Add Art 10-A §§105 - 115, Civ Rts L; amd §296, Exec L
Regulates the development and use of certain artificial intelligence systems to prevent algorithmic discrimination; requires independent audits of high risk AI systems; provides for enforcement by the attorney general.
STATE OF NEW YORK
________________________________________________________________________
8884--A
2025-2026 Regular Sessions
IN ASSEMBLY
June 9, 2025
___________
Introduced by M. of A. SOLAGES, GALLAGHER, FORREST, MITAYNES, VALDEZ,
TORRES, SHRESTHA, GONZALEZ-ROJAS, BORES, GIBBS, CLARK, KELLES, RAGA,
VANEL, JACOBSON, LEE, ALVAREZ, REILLY, HOOKS, SIMON, COLTON, MORENO --
read once and referred to the Committee on Science and Technology --
recommitted to the Committee on Science and Technology in accordance
with Assembly Rule 3, sec. 2 -- committee discharged, bill amended,
ordered reprinted as amended and recommitted to said committee
AN ACT to amend the civil rights law and the executive law, in relation
to the use of artificial intelligence systems
The People of the State of New York, represented in Senate and Assem-bly, do enact as follows:
1 Section 1. This act shall be known and may be cited as the "New York
2 artificial intelligence act (New York AI act)".
3 § 2. Legislative findings and intent. The legislature finds and
4 declares the following:
5 (a) A revolution in artificial intelligence (AI) has advanced to the
6 point that comprehensive regulations must be enacted to protect New
7 Yorkers.
8 (b) Artificial intelligence is already an integral part of New York-
9 ers' daily lives. In the private sector, AI is currently in use in areas
10 such as education, health care, employment, insurance, credit scoring,
11 public safety, retail, banking and financial services, media, and more
12 with little transparency or oversight. A growing body of research shows
13 that AI systems that are deployed without adequate testing, sufficient
14 oversight and robust guardrails can harm consumers and deny historically
15 disadvantaged groups the full measure of their civil rights and liber-
16 ties, thereby further entrenching inequalities. The legislature must act
17 to ensure that all uses of AI, especially those that affect important
18 life chances, are free from harmful biases, protect our privacy, and
19 work for the public good.
EXPLANATION--Matter in italics (underscored) is new; matter in brackets
[] is old law to be omitted.
LBD04409-07-6
A. 8884--A 2
1 (c) Safe innovation must remain a priority for the state. New York
2 state is home to thousands of technology start-ups, many of which exper-
3 iment with new applications of AI and which have the potential to find
4 new ways to employ technology at the service of New Yorkers. The goal of
5 the legislature is to encourage safe innovation in the AI sector by
6 providing clear guidance for AI development, testing, and validation
7 both before a product is launched and throughout the product's life
8 cycle.
9 (d) New York must establish that the burden of responsibility of prov-
10 ing that AI products do not cause harm to New Yorkers will be shouldered
11 by the developers and deployers of AI. While government and civil socie-
12 ty must act to audit and enforce human rights laws around the use of AI,
13 the companies employing and profiting from the use of AI must lead in
14 ensuring that their products are free from algorithmic discrimination.
15 (e) Close collaboration and communication between New York state and
16 industry partners is key to ensuring that innovation can occur with
17 safeguards to protect all New Yorkers. This legislation will ensure that
18 lines of communication exist and that there is clear statutory authority
19 to investigate and prosecute entities that break the law.
20 (f) As new forms of AI are developed beyond what is currently techno-
21 logically feasible, the goal of the legislature is to use this section
22 as a guiding light for future regulations.
23 (g) Lastly, it is in the interest of all New Yorkers that certain uses
24 of AI that infringe on fundamental rights, deepen structural inequality,
25 or that result in unequal access to services shall be banned.
26 § 3. The civil rights law is amended by adding a new article 10-A to
27 read as follows:
28 ARTICLE 10-A
29 PROTECTIONS REGARDING USE OF ARTIFICIAL INTELLIGENCE
30 Section 105. Definitions.
31 106. Unlawful discriminatory practice.
32 107. Jurisdictional scope.
33 108. Deployer and developer obligations.
34 109. Whistleblower protections.
