US AI Deadlines Calendar
Every enacted US AI obligation with a date attached, federal, state, and municipal, sorted by when it bites. Effective, enforceable, and compliance dates are not the same thing in US law: the Date column carries the operative one. Bookmark it. We keep it current.
Status as of July 14, 2026: No federal preemption of state AI law is in force. Executive Order 14365 (December 11, 2025) directed the DOJ to challenge state AI laws, and the DOJ's AI Litigation Task Force has been live since January 9, 2026. One challenge is active: after xAI sued on April 9 and the DOJ intervened on April 24, a federal court stayed enforcement of Colorado's AI Act on April 27, 2026, and that stay carries over to the replacement statute, SB 26-189. The Commerce Department's list of "onerous" state AI laws, due March 11, 2026, has not been published. Every other law below binds as written.
Coming up
Date | Jurisdiction | Law / Authority | What changes | ✅ Do this |
|---|---|---|---|---|
Aug 2, 2026 | California | AI Transparency Act (SB 942, amended by AB 853) | Covered providers (generative AI systems with 1M+ monthly users accessible in CA) must offer a free AI-detection tool, optional manifest disclosures, and embedded latent disclosures in AI image, video, and audio. Moved from Jan 1, 2026 (+7 months). $5,000 per violation, each day counts separately; AG, city attorneys, and county counsel enforce. | Ship the detection tool and watermarking pipeline now. Flow the disclosure duties into third-party license agreements before the date; AB 853 makes licensees part of your exposure. |
Oct 1, 2026 | Connecticut | SB 5 (CT AI Responsibility and Transparency Act), first wave | Four regimes go live: the automated employment-decision framework and "AI is not a defense" discrimination amendments, frontier-developer whistleblower protections, AI-related WARN layoff disclosures, subscription-AI term disclosures, and provenance marking for generative systems with 1M+ monthly users. AG-only enforcement under CUTPA, 60-day cure period through Dec 31, 2027. | Inventory every hiring tool that scores or ranks Connecticut candidates, and start vendor conversations on anti-bias testing evidence. Stand up C2PA-aligned provenance if you clear the 1M-user line. |
Jan 1, 2027 | Illinois | AI Safety Measures Act (SB 315) | Large frontier developers ($500M+ revenue, models above 10^26 operations) must publish and annually update a frontier AI framework, file pre-deployment transparency reports, undergo annual independent third-party safety audits (a US first), and report critical safety incidents within 72 hours to IEMA-OHS and the AG. Up to $3M per violation; AG-only, no private right of action. | If you clear the thresholds, contract the third-party auditor in 2026: audit-ready documentation takes quarters, not weeks. Align the framework with your CA SB 53 and NY RAISE filings; the three laws were built to interlock. |
Jan 1, 2027 | New York | RAISE Act (S6953B, amended by S8828, signed Mar 27, 2026) | Large frontier developers must publish a frontier AI framework, file disclosure statements with a new DFS oversight office, and report critical safety incidents within 72 hours (24 hours where imminent physical risk). Penalties from $1M (first violation) to $3M (subsequent); AG enforces, DFS office holds rulemaking power. | Build your incident-response workflow to the 72-hour clock, the strictest in any state, and budget for the DFS pro rata assessment. Watch DFS rulemaking through 2026; the office can add detail the statute leaves open. |
Jan 1, 2027 | Colorado | SB 26-189 (repealed and replaced SB 24-205, signed May 2026); enforcement stayed | Narrowed ADMT regime: notice and disclosure duties for developers and deployers of automated decision systems used in consequential decisions, replacing the original duty-of-care and impact-assessment framework. AG must adopt implementing rules by the same date. A federal court stay (xAI v. Weiser, in place since Apr 27, 2026) currently blocks enforcement and extends to this replacement law. | Keep the date on your roadmap but mark it contingent. Track the AG rulemaking and the preliminary-injunction briefing; the stay lifts no earlier than 14 days after the court rules. |
Jan 1, 2027 | California | AI Transparency Act platform wave (AB 853) | Large online platforms (2M+ unique monthly users) must detect embedded provenance data in distributed content and surface it to users. Generative AI hosting platforms may not knowingly make available a system that omits the required disclosures, which reaches model-weight and source-code distribution. | If you distribute content or host model weights for Californians, scope the provenance-detection build this year. The hosting-platform bar applies to open-weight repositories, not just consumer apps. |
Jan 1, 2027 | California | CCPA automated decisionmaking regulations (CPPA, finalized 2025) | Businesses using covered ADMT for significant decisions about consumers must provide pre-use notice, opt-out, and access rights. Risk-assessment submissions to the CPPA and cybersecurity audit obligations phase in on later dates through the decade. | Map every significant-decision use of ADMT against the CPPA's definitions now, and draft the pre-use notices. The notice and opt-out plumbing is engineering work, not paperwork. |
Jan 1, 2027 | Washington | Companion chatbot law (HB 2225, signed Mar 24, 2026) | Operators of AI companion chatbots must meet disclosure and safety-protocol requirements for users in Washington, joining the CA, NY, and CT companion regimes. | Run one gap analysis across the four companion statutes rather than four separate ones; the disclosure and crisis-protocol cores overlap heavily. |
Jan 1, 2027 | Connecticut | SB 5, second wave | AI companion requirements take effect for systems reachable by minors, and large frontier developers must have an anonymous internal risk-reporting channel operating, with quarterly reports to directors. | Extend whatever anonymous-reporting channel you build for Illinois SB 315 and CA SB 53 to satisfy Connecticut in the same pass. |
