Official name: California SB 833 (Critical infrastructure: artificial intelligence systems: human oversight)
Establishes human oversight mechanisms for AI in critical infrastructure. Requires real-time monitoring and annual assessments by oversight personnel. Directs the Department of Technology to provide AI safety training. Limits public access to sensitive infrastructure information under the California Public Records Act.
Analysis summaries, actor details, and coverage mappings were LLM-classified and may contain errors.
This is a binding California state statute with mandatory requirements, enforcement mechanisms, and legal obligations for state agencies operating AI systems in critical infrastructure.
The document has minimal to good coverage of approximately 5-6 subdomains, with primary focus on AI system security (2.2), governance failure (6.5), and AI safety failures (7.1, 7.3). Coverage is concentrated in system safety, security vulnerabilities, and governance oversight domains related to critical infrastructure protection.
This document governs AI use across multiple critical infrastructure sectors operated by California state agencies, with explicit coverage of at least 10 sectors including energy, transportation, water systems, emergency services, healthcare, financial services, communications, information technology, food and agriculture, and government facilities. The governance applies specifically to state agency operations of critical infrastructure.
The document primarily focuses on the Deploy and Operate and Monitor stages of the AI lifecycle, with explicit requirements for real-time monitoring, periodic review, and annual assessments of deployed AI systems in critical infrastructure. There is minimal coverage of earlier lifecycle stages.
The document explicitly defines and covers both AI systems and automated decision systems. It focuses on AI systems deployed in critical infrastructure contexts but does not mention frontier AI, general purpose AI, foundation models, generative AI (except in legislative findings), or compute thresholds.
California State Legislature; Governor of California
The document is a California state bill enacted by the Legislature, with references to the Governor's Executive Order N-12-23 that established the policy framework leading to this legislation.
Department of Technology; Office of Emergency Services
The Department of Technology is designated to develop training, receive assessment reports, and oversee compliance. The Office of Emergency Services has authority over information disclosure related to critical infrastructure.
Department of Technology; oversight personnel within state agencies
The Department of Technology receives annual assessment summaries. Designated oversight personnel within each operator agency are responsible for conducting annual assessments and real-time monitoring of AI systems.
State agencies; Department of Technology; Office of Emergency Services; operators of critical infrastructure
The legislation applies to state agencies that operate AI systems in critical infrastructure. The definition of 'operator' specifically refers to 'a state agency responsible for operating, managing, overseeing, or controlling access to critical infrastructure.'
6 subdomains (1 Good, 5 Minimal)