35 110. Audits.
36 111. High-risk AI system reporting requirements.
37 112. Risk management policy and program.
38 113. Social scoring AI systems prohibited.
39 114. Enforcement.
40 115. Severability.
41 § 105. Definitions. The following terms shall have the following mean-
42 ings:
43 1. "Algorithmic discrimination" means any condition in which the use
44 of an AI system contributes to unjustified differential treatment or
45 impacts, disfavoring people based on their actual or perceived age,
46 race, ethnicity, creed, religion, color, national origin, citizenship or
47 immigration status, sexual orientation, gender identity, gender
48 expression, military status, sex, disability, predisposing genetic char-
49 acteristics, familial status, marital status, status as a victim of
50 domestic violence or other classification protected under state or
51 federal laws. Algorithmic discrimination shall not include:
52 (a) a developer's or deployer's testing of their own AI system to
53 identify, mitigate, and prevent discriminatory bias;
54 (b) expanding an applicant, customer, or participant pool to increase
55 diversity or redress historical discrimination; or
A. 8884--A 3
1 (c) an act or omission by or on behalf of a private club or other
2 establishment that is not in fact open to the public, as set forth in
3 Title II of the federal Civil Rights Act of 1964, 42 U.S.C. section
4 2000a(e), as amended.
5 2. "Artificial intelligence system" or "AI system" means a machine-
6 based system or combination of systems, that for a given set of human-
7 defined objectives, makes predictions, recommendations, or decisions
8 influencing real or virtual environments, and that uses machine- and
9 human-based inputs to perceive real and virtual environments, abstracts
10 such perceptions into models through analysis in an automated manner,
11 and uses model inference to formulate options for information or action.
12 Artificial intelligence system shall not include:
13 (a) any system that (i) is used by a business entity solely for inter-
14 nal purposes and (ii) is not used as a substantial factor in a conse-
15 quential decision; or
16 (b) any software used primarily for narrow procedural tasks or basic
17 computerized processes, such as anti-malware, anti-virus, auto-correct
18 functions, calculators, databases, data storage, electronic communi-
19 cations, firewall, internet domain registration, internet website load-
20 ing, networking, spam and robocall-filtering, spellcheck tools, spread-
21 sheets, web caching, web hosting, or any tool that relates only to
22 internal management affairs such as ordering office supplies or process-
23 ing payments, and that do not materially affect the rights, liberties,
24 benefits, safety or welfare of any individual within the state.
25 3. "Auditor" shall refer to an independent entity including but not
26 limited to an individual, non-profit, firm, corporation, partnership,
27 cooperative, association, academic institution, or group affiliated with
28 an academic institution, commissioned to perform an audit.
29 4. "Consequential decision" means a decision or judgment that has a
30 material, legal or similarly significant effect on an individual's
31 access to, or the cost, terms, or availability of, any of the following:
32 (a) Employment, workers' management, or self-employment, including,
33 but not limited to, all of the following:
34 (i) Pay or promotion; and
35 (ii) Hiring or termination.
36 (b) Education and vocational training, including, but not limited to,
37 all of the following:
38 (i) Accreditation;
39 (ii) Certification;
40 (iii) Admissions; and
41 (iv) Financial aid or scholarships.
42 (c) Housing or lodging, including rental or short-term housing or
43 lodging.
44 (d) Family planning, including adoption services or reproductive
45 services, as well as assessments related to child protective services.
46 (e) Health care or health insurance, including mental health care,
47 dental, or vision, except for radiology.
48 (f) Financial services, including a financial service provided by a
49 mortgage company, mortgage broker, or creditor.
50 (g) Legal services.
51 5. "Covered deployer" means a deployer that uses a high-risk AI system
52 to make one or more consequential decisions with respect to covered
53 subjects.
54 6. "Deployer" means any person, partnership, association or corpo-
55 ration that uses or makes an AI system available to one or more third
56 parties including the general public for use, modification, copying, or
A. 8884--A 4
1 a combination thereof with their software. A deployer shall not include
2 any natural person using an AI system for personal use. A developer may
3 also be considered a deployer if its actions satisfy this definition.
