The Arkansas Digital Responsibility, Safety, and Trust Act aims to enhance personal privacy protections for Arkansans in the digital landscape by establishing a comprehensive framework that recognizes privacy as a fundamental right. The bill introduces new definitions related to privacy and data protection, including terms like "algorithmic discrimination," "biometric data," and "high-risk artificial intelligence systems." It mandates that organizations take reasonable steps to protect personal information, obtain consent for data processing, and adhere to guidelines for responsible AI use. The legislation also outlines specific rights for consumers regarding their personal data, including access, correction, deletion, and opting out of targeted advertising.

Additionally, the bill sets forth regulations for businesses, referred to as "controllers," regarding the handling of personal data, including the retention of deletion requests and the prohibition of "dark patterns" in user interfaces. It requires contracts between controllers and processors to include clear data processing instructions and emphasizes data minimization and security practices. The bill also establishes guidelines for developers of high-risk AI systems, mandating regular updates on risk assessments and transparency in data processing practices. Enforcement will be overseen by the Attorney General, with violations classified as unfair and deceptive practices, subject to penalties under existing trade laws. Most provisions of the bill are set to take effect on January 1, 2026.