WeVote

Bill

Bill

HF 4532

Artificial intelligence safety and disclosure requirements established, and civil remedies provided.

2025-2026 Regular Session Introduced by Katie Jones

The bill creates the RAISE Act requiring AI developers to publish safety protocols, conduct annual reviews, report incidents within 72 hours, and face strong AG penalties or privat

Introduction and first reading, referred to Commerce Finance and Policy
0
WeVote Research Nonpartisan
Bill Summary · HF 4532

Summary of HF 4532 (2025-2026) — Minnesota

Title: Artificial intelligence safety and disclosure requirements established, and civil remedies provided.
Jurisdiction: Minnesota
Session: 2025-2026
Status: Introduced and referred to Commerce Finance and Policy (HF4532). Co-sponsor: Katie Jones. Posted March 23, 2026.

Purpose and intent
- Establish a new framework, titled the Responsible Artificial Intelligence Safety and Education Act (RAISE Act), to regulate the safety, transparency, testing, and disclosure requirements for artificial intelligence (AI) systems deployed by developers in Minnesota.
- Create civil enforcement avenues, including a private right of action and enforcement by the Attorney General, with substantial penalties for noncompliance.

Key definitions (325M.40)
- Artificial intelligence (AI): A machine-based system that, given human-defined objectives, makes predictions, recommendations, or decisions influencing real or virtual environments; uses inputs to develop models and provide options for action.
- AI model: An information system component that implements AI technology and uses computational, statistical, or machine-learning techniques to produce outputs from inputs.
- Critical harm: Death, serious physical or mental injury to 25+ people, or damages of at least $1,000,000 to rights in money or property, caused or materially enabled by an AI model’s use, storage, or release that relates to:
- creation/use of weapons (chemical, biological, radiological, nuclear), or
- conduct that would constitute a crime with intent, recklessness, or gross negligence if performed by a human (or aiding/abetting such crime) with no meaningful human intervention.
- Developer: A person who has trained at least one AI model.
- Safety and security protocol: A documented protocol describing protections to reduce risk of critical harm, cybersecurity measures, testing procedures to evaluate risk and misuse, compliance mechanisms, and designated senior personnel responsible for compliance.
- Safety incident: An incident of critical harm or indicators of increased risk, including autonomous behavior beyond user requests, theft/misuse/unauthorized access/escape of model weights, or unauthorized use of the AI model.

Section 3: Transparency requirements (325M.41)
Before deploying an AI model, a developer must:
- Implement a written safety and security protocol.
- Retain an unredacted copy of the protocol (including updates) for the entire deployment period plus 5 years.
- Publish a redacted copy of the protocol publicly and transmit a redacted copy to the Attorney General (AG).
- Permit AG access to the redacted protocol, as allowed by federal law.
- Record and retain detailed testing information and results that would enable third parties to replicate testing for the deployment period plus 5 years.
- Implement safeguards to prevent unreasonable risk of critical harm.

Subd. 2. Prohibition
- Developers must not deploy an AI model if it creates an unreasonable risk of critical harm.

Subd. 3. Annual review
- Developers must conduct an annual review of the safety and security protocol to reflect changes in model capabilities and industry best practices, and modify the protocol accordingly.
- If there is a material modification, publish the updated safety and security protocol in the same manner as required in Subd. 1(3).

Subd. 4. Safety incident disclosure
- Developers must disclose each safety incident to the AG within 72 hours of learning of the incident (or when sufficient facts establish a reasonable belief that a safety incident occurred).
- Disclosures must include: date of incident, reasons it qualifies as a safety incident, and a plain-language description.

Subd. 5. False or misleading statements
- Developers may not knowingly make false or materially misleading statements or omissions in documents produced under this section.

Section 4: Enforcement and private right of action (325M.42)
- Attorney General enforcement:
- The AG may file civil actions for violations of 325M.41 and seek penalties based on severity:
- Up to $10,000,000 for a first violation.
- Up to $30,000,000 for any subsequent violation.
- The AG may also seek injunctive or declaratory relief.
- Private right of action:
- Individuals injured by a violation may sue to recover damages, costs, disbursements (including attorney fees), and seek equitable relief as determined by the court.

Impact considerations
- Affects AI developers in Minnesota, requiring formal safety protocols, ongoing testing documentation, annual reviews, and prompt safety incident reporting.
- Increases accountability through a combination of AG enforcement and private civil actions.
- Substantial penalties signal strong emphasis on minimizing critical harm risks associated with AI systems.
- Procedural timeline implications include:
- Pre-deployment publishing and AG notification for safety protocols.
- Ongoing annual reviews and potential updates.
- 72-hour safety incident disclosures to AG.
- Retention requirements for protocol documentation and testing records (deployment period + 5 years).

Notes
- The bill codifies the act as Minnesota Statutes, chapter 325M, and designates the act name as the Responsible Artificial Intelligence Safety and Education Act (RAISE Act).
- As introduced, it establishes a comprehensive regulatory framework but does not yet specify funding mechanisms or penalty allocation beyond general civil penalties.

Compiled from official sources — confirm details with the bill’s official record.

Sign in to ask a question.