A first-of-its-kind AI bill moving through the Connecticut legislature went up in smoke this week after the state’s governor said he’d veto it if it reached his desk.
“I’m just not convinced that you want 50 states each doing their own thing. I’m not convinced you want Connecticut to be the first one to do it,” Gov. Ned Lamont told CT Insider, adding that the bill is too much too soon.
“I said, ‘Why don’t we take the lead, together, and work with all the other governors?’” he said. “If you don’t think the feds are going to take the lead on this, maybe the states should, but you shouldn’t have one state doing it. You should have us do this as a collective.”
Over the past few years, 18 states have passed narrow AI laws regulating automated employment decision tools, mandating that individuals are informed when they’re interacting with an AI system, and taking other specific actions aimed at protecting individuals from harmful impacts of unsafe or ineffective AI systems. The Connecticut bill—which passed in the State Senate but is unlikely to advance to the House after Lamont voiced his intention to veto—is different because of how wide-reaching it is. The bill would introduce rules around the development and use of both general-purpose AI systems and models deemed high-risk, including the requirement to implement a risk management policy prior to the release of high-risk systems and mandates around technical documentation that must be kept, and in some cases, made public, along with a slew of other requirements. The bill would also prohibit the dissemination of certain synthetic images, set up an AI advisory council, provide AI training for workers, establish a confidential computer cluster, and much more.
The implosion of the Connecticut bill encapsulates many of the concerns and challenges around AI regulation. As flawed AI systems proliferate and quickly improving deepfakes threaten everything from individuals to businesses and elections, legislators are confronted every day with more reasons to act. At the same time, they’re wary of being first or being too bold. From the state level to the federal, the push and pull between moving too fast (and potentially stifling innovation) and not moving fast enough (leaving society open to foreseeable, widespread harm) is continuing to hinder AI legislation.
Indeed, while Lamont supports aspects of the bill, one of his main reasons for opposing it overall stems from concerns about hobbling businesses pursuing AI.
“I do worry if it’s too burdensome and regulatory, all the startups around AI won’t be in Connecticut. They’ll be in Georgia or Texas. And I don’t want that to happen,” he said. The state’s Department of Economic and Community Development similarly opposed the legislation during a recent public hearing, warning that some of the proposed regulations could hinder early-stage businesses.
Some industry stakeholders have voiced strong opposition, which has seemingly had an effect on the bill and its support. Officials from the Virginia-based Consumer Technology Association (CTA)—the trade association that puts on the annual CES conference in Las Vegas—submitted a three-page letter to Connecticut lawmakers last month calling the proposed legislation a threat to the industry that would put “significant new duties on developers and deployers of AI” and “would effectively mandate strict new compliance obligations that would reach far beyond Connecticut.” The organization’s VP and author of the letter, Douglas Johnson, has since further voiced concerns about the “piecemeal approach” and called for policy at the federal level.
While tech executives’ warnings not to stifle innovation are typically made in their own self-interest, both the CTA officials and Lamont have a point. A state-by-state approach would be burdensome to companies from a compliance standpoint. And as we’ve seen with states’ piecemeal approach to data privacy legislation, state laws don’t make a lot of sense when we’re talking about technology that doesn’t start or end at state borders. The U.S.’s lack of a federal data privacy law—something that exists in the vast majority of countries around the world—has left Americans open to widespread and highly damaging data privacy violations. Countries across the globe are currently grappling with AI legislation, and the EU AI Act, the first comprehensive AI legislation to be passed, only made it past the finish line in March. So while the lack of federal legislation on AI doesn’t make the U.S. an outlier just yet, we’ve seen how this goes.
Lamont also acknowledged these are vastly complicated issues and that this bill is moving too fast, needing to be pushed through in a matter of days after two weeks of intense rewrites. Instead, he voiced support for a smaller, pending bill that would criminalize distributing deceptive synthetic media 90 days before an election as well as AI-created deepfake porn. It seems like a reasonable action all can agree on, but wouldn’t it be more effective if Congress just passed that law instead?
And with that, here’s more AI news.
