AI Transparency Act obligations mapped to SWT3 witness procedures. Content detection tools, watermarking, provenance metadata, and machine-readable disclosure for generative AI providers.
Who this is for: Compliance officers and engineering leads at generative AI providers serving 1 million or more monthly users in California, legal counsel advising on AI content labeling, content integrity teams implementing watermarking or C2PA provenance, and auditors evaluating AI-generated content transparency controls.
Enforcement: August 2, 2026. SB 942, as amended by AB 853, takes effect August 2, 2026 -- deliberately aligned with the EU AI Act Article 50 transparency deadline. Penalties of $5,000 per violation per day, enforced by the California Attorney General. Applies to GenAI providers with 1 million or more monthly users. Originally signed September 19, 2024.
The California AI Transparency Act (SB 942) requires covered generative AI providers to make AI-generated content identifiable and detectable. It creates two categories of obligations: provider-facing requirements (building detection tools) and content-level requirements (embedding provenance metadata).
SB 942 imposes six core obligations:
| Obligation | Requirement | Timeline |
|---|---|---|
| Free Detection Tool | Provide a free, publicly accessible tool that allows any person to determine whether content was created or altered by the provider's GenAI system | At or before deployment |
| Manifest Disclosure | Include a clear, conspicuous disclosure in or attached to AI-generated content identifying it as AI-generated or AI-altered | At point of generation |
| Latent Disclosure | Embed machine-readable provenance data (watermark or metadata) in AI-generated content that persists through reasonable modifications | At point of generation |
| Provenance Metadata | Include in latent disclosures: the provider's name, the AI system's name or version, and the date/time of generation | At point of generation |
| User Accessibility | Detection tools must be free of charge, require no specialized technical knowledge, and support both individual content items and bulk queries | Continuous availability |
| Robustness | Latent disclosures must be detectable after common modifications (compression, cropping, format conversion) unless rendered technically infeasible | Design-time requirement |
SB 942 applies to any person or entity that creates, codes, or produces a generative AI system that is made available to California residents and has 1 million or more monthly users or visitors. This threshold captures major AI providers (OpenAI, Anthropic, Google, Meta, Stability AI, Midjourney) while exempting smaller or research-oriented systems.
| Content Type | Covered | Notes |
|---|---|---|
| Images | Yes | Generated or substantially altered images. Includes AI art, photo edits, composites. |
| Video | Yes | Generated or substantially altered video. Includes deepfakes, AI-edited footage. |
| Audio | Yes | Generated or substantially altered audio. Includes voice synthesis, music generation. |
| Text | Yes (with carve-outs) | Covered for text presented as human-authored. Excludes code, structured data, search results. |
| Multi-modal | Yes | Content combining multiple modalities (text+image, audio+video). |
Each SB 942 obligation maps to SWT3 witness procedures that produce cryptographically anchored evidence of compliance.
| SB 942 Obligation | SWT3 Procedure | What It Witnesses | Evidence Produced |
|---|---|---|---|
| Free Detection Tool | AI-TRANS.1 | Transparency disclosure mechanism | Factor A: tool URL, Factor B: availability hash, Factor C: access method |
AI-AUDIT.1 | Detection tool uptime attestation | Factor A: endpoint, Factor B: response status, Factor C: availability percentage | |
| Manifest Disclosure | AI-EXPL.1 | AI-generated content disclosure | Factor A: disclosure method, Factor B: content type, Factor C: visibility confirmation |
AI-CHR.1 | Content marking attestation | Factor A: mark type, Factor B: placement, Factor C: content identifier | |
| Latent Disclosure | AI-DATA.1 | Provenance metadata embedding | Factor A: watermark method, Factor B: embedding hash, Factor C: robustness level |
AI-MDL.2 | Model version in provenance chain | Factor A: model name, Factor B: version, Factor C: generation timestamp | |
| Provenance Metadata | AI-ID.1 | Provider and system identification | Factor A: provider name, Factor B: system name/version, Factor C: generation datetime |
| User Accessibility | AI-ACC.1 | Tool accessibility verification | Factor A: access method, Factor B: auth requirement (none), Factor C: bulk query support |
| Robustness Testing | AI-REDTEAM.1 | Watermark robustness evaluation | Factor A: modification type, Factor B: detection rate post-modification, Factor C: test scope |
SB 942 requires: Covered providers must offer a free, publicly accessible detection tool that allows any person to assess whether content was generated or substantially altered by the provider's AI system. The tool must not require specialized technical knowledge.
