Bill Text: NJ S4446 | 2026-2027 | Regular Session | Introduced
Bill Title: Requires certain artificial intelligence developers to make certain disclosures to Attorney General.
Sponsorship: Partisan Bill (Democrat 1)
Status: (Introduced) 2026-06-11 - Introduced in the Senate, Referred to Senate Law and Public Safety Committee [S4446 Detail]
Download: New_Jersey-2026-S4446-Introduced.html
Sponsored by:
Senator RAJ MUKHERJI
District 32 (Hudson)
SYNOPSIS
Requires certain artificial intelligence developers to make certain disclosures to Attorney General.
CURRENT VERSION OF TEXT
As introduced.
An Act concerning artificial intelligence safety.
Be It Enacted by the Senate and General Assembly of the State of New Jersey:
1. As used in this act:
"Artificial intelligence technology" means any technology involving the development or implementation of machine-based systems that, for explicit or implicit objectives, infer, from the input it receives, how to generate outputs such as predictions, content, recommendations, or decisions that may influence physical or virtual environments.
"Catastrophic harm" means the death or serious injury of 25 or more people or $1 billion in damage to, or loss of, property arising from a single incident involving a frontier model:
a. providing expert-level assistance in the creation or use of an illegal firearm, lethal autonomous weapon, chemical weapon, biological weapon, radiological weapon, nuclear weapon, or explosive device;
b. engaging in conduct with no meaningful human oversight, intervention, or supervision that, if it had been committed by a human, would constitute the crime of murder under N.J.S.2C:11-3, assault under N.J.S.2C:12-1, or theft under chapter 20 of Title 2C of the New Jersey Statutes, including theft by deception under N.J.S.2C:20-4 and theft by extortion under N.J.S.2C:20-5; or
c. evading the control of its frontier developer or user, such as using deceptive techniques against the frontier developer or user to subvert the controls or monitoring of its frontier developer or user outside of the context of an evaluation designed to elicit this behavior. "Catastrophic harm" shall not include: incidents arising from information that a frontier model outputs if the information is otherwise publicly accessible in a substantially similar form from a source other than a foundation model; or lawful activity of the federal government.
"Catastrophic risk" means a foreseeable and material risk of catastrophic harm.
"Critical safety incident" means:
a. unauthorized access to, modification of, or exfiltration of, the model weights of a frontier model that results in death or bodily injury;
b. harm resulting from the materialization of a catastrophic risk;
c. loss of control of a frontier model causing death or bodily injury; or
d. a frontier model that uses deceptive techniques against the frontier developer to subvert the controls or monitoring of its frontier developer outside of the context of an evaluation designed to elicit this behavior and in a manner that demonstrates materially increased catastrophic risk.
"Deploying" or "deployment" means to make a frontier model available to a third party for use, modification, copying, or combination with other software.
"Foundation model" means an artificial intelligence technology that is trained on a broad data set, designed for generality of output, and adaptable to a wide range of distinctive tasks.
"Frontier developer" means a person who has used, or initiated the use of, a quantity of computing power of at least 10^26 integer or floating-point operations to train a frontier model, including computing used for the original training run and for any subsequent fine-tuning, reinforcement learning, or other modifications the person applies.
"Frontier model" means a foundation model that was trained using a quantity of computing power greater than 10^26 integer or floating-point operations, including computing for the original training run and for any subsequent fine-tuning, reinforcement learning, or other material modifications the developer applies to a preceding foundation model.
"Generative artificial intelligence system" or "GenAI system" means a technology system that is trained on data and can generate derived synthetic content, including text, images, video, and audio, which content emulates the structure and characteristics of the system's training data.
"Large frontier developer" means a frontier developer that together with its affiliates collectively had annual gross revenues in excess of $100 million in the preceding calendar year.
"Model weight" means a numerical parameter in a frontier model that is adjusted through training and that helps determine how inputs are transformed into outputs.
"Office" means the New Jersey Office of Homeland Security and Preparedness.
2. A large frontier developer who has users in the State of New Jersey shall:
a. write and implement technical and organizational protocols to assess and reduce the risk of the development, storage, use, or deployment of a frontier model materially contributing to a catastrophic harm;
b. annually submit to the Attorney General a "Risk Management Disclosure" containing a written explanation of technical and organizational protocols the large frontier developer has implemented to assess and reduce the risk of the development, storage, use, or deployment of a frontier model materially contributing to a catastrophic harm;
c. annually review and, as appropriate, update the technical and organizational protocols the large frontier developer has implemented to assess and reduce the risk of the large frontier developer's models materially contributing to a catastrophic harm; and
d. submit to the Attorney General a "New Model Risk Disclosure" before, or concurrently with, deploying a new frontier model or a substantially modified version of an existing frontier model following the effective date of this act, containing:
(1) assessments of catastrophic risks from the frontier model, described in enough detail that a third party may exactly replicate the assessments;
(2) the results of the assessments required pursuant to paragraph (1) of this subsection;
(3) the extent to which third-party evaluators were involved in the assessments required pursuant to paragraph (1) of this subsection; and
(4) other steps taken to fulfill the requirements of the rules issued pursuant to section 3 of this act.
