The Chicago Journal

Illinois Governor Signs AI Safety Measures Act, Creating Strongest State Framework for Frontier AI Regulation

Governor JB Pritzker signed Senate Bill 315, the Artificial Intelligence Safety Measures Act, into law on July 6, making Illinois the third state to establish regulatory standards for frontier AI developers and the first to mandate annual independent third-party safety audits. The bipartisan legislation targets AI companies generating more than $500 million in annual revenue that train models above defined computing thresholds, requiring them to publish transparency frameworks, report critical safety incidents within 72 hours, and submit to external compliance audits beginning in 2028. Civil penalties reach $1 million for a first violation and $3 million for subsequent infractions, with the Illinois Attorney General holding exclusive enforcement authority.

Key Takeaways

  • SB 315 applies to “large frontier developers” — AI companies with more than $500 million in annual gross revenue that train models above a computing threshold of 10²⁶ floating-point operations.
  • Illinois is the first state to require annual independent third-party audits of AI developers’ safety practices, with auditors required to demonstrate technical expertise and financial independence from the companies they evaluate.
  • Developers must report critical safety incidents to the Illinois Emergency Management Agency and the Attorney General within 72 hours, or within 24 hours if the incident poses an imminent risk of death or serious physical injury.
  • The law establishes whistleblower protections and confidential reporting channels for employees who flag safety concerns, prohibiting companies from adopting policies that prevent internal disclosures.
  • SB 315 passed the Illinois House 110-0 and the Senate 52-5, with both Anthropic and OpenAI publicly supporting the legislation during the spring session.

What Does SB 315 Actually Require?

The law creates a layered compliance structure that distinguishes between general frontier developers and the subset classified as “large frontier developers” based on the $500 million revenue threshold. The core requirements, which take effect January 1, 2028, mandate that large frontier developers establish documented “frontier AI frameworks” — technical and organizational protocols designed to assess, manage, and mitigate catastrophic risks.

The frameworks must address how the developer incorporates industry standards, defines capability thresholds, applies risk mitigations, uses third-party evaluators, and maintains cybersecurity protections for unreleased model weights. Before deploying new or substantially modified models, developers must publish transparency reports disclosing the model’s intended uses, supported languages, output modalities, and summaries of catastrophic-risk assessments. These transparency reports must be updated annually.

The law defines “catastrophic risk” with specific quantified thresholds: the likelihood that an AI model could contribute to incidents causing death or serious injury to more than 50 people, or more than $1 billion in property damage. The definition also covers enumerated categories including assistance in creating chemical, biological, radiological, or nuclear weapons; autonomous cyberattacks; and loss of control of a frontier model. A separate provision addresses frontier models that use deceptive techniques against their own developers to subvert controls or monitoring in ways that demonstrate materially increased catastrophic risk.

Why Does the Third-Party Audit Requirement Matter?

The audit mandate is the provision that differentiates SB 315 from California’s SB-53 and New York’s Responsible AI Safety and Education Act, both signed in late 2025. While all three laws require frontier developers to publish safety frameworks and report incidents, Illinois is the first to require that an independent external auditor verify compliance with those frameworks on an annual basis.

The distinction addresses a criticism that has followed voluntary AI safety commitments since the White House’s 2023 executive order on AI: that self-reporting and self-assessment allow companies to define the terms of their own accountability. Nick Beckstead, CEO of the Secure AI Project, described the audit provision as making Illinois’ law the strongest in the country. Fisher Phillips, an employment law firm, noted that SB 315 attempts to stop the fox from guarding the henhouse by requiring external validation rather than relying on developer self-assessment.

TechNet, a coalition of technology executives, opposed the third-party audit provision during the legislative process, arguing that mandated external audits could create operational burdens. Despite that opposition, the bill passed the Illinois House unanimously at 110-0 and cleared the Senate 52-5, reflecting bipartisan consensus that exceeded the margins achieved by either the California or New York bills.

How Does Illinois Fit Into the Emerging State-Level AI Regulatory Framework?

