Defines roles for AI governance, requiring San José to align AI usage with security and privacy policies. Prohibits real-time biometric identification, emotion analysis, and social scoring. Requires an AI review, technical documentation, and immediate reporting of harmful incidents. Enforces policy compliance with potential disciplinary actions.
Analysis summaries, actor details, and coverage mappings were LLM-classified and may contain errors.
This is an internal municipal government policy document that establishes governance structures and requirements for AI use within the City of San José. While it contains mandatory language and enforcement mechanisms for city employees and contractors, it functions as an internal administrative policy rather than externally binding legislation.
The document has good coverage of approximately 8-10 subdomains, with strong focus on privacy compromise (2.1), AI system security (2.2), unfair discrimination (1.1), governance structures (6.5), lack of robustness (7.3), and lack of transparency (7.4). Coverage is concentrated in privacy/security, discrimination prevention, and AI system safety domains.
This is an internal municipal government policy that governs AI use within the City of San José's public administration operations. The primary sector governed is Public Administration excluding National Security, as the policy applies to all city departments, employees, contractors, and vendors operating AI systems on behalf of the city government.
The document covers multiple AI lifecycle stages with primary focus on Plan and Design, Verify and Validate, Deploy, and Operate and Monitor. It establishes governance structures for the entire lifecycle from procurement through sunset procedures, with particular emphasis on risk assessment, validation, deployment controls, and ongoing monitoring.
The document explicitly defines and covers AI systems and algorithms. It does not specifically mention frontier AI, general purpose AI, task-specific AI, foundation models, generative AI, predictive AI, open-weight models, or compute thresholds. The focus is on AI systems broadly defined as machine-based systems that make predictions, recommendations, or decisions.
City of San José, Chief Information Officer (CIO), City Information Security Officer (CISO), City Digital Privacy Officer (CDPO)
The policy was established by the City of San José as indicated by the document title and purpose statement. The CIO is responsible for managing the AI Handbook that implements this policy, and the CISO and CDPO are responsible for recommending updates to the policy.
Chief Information Officer (CIO), City Information Security Officer (CISO), City Digital Privacy Officer (CDPO), Office of Employee Relations, Finance Department, Information Technology Department
The CIO, CISO, and CDPO have designated enforcement responsibilities including oversight, security practices, policy compliance, and coordinating AI reviews. The Office of Employee Relations receives reports of harmful incidents. Violations may result in disciplinary action up to termination.
City Information Security Officer (CISO), City Digital Privacy Officer (CDPO), Chief Information Officer (CIO)
The CISO and CDPO are explicitly responsible for ensuring security, resilience, privacy, and policy compliance. The CDPO coordinates AI system reviews. The CIO oversees the AI Handbook and approves sunset procedures. These roles involve ongoing monitoring and assessment of AI systems.
City of San José departments, staff, interns, consultants, contractors, partners, volunteers, vendors, Finance Department, Information Technology Department
The policy explicitly applies to all city employees, contractors, consultants, and third parties who purchase, configure, develop, use, or maintain AI systems on behalf of the City. It also applies to all AI systems deployed by the City.
13 subdomains (5 Good, 8 Minimal)