4 7. "Covered developer" means a developer that trained or initiated the
5 training of an AI system that is used to make one or more consequential
6 decisions with respect to covered subjects.
7 8. "Developer" means a person, partnership, or corporation that
8 trained or initiated the training of an AI system, or creates a substan-
9 tial change with respect to an AI system, whether for its own use in the
10 state of New York or for use by a third party. A deployer may also be
11 considered a developer if its actions satisfy this definition.
12 9. "Employee" means an individual who performs services for and under
13 the control and direction of an employer for wages or other remunera-
14 tion, including former employees, or natural persons employed as inde-
15 pendent contractors to carry out work in furtherance of an employer's
16 business enterprise who are not themselves employers.
17 10. "Employer" means any person, firm, partnership, institution,
18 corporation, or association that employs one or more employees.
19 11. "Covered agent" means any individual that interacts, directly or
20 indirectly, with a relevant AI system, developer, or deployer on behalf
21 of a covered subject with the express consent of such covered subject.
22 12. "Covered subject" means any individual or group of individuals
23 that is the subject of a consequential decision made entirely by or with
24 the assistance of an AI system.
25 13. "Fair market value" shall have the same meaning as such term is
26 defined in 20 NYCRR 3-2.3.
27 14. "High-risk AI system" means any AI system that, when deployed:
28 (a) is a substantial factor in making a consequential decision; or (b)
29 will have a material impact on the statutory or constitutional rights,
30 civil liberties, safety, or welfare of an individual in the state.
31 15. "ISO 42001" means international standard ISO/IEC 42001:2023
32 (Information technology -- Artificial intelligence -- Management
33 system), published by the International Organization for Standardization
34 on December eighteenth, two thousand twenty-three.
35 16. "Risk management policy and program" means the risk management
36 policy and program created pursuant to section one hundred twelve of
37 this article.
38 17. "Substantial change" means any new version, new release, or any
39 other intentional update to an AI system that results in significant and
40 material changes to such AI system's appropriate use cases, key func-
41 tionality, or expected outcomes, including but not limited to:
42 (a) significant and material changes to the AI system's training data;
43 (b) significant and material changes to the AI system's decision
44 criteria in an appropriate use case; and
45 (c) significant and material expansions or contractions of the AI
46 system's appropriate use cases.
47 18. "Substantial factor" means a factor that is (a) material in making
48 a consequential decision, or (b) is capable of altering the outcome of a
49 consequential decision.
50 19. "Meaningful human review" shall mean review, oversight and control
51 of the AI system by one or more individuals who understand the risks,
52 limitations, and functionality of, and are trained to use, the AI system
53 and who have the authority to intervene or alter the decision under
54 review, including but not limited to the ability to approve, deny, or
55 modify any decision recommended or made by the AI system.
A. 8884--A 5
1 § 106. Unlawful discriminatory practice. It shall be an unlawful
2 discriminatory practice for a developer or deployer to fail to take
3 reasonable care to prevent foreseeable risk of algorithmic discrimi-
4 nation that is a consequence of the use, sale, or sharing of a high-risk
5 AI system or a product featuring a high-risk AI system.
6 § 107. Jurisdictional scope. 1. This article applies to developers and
7 deployers that conduct business in New York or produce products or
8 services that are targeted to residents of New York.
9 2. This article does not apply to any developer or deployer that is:
10 (a) the New York state government, including any department, public
11 authority, board, bureau, commission, division, office, council, commit-
12 tee or officer of the state;
13 (b) a local government, including any county, city, town, village,
14 school district, board of cooperative educational services, county voca-
15 tional education and extension board, district corporation or municipal
16 corporation; or
17 (c) the state university of New York, the city university of New York
18 or a community college.
19 § 108. Deployer and developer obligations. 1. Any covered deployer
20 shall inform the covered subject and covered agent, if applicable, at
21 the immediate onset of an engagement between the covered subject and the
22 covered deployer as to the use of a high-risk AI system for the making
23 of a consequential decision in clear, conspicuous, and consumer-friendly
24 terms, made available in each of the languages in which the company
25 offers its end services, that AI systems will be used to make a decision
26 or to assist in making a decision; provided, however, that where there
27 is an urgent necessity for a decision to be made to confer a benefit to
28 the covered subject, including, but not limited to, social benefits,
29 housing access, or dispending of emergency funds, and compliance with
30 this section would cause imminent detriment to the welfare of the
31 covered subject, such obligation shall be considered waived; provided
32 further, that nothing in this section shall be construed to waive a
33 natural person's option to request human review of the decision.