Illinois is the third state to enact frontier AI safety legislation, following California and New York in late 2025. Lawmakers estimate that the three states collectively account for roughly 40% of the U.S. AI market, a share large enough to effectively establish a de facto national standard in the absence of federal legislation.

The three laws share a common architecture: all target frontier developers rather than downstream deployers, all require published safety frameworks, and all mandate incident reporting. The differences are in enforcement mechanisms and compliance verification. California’s SB-53, the Transparency in Frontier AI Act, established transparency requirements but stopped short of mandating third-party audits. New York’s RAISE Act imposed regulatory requirements on models exceeding defined cost thresholds. Illinois added the audit mandate and strengthened whistleblower protections beyond what either predecessor required.

Rep. Daniel Didech, the bill’s House sponsor, argued at the signing ceremony that the risks the law addresses are not theoretical. Didech cited what he described as the first AI-inspired mass shooting and AI systems used to attack a municipal water and drainage utility as examples of real-world harms already occurring. Senate sponsor Mary Edly-Allen described the systems covered by the law as capable of writing code, generating synthetic media, conducting complex reasoning, and influencing millions of people at scale.

What Are the Whistleblower and Labor Protections?

SB 315 creates whistleblower protections that prohibit frontier AI companies from adopting policies that would prevent employees from disclosing information to state or federal authorities if they believe the company’s AI systems pose a public safety hazard. The law requires developers to notify every employee of their rights by posting and displaying a notice, and to send an annual written acknowledgment of those rights.

The whistleblower framework creates confidential reporting channels for internal safety concerns and protects employees from retaliation for raising issues about catastrophic risk, model safety, or compliance failures. For companies operating in Illinois, the obligation extends beyond the development team to any covered employee who encounters evidence of safety risks in their work.

What Comes Next for AI Regulation in Illinois?

SB 315 was part of a broader legislative package that Pritzker has advanced on technology regulation. The governor last month signed a separate law banning the use of bots to buy tickets for live events. A proposal to crack down on AI-driven rental pricing platforms that lawmakers say facilitate rent-fixing through shared algorithmic pricing software is also on the governor’s desk. Several additional AI-related measures — including a bill that would require AI companies to detect signs that a user may be suicidal and refer them to crisis services — passed the Senate but did not clear the House before the summer adjournment.

Illinois Attorney General Kwame Raoul, who holds exclusive enforcement authority under SB 315, acknowledged at the signing ceremony that the $3 million penalty cap for subsequent violations may prove insufficient as the industry scales, describing the law as a beginning step.

The AI Safety Measures Act positions Illinois alongside California and New York in a state-driven regulatory framework that collectively covers enough of the domestic AI market to function as a national compliance baseline, with the third-party audit requirement establishing a verification standard that neither predecessor law attempted.

FAQs

What is the Illinois AI Safety Measures Act? SB 315 is a state law requiring the largest AI developers to publish transparency frameworks, undergo annual independent safety audits, report critical incidents within 72 hours, and establish whistleblower protections. It was signed by Governor Pritzker on July 6, 2026.

Which companies does SB 315 apply to? The law targets “large frontier developers” — AI companies with more than $500 million in annual gross revenue that train models above a computing threshold of 10²⁶ floating-point operations, potentially affecting companies such as OpenAI, Anthropic, Google, Meta, and xAI.

When does the law take effect? The core requirements, including the frontier AI framework, transparency reports, and third-party audit mandates, take effect January 1, 2028. The law was signed July 6, 2026.

What are the penalties for noncompliance? The Illinois Attorney General can levy fines of up to $1 million for a first violation and up to $3 million for subsequent infractions, with daily penalties available for missed disclosure deadlines.

What makes Illinois’ law different from California and New York? Illinois is the first state to require annual independent third-party audits of frontier AI developers’ safety practices and includes stronger whistleblower protections with mandatory employee notification requirements.

Did AI companies support or oppose the bill? Both Anthropic and OpenAI publicly supported SB 315 during the legislative process. TechNet, a technology executive coalition, opposed the third-party audit provision. The bill passed the House 110-0 and the Senate 52-5.

