Personal Provenance Data
- Jurisdiction
- US-CA
- Effective
- 2025-01-01
- Issuer
- California Legislature
Privacy-sensitive provenance information that ai-detection-tools are prohibited from outputting under the california-ai-transparency-act-sb-942.
Definition
Per Section 22757.1(h), "personal provenance data" means provenance data that contains either of the following:
-
Personal Information: Information meeting the definition in Section 1798.140 of the Civil Code (California Consumer Privacy Act)
-
Associable Device Data: "Unique device, system, or service information that is reasonably capable of being associated with a particular user"
Privacy Protections
Detection Tool Restrictions
Section 22757.2(a)(3) mandates that AI detection tools "do not output any personal provenance data that is detected in the content."
Data Retention Prohibitions
Section 22757.2(c)(3) prohibits covered providers from "retain[ing] any personal provenance data from content submitted to the AI detection tool by a user."
Contrast with System Data
While system-provenance-data may be safely disclosed through detection tools, personal provenance data must be protected due to its potential for user identification or association.
CCPA Integration
By referencing Section 1798.140 of the Civil Code, the law aligns with California's existing privacy framework under the California Consumer Privacy Act, ensuring consistent treatment of personal information across state regulations.
Technical Implementation
The prohibition requires technical systems to:
- Distinguish between personal and system provenance data
- Filter out associable information before output
- Prevent retention of user-identifiable metadata