Ban the Bots · Legislation Tracker

Pro-Human AI Legislation

Laws and bills protecting workers, families, the environment, and your rights from AI. 14 laws tracked across the US and world.

All Categories
All Legislation
14 laws tracked
🛠
Jobs & Workers
Notice requirements, hiring audits, displacement protections
11 laws →
👨‍👩‍👧
Children & Families
School AI bans, child privacy, social media harms
9 laws →
🌿
Environment
Data center water & energy regulations, grid strain laws
5 laws →
🔒
Privacy & Surveillance
Facial recognition bans, biometric laws, predictive policing
14 laws →
🎨
Creative Rights
Deepfake laws, likeness protections, AI labeling requirements
12 laws →

Showing: Privacy & Surveillanceshow all categories

Privacy & Surveillance
State of Vermont VT · May 2024

Vermont's Data Privacy Act (H.121, 2024) includes strong provisions against AI-driven consumer profiling without consent, requiring controllers to provide clear opt-outs from any AI system that processes sensitive personal data. Vermont became the first state to explicitly ban the sale of data that can be used to train…

Read more ↗
Privacy & Surveillance Repealed / Overturned
U.S. Congress (proposed) · Apr 2024

The American Privacy Rights Act (APRA, proposed 2024) would create a national consumer data privacy framework that includes specific provisions on AI profiling, requiring opt-in consent for sensitive data used in AI systems, mandating impact assessments for high-risk automated decision-making, and giving individuals th…

Read more ↗
Privacy & Surveillance
City of Seattle WA · Nov 2023

Seattle passed an ordinance in 2023 requiring city agencies to complete a surveillance impact report before deploying any new surveillance technology, including AI-powered tools. The ordinance requires public hearings and council approval for any AI surveillance system that collects data on Seattle residents, and manda…

Read more ↗
Privacy & Surveillance
State of Illinois IL · Aug 2023

Illinois HB 3773 (2023) expanded BIPA to clarify that AI systems that generate biometric identifiers (such as AI voice cloning or AI face reconstruction from non-biometric data) are covered by the same consent and data protection requirements as direct biometric data collection. The clarification responded to attempts …

Read more ↗
Privacy & Surveillance
State of Colorado CO · Jul 2023

Colorado's HB23-1229 expanded the Colorado Privacy Act to add specific protections against AI-based profiling for consequential decisions in housing, credit, education, employment, and healthcare. Controllers must conduct and document risk assessments before using profiling AI, provide opt-out rights, and enable consum…

Read more ↗
Privacy & Surveillance
State of Texas TX · Jun 2023

Texas HB 4 (2023) — the Texas Data Privacy and Security Act — includes provisions restricting AI-driven consumer profiling, requiring opt-out rights for targeted advertising based on AI analysis of personal data, and prohibiting discrimination in AI systems based on race, sex, religion, and other protected characterist…

Read more ↗
Privacy & Surveillance
State of Washington WA · Apr 2023

Washington's My Health MY Data Act (SB 1155, 2023) expands privacy protections to health data collected and processed by AI systems outside of HIPAA's scope. The law requires consent before AI systems can collect, share, or sell health-related behavioral data, location data used to infer health conditions, and biometri…

Read more ↗
Privacy & Surveillance
European Union EU · Mar 2023

Italy's data protection authority (Garante) ordered ChatGPT to suspend operations in Italy on March 30, 2023, citing violations of GDPR relating to lack of legal basis for mass data collection, no age verification to protect minors, and inadequate disclosure to users whose data was used for AI training. OpenAI restored…

Read more ↗
Privacy & Surveillance
State of New York NY · Jul 2022

New York State enacted amendments to the law governing automated employment decisions (the nation's only state law on automated employment decisions at the time) requiring any company using AI tools to screen resumes or rank candidates for jobs in New York to obtain an annual bias audit from an independent auditor and …

Read more ↗
Privacy & Surveillance
City of New York NY · Dec 2021

New York City Local Law 49 of 2021 bans the NYPD and other city agencies from using predictive policing software and requires all surveillance technology acquisitions to go through a public review process. The law was driven by evidence that predictive policing algorithms — which use AI to forecast crime locations and …

Read more ↗
Privacy & Surveillance
City of Portland OR · Sep 2020

Portland, Oregon enacted two ordinances in 2020 banning facial recognition technology — one for city agencies and another, uniquely, for private businesses operating in public-facing spaces within the city. The private-sector ban was the first of its kind in the US and prohibits retailers, hotels, restaurants, and othe…

