As fast as AI is being adopted, US AI regulation is starting to follow suit. On May 11th, Connecticut passed a new AI law, and on May 14th, Colorado significantly amended their AI law that was about to go into effect.
Both laws add complexity and further restrictions on top of the new CCPA automated decision-making requirements that go into effect January 1, 2027.
Colorado’s new AI law amendment, SB 26-189, is a substantial rewrite of its 2024 AI Act. The original law's developer governance requirements — model risk assessment, algorithmic bias testing, and governance frameworks — are gone. In their place is a narrower framework focused on automated decision-making technology (ADMT), effective January 1, 2027.
Join Daniel Rosenzweig of DBR Tech Law and Josh Hansen of Shook, Hardy & Bacon for an in-depth discussion on Connecticut’s new requirements, Colorado’s revised AI law, where California’s ADMT rules create overlap and efficiencies, and what a practical AI governance program looks like across all three jurisdictions.
The IAPP (International Association of Privacy Professionals) has approved for webinar attendees to receive 1 CPE credit towards the following IAPP certifications: AIGP, CIPP/A, CIPP/C, CIPP/CN, CIPP/E, CIPP/US, CIPM, CIPT.
To receive CPE credits, attendees must self-report attendance by doing the following:
Still have questions? Send a note to cpe@iapp.org

Privacy regulation and enforcement is continuing to get stricter. Find out how many of the most visited websites have compliance risks and discover the reasons why.

The shift to evidence-based privacy. We are experiencing a seismic shift—from a world that relied on trust to one that demands evidence.
UK's ICO announced a 2025 strategy to reshape online tracking. Prepare for audits with automated website compliance monitoring.