Official name: Colorado SB 24-205 (Concerning consumer protections in interactions with artificial intelligence systems)
Defines "high-risk AI systems" and mandates developers and deployers in Colorado to use care against algorithmic discrimination, with documentation and risk management requirements effective February 1, 2026. Grants the Attorney General enforcement authority and rule-making power.
Analysis summaries, actor details, and coverage mappings were LLM-classified and may contain errors.
This is a binding state statute enacted by the Colorado General Assembly with mandatory obligations, enforcement mechanisms through the Attorney General, and penalties for non-compliance as unfair trade practices.
The document has good coverage of approximately 5-6 subdomains, with strong focus on unfair discrimination (1.1), unequal performance across groups (1.3), governance failure (6.5), and lack of robustness (7.3). Coverage is concentrated in discrimination/toxicity and system safety domains, with minimal coverage of privacy, misinformation, or malicious actor risks.
The document governs AI use across multiple sectors through its definition of 'consequential decisions' which explicitly covers education, employment, financial services, government services, healthcare, housing, insurance, and legal services. The law applies to developers and deployers operating in these sectors when their AI systems make or substantially influence decisions in these areas.
The document covers multiple AI lifecycle stages with primary focus on deployment and operational monitoring. It addresses design considerations through risk management requirements, validation through impact assessments, deployment through notification requirements, and ongoing monitoring through annual reviews and incident reporting.
The document explicitly defines and covers AI systems broadly, with specific focus on high-risk AI systems that make consequential decisions. It does not explicitly mention frontier AI, general purpose AI, foundation models, generative AI, predictive AI, open-weight models, or compute thresholds.
Colorado General Assembly
The document is a state bill enacted by the Colorado General Assembly, which is the legislative body that proposed and passed this law.
Colorado Attorney General
The Attorney General has exclusive enforcement authority over this law, with power to bring enforcement actions, require disclosures, and promulgate implementing rules.
Colorado Attorney General
The Attorney General monitors compliance through required disclosures and documentation reviews. Developers and deployers also have self-monitoring obligations including ongoing testing, annual reviews, and impact assessments.
The law explicitly targets developers and deployers of high-risk AI systems doing business in Colorado. Developers are defined as persons developing or substantially modifying AI systems, while deployers are persons using high-risk AI systems.
7 subdomains (5 Good, 2 Minimal)
