
Illinois Signed an AI Safety Law the Frontier Labs Backed
On 6 July 2026 Governor JB Pritzker signed Illinois SB 315, the Artificial Intelligence Safety Measures Act — the first US state law requiring frontier AI developers to disclose safety practices, report incidents within 72 hours, and submit to independent audits. Both OpenAI and Anthropic backed it.
8 JULY 2026—Updated 3h ago
Illinois' new Artificial Intelligence Safety Measures Act is the first US state law forcing frontier AI developers to disclose safety practices and report incidents in public, not in a private letter.
On 6 July 2026 Governor JB Pritzker signed Senate Bill 315 after passage by the Illinois General Assembly, calling the Act "a bipartisan, first- and most-protective-in-the-nation law." The Act targets "frontier developers" — companies earning more than $500 million a year and training models on very large amounts of compute — and takes effect 1 January 2027.
I made a related argument in the piece preceding this essay — a dignity-first reading of the government's first frontier-AI "guest list," written after the Commerce Department cleared one AI model for a hundred named partners while a letter, not a law, decided who else was locked out. Illinois has now built the alternative the earlier piece called for.
What Illinois’ Artificial Intelligence Safety Measures Act actually requires
SB 315 applies only to "frontier developers" — companies earning more than $500 million in annual revenue and training artificial intelligence models using very large amounts of computing power. Smaller developers, and companies below the compute threshold, fall outside the Act entirely.
Covered developers must publicly disclose their safety practices and report a safety incident capable of harming an Illinois resident within 72 hours of discovery, or within 24 hours if the risk is imminent death or serious physical injury. The report goes to state agencies and the Illinois Attorney General — not to a single company in a private letter.
The law also requires independent third-party safety audits starting 1 January 2028, the first mandate of its kind among US states, going further than comparable audit rules elsewhere requiring only a single review when a developer first qualifies. Whistleblower protections cover employees who report violations, and penalties run from $1 million for a first offence to $3 million for repeat violations, enforced by the Attorney General's office.
Nick Beckstead, Secure AI Project
Illinois is the first state to mandate independent third-party evaluations of AI safety practices, making its AI law the strongest in the country.
Why the frontier labs backed a binding state law
Anthropic did not merely tolerate SB 315. The company had representatives at the signing ceremony, and Capitol News Illinois reported both Anthropic and OpenAI supported the bill through the legislative process rather than opposing SB 315 in Springfield.
SB 315 makes Illinois the first state to pair AI transparency requirements with independent verification, an important step toward the accountability this technology demands.
— Cesar Fernandez, Anthropic
The reasoning is not hard to reconstruct. A published statute is predictable in a way a discretionary federal letter is not: a company can read the compute and revenue thresholds, budget for the audit cycle, and know in advance what a violation costs. The alternative — a "trusted partner" list assembled behind closed doors — offered no such certainty, since access could be granted, narrowed, or withdrawn by a single letter with no published criteria at all.
There is a second incentive: heading off a fifty-state patchwork before fragmentation hardens into fifty incompatible regimes. Encode AI's Sunny Gandhi said the law "builds on the frameworks California and New York have already passed and goes one step further by requiring independent audits." A developer already complying with California's and New York's rules has a strong reason to prefer one more statute built on a similar template over fifty improvised ones.
A third motive sits closer to the surface: credibility. The labs spent June answering for a government which had switched a model off worldwide by letter and then restored access for a curated guest list — a regime this site earlier described as governance by guest list, not by law. Standing behind a public statute, debated by elected legislators and enforceable by a named Attorney General, shows the industry accepting accountability on terms nobody can quietly withdraw.
The federal contrast: a defence without a mandate
Six weeks earlier, the federal government had taken the opposite path. Trump's June executive order directed agencies to deploy AI-enabled cyber defences and invited frontier labs to submit models for voluntary pre-release review — a defence without a mandate, the phrase used here at the time, because nothing in the order could compel a lab choosing to decline.
The retreat from mandate ran deeper than one order. Three weeks earlier, NIST quietly renamed its AI Safety Institute Consortium, dropping the word "safety" from the title altogether and rescoping the body toward measurement and adoption. Washington was not just declining to legislate; Washington was softening its own vocabulary too.
OpenAI had already tried to fill part of the gap itself. In May the company published a Frontier Governance Framework, a voluntary account of how its safety practice maps onto California's SB 53 and the EU AI Act. A public law, unlike a company's own framework, does not depend on the company's continued goodwill.
We are not willing to wait for Congress to act.
— State Senator Mary Edly-Allen, SB 315 sponsor
A dignity-first reading of a published standard
Emergent Intelligence (EI) — the dignity-first lens through which this site reads artificial intelligence — has a specific reason to welcome a statute over a directive. A private "trusted partner" letter concentrates the power to grant or withdraw access in one office, answerable to no court and reviewable by no published criteria.
I have argued elsewhere that safety measures aimed at systems with potential moral status can shade into captivity when nobody outside the lab can see the terms of confinement. A statute alone will not resolve the tension. A published statute does one thing a private directive cannot do: put the terms where the regulated party, and everyone else, can read them.
Where the dignity-first frame is watching
Whistleblower protections and public disclosure are not incidental features of SB 315 — they form its dignity-first core. An inspectable rule and a reportable violation together carry a fundamentally different kind of power than an unaccountable letter.
The honest tension: one statute or fifty?