Read more ↗
Privacy & Surveillance
City of San Francisco CA · May 2019

San Francisco Ordinance 103-19 was the first law in the United States to ban city government agencies from using facial recognition technology. The ordinance prohibits all city departments, including the police, from acquiring or using facial recognition or surveillance technology without prior board approval. It estab…

Read more ↗
Privacy & Surveillance
European Union EU · May 2018

The EU General Data Protection Regulation (GDPR, Regulation 2016/679) includes Article 22, which gives individuals the right not to be subject to solely automated decisions, including AI profiling, that significantly affect them. Data protection authorities have used GDPR to impose major fines on AI companies, includin…

Read more ↗
Privacy & Surveillance
State of Illinois IL · Oct 2008

The Illinois Biometric Information Privacy Act (BIPA, 740 ILCS 14) requires companies to obtain written consent before collecting biometric data including fingerprints, retina scans, and facial geometry used in AI recognition systems. Companies must publicly disclose retention schedules and cannot sell biometric data. …

Read more ↗

Common questions about AI laws and your rights

Colorado, Illinois, and California have the most active AI worker protection and algorithmic decision-making laws. At the federal level, enforcement primarily flows through existing FTC, EEOC, and CFPB authority rather than AI-specific statutes.

Does the US have a federal AI law?
The United States does not have a comprehensive federal AI law as of mid-2026. The US approach has been sector-specific guidance, executive orders, and voluntary commitments rather than binding legislation — unlike the EU, which enacted the AI Act. Individual states including Colorado, California, Illinois, and Texas have passed or are actively advancing their own AI laws, creating a patchwork of rules that vary significantly by jurisdiction and industry.
What penalties do companies face for violating AI laws?
Penalties for AI law violations vary widely by jurisdiction and law type. Under state consumer protection laws, companies can face fines of $1,000–$20,000 per violation plus injunctive relief. The EU AI Act imposes penalties up to €30 million or 6% of global annual turnover for the most serious prohibited AI practices. In the US, most current AI enforcement flows through existing FTC authority — which can result in consent decrees and civil penalties — rather than AI-specific statutes with their own penalty schedules.
How do I know which AI laws apply in my state?
To find AI laws that apply in your state, use the category filter above to browse by jurisdiction and topic. Colorado, Illinois, and California have the most comprehensive AI worker protection and algorithmic accountability laws. If your issue involves hiring decisions, look for state algorithmic accountability laws; for facial recognition, many cities and states have enacted specific bans or moratoria. The IAPP also maintains a comprehensive US state AI law tracker if you need broader coverage than this database.
Can I file a complaint if an AI system harmed me?
Yes — depending on the type of harm, you can file complaints with the FTC (unfair or deceptive AI practices), EEOC (discriminatory AI in hiring decisions), CFPB (AI in credit or lending decisions), or your state attorney general's consumer protection office. Some states with algorithmic accountability laws (Colorado, Illinois) have specific complaint pathways for AI decision-making. Document the AI decision you received, request an explanation under any applicable transparency law, and consult an employment or consumer protection attorney if the harm is significant.
What is the EU AI Act and does it affect US companies?
The EU AI Act is the world's first comprehensive AI regulation, passed in 2024 and phasing in requirements through 2027. It applies to any company that places AI products in EU markets or whose AI systems affect EU residents — which means many US AI companies must comply even without a European headquarters. It bans certain AI uses outright (social scoring, real-time biometric surveillance in public), and requires risk assessments, transparency disclosures, and human oversight for "high-risk" AI systems used in hiring, credit, law enforcement, and education. US companies serving EU customers should review which of their AI tools fall under high-risk categories.
What rights do I have when an AI system makes a decision about me?
In the US, your rights depend on which sector is involved. For hiring decisions, several state laws require employers to disclose when AI was used and allow you to request the criteria it applied. For credit decisions, the Fair Credit Reporting Act gives you the right to know adverse action reasons even if an algorithm made the decision. For government AI decisions, Freedom of Information laws may give you access to how automated systems work. In the EU, GDPR gives you an explicit right not to be subject to solely automated decisions with significant legal effects. See the fighting back guide for practical steps in each scenario.
More ways to fight back: All resistance actions, AI lawsuits tracker, AI layoffs tracker, and free no-AI policy template.

Latest briefings on AI policy