California’s AI Executive Order Establishes New Trust and Safety Procurement Standards

April 6, 2026

On March 30, 2026, California Governor Gavin Newsom issued Executive Order N‑5‑26, which includes directives “to both leverage GenAI for the benefit of Californians and to ensure these tools are deployed transparently and in ways that protect privacy and civil liberties.” Among those, the Executive Order directs the California Department of Technology (CDT) and Department of General Services (DGS) to implement new trust and safety obligations on artificial intelligence (AI) companies seeking to contract with California agencies, directs the state Chief Information Security Officer (CISO) to review federal supply chain risk designations and issue guidance for state procurement, and directs CDT to work with other California agencies to identify and develop opportunities to use AI within the California government.

The Executive Order is a significant development for entities who contract with the state of California, as it sets in motion updates to state procurement processes that are distinct from federal requirements and that will impose transparency and privacy requirements, while furthering state adoption of AI tools.

Executive Order Directives

1. Develop New Contract Certifications. Within 120 days, the California Government Operations Agency, in coordination with the DGS and the CDT, must develop new procurement certifications that require entities that want to do business with California to attest to and explain their policies and safeguards to protect public safety, including those that address: exploitation or distribution of illegal content (e.g., non-consensual sexual imagery); harmful bias in AI models; and violation of civil rights and liberties (e.g., surveillance, free speech). While the general intent of the Executive Order is focused on AI, the directive is not limited only to AI vendors.
2. State Review of Federal Supply Chain Risk Designations. The CDT CISO is tasked with reviewing federal supply chain risk designations and other federal procurement changes. The CISO may issue guidance to ensure state departments and agencies may still procure from a company that the federal government has designated a supply chain risk if the CISO determines any supply chain risk designation or change is improper.
3. Additional Procurement Reforms. Within 120 days, the Government Operations Agency (GovOps), in consultation with DGS and CDT, must recommend reforms to contractor responsibility provisions concerning authorities for contractor suspension and ineligibility. Such reforms should ensure that California does not contract with entities “judicially determined to have unlawfully undermined privacy or civil liberties,” including “freedom of speech, voting, and protections from unlawful discrimination and surveillance.”
4. Additional State Opportunities to Leverage GenAI. With 120 days, GovOps, CDT, Office of Data and Innovation, DGS, and the California Department of Human Resources, are tasked with:
   • Providing government employees access to generative AI tools that have privacy and cybersecurity safeguards;
   • Sharing best practices on responsible AI procurement and adoption;
   • Updating the State Digital Strategy to include generative AI use cases to strengthen government transparency and accountability, improve performance, and make government services easily accessible;
   • Piloting a website or application that uses generative AI to provide government services;
   • Expanding trainings on emerging technologies; and
   • Publishing a data minimization toolkit for California departments and agencies with best practices, templates, special contract provisions, and program review checklists, and providing support to implement this toolkit.
5. AI Watermarks. Within 120 days, CDT and GovOps must issue guidance to California agencies on best practices for watermarking AI-generated or significantly manipulated images or video.

Key Takeaways

The March 30 Executive Order expands on Governor Newsom’s 2023 Executive Order N-12-23, which outlined how California would innovate and use GenAI, develop policies and guidelines for responsible public sector procurement of AI tools, and launch pilots of GenAI products for specific use cases in the state. This Executive Order would identify additional opportunities for the state government to leverage AI, including by piloting applications or websites to provide Californians with access to government services, and continue to update state policies on AI best practices and appropriate privacy and cybersecurity safeguards.

In light of federal procurement developments regarding AI, including development of draft AI clauses for the GSA’s multiple award schedule (MAS) contracts and litigation between the Government and AI vendor Anthropic (which we covered here), Governor Newsom’s Executive Order is a significant development for entities contracting with the state of California, as it indicates how California will incorporate AI standards and review procedures into the state’s procurement process.

***

Wiley’s Artificial Intelligence and Government Contracts practices counsel clients on AI compliance, risk management, procurement, and regulatory and policy approaches, and we engage with key government stakeholders in this quickly moving area. Please reach out to the authors with any questions.