N.Y.
General Business Law Section 1421
Transparency requirements regarding frontier model training and use
1.
Before deploying a frontier model, the large developer of such frontier model shall do all of the following:(a)
Implement a written safety and security protocol;(b)
Retain an unredacted copy of the safety and security protocol, including records and dates of any updates or revisions. Such unredacted copy of the safety and security protocol, including records and dates of any updates or revisions, shall be retained for as long as a frontier model is deployed plus five years;(c)
(i) Conspicuously publish a copy of the safety and security protocol with appropriate redactions and transmit a copy of such redacted safety and security protocol to the attorney general and division of homeland security and emergency services;(ii)
Grant the attorney general and division of homeland security and emergency services or the attorney general access to the safety and security protocol, with redactions only to the extent required by federal law, upon request;(d)
Record, as and when reasonably possible, and retain for as long as the frontier model is deployed plus five years information on the specific tests and test results used in any assessment of the frontier model required by this section or the developer’s safety and security protocol that provides sufficient detail for third parties to replicate the testing procedure; and(e)
Implement appropriate safeguards to prevent unreasonable risk of critical harm.2.
A large developer shall not deploy a frontier model if doing so would create an unreasonable risk of critical harm.3.
A large developer shall conduct an annual review of any safety and security protocol required by this section to account for any changes to the capabilities of their frontier models and industry best practices and, if necessary, make modifications to such safety and security protocol. If any material modifications are made, the large developer shall publish the safety and security protocol in the same manner as required pursuant to paragraph (c) of subdivision one of this section.4.
A large developer shall disclose each safety incident affecting the frontier model to the attorney general and division of homeland security and emergency services within seventy-two hours of the large developer learning of the safety incident or within seventy-two hours of the large developer learning facts sufficient to establish a reasonable belief that a safety incident has occurred. Such disclosure shall include:(a)
the date of the safety incident;(b)
the reasons the incident qualifies as a safety incident as defined in subdivision thirteen of § 1420 (Definitions)section fourteen hundred twenty of this article; and(c)
a short and plain statement describing the safety incident.5.
A large developer shall not knowingly make false or materially misleading statements or omissions in or regarding documents produced pursuant to this section. * NB Effective March 19, 2026
Source:
Section 1421 — Transparency requirements regarding frontier model training and use, https://www.nysenate.gov/legislation/laws/GBS/1421 (updated Dec. 26, 2025; accessed Feb. 7, 2026).