34 2. (a) Any covered deployer shall inform the covered subject and
35 covered agent, if applicable, within ten days in a clear, conspicuous
36 and consumer-friendly manner that a high-risk AI system has been used to
37 make a consequential decision. The deployer shall then provide and
38 explain a process for the covered subject or covered agent to appeal the
39 decision, which shall at minimum allow the covered subject or covered
40 agent to (i) formally contest the decision, (ii) provide information to
41 support their position, and (iii) obtain meaningful human review of the
42 decision. A deployer shall respond to a covered subject's or covered
43 agent's appeal within forty-five days of receipt of the appeal. That
44 period may be extended once by forty-five additional days where reason-
45 ably necessary, taking into account the complexity and number of
46 appeals. The deployer shall inform the covered subject or covered agent,
47 if applicable, of any such extension within forty-five days of receipt
48 of the appeal, together with the reasons for the delay.
49 (b) A covered subject shall be entitled to no more than one appeal
50 with respect to the same consequential decision in a six-month period.
51 3. The covered deployer or covered developer is legally responsible
52 for quality and accuracy of all consequential decisions made, including
53 any bias or algorithmic discrimination resulting from the operation of
54 the AI system on their behalf.
55 4. Each covered deployer shall conduct meaningful human review of each
56 consequential decision made with a high-risk AI system.
A. 8884--A 6
1 5. The rights and obligations under this section may not be waived by
2 any person, partnership, association or corporation.
3 6. (a) If a developer intends that an AI system shall not be used as a
4 high-risk AI system, such developer shall:
5 (i) enter into a written and fully executed contractual agreement with
6 each deployer authorized to use the artificial intelligence system
7 developed by such developer, including the developer if they are also a
8 deployer, that such artificial intelligence system will not be used as a
9 high-risk AI system;
10 (ii) implement reasonable technical safeguards designed to prevent or
11 detect high-risk AI system use cases or otherwise demonstrate reasonable
12 steps taken to ensure that any unauthorized deployments of its AI
13 systems are not being used as a high-risk AI system;
14 (iii) prominently display on its website, in marketing materials, and
15 in all licensing agreements offered to prospective deployers of its AI
16 system that the AI system cannot be used as a high-risk AI system; and
17 (iv) maintain records of deployer agreements for a period of not less
18 than five years.
19 (b) Developers that have fully executed contractual agreements in
20 force and effect with deployers as of the effective date of this section
21 governing deployment of an AI system shall: (i) be deemed to be in
22 compliance with paragraph (a) of this subdivision for a period of eigh-
23 teen months following the effective date of this section and (ii) begin-
24 ning eighteen months following the effective date of this section,
25 comply with this subdivision by amendment of the existing contractual
26 agreement or by creation of a new fully executed contractual agreement
27 that satisfies the requirements of paragraph (a) of this subdivision.
28 § 109. Whistleblower protections. 1. Covered developers and covered
29 deployers shall not:
30 (a) prevent any of their employees from disclosing information to the
31 attorney general, including through terms and conditions of employment
32 or seeking to enforce terms and conditions of employment, if the employ-
33 ee has reasonable cause to believe the information indicates a violation
34 of this article; or
35 (b) retaliate against an employee for disclosing information to the
36 attorney general pursuant to this section.
37 2. An employee harmed by a violation of this article may petition a
38 court for appropriate relief as provided in subdivision five of section
39 seven hundred forty of the labor law.
