Existing law, the California Emergency Services Act, establishes the California Cybersecurity Integration Center within the Office of Emergency Services to serve as the central organizing hub of state government's cybersecurity activities and to coordinate information sharing with various entities. Existing law also requires the Technology Recovery Plan element of the State Administrative Manual to ensure the inclusion of cybersecurity strategy incident response standards for each state agency to secure its critical infrastructure controls and information, as prescribed.
This bill would require an operator, defined as a state agency in charge of critical infrastructure, that deploys artificial intelligence to establish a human oversight mechanism to monitor the system's operations in real time and review and approve any plan or action proposed by the artificial intelligence system before execution, except as provided. The bill would require the Department of Technology to administer specialized training in artificial intelligence safety protocols and risk management techniques to oversight personnel. The bill would require an operator to conduct an annual assessment of its artificial intelligence systems and automated decision systems, as specified, and to submit a summary of the findings to the department.