Feb 1, 2027 | Washington | AI content disclosure law (HB 1170, signed Mar 24, 2026) | Disclosure requirements apply when content is developed or materially modified by AI, adding a second state provenance regime alongside California's. | Design your labeling once, to the strictest overlapping standard (CAITA plus CT SB 5 plus HB 1170), and reuse it across states. |
Jul 1, 2027 | California | Companion chatbot reporting (SB 243) | Operators must begin annual reports to the Office of Suicide Prevention: crisis-referral counts from the prior calendar year and the protocols used to detect and respond to suicidal ideation. The office publishes the data. | Start counting now. The first report covers the preceding calendar year, so referral logging and metric definitions need to be running well before mid-2027. |
Oct 1, 2027 | Connecticut | SB 5, employment deployer duties | Deployers of automated employment-related decision technology must give applicants and employees pre-decision notice of the tool's use, purpose, data categories, and sources, for systems deployed on or after this date. | Fold the Connecticut notice into your NYC LL 144 and Illinois HB 3773 candidate-notice templates so recruiting runs one national workflow. |
Jan 1, 2028 | California | AI Transparency Act capture devices (AB 853) | Capture device manufacturers (cameras, phones with cameras or microphones, voice recorders sold in CA) must offer users the option to embed latent provenance disclosures at the point of capture. | Hardware lead times make this a 2026 design decision for device makers. Put provenance-at-capture on the next product-cycle requirements list. |
Already in force
Date | Jurisdiction | Law / Authority | What changed | ✅ Confirm |
|---|---|---|---|---|
Jul 5, 2023 | NYC | Local Law 144 (DCWP) | Automated employment decision tools used for NYC hiring or promotion require an annual independent bias audit, a published audit summary, and 10 business days' candidate notice. Penalties $500 to $1,500 per violation; DCWP moved to proactive investigations in 2026. | Confirm your current bias audit is under 12 months old and the summary is live on your careers page. Stale audits are the enforcement pattern. |
May 1, 2024 | Utah | AI Policy Act (SB 149, narrowed by 2025 amendments) | Generative AI use must be disclosed to Utah consumers on request, and proactively in regulated occupations. The 2025 amendments (effective May 7, 2025) narrowed the trigger to higher-risk interactions. Division of Consumer Protection enforces, up to $2,500 per violation. | Confirm chat and voice agents serving Utah answer "am I talking to an AI" truthfully and that regulated-profession deployments disclose up front. |
Aug 4, 2025 | Illinois | WOPR Act (HB 1806) | AI may not provide therapy or psychotherapy services, and licensed clinicians face limits on AI use in care delivery. IDFPR enforces, up to $10,000 per violation. | Confirm no product marketing positions your chatbot as therapy or a therapist substitute for Illinois users. Marketing language is the trigger. |
Nov 5, 2025 | New York | AI Companion Models law (FY26 budget, GBL Art. 47) | Operators of AI companions must run a protocol to detect suicidal ideation and refer users to crisis services, and must notify users at session start and at least every three hours that they are not talking to a human. AG enforces. | Confirm the three-hour re-notification actually fires in long sessions. It's the provision most implementations miss. |
Jan 1, 2026 | Texas | TRAIGA (HB 149) | Prohibited AI uses apply to anyone doing business in Texas or serving Texans: behavioral manipulation encouraging self-harm or crime, unlawful discrimination, and AI-generated CSAM or explicit impersonation of minors. AG-only enforcement, 60-day cure period, up to $200,000 per uncurable violation. | Confirm your acceptable-use enforcement can evidence intent screening. TRAIGA turns on purpose, so documentation of design intent is the defense. |
Jan 1, 2026 | California | Transparency in Frontier AI Act (SB 53) | Large frontier developers ($500M+ revenue, 10^26+ operation models) must publish safety frameworks and transparency reports, report critical safety incidents to Cal OES within 15 days, and honor whistleblower protections. Up to $1M per violation. | Confirm the published framework matches actual practice. Divergence between the document and reality is itself the violation. |
Jan 1, 2026 | California | Generative AI Training Data Transparency (AB 2013) | Developers of generative AI made publicly available to Californians must post high-level training-data documentation, covering systems released or substantially modified since Jan 1, 2022. | Confirm the disclosure covers substantial modifications, not just new releases. Fine-tuned derivatives re-trigger the duty. |
Jan 1, 2026 | California | Companion Chatbots (SB 243) | Operators must disclose AI status where a reasonable person could be misled, maintain and publish suicide and self-harm response protocols, and apply minor safeguards (three-hour break reminders, sexually explicit content bars). Private right of action: the greater of actual damages or $1,000 per violation, plus fees. | Confirm the crisis protocol is published on your site, word for word as practiced. The private right of action makes this the plaintiff-bar entry point. |
Jan 1, 2026 | Illinois | Human Rights Act amendments (HB 3773) | Using AI with a discriminatory effect in recruitment, hiring, promotion, discipline, or discharge is a civil rights violation, and employers must notify employees and applicants when AI is used in those decisions. | Confirm the notice is in offer, application, and promotion workflows, and that adverse-impact testing on Illinois hiring tools is documented. |
May 19, 2026 | Federal | TAKE IT DOWN Act (Pub. L. 119-12) | Covered platforms must operate a notice-and-removal process for non-consensual intimate imagery, including AI-generated deepfakes, with removal within 48 hours of a valid request. Criminal provisions have applied since enactment on May 19, 2025. FTC enforces the platform duty; the absent process is itself the violation. | Confirm the removal workflow logs every request with timestamps proving the 48-hour clock, and that it catches AI-generated content, not just photographs. |
Intelligence & Compliance. This is a compliance reference, not legal advice.