40 3. Covered developers and covered deployers shall provide a clear
41 notice to all of their employees working on such AI systems of their
42 rights and responsibilities under this article, including the right of
43 employees of contractors and subcontractors to use, as relevant, the
44 developer's or deployer's internal process for making protected disclo-
45 sures pursuant to subdivision four of this section. A developer or
46 deployer is presumed to be in compliance with the requirements of this
47 subdivision if the developer or deployer does either of the following:
48 (a) at all times post and display within all workplaces maintained by
49 the developer or deployer a notice to all employees of their rights and
50 responsibilities under this article, ensure that all new employees
51 receive equivalent notice, and ensure that employees who work remotely
52 periodically receive an equivalent notice; or
53 (b) no less frequently than once every year, provide written notice to
54 all employees of their rights and responsibilities under this article
55 and ensure that the notice is received and acknowledged by all of those
56 employees.
A. 8884--A 7
1 4. Each covered developer and covered deployer shall provide a reason-
2 able internal process through which an employee may anonymously disclose
3 information to the developer or deployer if the employee believes in
4 good faith that the information indicates that the developer or deployer
5 has violated any provision of this article or any other law, or has made
6 false or materially misleading statements related to its risk management
7 policy and program, or failed to disclose known risks to employees,
8 including, at a minimum, a monthly update to the person who made the
9 disclosure regarding the status of the developer's or deployer's inves-
10 tigation of the disclosure and the actions taken by the developer or
11 deployer in response to the disclosure.
12 5. This section does not limit protections provided to employees under
13 section seven hundred forty of the labor law.
14 § 110. Audits. 1. Covered developers shall cause to be conducted
15 audits in accordance with this section.
16 (a) A covered developer shall complete at least:
17 (i) a first audit within six months after completion of development of
18 the high-risk AI system and the initial offering of the high-risk AI
19 system to a deployer for deployment or, if the developer is first
20 deployer to deploy the high-risk AI system, after initial deployment;
21 and
22 (ii) one audit every one year following the submission of the first
23 audit.
24 (b) A developer audit under this section shall include:
25 (i) an evaluation and determination of whether the developer has taken
26 reasonable care to prevent foreseeable risk of algorithmic discrimi-
27 nation with respect to such high-risk AI system; and
28 (ii) an evaluation of the developer's documented risk management poli-
29 cy and program required under section one hundred twelve of this article
30 for conformity with subdivision one of such section one hundred twelve.
31 (c) Notwithstanding paragraph (b) of this subdivision, satisfactory
32 audits under ISO 42001 completed in accordance with paragraph (a) of
33 this subdivision shall be deemed to satisfy a developer's duty under
34 this subdivision.
35 2. Covered deployers shall cause to be conducted audits in accordance
36 with this section.
37 (a) A covered deployer shall complete at least:
38 (i) a first audit within six months after initial deployment;
39 (ii) a second audit within one year following the submission of the
40 first audit; and
41 (iii) one audit every two years following the submission of the second
42 audit.
43 (b) A deployer audit under this section shall include:
44 (i) an evaluation and determination of whether the deployer has taken
45 reasonable care to prevent foreseeable risk of algorithmic discrimi-
46 nation with respect to such high-risk AI system;
47 (ii) an evaluation of system accuracy and reliability with respect to
48 such high-risk AI system's deployer-intended and actual use cases; and
49 (iii) an evaluation of the deployer's documented risk management poli-
50 cy and program required under section one hundred twelve of this article
51 for conformity with subdivision one of such section one hundred twelve.
52 (c) Notwithstanding paragraph (b) of this subdivision, satisfactory
53 audits under ISO 42001 completed in accordance with paragraph (a) of
54 this subdivision shall be deemed to satisfy a covered deployer's duty
55 under this subdivision.
A. 8884--A 8
1 3. (a) Audits under this section shall be conducted by one or more
2 thirty-party auditors. A deployer or developer may hire more than one
3 auditor to fulfill the requirements of this section.
4 (b) An auditor shall be an independent entity including, but not
5 limited to, an individual, non-profit, firm, corporation, partnership,
6 cooperative, or association.
7 (c) For the purposes of this article, no auditor may be commissioned
8 by a covered developer or covered deployer if such entity:
9 (i) has already been commissioned to provide any auditing or non-au-
10 diting service including, but not limited, to financial auditing,
11 cybersecurity auditing, or consulting services of any type, to the
12 commissioning company in the past twelve months; or
13 (ii) is, will be, or plans to be engaged in the business of developing
14 or deploying an AI system that can compete commercially with such devel-
15 oper's or deployer's AI system in the five years following an audit.
