In the second half of 2026, one of California’s most significant artificial intelligence laws takes effect, with additional provisions becoming effective in 2027 and 2028. The California AI Transparency Act (CAITA), established by SB 942 and amended by AB 853, imposes new requirements on generative AI platforms, large online platforms, generative AI hosting platforms, and manufacturers of devices that capture images, audio, or video. Companies that generate, host, or distribute AI-created image, video, or audio content should map their products against CAITA’s phased obligations and prioritize the engineering and contractual work needed to meet each deadline. As in our first and second blog posts on California AI laws, we outline this law’s key requirements, effective dates, and recommended next steps for businesses.
SB 942 and AB 853: The California AI Transparency Act
Effective: August 2, 2026, with later obligations in 2027 and 2028
Gov. Gavin Newsom signed SB 942, or CAITA, in September 2024, driven by concerns over deceptive deepfake content. In October 2025, AB 853 amended CAITA, extended its operative date, and significantly broadened its scope. Together, these statutes establish a phased framework governing how AI-generated content must be identified and disclosed, with obligations rolling out over the next two years.
Who Is Covered
CAITA’s core obligations apply to “covered providers,” defined as persons that create, code, or otherwise produce a generative AI system with more than one million monthly visitors or users that is publicly accessible within California. CAITA’s disclosure obligations apply to AI-generated image, video, and audio content — not text. AB 853 expanded SB 942 to cover three additional categories: large online platforms (public-facing social media, file-sharing, mass-messaging platforms, or stand-alone search engines with over two million unique monthly users in the prior 12 months), generative AI hosting platforms (websites or applications that make available for download the source code or model weights of a generative AI system to California residents), and capture device manufacturers (businesses producing devices with built-in cameras, microphones, or voice recorders for sale in California).
August 2, 2026: Covered Provider Obligations
AB 853 pushed the original January 1, 2026, effective date to August 2, 2026, to align California’s requirements with the EU AI Act’s transparency enforcement timeline. By August 2, covered providers must offer a free AI content detection tool, give users the option to include a visible manifest disclosure on AI-generated content, embed a latent disclosure in AI-generated image, video, and audio content, and flow transparency obligations down to third-party licensees. A covered provider that knows a third-party licensee is not including the required disclosures must revoke the license within 96 hours. Noncompliance by a covered provider carries a civil penalty of $5,000 per violation, with each day of noncompliance treated as a separate violation.
January 1, 2027: Gen AI Hosting Platforms and Large Online Platforms
By January 1, 2027, generative AI hosting platforms must ensure that any system they make available for download includes the option for a manifest disclosure and carries a compliant latent disclosure. Large online platforms must begin detecting provenance data in the content they distribute, provide users with an accessible interface showing whether content was AI-generated, and enable users to inspect content provenance data directly.
January 1, 2028: Capture Device Manufacturers
For any capture device produced for sale in California from January 1, 2028, onward, manufacturers must give users the option to include a latent disclosure identifying the capture device and the time and date of content creation or alteration and must embed those latent disclosures by default.
Compliance Takeaways
With some obligations effective soon and additional deadlines approaching through 2028, companies should assess their potential exposure now. Two areas to consider are:
- Evaluating your organization’s potential category under CAITA against the phased effective dates: August 2, 2026, for covered providers; January 1, 2027, for generative AI hosting platforms and large online platforms; and January 1, 2028, for capture device manufacturers. Covered businesses should begin their compliance work now given the engineering effort required.
- Reviewing and updating third-party licensing agreements before August 2, 2026, to ensure AB 853’s transparency obligations properly flow down to licensees and that revocation procedures are clearly defined in your contract language.
CAITA’s phased rollout through 2028 gives businesses time to prepare, but the work required to build detection tools, embed latent disclosures, and update agreements is substantial. Companies should start now to avoid last-minute compliance hurdles. If you have questions about this law or its impact on your business, please contact the authors.
