The beginning of 2026 marks a turning point in the regulation of artificial intelligence in the Estados Unidos, with the entry into force of pioneering state legislation. Estados as well as Califórnia, Colorado, and Texas have implemented rigorous standards to govern the development and use of AI systems, focusing on transparency, combating algorithmic discrimination, and managing risk in critical applications.
This wave of local regulation comes amid a legislative vacuum at the federal level, prompting states to act independently to protect consumers and ensure the ethical use of technology. The new rules impose direct obligations on companies that develop or implement AI solutions in their territories, ranging from the healthcare sector to hiring processes.
However, the states’ initiative faces a significant obstacle from Washington. An executive order signed by President Donald Trump at the end of 2025 established national guidelines and created a task force in Departamento of
Detailed regulations in Califórnia
Califórnia has positioned itself at the forefront of regulation with a robust legislative package that takes effect in 2026, setting a new standard of accountability for the technology industry. California legislation is multifaceted, covering everything from transparency in the data used to train AI models to the protection of sensitive sectors such as health and public safety. One of the most prominent measures is AB 2013, the “Generative Artificial Intelligence Training Data Transparency Act”, which requires generative AI developers to publish detailed summaries about the data sources used to train their systems. Essa requirement seeks to demystify the “black box” of algorithms and increase accountability for biases or incorrect information generated. Além Additionally, SB 53 requires developers of large-scale models, known as “frontier models,” to document and implement strategies to mitigate catastrophic risks, including security audits and cybersecurity protocols. The package of laws also includes specific protections, such as AB 489, which prohibits chatbots from posing as licensed healthcare professionals without a clear warning, and AB 621, which creates new legal defenses against digital exploitation with AI-generated content.
Consumer protection measures in Colorado
The state of The main objective of the standard is to prevent algorithmic discrimination in consequential decisions that affect the lives of citizens, such as in selection processes for jobs, granting credit, access to housing and essential services. The law requires companies using these systems to implement a risk management program, conduct annual impact assessments, and document all measures taken to mitigate bias.
For consumers, the Colorado law guarantees important rights. Companies are required to notify individuals when a high-impact automated decision has been made about them, informing them of their right to correct inaccurate data and to appeal the decision for human review, whenever technically feasible. The state’s Attorney General has been given exclusive authority to oversee compliance with the law, treating violations as deceptive trade practices, which can result in significant fines. The legislation also encourages the adoption of recognized frameworks, such as NIST, offering a presumption of compliance for companies that follow these standards, balancing protection and encouraging responsible innovation.
Governance initiatives in Texas and Illinois
Texas has adopted a focused approach to responsible governance with the endorsement of “Responsible Artificial Intelligence Governance Act”. The law, which came into effect in 2026, explicitly prohibits the use of AI for illicit activities, such as creating child abuse material or inciting violence.
Texas legislation also provides an affirmative defense mechanism for companies that voluntarily adopt risk management frameworks such as NIST AI Risk Management Framework. Isso means that, in the event of litigation, proof of adherence to these good practices may mitigate the company’s liability.
Another innovative point of the Texas law is the creation of a “regulatory sandbox”. Esse controlled environment allows companies to test new AI technologies for up to 36 months under state supervision, without the risk of immediate penalties, fostering safe innovation.
Meanwhile, in Illinois, the focus was on protecting against discrimination in the workplace. The state amended its Lei from Direitos Humanos to explicitly prohibit the use of AI tools that result in discrimination against protected classes in hiring, promotion, or firing processes, ensuring that HR decisions remain fair and impartial.
Federal executive order and the legal dispute
The executive order signed by Donald Trump in December 2025 represents an attempt by Casa Branca to centralize AI policy and curb what it considers regulatory excess on the part of states. The document directs federal agencies to develop a national framework and to use their power, including the conditioning of federal funds, to encourage states to align their legislation with this unified policy.
The order established a litigation task force in Departamento of Justiça, with the specific mandate to identify and judicially challenge state laws that may impose undue barriers to interstate commerce or technological innovation. The Colorado law was explicitly cited as an example of potentially conflicting regulation.
While the executive order cannot directly overturn state laws, as doing so would require Congresso action, it signals a clear willingness by the federal government to use Cláusula of Comércio of
Practical obligations for companies
With new laws in place, companies operating in regulatory states need to quickly adapt their internal data and technology governance processes. Compliance requires implementing risk management programs, in-depth documentation of how AI systems work, and conducting periodic impact assessments to identify and mitigate potential bias and other harm.
Transparency obligations are a central pillar, forcing developers to provide clear information about how their models were trained and what their known risks are. Para implementers, notifying consumers about the use of automated systems in important decisions has become a legal requirement, as has the provision of appeals mechanisms for human review.
The importance of risk management frameworks
Amid the complexity of new regulations, the adoption of risk management frameworks, such as the one developed by National Institute of Standards and Technology (NIST), has become a crucial strategy for companies. Esses frameworks provide a methodological framework for identifying, assessing and mitigating the risks associated with artificial intelligence, offering a clear path to responsible development and implementation of the technology. Leis as well as Colorado and Texas formally recognize the importance of these standards, offering “safe harbors” or affirmative defenses for organizations that demonstrate adherence to them, encouraging self-regulation based on internationally recognized good practices.
Focus on protecting vulnerable sectors
A common theme among the various state legislations is the emphasis on protecting vulnerable populations, especially minors and patients in the healthcare sector. The regulations impose strict disclosure requirements for chatbots and other AI systems that interact with the public in sensitive contexts, prohibiting them from falsely representing themselves as licensed professionals.
Furthermore, there is an explicit concern about combating the malicious use of AI, such as the creation of deepfakes for the purposes of exploitation or disinformation. Laws establish severe penalties for such practices and require platforms to implement safeguards to detect and remove harmful content, reinforcing digital security for all users.
