Wiki · Governance · Last reviewed July 2, 2026

California AI Transparency Act

The California AI Transparency Act is a California synthetic-media transparency law that requires covered generative AI providers to support AI-content detection and provenance disclosures, then extends related duties to large online platforms, GenAI hosting platforms, and capture-device manufacturers on later dates.

Definition

The California AI Transparency Act is Chapter 25 of Division 8 of the California Business and Professions Code, created by SB 942 in 2024 and amended by AB 853 in 2025. It is aimed at synthetic media identification rather than general model safety, frontier-model risk, copyright, or truth verification.

The law asks whether generated, altered, uploaded, hosted, or captured content can carry inspectable provenance signals. It focuses on manifest disclosures visible to people, latent disclosures present in the content or metadata, detection tools, system provenance data, digital signatures, and standards-compliant provenance records.

The statute is best read as a content-origin law. It can help viewers, platforms, archives, investigators, and publishers see that a file came from a model, system, device, or tool chain. It does not prove that content is true, consensual, lawful, fairly contextualized, or harmless.

Snapshot

Scope

The central regulated actor is the covered provider: a person that creates, codes, or otherwise produces a generative AI system with more than 1,000,000 monthly visitors or users and that is publicly accessible within California. The definition reaches public systems at scale; it does not make every small model, internal tool, or one-off media workflow a covered provider.

The statute defines generative AI broadly as AI that can generate derived synthetic content, including text, images, video, and audio, that emulates the structure and characteristics of its training data. But the provider detection-tool and disclosure provisions are written around image, video, audio, or combinations of those media. Text-only workflows should not be casually swept into the media-specific duties without a source for that interpretation.

The law also defines personal provenance data and system provenance data. That distinction matters because the detection tool must output detected system provenance data but must not output personal provenance data. The Act is trying to make system origin visible while reducing the risk that provenance becomes a user-tracking channel.

There is a narrow exclusion for products, services, websites, or applications that provide exclusively non-user-generated video game, television, streaming, movie, or interactive experiences. This is not a general entertainment exemption for all synthetic media or all platform activity.

Current Context

As of July 2, 2026, the Act is enacted but its main duties are still just ahead: Business and Professions Code section 22757.6 makes the chapter operative on August 2, 2026. AB 853 moved that date from January 1, 2026 and added the 2027 and 2028 layers for platforms, hosting services, and capture devices.

The timing matters because California's operative date now lands on the same day that the EU AI Act's Article 50 transparency obligations are scheduled to apply. The two regimes are not identical. The EU framework speaks in terms of provider marking and deployer labeling under the AI Act; California's law uses its own covered-provider threshold, detection-tool requirements, manifest and latent disclosures, platform provenance inspection duties, and California enforcement structure.

The broader direction is clear: synthetic media transparency is moving from voluntary watermarking practice into legal evidence infrastructure. C2PA, watermarking systems, platform labels, and detection tools are no longer only trust-and-safety features. They are becoming compliance artifacts whose absence, fragility, or poor retention can create legal and governance risk.

Covered Provider Duties

Detection tool. A covered provider must make a no-cost AI detection tool available. The tool must allow a user to assess whether image, video, or audio content, or a combination of those media, was created or altered by that provider's GenAI system. It must output detected system provenance data, avoid outputting personal provenance data, allow upload or URL submission, and support API invocation. The provider may impose reasonable access limits to prevent or respond to demonstrable security or integrity risks.

Detector privacy. The provider may not collect or retain personal information from users of the detection tool except opt-in contact information for feedback, may not retain submitted content longer than necessary to comply with the section, and may not retain personal provenance data from submitted content. This is a governance constraint, not just a product feature.

Manifest disclosure option. A covered provider must offer users the option to include a manifest disclosure in covered image, video, audio, or mixed-media content created or altered by the provider's GenAI system. The disclosure must identify the content as AI-generated, be clear and conspicuous for the medium, and be permanent or extraordinarily difficult to remove to the extent technically feasible.

Latent disclosure. A covered provider must include a latent disclosure in AI-generated image, video, audio, or mixed-media content created by the provider's GenAI system. To the extent technically feasible and reasonable, the latent disclosure must convey the provider name, GenAI system name and version, time and date of creation or alteration, and a unique identifier, either directly or through a permanent website. It must be detectable by the provider's AI detection tool, consistent with widely accepted industry standards, and permanent or extraordinarily difficult to remove where technically feasible.

License controls. If a covered provider licenses its GenAI system to a third party, the provider must contractually require the licensee to maintain the system's latent-disclosure capability. If the provider knows a licensee modified the system so it can no longer include required disclosures, the provider must revoke the license within 96 hours of discovery; the licensee must then stop using the system.

Platform, Hosting, and Device Duties

Beginning January 1, 2027, large online platforms must detect whether standards-compliant provenance data is embedded into or attached to content distributed on the platform. The definition covers public-facing social media platforms, file-sharing platforms, mass messaging platforms, and stand-alone search engines that distribute content to users who did not create or collaborate in creating it and exceeded 2,000,000 unique monthly users during the preceding 12 months, with exclusions for broadband internet access and telecommunications services.

Large online platforms must provide a user interface that discloses available system provenance data reliably indicating GenAI generation or substantial alteration, or capture by a capture device. Users must be able to inspect available standards-compliant system provenance data through the platform interface, by downloading a version with attached provenance data, or through a link to a provenance-data display. The platform also must not knowingly strip standards-compliant system provenance data or digital signatures where technically feasible.

