SB24-205

Consumer Protections for Artificial Intelligence

Concerning consumer protections in interactions with artificial intelligence systems.

Session:

2024 Regular Session

Subjects:

Business & Economic Development

Labor & Employment

Telecommunications & Information Technology

Bill Summary

On and after February 1, 2026, the act requires a developer of a high-risk artificial intelligence system (high-risk system) to use reasonable care to protect consumers from any known or reasonably foreseeable risks of algorithmic discrimination in the high-risk system. There is a rebuttable presumption that a developer used reasonable care if the developer complied with specified provisions in the act, including:

Making available to a deployer of the high-risk system a statement disclosing specified information about the high-risk system;
Making available to a deployer of the high-risk system information and documentation necessary to complete an impact assessment of the high-risk system;
Making a publicly available statement summarizing the types of high-risk systems that the developer has developed or intentionally and substantially modified and currently makes available to a deployer or other developer and how the developer manages any known or reasonably foreseeable risks of algorithmic discrimination that may arise from the development or intentional and substantial modification of each of these high-risk systems; and
Disclosing to the attorney general and known deployers or other developers of the high-risk system any known or reasonably foreseeable risks of algorithmic discrimination, within 90 days after the discovery or receipt of a credible report from the deployer, that the high-risk system has caused or is reasonably likely to have caused.

The act also, on and after February 1, 2026, requires a deployer of a high-risk system to use reasonable care to protect consumers from any known or reasonably foreseeable risks of algorithmic discrimination in the high-risk system. There is a rebuttable presumption that a deployer used reasonable care if the deployer complied with specified provisions in the act, including:

Implementing a risk management policy and program for the high-risk system;
Completing an impact assessment of the high-risk system;
Annually reviewing the deployment of each high-risk system deployed by the deployer to ensure that the high-risk system is not causing algorithmic discrimination;
Notifying a consumer of specified items if the high-risk system makes, or will be a substantial factor in making, a consequential decision concerning the consumer;
Providing a consumer with an opportunity to correct any incorrect personal data that a high-risk system processed in making a consequential decision;
Providing a consumer with an opportunity to appeal, via human review if technically feasible, an adverse consequential decision concerning the consumer arising from the deployment of a high-risk system;
Making a publicly available statement summarizing the types of high-risk systems that the deployer currently deploys, how the deployer manages any known or reasonably foreseeable risks of algorithmic discrimination that may arise from deployment of each of these high-risk systems, and the nature, source, and extent of the information collected and used by the deployer; and
Disclosing to the attorney general the discovery of algorithmic discrimination, within 90 days after the discovery, that the high-risk system has caused.

A person doing business in this state, including a deployer or other developer, that deploys or makes available an artificial intelligence system that is intended to interact with consumers must ensure disclosure to each consumer who interacts with the artificial intelligence system that the consumer is interacting with an artificial intelligence system.

The act does not restrict a developer's, deployer's, or other person's ability to engage in specified activities, including:

Complying with federal, state, or municipal laws, ordinances, or regulations;
Cooperating with and conducting specified investigations;
Taking immediate steps to protect an interest that is essential for the life or physical safety of a consumer;
Conducting and engaging in specified research activities; and
Effectuating a product recall or repairing technical errors that impair product functionality.

The act provides an affirmative defense for a developer, deployer, or other person if:

The developer, deployer, or other person involved in a potential violation is in compliance with a nationally or internationally recognized risk management framework for artificial intelligence systems that the act or the attorney general designates; and
The developer, deployer, or other person takes specified measures to discover and correct violations of the act.

An insurer, a fraternal benefit society, or a developer of an artificial intelligence system used by an insurer is in full compliance with the act if the entity is subject to specified laws governing insurers' use of external consumer data and information sources, algorithms, and predictive models and rules adopted by the commissioner of insurance.

A bank, out-of-state bank, credit union chartered by the state of Colorado, federal credit union, out-of-state credit union, or any affiliate or subsidiary thereof, is in full compliance with the act if the entity is subject to examination by a state or federal prudential regulator under any published guidance or regulations that apply to the use of high-risk systems and the guidance or regulations meet criteria specified in the act.

The act grants the attorney general rule-making authority to implement, and exclusive authority to enforce, the requirements of the act. A person who violates the act engages in a deceptive trade practice pursuant to the "Colorado Consumer Protection Act".

APPROVED by Governor May 17, 2024

EFFECTIVE May 17, 2024
(Note: This summary applies to this bill as enacted.)