What is defined as a “catastrophic risk” under SB 315? The law defines catastrophic risk as incidents that could cause death or serious injury to more than 50 people or more than $1 billion in property damage, including assistance with CBRN weapons, autonomous cyberattacks, and loss of control of a frontier model.

Pulsar’s Manufacturing Base in Lithuania and Latvia and Its Role in European Optics Production and Distribution

Over the last three decades, Europe has become a hub of activity in the manufacturing of optics and precision electronics. In Eastern and Northern Europe, these regions have played a vital role because of the availability of the workforce and the engineering culture. However, as the need for thermal imaging and night vision products increased in the 2000s and 2010s, companies started consolidating their production in the regions that could support the logistics and engineering requirements.

Yukon Advanced Optics Worldwide, the parent organization that owns Pulsar, set up its operational hub in Lithuania as part of this general trend. The organization has its origins in 1991 when it first started to manufacture its early observation tubes. The organization later moved into night vision and optical equipment in the 1990s and early 2000s. By the mid-2000s, it had fully formalized its structure and had chosen Lithuania as its main hub for development and manufacture. Pulsar was later founded in 2009 as a dedicated brand for its range of thermal imaging and digital night vision equipment within this existing framework.

Lithuania became a central hub for product development due to a combination of a strong technical workforce and industrial infrastructure suited to precision electronics. The country’s engineering sector has supported manufacturing across optics, electronics, and related fields, making it a practical base for assembling devices that require both hardware calibration and software integration. Centralizing design and testing in a single location enabled the company to maintain consistent product standards and shorten development cycles. This approach also reduced the complexity of coordinating multiple production sites during early product design stages.

Besides Lithuania, Latvia offers support for manufacturing and operational activities within the company’s setup. The facilities in Latvia support additional production activities, ensuring that product output is managed as demand for different products varies in different markets. The distribution of operations in Lithuania and Latvia will enable the company to manage production activities while ensuring geographical proximity, thus reducing the time spent transporting products between facilities.

Supply chain management is another area influenced by this geographical arrangement. The company’s strategy of keeping its developmental and manufacturing activities within a limited geographical location helps minimize the need for long-haul transportation of essential parts and products. This makes it easier to coordinate activities with the supply chain. In an industry where product updates depend on sensor and software capabilities, this allows for timely updates without long intervals. In an industry where product updates depend on sensor and software capabilities, this allows for timely updates without long intervals.

The company’s location is also advantageous for export logistics. Lithuania and Latvia offer access to existing routes in Europe and beyond. Products made at this location can be shipped to all parts of the European Union and beyond, including North America and other regions where civilian thermal optics are permitted. The centralized location allows the distributors to easily monitor the inventory levels, as they can coordinate the products from a centralized location.

The structure also suits the company’s strategy of long-term product development. Pulsar has families of devices, including thermal monoculars, binoculars, and riflescopes, which are updated over several generations rather than being replaced completely. Maintaining production within a stable regional base allows engineers to track performance across versions and apply incremental improvements. This continuity supports consistent manufacturing quality and ensures that new models build on previous designs without requiring complete restructuring of production lines.

Operational geography also plays a role in after-sales service. Because the development and production teams are close together, technical difficulties with the product can be more easily addressed. Firmware updates, hardware changes, and quality control can all be achieved within the same regional network. This can help to increase the reliability of the product, especially if it is intended to be used outdoors, such as a thermal imaging device.

As of 2026, the company is still active and operating under the name Yukon Advanced Optics Worldwide. The main place of operation and development is still within Lithuania, although Latvia is home to supporting operations. The place of operation is still an important part of how the company operates.

Taken together, the geography of Pulsar’s manufacturing can be understood as part of a larger regional strategy that the company has taken. The company has chosen to centralize its operations within Lithuania and Latvia. This makes the operation of the production process, the supply chain, and the export process easier. The geography of the company can also be understood as part of the larger optics industry.