Six months after President Donald Trump issued an executive order directing federal agencies to challenge state artificial intelligence regulations, state legislatures are passing targeted AI laws at an accelerating pace. This shift forces developers and technology companies to manage a patchwork of compliance requirements, driving new mandates for system auditing, data privacy, and algorithmic transparency.
State legislatures target AI accountability
Congress remains stalled on federal AI regulation, leaving a vacuum that states are actively filling. Lawmakers have moved away from broad, industry-wide bills that previously faced gubernatorial vetoes. Instead, they are introducing targeted legislation focused on specific applications, such as employer use cases and child safety.
In Illinois, legislation awaiting the governor's signature requires developers of large advanced AI models to create protocols preventing catastrophic outcomes, such as biological weapons attacks or large-scale hacks. The bill also mandates that AI developers hire an independent auditor to verify compliance with their own safety policies. Democratic state Sen. Mary Edly-Allen, the bill's sponsor, dismissed federal pushback. "I don't know if you've met Illinois, but we're pretty independent," Edly-Allen said.
Transparency and restrictions on chatbots
A growing number of states are imposing strict rules on how AI chatbots interact with users. Legislatures in Colorado, Connecticut, Idaho, Iowa, Nebraska, and Oregon have passed laws this year addressing these interactions. Many of these laws require companies to disclose when a user is interacting with an AI system rather than a human.
Connecticut recently enacted provisions specifically for companion chatbots. These systems cannot interact with anyone under 18 unless they are programmed to discourage self-destructive behavior and provide parents with management tools. The state also requires employers using employment-related AI to notify applicants or employees of the interaction.
Pushback against federal preemption
The Trump administration released a national policy framework urging Congress to preempt state laws that conflict with its regulatory worldview. An executive order directed the attorney general to form a task force to challenge state laws deemed more than "minimally burdensome." It also threatened to restrict broadband and grant funding to states with restrictive AI laws.
Despite these threats, the federal government has not yet taken legal action or withheld funds to enforce the executive order. Justine Gluck, policy director of the Future of Privacy Forum, noted that more AI bills have been introduced this year than last, including by Republican lawmakers. In Florida, the state House blocked an AI "Bill of Rights" after the House speaker cited the president's preference for federal control, though Governor Ron DeSantis criticized the lack of federal action.
Why this matters for IT and development professionals
Developers building or deploying large language models and enterprise AI systems must now account for varying state-level compliance requirements. Mandates for independent auditing, like those proposed in Illinois, will require engineering teams to build verifiable logging and safety protocol checks directly into their deployment pipelines. Furthermore, professionals working with AI for IT & Development must prepare for strict disclosure rules, such as California's proposed "No Robo Bosses Act," which restricts automated disciplinary actions.
The push for digital watermarking in states like Connecticut, Washington, and Utah means developers must implement metadata tagging to identify AI-generated content. Ignoring these emerging state laws risks significant compliance penalties and deployment delays, making regulatory awareness a core component of the software development lifecycle.
Your membership also unlocks:
