Key point: With a private right of action, statutory damages, and ambiguous and undefined terms, businesses deploying consumer-facing interactive AI will want to make sure they are not unintentionally triggering the bill’s provisions.

On March 5, 2026, Oregon’s legislature passed a consumer-facing interactive artificial intelligence (AI) bill focused on AI companions (SB 1546). The bill will next head to Governor Tina Kotek who will have 30 full weekdays to sign, veto, or allow the bill to become law without her signature. According to Oregon’s legislative website, no one publicly testified in opposition to the bill and it passed both chambers with only two no votes. If the bill becomes law, it will go into effect January 1, 2027.

Although the bill is directed at AI companions, as discussed below, the bill contains ambiguous and undefined terms that could lead to businesses unintentionally triggering its provisions. This is particularly concerning given that the bill contains a private right of action with statutory damages of $1,000 for each violation.

The following article provides an overview of the Oregon bill, its applicability, obligations, and potential implications for businesses.

Key point: Last week, Oregon’s legislature passed a chatbot bill, Utah’s legislature passed a provenance bill, Washington’s legislature is on the cusp of passing both a chatbot and provenance bill, and Arizona’s Senate passed a provenance bill.

Below is the eighth update on the status of proposed state AI legislation in 2026. These posts track state AI bills that can directly or indirectly affect private-sector AI developers and deployers. These posts do not track AI bills that focus on government use of AI; insurance; workgroups; education; legal settings; name, image, and likeness; deepfakes; CSAM and sexual material; and election interference. As always, the contents provided below are time-sensitive and subject to change.

Key point: Last week, Maine’s Senate passed a consumer data privacy bill while the Virginia and Utah legislatures passed bills amending their existing consumer data privacy laws.

Below is the eighth update on the status of proposed state privacy legislation in 2026. This post covers updates on proposed bills dealing with consumer data privacy, children’s privacy, biometric privacy, data brokers, and consumer health data privacy. As always, the content provided below is time-sensitive and subject to change.

Key point: Last week, chatbot bills crossed chambers in Arizona and Iowa and advanced out of committees in five states, a health care-related AI bill crossed chambers in Kentucky, and provenance bills advanced out of committees in Utah and New York.

Below is the seventh update on the status of proposed state AI legislation in 2026. These posts track state AI bills that can directly or indirectly affect private-sector AI developers and deployers. These posts do not track AI bills that focus on government use of AI; insurance; workgroups; education; legal settings; name, image, and likeness; deepfakes; CSAM and sexual material; and election interference. As always, the contents provided below are time-sensitive and subject to change.

Key point: Alabama’s House passed a consumer data privacy bill, amendments advanced in Utah and Virginia, and the text of the latest CTDPA amendment was filed.

Below is the seventh update on the status of proposed state privacy legislation in 2026. This post covers updates on proposed bills dealing with consumer data privacy, children’s privacy, biometric privacy, data brokers, and consumer health data privacy. As always, the contents provided below are time-sensitive and subject to change.

Key point: Last week, chatbot bills crossed chambers in four states and advanced out of committees in four other states, Utah’s provenance bill crossed chambers, and Florida’s AI Bill of Rights moved out of a second Senate committee.

Below is the sixth update on the status of proposed state AI legislation in 2026. These posts track state AI bills that can directly or indirectly affect private-sector AI developers and deployers. These posts do not track AI bills that focus on government use of AI; insurance; workgroups; education; legal settings; name, image, and likeness; deepfakes; CSAM and sexual material; and election interference. As always, the content provided below is time-sensitive and subject to change.

Key point: Oklahoma is on the cusp of becoming the 20th state to pass a consumer data privacy law while Alabama’s app store bill was signed into law and app store bills crossed chambers in Kansas, South Dakota, and Wisconsin.

Below is the sixth update on the status of proposed state privacy legislation in 2026. This post covers updates on proposed bills dealing with consumer data privacy, children’s privacy, biometric privacy, data brokers, and consumer health data privacy. As always, the contents provided below are time-sensitive and subject to change.