WeVote

Bill

Bill

SB 3261

ARTIFICIAL INTELLIGENCE SAFETY

104th Regular Session Introduced by Meg Loughran Cappel and 11 co-sponsors

Illinois requires frontier AI developers and large chatbots to publish safety plans, report incidents, allow audits, protect whistleblowers, and face penalties for violations.

Rule 3-9(a) / Re-referred to Assignments
0
WeVote Research Nonpartisan
Bill Summary · SB 3261

Summary of SB 3261 (Illinois, 104th General Assembly)

Title: Artificial Intelligence Public Safety and Child Protection Transparency Act

Effective date: January 1, 2027

Purpose and intent
- Establishes a comprehensive safety, transparency, and accountability framework for frontier artificial intelligence (AI) models and large chatbots.
- Aims to balance innovation with public safety by requiring public disclosure, risk assessment, incident reporting, whistleblower protections, and periodic third-party audits.
- Focuses specifically on “frontier models” (very large, advanced AI systems) and “covered chatbots” (high-use, child-accessible chatbots).

Key definitions (selected)
- Frontier model: foundation model trained with extremely high computing power (training and subsequent modifications) beyond a defined threshold.
- Large frontier developer: a frontier model creator with substantial annual revenue, operating with significant resources.
- Large chatbot provider: a provider of a covered chatbot in Illinois with substantial revenue (annual revenue ≥ $25 million, including affiliates).
- Covered chatbot: a chatbot service accessible to the public that uses a foundation model, is likely to be accessed by minors, and has at least 1,000,000 monthly active users.
- Catastrophic risk: grave risk involving mass harm, such as death or >$1 billion in property damage from a single incident, linked to capabilities like weaponization, cyberattack, or loss of control.
- Child safety risk: risk to minors in chats that could cause death, bodily harm, or severe mental distress.
- Public safety and child protection plan: a documented protocol to identify, assess, and mitigate covered risks.

Main requirements and provisions

1) Public safety and child protection plans (Section 15)
- Large frontier developers and large chatbot providers must write, implement, and publish a public safety and child protection plan on their website.
- Plans for large frontier developers must include:
- Thresholds to identify catastrophic risk, mitigation strategies, review processes, third-party assessments, cybersecurity for unreleased model weights, and management of internal-use risk.
- Plans for large chatbot providers must include:
- Assessment of child safety risks, mitigations, and third-party evaluation of those risks.
- Both types must integrate national/international standards and best practices, periodically update plans, and outline governance to ensure implementation.
- If plans are materially modified, modified plans and justification must be published within 30 days.
- Before deploying new or substantially modified models, providers must publish summaries of risk assessments, third-party involvement, and mitigation steps.

2) Safety incident reporting (Section 20)
- The Attorney General (AG) will establish a reporting mechanism for safety incidents (public can also report).
- Frontier developers must report critical safety incidents within 15 days; imminent-risk incidents must be reported to appropriate authorities within 24 hours.
- Large chatbot providers must report child safety incidents within 15 days.
- The AG may receive confidential summaries of catastrophe-risk assessments and quarterly internal-use summaries from frontier developers.
- AG may share reports with state/federal entities, balancing public safety with trade secrets and security concerns.

3) Whistleblower protections (Section 30)
- Prohibits retaliation/controls against whistleblowers under the Illinois Whistleblower Act.
- Requires an internal anonymous disclosure process with regular updates to the disclosing employee and quarterly reporting to officers/directors (with carve-outs for allegations against officers or directors).

4) Third-party audits (Section 35)
- Annual requirement for a reputable third-party audit of the large frontier developer’s compliance, clarity of disclosures, and the reasonableness of any redactions.
- Auditors must have expertise in corporate compliance and AI safety.

5) Civil penalties (Section 40)
- Large frontier developers: up to $1,000,000 per violation.
- Large chatbot providers: up to $50,000 per violation.
- Penalties are enforceable via the Attorney General.

6) Compliance flexibilities (Section 50)
- Allows for alternative compliance pathways via rules if aligned with federal law/regulations or another state’s similar standards, provided they are substantially equivalent or more protective.
- Rules may define steps to demonstrate compliance; entities can declare intent to use an alternative pathway, with ongoing compliance under that pathway subject to revocation if conditions no longer apply.

7) Rulemaking and updates (Section 25)
- The AG must review and, by January 1, 2028, and annually thereafter, update definitions (frontier model, frontier developer, large frontier developer, large chatbot provider) to reflect evolving tech and standards.
- Rules consider external verifiability, international standards, and input from diverse stakeholders.

Whistleblower and reporting guardrails, transparency, and enforcement
- Emphasizes public reporting, independent audits, and internal governance to ensure accountability.
- Provides protections for employees and mechanisms for ongoing oversight.
- Balances disclosure with protecting trade secrets and national security information where appropriate.

Overall impact
- Establishes Illinois as a regulated environment for the most capable AI systems and high-risk chatbots.
- Requires proactive risk management, external scrutiny, and transparent reporting to inform the public and policymakers.
- Creates significant compliance obligations and potential penalties for noncompliance, with a structured framework for ongoing updates as AI technology evolves.

Compiled from official sources — confirm details with the bill’s official record.

Sign in to ask a question.