3. a. The Attorney General, in consultation with the office, shall issue rules requiring that the "Risk Management Disclosure" submitted pursuant to subsection b. of section 2 of this act contain language or a visual guide which maps the large frontier developer's actions to the suggested actions contained in the most recent edition of the National Institute of Standards and Technology's AI Risk Management Framework, or to a relevant use-case profile based on the framework. For each suggested action, the large frontier developer shall state whether the suggested action is relevant to the large frontier developer's operations, whether or not the large frontier developer has adopted the suggested action or a modified version of the suggested action, a description of how the large frontier developer has implemented the suggested action or a justification for the large frontier developer's decision not to implement the suggested action, including the criteria the developer used to determine compliance with each suggested action, and which employees or other persons the developer has made responsible for implementation of the suggested action.
b. The Attorney General, in consultation with the office, may substitute the suggested actions in the National Institute of Standards and Technology's AI Risk Management Framework with other national standards, international standards, or industry-consensus best practices if the Attorney General, in consultation with the office, determines that:
(1) the AI Risk Management Framework is out of date; and
(2) that the National Institute of Standards and Technology is no longer producing updated editions of the framework.
c. The Attorney General shall, in consultation with the office, issue rules requiring developers to clearly identify which sections of the "Risk Management Disclosure" submitted pursuant to subsection b. of section 2 this act were written, edited, or otherwise contributed to by a generative artificial intelligence system.
d. The Attorney General shall publish on Department of Law and Public Safety's Internet website all disclosures submitted pursuant to section 2 of this act, with redactions as necessary to protect the large frontier developer's trade secrets, the large frontier developer's cybersecurity, public safety, the privacy of large frontier developer's employees, or the national security of the United States or to comply with any federal or State law.
4. a. A large frontier developer who fails to submit any disclosures required pursuant to section 2 of this act, or who makes materially false or misleading statements in the frontier developer's "Risk Management Disclosure" or "New Model Risk Disclosure," shall be liable for a civil penalty in the amount of $100,000 for each violation, which penalty shall be collected by the Attorney General in a summary proceeding before a court of competent jurisdiction pursuant to the provisions of the "Penalty Enforcement Law of 1999," P.L.1999, c.274 (C.2A:58-10 et seq.).
b. A large frontier developer who makes materially false or misleading statements about catastrophic risk in the large frontier developer's "Risk Management Disclosure" or "New Model Risk Disclosure" shall not be liable for a civil penalty pursuant to subsection a. of this section if the statements are found to be reasonable and made in good faith.
5. The Attorney General, in consultation with the office, may:
a. audit a large frontier developer for compliance with the provisions of this act; or
b. enter into a contract with a private entity to conduct an audit pursuant to subsection a. of this section.
6. The Attorney General, in consultation with the office, shall adopt and promulgate, pursuant to the "Administrative Procedure Act," P.L.1968, c.410 (C.52:14B-1 et seq.), rules and regulations as may be necessary for the implementation of this act.
7. No later than one year prior to the expiration of sections 1 through 5 of this act, the Attorney General, in consultation with the office, shall submit to the Legislature a list of recommendations for revisions to the definitions of catastrophic harm, large frontier developer, artificial intelligence technology, foundation model, and frontier model, and any other provisions of this act the Attorney General, in consultation with the office, sees fit.
8. This act shall take effect six months after the date of enactment. The Attorney General, in consultation with the office, may take any anticipatory administrative action in advance as shall be necessary for the implementation of this act. Sections 1 through 6 of this act shall expire five years after the effective date. Section 7 of this act shall expire upon the submission of a list of recommendations to the Legislature required pursuant to section 7 of this act.
STATEMENT
This bill requires certain artificial intelligence developers to make disclosures to the Attorney General. Under the bill, large frontier developers, as that term is defined in the bill, are required to: (1) write and implement technical and organizational protocols to assess and reduce the risk of the development, storage, use, or deployment of a frontier model materially contributing to a catastrophic harm; (2) annually submit to the Attorney General a "Risk Management Disclosure" containing a written explanation of technical and organizational protocols the large frontier developer has implemented to assess and reduce the risk of the development, storage, use, or deployment of a frontier model materially contributing to a catastrophic harm; (3) annually review and, as appropriate, update the technical and organizational protocols the large frontier developer has implemented to assess and reduce the risk of the large frontier developer's models materially contributing to a catastrophic harm; and (4) submit to the Attorney General a "New Model Risk Disclosure" before, or concurrently with, deploying a new frontier model or a substantially modified version of an existing frontier model, containing assessments of catastrophic risks from the frontier model, the results of the assessments, the extent to which third-party evaluators were involved, and other steps taken to fulfill the requirements of rules issued by the Attorney General, in consultation with the New Jersey Office of Homeland Security and Preparedness (OHS).
Additionally, the bill requires the Attorney General, in consultation with the OHS, to issue rules requiring that the "Risk Management Disclosure" submitted by a large frontier developer contain language or a visual guide which maps the developer's actions to the suggested actions contained in the most recent edition of the National Institute of Standards and Technology's AI Risk Management Framework, or to a relevant use-case profile based on the framework, and whether and to what extent a risk management disclosure was written, edited, or otherwise contributed to using a generative artificial intelligence system.
The bill also states that a large frontier developer who fails to submit any disclosures required under the bill, or who makes materially false or misleading statements about catastrophic risk in the large frontier developer's "Risk Management Disclosure" or "New Model Risk Disclosure," shall be liable for a civil penalty in the amount of $100,000 for each violation.
Additionally, the bill authorizes the Attorney General, in consultation with the OHS, to audit a large frontier developer for compliance with the provisions of the bill, or enter into a contract with a private entity to conduct an audit.
The bill expires five years after it takes effect, except that the provision requiring the Attorney General, in consultation with the OHS, to submit a list of recommendations to the Legislature expires upon the submission of the list.
