Sidley AI Monitor

California Gov. Gavin Newsom (D) signed Senate Bill No. 243 on October 13, 2025, which requires companion chatbot operators to notify certain users (including all users known by the operator to be minors) that they are interacting with AI. Additionally, SB-243 requires operators to report annually to the Office of Suicide Prevention and to maintain protocols to prevent chatbots from producing suicidal ideation content.

On October 14, 2025, California Gov. Gavin Newsom (D) signed Assembly Bill No. 853, which delays the operation of the California AI Transparency Act until August 2, 2026. AB 853 also amends the Act to require large online platforms to make available to users information to indicate whether content was generated or substantially altered with AI (effective January 1, 2027) and to require capture device manufacturers to provide users with the option to include, in the content they generate, certain disclosures such as the names of the manufacturer and device (effective January 1, 2028).

California Assembly Bill No. 316 was signed by Gov. Gavin Newsom (D) on October 13, 2025, and provides that defendants that are alleged to have caused harm by AI that they developed, modified, or used are not eligible to assert that the AI autonomously caused harm to the plaintiff.

California Assembly Bill No. 489, signed by Gov. Gavin Newsom (D) on October 11, 2025, extends existing laws prohibiting the use of specified language to falsely indicate or imply possession of a license or certificate to practice a health care profession to entities that develop or deploy AI that uses such language in its advertising or functionality.

On October 1, 2025, Latvia's Law on the Resilience of Digital Operations in the Financial Market and the Use of Artificial Intelligence entered into force. The law applies the provisions of the EU AI Act, including with respect to identifying, monitoring, and mitigating AI risks, to a wide array of financial services entities such as insurance companies, investment management companies, and payment service providers.

On October 1, 2025, California's rules regulating the usage of AI and other automated-decision systems in making employment decisions went into effect. Among other things, the rules prohibit employers from using automated-decision systems that discriminate against employees or applicants based on existing protected classes under California's Fair Employment and Housing Act.

On September 29, 2025, California Governor Gavin Newsom (D) signed into law Senate Bill No. 53, known as the Transparency in Frontier Artificial Intelligence Act, which among other matters, relates to the safety of a foundation model.

On September 25, 2025, Italy's Law No. 132 was published in the Official Gazette No. 223. The law aims to ensure that the use of artificial intelligence is aligned with the General Data Protection Regulation and Personal Data Protection Code and becomes effective on October 10, 2025.

On September 15, 2025, the Cyberspace Administration of China published its AI Safety Governance Framework 2.0, building upon its AI Governance Version 1.0 and the Global AI Governance Initiative to address rapid developments in AI technology.

On September 11, 2025, Wyoming Representative Harriet M. Hageman (R) introduced the Fair Artificial Intelligence Realization Act of 2025 (H. R. 5315), which would prohibit the Federal procurement of large language models not developed in accordance with unbiased AI principles, among other matters.

On September 10, 2025, Texas Senator Ted Cruz (R) introduced the Strengthening Artificial Intelligence Normalization and Diffusion By Oversight and eXperimentation Act, which would among other matters, create a regulatory “sandbox” that gives AI developers space to test and launch new AI technologies without being subject to certain federal rules.

On September 10, 2025, U.S. Senators Lisa Blunt Rochester (D) and John Curtis (R) introduced legislation Consumer Safety Technology Act (S. 2766), aimed at strengthening consumer protection through the use of emerging technologies such as artificial intelligence, blockchain, and digital tokens.

On September 4, 2025, South Korea's Personal Information Protection Commission announced the implementation of revised standards for Personal Information Impact Assessments, specifically addressing the use of artificial intelligence.

On September 3, 2025, the Office of the Information and Privacy Commissioner of Alberta issued guidance to assist custodians under the Health Information Act in ensuring they are compliant with the act when using artificial intelligence scribe tools.

