A Critique of Transparency Provisions in NY’s RAISE Act (1.0)

· Source: AI Accountability Review · Field: Legal & Regulatory — Regulatory Affairs & Government Relations, Compliance & Risk Management, AI Regulation · Depth: Intermediate, medium

Summary

New York's "Responsible AI Safety and Education" (RAISE) Act aims to regulate "frontier models" by mandating the disclosure of specific information for oversight. The law defines a frontier model as one trained with over 10^26 computational operations and a compute cost exceeding $100 million, a definition criticized for being arbitrary, subject to change, and relying on undisclosed data from model developers. A core mechanism is the "safety and security protocol," a transparency report developers must create before deployment and update annually. This protocol, shared with administrative bodies like the attorney general and made publicly available in redacted form, details organizational procedures, sociotechnical measures, and testing to mitigate "critical harm" (defined as $1 billion+ in damage or 100+ lives lost). While the act ensures accessibility, relevance, and timeliness of information, it lacks provisions for third-party auditing to verify accuracy, relying instead on developers not knowingly making false statements. The law includes carve-outs for privacy, trade secrets, and academic research.

Key takeaway

For CTOs and VPs of Engineering evaluating AI governance frameworks, New York's RAISE Act highlights the critical need for precise, auditable definitions of regulated AI systems. Your teams should prioritize developing internal transparency protocols that can withstand external scrutiny, even if current legislation has definitional gaps, as future laws will likely strengthen accuracy and understandability requirements. Be prepared for evolving regulatory landscapes that demand verifiable data on model training and safety.

Key insights

AI governance through transparency faces challenges in defining regulated entities and ensuring disclosed information's accuracy and understandability.

Principles

Method

Large model developers must create and annually update a "safety and security protocol" detailing mitigation and testing procedures for critical harm, sharing it with administrative bodies and the public.

In practice

Topics

Best for: CTO, VP of Engineering/Data, Director of AI/ML, Policy Maker, AI Ethicist, Legal Professional

Related on AIssential

Open in AIssential →

Editorial summary, takeaway, and curation by AIssential. Original article published by AI Accountability Review.