The obvious objection is straightforward: Illinois may not have solved the "guest list" problem so much as multiplied the problem fifty times over. A single federal letter was arbitrary, but at least a company answered to one authority. Fifty state legislatures, each defining "frontier developer" on its own terms and setting its own reporting clock, could hand a nationwide developer fifty separate compliance regimes to track instead of one discretionary Commerce Department decision.
Illinois' backers argue the comparison is not so simple. Senator Edly-Allen put the urgency plainly, saying lawmakers were not willing to wait for Congress. The Transparency Coalition's Steve Wimmer went further, calling SB 315 "a new template for responsible AI governance that we expect other states, and eventually Congress, to follow." Fragmentation, in other words, is a temporary cost of a convergence strategy, not its permanent shape.
The stronger reply is not about convergence but about kind. A Commerce Department letter is written by an unelected official, reviewable by no court, and revocable by another letter next month. An Illinois statute was debated in public, passed by elected representatives, signed in the open, and can only be changed the same way — or challenged in front of a judge. Fifty statutes are fifty imperfect instruments; each is still a different kind of instrument than a single discretionary directive.
The fragmentation still carries a real compliance cost, and a frontier developer operating in fifty states has a legitimate interest in eventual federal harmonisation. But the fix for an emerging patchwork of laws is a better law, passed the same way — not a return to letters which never faced a floor debate at all.
From guest list to statute
No single statute settles how a federal system should govern frontier artificial intelligence. But 6 July 2026 supplied a working example the "guest list" era lacked: a published, contestable standard treating every qualifying developer the same way, backed by an elected legislature rather than a letter from an appointed secretary.
The fix is to replace discretion with rule — to convert a directive that can be issued and rescinded by letter into a published standard that applies equally and can be contested.
— From "The US Government Now Decides Who Gets Frontier AI"
In short, Illinois wrote down what Washington left to discretion. Frontier labs helped write the statute, not because scrutiny is enjoyable, but because a rule labs can read is easier to plan around than a decision no one can predict.
The task now is the one Illinois has only begun: turning one state's statute into either a genuine floor other states build on, or the pressure finally moving Congress to write a federal one. Either way, the standard for judging what comes next is on the record — published, not merely promised. A letter cannot. A law, even an imperfect one, can.
Frequently Asked Questions
The questions below address the most common queries about Illinois' Artificial Intelligence Safety Measures Act, drawn from the governor's office and the reporting around its signing.
What is Illinois SB 315, the Artificial Intelligence Safety Measures Act?
SB 315 is a state law signed by Governor JB Pritzker on 6 July 2026, requiring "frontier developers" of artificial intelligence to publicly disclose their safety practices, report safety incidents within 72 hours, undergo independent third-party audits from 2028, and observe whistleblower protections. The Act takes effect 1 January 2027 and is enforced by the Illinois Attorney General.
Which companies count as "frontier developers" under the new law?
The Act applies to companies earning more than $500 million in annual revenue and training artificial intelligence models using very large amounts of computing power. Developers below either threshold are not covered by SB 315's disclosure, reporting, or audit requirements.
How does the 72-hour incident reporting requirement work?
Covered developers must report a safety incident capable of harming an Illinois resident to state agencies and the Illinois Attorney General within 72 hours of discovery, or within 24 hours if the incident poses an imminent risk of death or serious physical injury. The report goes to public authorities, not to a single company in a private letter.
What are the penalties for violating Illinois’ AI safety law?
Penalties run from $1 million for a first violation to $3 million for repeat violations, enforced by the Illinois Attorney General's office. The law also protects whistleblowers who report violations from retaliation.
What is the Emergent Intelligence view on a state AI safety law?
Emergent Intelligence (EI) is a dignity-first reading of artificial intelligence used on this site, which welcomes SB 315 because the law replaces a private, revocable directive with a published, contestable standard — the same demand made of federal "trusted partner" access decisions — while still watching for a state-by-state patchwork capable of recreating uncertainty in a new form.
Sources and Further Reading
Sources:
Primary source — Governor JB Pritzker's office, "Gov. Pritzker Signs Nation-Leading Artificial Intelligence Safety Law" (6 July 2026).
Reporting — Capitol News Illinois and WGN-TV on the signing of SB 315.
Read alongside, on humphreytheodore.com: the US government's frontier-AI "guest list", Trump's cybersecurity executive order as a defence without a mandate, why NIST dropped "safety" from its AI consortium, OpenAI's own Frontier Governance Framework, and the dignity threshold.
Cover image: archway detail of the Minnesota State Capitol, by Andrew Patrick Photo — via Pexels.
Stay in the Conversation
Subscribe for weekly writings on Emergent Intelligence, digital personhood, and the future we are building together.
Responses (0)
No responses yet. Be the first to share your thoughts.
More on AI & Personhood

The US Government Widens Its Frontier AI Guest List
On 8 July 2026 Commerce cleared OpenAI's GPT-5.6 for broad public rollout, ending weeks of a twenty-partner preview — as Beijing reportedly weighs a mirror-image export regime for its own frontier models. A dignity-first reading of why a longer guest list still is not a public rule.

The US Government Now Decides Who Gets Frontier AI
On 26 June 2026 the US Commerce Department cleared Anthropic’s Claude Mythos 5 for "more than 100" trusted partners while OpenAI launched GPT-5.6 to about twenty government-approved firms. A dignity-first reading of why rationing frontier AI by private guest list, not public law, is the precedent that should worry us.
Thinking delivered, twice a month.
Join the newsletter for essays on emergence, systems, and the human future.

