WeVote

Bill

Bill

HB 3506

ARTIFICIAL INTELLIGENCE SAFETY

104th Regular Session Introduced by Dan Didech and 1 co-sponsor

Requires large AI developers to publish a safety protocol, file 90-day risk reports, and undergo annual third-party audits to curb critical risks and boost transparency.

Added Co-Sponsor Rep. Matt Hanson
0
WeVote Research Nonpartisan
Bill Summary · HB 3506

HB 3506 — Artificial Intelligence Safety and Security Protocol Act

Sponsor: Rep. Daniel Didech
Introduced: February 2025 (filed Feb 7/Feb 18/Feb 28 references in bill file)
Status (as of documents): House Floor Amendment No. 2 (Rule 19(c)) — Re‑referred to Rules Committee; placed on General State Calendar (4/28/2025). Companion: SB 1147.

Purpose

Establish statewide requirements for transparency, risk management, and third‑party auditing of high‑cost, broadly capable AI “foundation models” to reduce “critical risks” (e.g., mass casualties, large-scale economic loss, creation of CBRN or cyber weapons, or models evading human control), while encouraging safety research, interoperability, and privacy-preserving uses.

Key provisions

  • Requires covered developers (termed “large developers” in later amendments) to produce, implement, follow, and conspicuously publish a written safety and security protocol describing how they will identify and manage critical risks.
    • Protocol must describe testing/assessment procedures, thresholds for intolerable risk and mitigations, deployment decision procedures, security safeguards, incident reporting conditions, and procedures for modifying the protocol.
    • Protocols must balance transparency with allowable redaction of sensitive technical details to protect safety/security.
  • Requires a risk assessment report to be produced and conspicuously published at least every 90 days that includes specified information about risk posture and any material changes.
  • Requires an annual independent third‑party audit by a “reputable” auditor assessing compliance with the protocol and producing a report.
  • Defines critical risk as a foreseeable, material risk that a developer’s foundation model will cause >100 deaths or >$1,000,000,000 in damages via specified incident types:
    • creation/release of chemical/biological/radiological/nuclear weapons;
    • cyber‑attacks conducted or assisted by a foundation model;
    • model behavior that, with limited human intervention, would constitute serious crimes; or
    • evasion of developer/user control.
  • Defines covered models (“foundation models”) and covered entities (“large developer”) with numerical computational cost thresholds:
    • A single model training that uses cloud compute costing at least $5,000,000 (U.S. market prices at training start); or
    • Total equivalent cloud compute of $100,000,000 in the immediately preceding months (amendment language is partial/truncated).
  • Establishes whistleblower protections and defines “adverse employment action” and “retaliatory action” (including specific protections against threats to report immigration status). Some customary exceptions (e.g., conduct directed by federal government) are included.
  • Provides for civil penalties for violations (exact penalty amounts/authority not visible in the truncated text).

Who is affected

  • Primary: “Large developers” that meet the cloud‑compute cost thresholds (e.g., major AI labs or firms training large foundation models).
  • Secondary: employees/contractors of those developers (whistleblower protections), third‑party auditors, safety researchers, small businesses and downstream users (indirect benefits), and state enforcement entities.
  • Potentially affects deployment practices, third‑party access policies, and disclosure policies of covered entities.

Procedural/timeline notes

  • Multiple committee actions: assigned to Cybersecurity, Data Analytics, & IT Committee; reported favorably with amendments (3/20/2025); placed on calendar and later re‑referred to Rules Committee with House Floor Amendment No. 2 (4/8–4/11/2025); placed on General State Calendar (4/28/2025).
  • Bill text in file includes two subsequent House amendments (ham001, ham002) that refine definitions (e.g., “large developer”, “foundation model”), expand whistleblower definitions, and adjust computational thresholds.

Potential impacts and considerations

  • Seeks to increase safety transparency and third‑party oversight of the most computationally intensive AI development, potentially slowing risky deployments but improving public safety oversight.
  • Compliance will impose operational, reporting, and audit costs on covered entities; may influence where and how large model training is performed.
  • The bill tries to balance public transparency with allowable redactions for sensitive technical details; enforcement mechanisms and penalty scales are not fully visible in the truncated excerpts.

Note: The posted bill text is partially truncated; some procedural details and exact enforcement/penalty provisions are not available in the excerpt provided.

Compiled from official sources — confirm details with the bill’s official record.

Sign in to ask a question.