WeVote

Bill

Bill

S 4446

Requires certain artificial intelligence developers to make certain disclosures to Attorney General.

2026-2027 Regular Session Introduced by Raj Mukherji

New Jersey requires large frontier AI developers to disclose risk management plans and model risk disclosures to the AG, with audits, penalties, and public reporting.

Introduced in the Senate, Referred to Senate Law and Public Safety Committee
0
WeVote Research Nonpartisan
Bill Summary · S 4446

Overview

S.4446 (2026) from New Jersey would require certain large artificial intelligence (AI) developers to disclose information about their frontier models to the State Attorney General, establish risk-management obligations, and authorize penalties and audits for noncompliance. The bill defines terminology related to frontier and foundation models, sets reporting requirements, and directs the AG to implement rules tied to established risk frameworks.

Main purpose and intent

  • To ensure transparency and safety oversight of high-risk AI systems, particularly frontier models, by mandating disclosure of risk assessments and governance measures to the New Jersey Attorney General.
  • To create a framework for identifying, documenting, and mitigating catastrophic risks associated with frontier AI models before deployment or during updates.

Key provisions and changes

  • Definitions (Section 1): Establishes terms including artificial intelligence technology, frontier model, foundation model, frontier developer, large frontier developer, GenAI system, catastrophic harm, and related concepts (risk, deployment, model weights, etc.).
  • Reporting and risk management (Section 2):
    • Large frontier developers with New Jersey users must:
    • Implement technical and organizational protocols to assess and reduce catastrophic-harm risk.
    • Annually submit a “Risk Management Disclosure” to the AG detailing these protocols.
    • Annually review and update these protocols as appropriate.
    • Before or with deploying a new frontier model or a substantially modified model, submit a “New Model Risk Disclosure” that includes:
      • Detailed catastrophic-risk assessments and results.
      • Extent of third-party evaluator involvement.
      • Additional steps taken to comply with required rules.
  • Rules and standards (Section 3):
    • AG (with Office of Homeland Security and Preparedness) must issue rules linking disclosures to the NIST AI Risk Management Framework or equivalent standards/use-case profiles.
    • The AG can substitute other standards if NIST is outdated.
    • Disclosures must identify portions written or edited by AI, and state who contributed.
    • Public disclosure of submissions on the Department of Law and Public Safety website, with redactions to protect trade secrets, cybersecurity, privacy, or national security.
  • Penalties (Section 4):
    • Civil penalties of $100,000 per violation for failure to submit disclosures or for materially false/misleading statements.
    • Victims may have a defense for statements made in good faith if found reasonable.
  • Audits (Section 5) and administration (Section 6):
    • AG (with OHS) may audit or contract audits of large frontier developers for compliance.
    • AG to adopt implementing rules under the Administrative Procedure Act.
  • Sunset and recommendations (Sections 7–8):
    • Requirements expire five years after the act’s effective date, with Section 7 requiring a Legislature-submitted list of recommended revisions by one year prior to expiration.
    • Section 7 triggers a continuous evaluation of definitions and provisions; Section 8 sets the act’s effective date as six months after enactment, with anticipatory action allowed.

Who and what is affected

  • Targeted group: Large frontier developers (defined as those with affiliates generating over $100 million in annual gross revenues, and who use frontier models with substantial computing power).
  • Impacted parties include developers with users in New Jersey, the State Attorney General, and the Office of Homeland Security and Preparedness.
  • Public disclosures would be posted online (with redactions to protect sensitive information).

Procedural and timeline aspects

  • Effective date: Six months after enactment.
  • Sunset: Provisions 1–6 expire five years after the effective date; Section 7’s recommendation requirement expires when the list is submitted.
  • Annual reporting and pre-deployment disclosure requirements create ongoing regulatory obligations.
  • Rulemaking: AG and OHS to issue implementing rules, with potential updates to align with evolving risk frameworks.

Compiled from official sources — confirm details with the bill’s official record.

Sign in to ask a question.