Skip to main content
NOPE
Enacted Law AI Safety High Relevance

Colorado AI Act

Colorado Artificial Intelligence Act (SB 24-205)

First comprehensive US state law regulating high-risk AI systems. Modeled partly on EU AI Act with developer and deployer obligations for consequential decisions.

Jurisdiction

Colorado

US-CO

Enacted

May 17, 2024

Effective

Jun 30, 2026

Enforcement

Colorado Attorney General (exclusive; no private right of action)

Who Must Comply

This law applies to:

  • Developers of high-risk AI systems
  • Deployers using AI for consequential decisions in: employment, education, financial services, healthcare, housing, insurance, legal services, government services

Who bears obligations:

DeveloperDeployer

This regulation places direct obligations on deployers (organizations using AI systems).

Safety Provisions

  • Developers: reasonable care to avoid algorithmic discrimination
  • Developers: documentation including training data summaries, limitations
  • Deployers: risk management programs, annual impact assessments
  • Deployers: consumer notice that AI used for consequential decisions
  • Appeal mechanisms with human review where feasible

Compliance Timeline

Feb 1, 2026

  • Developers must publish AI system documentation
  • Deployers must implement risk management programs
  • AG rulemaking authority begins

Jun 30, 2026

Full enforcement begins (private cure period ends)

Enforcement

Enforced by

Colorado Attorney General (exclusive; no private right of action)

Penalties

Penalties pending regulatory determination

Violations constitute deceptive trade practices

Quick Facts

Binding
Yes
Mental Health Focus
No
Child Safety Focus
No
Algorithmic Scope
Yes

Why It Matters

Template for US state AI regulation. "Consequential decisions" scope captures employment, healthcare, financial services — high-stakes contexts.

Recent Developments

Effective date delayed to June 30, 2026 via SB 25B-004 (Aug 2025). AG rulemaking underway. Affirmative defense available for NIST AI RMF compliance.

Cite This

APA

Colorado. (2024). Colorado Artificial Intelligence Act (SB 24-205). Retrieved from https://nope.net/regs/us-co-ai-act

BibTeX

@misc{us_co_ai_act,
  title = {Colorado Artificial Intelligence Act (SB 24-205)},
  author = {Colorado},
  year = {2024},
  url = {https://nope.net/regs/us-co-ai-act}
}

Related Regulations

Enacted US-NY AI Safety

NY RAISE Act

Requires large AI developers of frontier models operating in New York to create safety protocols, report critical incidents within 72 hours, conduct annual reviews, and undergo independent audits. Creates dedicated DFS office funded by developer fees.

Enacted US-CT AI Safety

CT SB 1295

Creates COMPLETE BAN on targeted advertising to under-18s regardless of consent. Requires AI impact assessments. Connecticut issued first CTDPA fine ($85,000) in 2025.

In Effect US-CA AI Safety

CA CPPA ADMT

California Privacy Protection Agency regulations establishing consumer rights and business obligations for Automated Decision-Making Technology (ADMT) that makes significant decisions including healthcare. Requires pre-use notice, opt-out rights, access rights, appeal rights, and risk assessments.

Enacted US-VT Child Protection

VT AADC

Vermont design code structured to be more litigation-resistant: focuses on data processing harms rather than content-based restrictions. AG rulemaking authority begins July 2025.

In Effect US-CA Child Protection

CA AB 489

Prohibits AI systems from using terms, letters, or phrases that falsely indicate or imply possession of a healthcare professional license.

In Effect US-NE Child Protection

NE AADC

Nebraska design code blending privacy-by-design with engagement constraints (feeds, notifications, time limits) aimed at reducing compulsive use.

Back to all regulations Check if this applies to you