House of Illinois Representatives passed a bill on Wednesday that would require leading AI labs like OpenAI, Anthropic, and Google DeepMind to have their security measures tested by a third party. If signed into law, AI security experts tell WIRED, it would be the country’s best test of the power of big AI companies.
The bill, SB 315, is now headed to the desk of governor JB Pritzker. In a post on social media Wednesday, Pritzker said he plans to sign the bill, citing the need to hold Big Tech accountable.
Since Congress has yet to pass any meaningful AI security legislation, state lawmakers have happily stepped up in recent years to promote bills that show their states control Silicon Valley. As AI tools become more popular, and the companies behind them rush to major IPOs, polls show that American voters want more AI regulation.
As a result, security advocates and technology companies have moved into state legislatures as the first battleground to fast-track what these laws should look like. OpenAI’s global communications officer, Chris Lehane, told WIRED last week that the company’s AI policy is now focused on passing a series of uniform national laws.
California and New York have strict AI security laws, requiring technology companies to provide information about monitoring models and publish reports on security incidents as they occur. The Illinois bill goes even further, requiring independent auditors to ensure that an AI lab complies with its safety standards. Previously, no independent organization was required to hold an AI lab accountable for its security applications.
“We’re in a situation where AI companies are doing their own homework,” said Scott Wisor, director of policy at the Secure AI Project, a nonprofit that supports SB 315. “If SB 315 becomes law, Illinois will require an independent auditor to assess whether AI labs are actually complying with their security obligations.”
Wisor says it is expected that, under SB 315, AI labs could use the Big Four accounting and auditing firms—Deloitte, EY, KPMG, and PwC—to evaluate their security measures. And he says it’s possible that AI labs could contact members of the AI Evaluator Forum—a coalition of small research organizations that include METR, Transluce, and Averi—to assess adherence to security standards.
Illinois state representative Daniel Didech, a sponsor of SB 315, tells WIRED that state legislatures play an important role in shaping America’s AI policy and serve as a testing ground for any future federal legislation. “Laws like this create a world where it’s possible for the federal government to pass something,” Didech said.
Business Interests
Illinois has emerged as a major arena in the ongoing battle for state AI laws. OpenAI previously supported a bill in Illinois that would allow AI labs to avoid liability if their models cause catastrophic damage. However, Lekane has since said the company’s full support for the bill is oversight, and has never supported credit protection in the bill. Recently, OpenAI endorsed SB 315.
“The Illinois General Assembly has shown true bipartisan leadership in advancing SB 315 and developing a thoughtful framework for AI security at the border. As AI systems become more powerful, clear expectations around security, transparency, incident reporting, and accountability matter,” Lehane said in a statement to WIRED.