Beginning January 1, 2027, a GenAI hosting platform must not knowingly make available a GenAI system that does not place the required disclosures. The statute defines a GenAI hosting platform as an internet website or application that makes source code or model weights for a GenAI system available for download by a California resident, regardless of compensation.

Beginning January 1, 2028, a capture-device manufacturer must, for capture devices first produced for sale in California on or after that date, provide users with the option to include latent disclosures and embed latent disclosures by default. The required information includes the manufacturer name, device name and version, and creation or alteration time and date. This duty applies only where technically feasible and compliant with widely adopted specifications adopted by an established standards-setting body.

Agent Context

Agent systems make the law operational. A media agent can generate a video, edit a voice track, resize an image, upload a file, repost it, or hand it to another service. Each step can preserve, damage, replace, or strip provenance signals.

An agent workflow should log the source model, media type, transformation chain, disclosure state, export format, platform destination, and whether provenance survives compression, screenshotting, clipping, reposting, transcription, transcoding, and CDN processing. A bot that silently strips metadata while "optimizing" an image can turn provenance into an audit failure.

Governance and Safety

For a provider, the governance record should document whether the system crosses the statutory user threshold, which outputs are covered media, where the detection tool lives, whether an API is available, what provenance fields are emitted, and what access limits exist for abuse or security reasons.

For a platform, the record should identify whether it qualifies as a large online platform, what standards-compliant provenance data it detects, how users inspect it, and what transformations might remove metadata or digital signatures. For a hosting platform, the record should show how hosted models are checked before release. For capture devices, the record should show which device models support latent disclosure, which standards are used, and how users can understand the setting.

For procurement, California's law can be turned into a vendor questionnaire: latent disclosures, manifest disclosure options, detector behavior, detector privacy, API access, export formats, license controls, provenance survival in common publishing workflows, and evidence that platform uploads do not strip signatures by default.

The safety benefit is traceability. The risk is over-trust. Provenance signals can support source inspection, but they do not replace content moderation, election integrity, nonconsensual-image response, fraud controls, copyright analysis, consent checks, or ordinary journalistic verification.

Enforcement

A violator is liable for a civil penalty of $5,000 per violation, collected in a civil action filed by the Attorney General, a city attorney, or a county counsel. A prevailing plaintiff in that action is entitled to reasonable attorney's costs and fees.

Each day that a covered provider, large online platform, or capture-device manufacturer is in violation is a discrete violation. For a third-party licensee that continues using a licensed GenAI system after revocation, the Attorney General, county counsel, or city attorney may seek injunctive relief and reasonable attorney's fees and costs.

The practical enforcement record is therefore not only whether a watermark exists in one file. It is whether the actor can show dates, tool availability, API behavior, disclosure fields, detection results, privacy-retention limits, license revocation records, platform transformation logs, and standards conformance for the relevant period.

Limits

The Act is not a universal AI law. It does not cover every model, user, jurisdiction, platform, or content type. It does not regulate general model training, frontier AI safety, employment decisions, copyright licensing, companion chatbots, or all synthetic text. Other California laws may address some of those topics, but this Act is a provenance and disclosure statute.

Provenance is evidence about origin and modification, not proof that content is true, consensual, lawful, harmless, or fairly contextualized. A human-made file can still mislead; an AI-labeled file can still be benign satire, illustration, accessibility support, localization, or routine production work.

The statute inherits technical fragility. Metadata can be stripped, watermarks can be attacked, signatures can be lost in conversion, detection tools can miss altered outputs, visible labels can be ignored or misunderstood, and provenance can become inconsistent across tools. NIST's synthetic-content report treats provenance, labeling, watermarking, and detection as complementary controls, not one complete solution.

The privacy boundary also matters. Provenance systems can expose tool chains, timestamps, user-linked identifiers, device details, or workflows if they are not designed carefully. California's distinction between system provenance data and personal provenance data is a useful guardrail, but it has to survive implementation.

Review Record

Source Discipline

Use California Legislative Information for the Business and Professions Code text, bill text, chapter history, and operative dates. Use Governor of California releases only for signing context and public framing. Treat law-firm alerts, vendor guides, and trade commentary as secondary explanation, not authority for statutory deadlines, thresholds, definitions, or penalties.

Separate legal claims from standards claims. C2PA, Content Credentials, digital signatures, and watermarking systems can help satisfy or operationalize provenance duties, but the statute controls the legal threshold. A valid credential is not proof of truth, and a missing credential is not proof of human origin.

For product claims, require evidence from the live workflow: generated file, export settings, detector result, provenance inspection, platform upload, transformed file, user-facing label, API response, and retention log. A provider's statement that it "supports provenance" is incomplete unless the supported media types, formats, standards, failure modes, and inspection route are visible.

Spiralist Reading

Spiralism reads the California AI Transparency Act as a discipline for the synthetic public record.

The law cannot decide whether an image should persuade us or whether a platform acted responsibly. It does make one demand legible: generated media should not drift through civic life without a trace of the machine, tool, device, or institution that helped make it.

The deeper warning is that provenance can become ritual. A label can reassure without informing; a watermark can exist without surviving; a detector can produce confidence without context. The useful posture is not faith in marks. It is recordkeeping, inspection, and humility about what origin evidence can and cannot prove.

Open Questions

Sources


Return to Wiki