16 (d) Fees paid to auditors may not be contingent on the result of the
17 audit and the commissioning company shall not provide any incentives or
18 bonuses for a positive audit result.
19 4. Notwithstanding subdivision three of this section, a covered devel-
20 oper or covered deployer may conduct audits under this section using an
21 auditor that is an employee of such developer or deployer, if the cost
22 of an audit that complies with subdivision three exceeds one percent of
23 the fair market value of such developer or deployer.
24 5. At the attorney general's discretion, the attorney general may:
25 (a) promulgate further rules as necessary to ensure that audits under
26 this section assess whether or not AI systems produce algorithmic
27 discrimination and otherwise comply with the provisions of this article;
28 and
29 (b) recommend an updated AI system auditing framework to the legisla-
30 ture, where such recommendations are based on a standard or framework
31 (i) designed to evaluate the risks of AI systems, and (ii) that is
32 nationally or internationally recognized and consensus-driven, including
33 but not limited to a relevant framework or standard created by the
34 International Organization for Standardization.
35 6. The independent auditor shall have complete and unredacted copies
36 of all reports previously filed by the deployer or developer under
37 section one hundred eleven of this article.
38 7. An audit conducted under this section may be completed in part, but
39 shall not be completed entirely, with the assistance of an AI system.
40 (a) Acceptable auditor uses of an AI system include, but are not
41 limited to:
42 (i) use of an audited high-risk AI system in a controlled environment
43 without impacts on covered subjects for system testing purposes; or
44 (ii) detecting patterns in the behavior of an audited AI system.
45 (b) An auditor shall not:
46 (i) use a different high-risk AI system that is not the subject of an
47 audit to complete an audit; or
48 (ii) use an AI system to draft an audit under this section without
49 meaningful human review and oversight.
50 8. The attorney general may promulgate further rules to ensure (a) the
51 independence of auditors under this section, and (b) that teams conduct-
52 ing audits incorporate feedback from communities that may foreseeably be
53 the subject of algorithmic discrimination with respect to the AI system
54 being audited.
55 9. If a developer or deployer has an audit completed for the purpose
56 of complying with another applicable federal, state, or local law or
A. 8884--A 9
1 regulation, and the audit otherwise satisfies all other requirements of
2 this section, such audit shall be deemed to satisfy the requirements of
3 this section.
4 § 111. High-risk AI system reporting requirements. 1. Every covered
5 developer and covered deployer shall comply with the reporting require-
6 ments of this section.
7 2. Together with each report required to be filed under this section,
8 every covered developer and covered deployer shall file with the depart-
9 ment of financial services a copy of the last completed audit required
10 by this article.
11 3. Covered developers of high-risk AI systems shall complete and file
12 with the department of financial services reports in accordance with
13 this subdivision.
14 (a) A covered developer shall complete and file with the department of
15 financial services at least:
16 (i) a first report within six months after completion of development
17 of the high-risk AI system and the initial offering of the high-risk AI
18 system to a deployer for deployment or, if the developer is first
19 deployer to deploy the high-risk AI system, after initial deployment;
20 (ii) one report annually following the submission of the first report;
21 and
22 (iii) one report within six months of any substantial change to the
23 high-risk AI system.
24 (b) A developer report under this section shall include:
25 (i) a description of the system including:
26 (A) the uses of the high-risk AI system that the developer intends;
27 and
28 (B) any explicitly unintended or disallowed uses of the high-risk AI
29 system;
30 (ii) an overview of how the high-risk AI system was developed;
31 (iii) an overview of the high-risk AI system's training data; and
32 (iv) if the developer conducted an audit in accordance with subdivi-
33 sion four of section one hundred ten of this article, an overview of the
34 audit, including how the audit was structured, how the audit was
35 conducted, and information on the auditor; and
36 (v) any other information necessary to allow a covered deployer to:
37 (A) understand the outputs and monitor the system for compliance with
38 this article; and
39 (B) fulfill its duties under this article.
40 4. Covered deployers shall complete and file with the department of
41 financial services reports in accordance with this subdivision.
