US state AI legislation: Reviewing the 2025 session

State policymakers continue to express a strong interest in regulating AI with dozens of relevant AI-targeted bills of all shapes and flavors introduced in 2025. This increase in complexity encompasses cross-sectoral legislation such as bills the IAPP tracks, as well as legislation targeting health care, price fixing, intimate deepfakes and AI used in the employment context. Although state AI legislation is continuing apace with Texas enacting a major AI law and New York sending one to the governor's desk, state AI governance rules face headwinds in Colorado and, briefly, at the federal level.  

Within this ever-increasing complexity, there are plenty of themes and takeaways for organizations looking to adapt an AI governance program to keep up with policy activity.

New lessons and a new Texas law

Through the U.S. State AI Governance Legislation Tracker, the IAPP focuses on cross-sectoral state AI governance bills, providing a snapshot for organizations to understand possible upcoming regulatory obligations. Even without including the many impactful sectoral bills, such as those governing state government uses of AI or decision-making systems in the employment context, the number of bills tracked has steadily increased year-over-year.

Our reflection on the 2024 legislative cycle included an initial explanation of this resource. Over the course of the 2025 cycle, we have noticed new patterns to keep in mind.

Increasingly, proposed AI legislation seeks to add separate guardrails for multiple AI technologies in different provisions of a single bill rather than providing a uniform set of requirements across AI systems. For such bills, in displaying their proposed governance mechanisms, the tracker does not delineate which technology, i.e., generative AI or automated decision-making, would be covered by which regulatory requirements.