On September 1, 2025, Measures for the Identification of Artificial Intelligence-Generated Synthetic Content in China went into effect. The measures aim to promote the development of artificial intelligence and standardize the identification of such content.

On August 28, 2025, Colorado Governor Jared Polis (D) signed S.B. 25B-004, which delayed the effective date of the Colorado AI Act from February 1 to June 30, 2026.

Key Steps Toward Using Artificial Intelligence in Pharmacovigilance – Sidley Insights on the Recent CIOMS Draft Report

On August 14, 2025, the U.S. General Services Administration (GSA) announced the launch of USAi, a secure generative artificial intelligence evaluation suite that enables federal agencies to experiment with and adopt artificial intelligence at scale.

On August 13, 2025, the Reserve Bank of India published a report referred to as the Framework for Responsible and Ethical Enablement of Artificial Intelligence in the Financial Sector.

On August 6, 2025, South Korea's Personal Information Protection Commission published its Guide for the Development and Use of Generative AI, highlighting compliance issues and safety standards for each stage of the generative artificial intelligence lifecycle.

On August 5, 2025, Luxembourg's National Commission for Data Protection published guidance to help organizations comply with the requirements of artificial intelligence literacy under the European Union Artificial Intelligence Act.

The European Union announced that the European Union Artificial Intelligence Act's rules regarding AI governance became effective on August 2, 2025.

On August 1, 2025, Illinois Governor JB Pritzker signed into law House Bill 1806, known as the Wellness and Oversight for Psychological Resources Act, which limits the use of AI to make therapeutic decisions.

On August 1, 2025, the U.S. Securities and Exchange Commission announced the launch of a task force on artificial intelligence (AI) that will spearhead the agency’s efforts to enhance innovation and efficiency in its operations through the responsible use of AI.

On July 31, 2025, United States Senator John W. Hickenlooper (D-CO) introduced Senate Bill 2615, known as the Validation and Evaluation for Trustworthy Artificial Intelligence Act, which would require the Director of the National Institute of Standards and Technology to develop voluntary guidelines and specifications for internal and external assurances of artificial intelligence systems, and for other purposes.

California Privacy Protection Agency Advances Substantial Rulemaking – Cyber Audits, Risk Assessments, New Automated Decisionmaking Technologies Rights, and More

The Trump Administration’s 2025 AI Action Plan – Winning the Race: America’s AI Action Plan – and Related Executive Orders

White House AI Action Plan Signals Environmental Regulation Reform for Data Centers

On July 24, 2025, the California Privacy Protection Agency voted to adopt proposed rulemaking on Automated Decisionmaking Technology Regulations, Cybersecurity Audits, Risk Assessments, Insurance, and updates to the California Consumer Privacy Act.

On July 24, 2025, the German Federal Office for Information Security published a white paper on bias in artificial intelligence.

On July 24, 2025, the European Commission published an Explanatory Notice and Template for the Public Summary of Training Content for general-purpose AI models.

On July 23, 2025, the White House issued an Executive Order titled "Preventing Woke AI in the Federal Government."

On July 23, 2025, the White House issued an Executive Order titled "Accelerating Federal Permitting of Data Center Infrastructure."

On July 23, 2025, the White House issued an Executive Order titled "Promoting the Export of the American AI Technology Stack."

On July 23, 2025, the White House published America's AI Action Plan to accelerate AI innovation, establish AI standards, and promote secure AI technologies.

On July 23, 2025, the Dutch data protection authority published guidelines for meaningful human intervention in algorithmic decision-making.

On July 22, 2025, the Romanian National Cyber Security Directorate published its Regulation of Social Media Platforms.

On July 22, 2025, the French data protection authority published recommendations for the development of artificial intelligence systems compliant with the General Data Protection Regulation.

On July 22, 2025, the European Economic and Social Committee issued recommendations to EU institutions on the responsible use of digital tools in law-making.

On July 18, 2025, the Irish Data Protection Commission published guidelines on the use of artificial intelligence, large language models, and data protection.