42 (a) A covered deployer shall complete and file with the department of
43 financial services at least:
44 (i) a first report within six months after initial deployment;
45 (ii) a second report within one year following the completion and
46 filing of the first report;
47 (iii) one report every two years following the completion and filing
48 of the second report; and
49 (iv) one report within six months of any substantial change to the
50 high-risk AI system.
51 (b) A deployer report under this section shall include:
52 (i) a description of the system including:
53 (A) the deployer's actual, intended, or planned uses of the high-risk
54 AI system with respect to consequential decisions; and
55 (B) whether the deployer is using the high-risk AI system for any
56 developer unintended or disallowed uses; and
A. 8884--A 10
1 (ii) an impact assessment including:
2 (A) whether the high-risk AI system poses a risk of algorithmic
3 discrimination and the steps taken to address the risk of algorithmic
4 discrimination;
5 (B) if the high-risk AI system is or will be monetized, how it is or
6 is planned to be monetized; and
7 (C) an evaluation of the costs and benefits to consumers and other
8 covered subjects; and
9 (iii) if the deployer conducted an audit in accordance with subdivi-
10 sion four of section one hundred ten of this article, an overview of the
11 audit, including how the audit was structured, how the audit was
12 conducted, and information on the auditor.
13 (c) A covered deployer that is also a covered developer and is
14 required to submit reports under subdivision three of this section may
15 submit a single joint report provided it contains the information
16 required in this subdivision.
17 5. The attorney general shall promulgate rules for a process whereby
18 covered developers and covered deployers may request redaction of
19 portions of reports required under this section to ensure that they are
20 not required to disclose sensitive and protected information.
21 6. For high-risk AI systems which are already in deployment at the
22 time of the effective date of this article, covered developers and
23 covered deployers shall have eighteen months from such effective date to
24 complete and file the first report and associated independent audit
25 required by this article.
26 (a) Each covered developer shall thereafter file at least one report
27 annually following the submission of the first report under this subdi-
28 vision.
29 (b) Each covered deployer shall thereafter file at least one report
30 every two years following the submission of the first report under this
31 subdivision.
32 § 112. Risk management policy and program. 1. Each covered developer
33 or covered deployer shall plan, document, and implement a risk manage-
34 ment policy and program to govern development or deployment, as applica-
35 ble, of such high-risk AI system. The risk management policy and
36 program shall specify and incorporate the principles, processes, and
37 personnel that the developer or deployer uses to identify, document, and
38 mitigate known or reasonably foreseeable risks of algorithmic discrimi-
39 nation covered under subdivision one of section one hundred six of this
40 article. The risk management policy and program shall be an iterative
41 process planned, implemented, and regularly and systematically reviewed
42 and updated over the life cycle of a high-risk AI system, requiring
43 regular, systematic review and updates, including updates to documenta-
44 tion. A risk management policy and program implemented and maintained
45 pursuant to this section shall be reasonable considering:
46 (a) The guidance and standards set forth in:
47 (i) version 1.0 of the "Artificial Intelligence Risk Management Frame-
48 work" published by the National Institute of Standards and Technology in
49 the United States department of commerce,
50 (ii) ISO 42001, or
51 (iii) another substantially equivalent framework selected at the
52 discretion of the attorney general, if such framework was designed to
53 manage risks associated with AI systems, is nationally or interna-
54 tionally recognized and consensus-driven, and is at least as stringent
55 as version 1.0 of the "Artificial Intelligence Risk Management Frame-
A. 8884--A 11
1 work" published by the National Institute of Standards and Technology or
2 ISO 42001;
3 (b) The size and complexity of the developer or deployer;
4 (c) The nature, scope, and intended uses of the high-risk AI system
5 developed or deployed; and
6 (d) The sensitivity and volume of data processed in connection with
7 the high-risk AI system.
8 2. A risk management policy and program implemented pursuant to subdi-
9 vision one of this section may cover multiple high-risk AI systems
10 developed by the same developer or deployed by the same deployer if
11 sufficient.
12 3. The attorney general may require a covered developer or a covered
13 deployer to disclose the risk management policy and program implemented
14 pursuant to subdivision one of this section in a form and manner
15 prescribed by the attorney general. The attorney general may evaluate
16 the risk management policy and program to ensure compliance with this
17 section.
