What state-level AI laws should I be tracking?

Answer

Key state laws as of 2026: Colorado AI Act (SB 24-205) — requires impact assessments and disclosure for high-risk AI decisions. Illinois BIPA — biometric data requirements affecting agents that process facial/voice data. CCPA/CPRA — privacy rights that apply to agent data collection and processing. NY DFS 23 NYCRR 500 — cybersecurity requirements for financial services AI. Texas Data Privacy and Security Act (TDPSA). Connecticut Data Privacy Act (CTDPA). Virginia CDPA. More states are introducing bills each session. The trend is clear: state-level AI regulation is accelerating faster than federal action.