title: Equipment Right to Repair Act | 2024 | Passed one chamber | §19-39-4. Requirements. A manufacturer of equipment sold or leased, offered for sale or lease, or used in this state shall make available upon expiration of the new equipment warranty to any independent repair provider and owner of equipment for lease or sale any documentation, parts, and tools required for the diagnosis, maintenance, or repair of the equipment, inclusive of any technical updates and corrections to embedded software or information. This requirement also applies to any attachments or parts for the equipment. |
Artificial Intelligence Facial Recognition |
Bill #:SB 22-0113 |
State:Colorado |
Introduced:2022 |
Status:Signed into law |
Field:AI regulation |
Relevant Provision:“24-18-302. (2) Except as described in subsection (8) of this section, after filing the notice of intent described in subsection (1) of this section, and prior to developing, procuring, using, or continuing to use a facial recognition service, an agency shall produce an accountability report for the facial recognition service. An accountability report must include: […] (a) (II) A description of its general capabilities and limitations, including reasonably foreseeable capabilities outside the scope of the agency’s proposed use; (b) (I) The type of data inputs that the facial recognition service uses; (II) How data is generated, collected, and processed; and (III) The type of data the facial recognition service is reasonably likely to generate;” |
Link to PDF
Department of Technology: high-risk automated decision systems: inventory |
Bill #: AB 0302 |
State: California |
Introduced: 2023 |
Status: Signed into law |
Field: AI regulation |
Relevant Provision: (b) On or before September 1, 2024, the Department of Technology shall conduct, in coordination with other interagency bodies as it deems appropriate, a comprehensive inventory of all high-risk automated decision systems that have been proposed for use, development, or procurement by, or are being used, developed, or procured by, any state agency. (c) The comprehensive inventory described by subdivision (b) shall include a description of all of the following: (1) (A) Any decision the automated decision system can make or support and the intended benefits of that use. (B) The alternatives to any use described in subparagraph (A). (2) The results of any research assessing the efficacy and relative benefits of the uses and alternatives of the automated decision system described by paragraph (1). (3) The categories of data and personal information the automated decision system uses to make its decisions. (4) (A) The measures in place, if any, to mitigate the risks, including cybersecurity risk and the risk of inaccurate, unfairly discriminatory, or biased decisions, of the automated decision system. (B) Measures described by this paragraph may include, but are not limited to, any of the following: (i) Performance metrics to gauge the accuracy of the system. (ii) Cybersecurity controls. (iii) Privacy controls. (iv) Risk assessments or audits for potential risks. (v) Measures or processes in place to contest an automated decision. |