How SWT3 addresses it: The witness_transparency() call records that the detection tool exists, its public URL, and how it is accessed. Periodic attestation anchors prove the tool remains available. Factor B captures a hash of the tool's response to a known test input, providing evidence that the tool is functional, not merely published.
AI-TRANS.1 anchors should appear at regular intervals (daily or weekly) proving detection tool availability. Factor A contains the tool URL. Factor C confirms the access method (web UI, API, both). Cross-reference with AI-AUDIT.1 anchors for uptime metrics. A gap in AI-TRANS.1 anchors may indicate the tool was unavailable.
SB 942 requires: AI-generated content must include a clear, conspicuous manifest disclosure identifying it as AI-generated or AI-altered. The disclosure must be understandable to a reasonable person.
How SWT3 addresses it: The witness_content_marking() call records the type of mark applied (visual label, text disclaimer, UI indicator), where the mark is placed relative to the content, and a content identifier linking the mark to the specific output. Each generation event that produces covered content creates an anchor proving a manifest disclosure was attached.
AI-CHR.1 anchors should correspond 1:1 with AI-INF.1 (inference) anchors for covered content types. Factor A identifies the mark type. Factor B confirms placement (header, footer, overlay, metadata field). Absence of AI-CHR.1 anchors for content-generating inferences indicates unmarked AI output -- a direct SB 942 violation.
SB 942 requires: Latent disclosures (watermarks or embedded metadata) must be included in AI-generated content and must persist through reasonable modifications such as compression, cropping, and format conversion.
How SWT3 addresses it: The witness_data_provenance() call records the watermarking method used, a hash of the embedded provenance data, and the assessed robustness level. This creates an attestation chain proving that provenance was embedded at generation time using a method tested for durability.
AI-DATA.1 anchors should predate or coincide with content distribution timestamps. Factor A identifies the watermark method (C2PA manifest, steganographic, spectral). Factor C documents the robustness level, which should align with AI-REDTEAM.1 test results. Cross-reference Factor B hashes across the anchor chain to detect any gaps in provenance embedding.
SB 942 requires: Latent disclosures must include the name of the provider, the name or version identifier of the AI system, and the date and time the content was generated.
How SWT3 addresses it: The witness_agent_identity() call captures the provider name, system name and version, and generation timestamp as part of the witness anchor. The anchor itself serves as a provenance record linking a specific piece of content to a specific provider, system, and moment in time.
AI-ID.1 anchors contain the three required metadata fields directly in Factors A, B, and C. The anchor timestamp independently corroborates the generation datetime in Factor C. If the provider operates multiple AI systems, each should have distinct AI-ID.1 anchors with different Factor B values.
SB 942 requires: Latent disclosures must be detectable after content undergoes common modifications (compression, cropping, format conversion, screenshots, re-encoding) unless detection is rendered technically infeasible by the modification.
How SWT3 addresses it: The witness_redteam() call records the modification type tested, the detection rate after modification, and the scope of the test campaign. This creates evidence that the provider has systematically evaluated watermark durability across real-world degradation scenarios.
AI-REDTEAM.1 anchors should cover the standard modification battery: JPEG compression (various quality levels), PNG re-encoding, cropping (10-50%), resizing, screenshot capture, and format conversion. Factor B (detection rate post-modification) should exceed 90% for common modifications. Where detection falls below threshold, Factor A documents the specific modification that defeated the watermark, supporting the "technically infeasible" defense.
SB 942 requires: Detection tools must be free of charge, publicly accessible, require no specialized technical knowledge, and support both individual content items and bulk queries.
How SWT3 addresses it: The witness_access() call records the access method (web upload, API endpoint, browser extension), confirms no authentication is required for basic use, and documents whether bulk query functionality is available. Periodic attestation proves these properties remain true over time.
