In the second half of 2026, one of California’s most significant artificial intelligence laws takes effect, with additional provisions becoming effective in 2027 and 2028. The California AI Transparency Act (CAITA), established by SB 942 and amended by AB 853, imposes new requirements on generative AI platforms, large online platforms, generative AI hosting platforms, and manufacturers of devices that capture images, audio, or video. Companies that generate, host, or distribute AI-created image, video, or audio content should map their products against CAITA’s phased obligations and prioritize the engineering and contractual work needed to meet each deadline. As in our first and second blog posts on California AI laws, we outline this law’s key requirements, effective dates, and recommended next steps for businesses.

SB 942 and AB 853: The California AI Transparency Act

Effective: August 2, 2026, with later obligations in 2027 and 2028

Gov. Gavin Newsom signed SB 942, or CAITA, in September 2024, driven by concerns over deceptive deepfake content. In October 2025, AB 853 amended CAITA, extended its operative date, and significantly broadened its scope. Together, these statutes establish a phased framework governing how AI-generated content must be identified and disclosed, with obligations rolling out over the next two years.

Who Is Covered

CAITA’s core obligations apply to “covered providers,” defined as persons that create, code, or otherwise produce a generative AI system with more than one million monthly visitors or users that is publicly accessible within California. CAITA’s disclosure obligations apply to AI-generated image, video, and audio content — not text. AB 853 expanded SB 942 to cover three additional categories: large online platforms (public-facing social media, file-sharing, mass-messaging platforms, or stand-alone search engines with over two million unique monthly users in the prior 12 months), generative AI hosting platforms (websites or applications that make available for download the source code or model weights of a generative AI system to California residents), and capture device manufacturers (businesses producing devices with built-in cameras, microphones, or voice recorders for sale in California).

August 2, 2026: Covered Provider Obligations

AB 853 pushed the original January 1, 2026, effective date to August 2, 2026, to align California’s requirements with the EU AI Act’s transparency enforcement timeline. By August 2, covered providers must offer a free AI content detection tool, give users the option to include a visible manifest disclosure on AI-generated content, embed a latent disclosure in AI-generated image, video, and audio content, and flow transparency obligations down to third-party licensees. A covered provider that knows a third-party licensee is not including the required disclosures must revoke the license within 96 hours. Noncompliance by a covered provider carries a civil penalty of $5,000 per violation, with each day of noncompliance treated as a separate violation.

January 1, 2027: Gen AI Hosting Platforms and Large Online Platforms

By January 1, 2027, generative AI hosting platforms must ensure that any system they make available for download includes the option for a manifest disclosure and carries a compliant latent disclosure. Large online platforms must begin detecting provenance data in the content they distribute, provide users with an accessible interface showing whether content was AI-generated, and enable users to inspect content provenance data directly.

January 1, 2028: Capture Device Manufacturers

For any capture device produced for sale in California from January 1, 2028, onward, manufacturers must give users the option to include a latent disclosure identifying the capture device and the time and date of content creation or alteration and must embed those latent disclosures by default.

Compliance Takeaways

With some obligations effective soon and additional deadlines approaching through 2028, companies should assess their potential exposure now. Two areas to consider are:

  • Evaluating your organization’s potential category under CAITA against the phased effective dates: August 2, 2026, for covered providers; January 1, 2027, for generative AI hosting platforms and large online platforms; and January 1, 2028, for capture device manufacturers. Covered businesses should begin their compliance work now given the engineering effort required.
  • Reviewing and updating third-party licensing agreements before August 2, 2026, to ensure AB 853’s transparency obligations properly flow down to licensees and that revocation procedures are clearly defined in your contract language.

CAITA’s phased rollout through 2028 gives businesses time to prepare, but the work required to build detection tools, embed latent disclosures, and update agreements is substantial. Companies should start now to avoid last-minute compliance hurdles. If you have questions about this law or its impact on your business, please contact the authors.

Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of A.J. Bahou A.J. Bahou

A.J. Bahou is Bradley’s Artificial Intelligence (AI) practice leader and an intellectual property attorney who focuses on the intersection of law and technology. A registered patent attorney, trial lawyer, mediator and arbitrator, he has extensive experience in the areas of electrical and computer…

A.J. Bahou is Bradley’s Artificial Intelligence (AI) practice leader and an intellectual property attorney who focuses on the intersection of law and technology. A registered patent attorney, trial lawyer, mediator and arbitrator, he has extensive experience in the areas of electrical and computer engineering technologies, including artificial intelligence, virtual reality, medical devices, computer hardware, blockchain, software, and internet security systems. With 20 years of patent litigation experience, A.J. handles the full spectrum of intellectual property litigation, from pre-complaint investigation through trial and appeal in matters involving patents, copyrights, trademarks, trade secrets, and commercial disputes.

Photo of Eric Stocking Eric Stocking

Eric Stocking is an attorney in the firm’s Corporate & Securities Practice Group. He has experience assisting clients with financial services, e-commerce, cybersecurity, data privacy, and transportation and logistics matters. He assists with M&A transactions by conducting due diligence, drafting disclosure schedules, reviewing…

Eric Stocking is an attorney in the firm’s Corporate & Securities Practice Group. He has experience assisting clients with financial services, e-commerce, cybersecurity, data privacy, and transportation and logistics matters. He assists with M&A transactions by conducting due diligence, drafting disclosure schedules, reviewing purchase agreements, and drafting ancillary transaction documents. Eric also provides support to clients complying with federal, state and European Union privacy laws and offers guidance on federal regulatory requirements. Eric is designated as a Certified Information Privacy Professional (CIPP/US) by the International Association of Privacy Professionals.