Date	Bill Type	Documents
05/17/2024	Signed Act	PDF
05/13/2024	Final Act	PDF
05/08/2024	Rerevised	PDF
05/07/2024	Revised	PDF
05/03/2024	Reengrossed	PDF
05/02/2024	Engrossed	PDF
04/10/2024	Introduced	PDF

Date	Bill Type	Documents
05/05/2024	PA2	PDF
04/25/2024	PA1	PDF

Date	Version	Documents
05/04/2024	FN2	PDF
04/15/2024	FN1	PDF

Activity	Vote	Documents
Adopt amendment L.007 (Attachment G).	The motion passed without objection.	Vote Summary
Adopt amendment L.006 (Attachment H).	The motion passed on a vote of 10-1.	Vote Summary
Refer Senate Bill 24-205, as amended, to the Committee of the Whole.	The motion passed on a vote of 7-4.	Vote Summary

Activity	Vote	Documents
Adopt amendment L.001 (Attachment C)	The motion passed without objection.	Vote Summary
Refer Senate Bill 24-205, as amended, to the Committee of the Whole.	The motion passed on a vote of 3-2.	Vote Summary

Consumer Protections for Artificial Intelligence

Status

Menu

Bill Text

All Versions (7 )

Preamended Versions (2 )

Budget Documents

Fiscal Notes (2)

Committee Actions

05/04/2024 | House State, Civic, Military, & Veterans Affairs (3 )

04/24/2024 | Senate Judiciary (2 )

Votes

House Votes (4)

Senate Votes (4)

Amendments

Bill History

Sponsors

Session Laws

Colorado General Assembly

Date	Action	Motion	Vote	Vote Document
05/08/2024	Third Reading	PERM	Aye: 54 No: 9 Other: 2	View
05/08/2024	Third Reading	AMD (L.014)	Aye: 51 No: 13 Other: 1	View
05/08/2024	Third Reading	BILL	Aye: 41 No: 22 Other: 2	View
05/07/2024	Committee of the Whole	AMD (H.001)	Aye: 21 No: 43 Other: 1	View

Date	Action	Motion	Vote	Vote Document
05/08/2024	House Amendments	CONCUR	Aye: 35 No: 0 Other: 0	View
05/08/2024	House Amendments	REPASS	Aye: 28 No: 7 Other: 0	View
05/03/2024	Third Reading	AMEND (L.005)	Aye: 33 No: 1 Other: 1	View
05/03/2024	Third Reading	BILL	Aye: 23 No: 11 Other: 1	View

Date	Amendment Number	Committee/Floor Hearing	Status	Documents
05/08/2024	L.014	Third Reading	Passed	PDF
05/07/2024	L.010	Second Reading	Passed**	PDF
05/07/2024	L.011	Second Reading	Passed**	PDF
05/07/2024	L.013	Second Reading	Passed**	PDF
05/04/2024	L.006	HOU State, Civic, Military, & Veterans Affairs	Passed*	PDF
05/04/2024	L.007	HOU State, Civic, Military, & Veterans Affairs	Passed*	PDF
05/03/2024	L.005	Third Reading	Passed	PDF
05/02/2024	L.003	Second Reading	Passed**	PDF
04/24/2024	L.001	SEN Judiciary	Passed*	PDF

Date	Location	Action
05/17/2024	Governor	Governor Signed
05/13/2024	House	Signed by the Speaker of the House
05/13/2024	Senate	Signed by the President of the Senate
05/13/2024	Governor	Sent to the Governor
05/08/2024	Senate	Senate Considered House Amendments - Result was to Concur - Repass
05/08/2024	House	House Third Reading Passed with Amendments - Floor
05/07/2024	House	House Second Reading Special Order - Passed with Amendments - Committee, Floor
05/04/2024	House	House Committee on State, Civic, Military, & Veterans Affairs Refer Amended to House Committee of the Whole
05/03/2024	House	Introduced In House - Assigned to State, Civic, Military, & Veterans Affairs
05/03/2024	Senate	Senate Third Reading Passed with Amendments - Floor
05/02/2024	Senate	Senate Second Reading Passed with Amendments - Committee, Floor
05/01/2024	Senate	Senate Second Reading Laid Over to 05/02/2024 - No Amendments
04/30/2024	Senate	Senate Second Reading Laid Over to 05/01/2024 - No Amendments
04/29/2024	Senate	Senate Second Reading Laid Over to 04/30/2024 - No Amendments
04/24/2024	Senate	Senate Committee on Judiciary Refer Amended to Senate Committee of the Whole
04/10/2024	Senate	Introduced In Senate - Assigned to Judiciary

Sponsor Type	Legislators
Prime Sponsor	Sen. R. Rodriguez Rep. M. Rutinel, Rep. B. Titone
Sponsor
Co-sponsor	Sen. L. Cutter, Sen. S. Fenberg, Sen. D. Michaelson Jenet, Sen. K. Priola, Sen. F. Winter Rep. M. Duran

Robert Rodriguez

Brianna Titone

Manny Rutinel