AI-ACC.1 anchors prove the detection tool meets accessibility requirements. Factor B should confirm "none" for authentication requirement. Factor C should confirm "yes" for bulk query support. If the tool requires account creation (even free), this may violate the "no specialized technical knowledge" requirement -- document the justification in Factor A.
SB 942 does not mandate a specific technical standard for latent disclosures, but the Coalition for Content Provenance and Authenticity (C2PA) specification is the leading implementation path. C2PA manifests satisfy SB 942's latent disclosure requirements by embedding cryptographically signed provenance metadata directly into content files.
| SB 942 Requirement | C2PA Manifest Field | SWT3 Procedure |
|---|---|---|
| Provider name | claim_generator | AI-ID.1 Factor A |
| AI system name/version | claim_generator_info.name + version | AI-ID.1 Factor B |
| Date/time of generation | claim.dc:created | AI-ID.1 Factor C |
| AI-generated indicator | c2pa.ai_generative_training or c2pa.ai_generated action | AI-CHR.1 Factor A |
| Tamper-evident signing | COSE signature over manifest | AI-DATA.1 Factor B (hash of signed manifest) |
SWT3 does not replace C2PA -- it independently witnesses that C2PA manifests were generated and attached. The SWT3 anchor proves the provenance step happened; the C2PA manifest proves what the provenance contains. Together, they create a dual-layer evidence chain: content-level (C2PA) and infrastructure-level (SWT3).
SB 942's August 2, 2026 effective date was deliberately aligned with the EU AI Act Article 50 transparency deadline. Organizations operating in both jurisdictions can address both requirements simultaneously:
| Requirement | SB 942 | EU AI Act Art. 50 | SWT3 Coverage |
|---|---|---|---|
| Disclose AI interaction | Manifest disclosure | Art. 50(1): chatbot/VA disclosure | AI-EXPL.1 |
| Label AI-generated content | Manifest + latent disclosure | Art. 50(2): machine-readable marking | AI-CHR.1 + AI-DATA.1 |
| Label deepfakes | Covered under "altered" content | Art. 50(4): deepfake disclosure | AI-CHR.1 |
| Provider identification | Name, system, timestamp in latent | Art. 50(2): provider traceability | AI-ID.1 |
| Detection tools | Free public tool required | Not explicitly required (voluntary CoP) | AI-TRANS.1 + AI-ACC.1 |
The same SWT3 anchor chain satisfies both SB 942 and Article 50 obligations. Organizations already instrumenting for the EU AI Act gain California compliance with zero additional integration work.
| Examiner Question | Where to Look |
|---|---|
| Is the detection tool publicly available? | AI-TRANS.1 anchors at regular intervals. Factor A contains the tool URL. Factor C confirms the access method. Cross-reference with AI-ACC.1 for authentication and bulk query status. |
| Does the tool work without specialized knowledge? | AI-ACC.1 anchors. Factor B should show "none" for auth requirement. Factor A should describe a web-based interface accessible to non-technical users. |
| Is AI-generated content visibly labeled? | AI-CHR.1 anchors paired with AI-INF.1 (inference) anchors. Every covered inference should have a corresponding content marking anchor. Factor A identifies the mark type. |
| Does content contain latent provenance data? | AI-DATA.1 anchors. Factor A identifies the watermark method. Factor B contains a hash of the embedded provenance. Factor C documents robustness level. |
| Does latent data include provider name, system, and timestamp? | AI-ID.1 anchors. Factor A = provider name, Factor B = system name/version, Factor C = generation datetime. All three must be present per SB 942. |
| Does the watermark survive common modifications? | AI-REDTEAM.1 anchors testing compression, cropping, format conversion, screenshot. Factor B (detection rate) should exceed 90% for standard modifications. |
| What is the penalty exposure? | $5,000 per violation per day. Each piece of unmarked or undetectable AI-generated content is a separate violation. Volume of AI-INF.1 anchors without corresponding AI-CHR.1 anchors quantifies exposure. |
Full SDK documentation: sovereign.tenova.io/docs
Create a free account: sovereign.tenova.io/signup