XIRA
Tracking 99 regulations across 24 states and jurisdictions. Updated April 20, 2026.

AI Regulations Tracker

Every AI and automated decision-making regulation XIRA tracks, organized by state. Every entry verified against enrolled statute text.

Compare AI regulations between states

Pick two states to compare obligations, timing, and enforcement exposure.

Signal: compare totals, in-effect counts, and highest state penalty side by side.

Colorado has 12 regulations while California has 32. Colorado requires Reasonable care required, Developer documentation required, Developer impact assessment support required that California does not. California requires AI detection tool required, Manifest disclosure option required, Latent disclosure required that Colorado does not. Both states require Impact assessment required, Record-keeping required, Transparency notice required.

Summary statsColoradoCalifornia
Total regulations1232
AI-specific laws120
Sector-specific laws01
Privacy ADM laws11
Highest state penalty$50,000$1,000,000
Already in effect1029
Upcoming23

Federal penalties also apply: up to $53,088 per violation (FTC). These apply in every state in addition to state-level penalties above.

ObligationCOCA
ADM impact assessment required
ADMT access right required
ADMT opt-out required
ADMT privacy policy disclosure required
AI detection tool required
AI interaction disclosure required
Annual discrimination review required
Annual reporting required
Bias testing required
Bias testing required
Capture device default disclosure required
Consent required
Consent required
Consumer adverse decision notice required
Consumer notification required
Consumer opt-out required
Consumer pre-decision notice required
Content provenance required
Content removal required
Cybersecurity audit certification required
Cybersecurity audit required
Developer documentation required
Developer impact assessment support required
Developer risk assessment support required
Disclosure to users required
Disclosure to users required
Hosting disclosure gate required
Impact assessment required
Impact assessment required
Incident reporting required
Incident reporting required
Latent disclosure required
Licensee contract requirement
Manifest disclosure option required
No-strip provenance required
Pre-use notice required
Profiling disclosure required
Prohibited practices
Provenance data detection required
Reasonable care required
Record-keeping required
Record-keeping required
Reporting required
Risk assessment filing required
Risk management program required
Risk management program required
Transparency notice required
Transparency notice required

Colorado

California

This comparison shows the regulatory landscape. Your actual obligations depend on which AI tools you use and whether you build or deploy AI. Run a free scan with your specific details.

Scan your exposure

Popular comparisons

Colorado vs CaliforniaNew York vs IllinoisTexas vs CaliforniaColorado vs Connecticut
99Regulations tracked
24Jurisdictions
87In effect
OnePath from scan to export

Numbers reflect the live catalog and site configuration.

See the match before you commit

Lead with the scan. Add a work email only if you want updates. Nothing here blocks the free exposure path.