US - California’s AB 2013 Requires Generative AI Data Disclosure By January 1, 2026.

California continues its blistering pace in enacting artificial intelligence regulations. In 2024 alone, California enacted 18 AI-related bills seeking to regulate AI tools and increase transparency around AI data disclosure.

Assembly Bill 2013 is one of those laws. Taking effect on January 1, 2026, AB 2013 requires developers of generative AI systems intended for public use in California to publish “high-level” information regarding the training data used.

The law does not define “high-level,” leaving open the types of information that must be disclosed. It provides no compliance mechanism. It has no provisions relating to the protection of trade secrets.

Takeaways from AB 2013

Who is covered? Any entity—individual or organization—that designs, codes, produces, or substantially modifies generative AI that is for public use in California.

What is covered: Generative AI systems first released or updated on or after January 1, 2022.

Developers must publicly post on their website a “high-level summary” containing:

Data sources and ownership

Data characteristics and volume

Relevance to the AI system’s purpose

Collection and processing methods

Intellectual property status, including use of copyrighted, trademarked, patented, or public domain data (with licensing details where applicable)

Whether training data includes personal information as defined by the California Consumer Privacy Act provide cite to statute or statutes or aggregate consumer information

Collection timelines and first use dates

Disclosure of whether developer used any AI-generated (synthetic) data as part of system training or development

Exemptions. Developers using generative AI solely for cybersecurity or security testing purposes, for operating aircraft in national airspace, or if developed for national security, military, or defense purposes and made available only to a U.S. federal agency.

Unanswered Questions: Enforcement, Trade Secrets, and Scope

Enforcement: The law does not specify enforcement procedures or penalties for non-compliance; it remains unclear which agency will enforce AB 2013 and what consequences developers may face for failing to publish required data summaries by the January 1, 2026, deadline.

Trade secrets: AB 2013 does not explicitly address potential conflicts between disclosure obligations and trade secret protection, and no trade secret exemption is included.

Definition of “high-level summary”: It remains unclear whether general descriptions (such as “trained on a large corpus of internet text and images”) would satisfy the requirements.

“Substantial modification” threshold: The law provides no quantitative threshold or specific criteria for determining when modifications rise to this level.

Undefined Terms Generally. Terms like “relevance to the AI system’s purpose” are not defined.

The absence of a trade secret exemption is particularly notable. Forced disclosure of trade secrets may constitute a Fifth Amendment taking if it interferes with reasonable investment-backed expectations and has an economic impact.

Recommended Next Steps and Best Practices

Assess whether your organization is covered. If your organization is making substantial modifications to generative AI for public use in California, you are covered by AB 2013.

Document training data. Document for each dataset: source, ownership, data type, volume, collection/processing methods, IP status, personal information content, collection periods, synthetic data use.

Prepare transparency disclosure under privilege. Complete first draft in a manner that allows you to assess whether existing protocols meet compliance needs or if updates are required.

Take trade secret concerns seriously. Before disclosure, consult with legal counsel to assess risk.

AB 2013 indicates a larger trend in California’s technological regulatory and compliance landscape. It is clear the state is taking AI seriously, as many companies will be impacted when the law’s public disclosure requirements go into effect January 1, 2026.

For further guidance on artificial intelligence, incident response, or regulatory compliance, please contact our team.

Crowell would like to thank Mirenda Gwin for her contribution to this alert.

For further information, please contact:

Warrington Parker, Partner, Crowell & Moring

wparker@crowell.com

US – California’s AB 2013 Requires Generative AI Data Disclosure By January 1, 2026.

Strengthening The Telecom Space In India: An Overview Of The Telecommunications (Telecom Cyber Security) Amendment Rules, 2025.

- Manisha Singh - Lex Orbis,

India – Flawed Claim Mapping Can Lead To Lost Infringement Battle.

- DPS Parmar - Lex Orbis,

US – California’s AB 2013 Requires Generative AI Data Disclosure By January 1, 2026.

US – District Court Grants Preliminary Injunction Against Seller Of Gray Market Snack Food Products.

India – Generic Praise Cannot Be Owned: Delhi High Court Clarifies Trademark Limits For Laudatory Expressions.

- Manisha Singh - Lex Orbis,

Building India’s Digital Privacy Framework: An Overview Of The DPDP Rules, 2025.

- Manisha Singh - Lex Orbis,

Philippines – Fugitives And The Courts.

- Nilo T. Divina - DivinaLaw,

Philippines – Recalibrating The Right To Be Heard.

- Nilo T. Divina - DivinaLaw,

India – Reverse Flips And ESOPs: Bridging Global Incentives And Indian Regulations.

Surety Insurance In India: Evolution And Liberalisation.

- Indranath Bishnu - Cyril Amamrchand Mangaldas, Cyril Amamrchand Mangaldas

CONVENTUS LAW

OTHERS

US – California’s AB 2013 Requires Generative AI Data Disclosure By January 1, 2026.

Register for your monthly Asia legal updates from Conventus Law

Footer

CONVENTUS LAW

OTHERS