18 4. Notwithstanding subdivision one of this section, a developer that
19 is in compliance with the duties under section fourteen hundred twenty-
20 two of the general business law shall be deemed in compliance with this
21 section.
22 § 113. Social scoring AI systems prohibited. No person, partnership,
23 association or corporation shall develop, deploy, use, or sell an AI
24 system which evaluates or classifies the trustworthiness of natural
25 persons over a certain period of time based on their social behavior or
26 known or predicted personal or personality characteristics, with the
27 social score leading to any of the following:
28 1. differential treatment of certain natural persons or whole groups
29 thereof in social contexts which are unrelated to the contexts in which
30 the data was originally generated or collected;
31 2. differential treatment of certain natural persons or whole groups
32 thereof that is unjustified or disproportionate to their social behavior
33 or its gravity; or
34 3. the infringement of any right guaranteed under the United States
35 constitution, the New York constitution, or state or federal law.
36 § 114. Enforcement. 1. Whenever there shall be a violation of section
37 one hundred seven, one hundred eight, one hundred ten, one hundred elev-
38 en, one hundred twelve, or one hundred thirteen of this article, an
39 application may be made by the attorney general in the name of the
40 people of the state of New York, to the supreme court having jurisdic-
41 tion to issue an injunction, and upon notice to the respondent of not
42 less than ten days, to enjoin and restrain the continuance of such
43 violation; and if it shall appear to the satisfaction of the court that
44 the respondent has, in fact, violated this article, an injunction may be
45 issued by the court, enjoining and restraining any further violations,
46 without requiring proof that any person has, in fact, been injured or
47 damaged thereby. In any such proceeding, the court may make allowances
48 to the attorney general as provided in paragraph six of subdivision (a)
49 of section eighty-three hundred three of the civil practice law and
50 rules, and direct restitution. Whenever the court shall determine that a
51 violation of this article has occurred:
52 (a) by a developer, the court may impose a civil penalty of not more
53 than twenty-five thousand dollars for each violation; or
54 (b) by a deployer, the court may impose a civil penalty of not more
55 than ten thousand dollars for each violation.
A. 8884--A 12
1 2. In evaluating any motion to dismiss a proceeding commenced pursuant
2 to this section, the court shall presume the specified AI system was
3 created and/or operated in violation of a specified law or laws and that
4 such violation caused the harm or harms alleged.
5 (a) A defendant can rebut presumptions made pursuant to this subdivi-
6 sion through clear and convincing evidence that the specified AI system
7 did not cause the harm or harms alleged and/or did not violate the
8 alleged law or laws. An algorithmic audit can be considered as evidence
9 in rebutting such presumptions, but the mere existence of such an audit,
10 without additional evidence, shall not be considered clear and convinc-
11 ing evidence.
12 (b) Where such presumptions are not rebutted pursuant to this subdivi-
13 sion, the action shall not be dismissed.
14 (c) Where such presumptions are rebutted pursuant to this subdivision,
15 a motion to dismiss an action shall be adjudicated without any consider-
16 ation of this section.
17 3. The supreme court in the state shall have jurisdiction over any
18 action, claim, or lawsuit to enforce the provisions of this article.
19 § 115. Severability. If any clause, sentence, paragraph, subdivision,
20 section or part of this article shall be adjudged by any court of compe-
21 tent jurisdiction to be invalid, such judgment shall not affect, impair,
22 or invalidate the remainder thereof, but shall be confined in its opera-
23 tion to the clause, sentence, paragraph, subdivision, section, or part
24 thereof directly involved in the controversy in which such judgment
25 shall have been made.
26 § 4. Section 296 of the executive law is amended by adding a new
27 subdivision 23 to read as follows:
28 23. It shall be an unlawful discriminatory practice under this section
29 for a deployer or a developer, as such terms are defined in section one
30 hundred five of the civil rights law, to engage in an unlawful discrimi-
31 natory practice under section one hundred six of the civil rights law.
32 § 5. This act shall take effect one year after it shall have become a
33 law; provided, however, that section 110 of article 10-A of the civil
34 rights law as added by section three of this act shall take effect two
35 years after it shall have become a law.
