The Trust Paradox: Colorado’s AI Law and the Challenge for Local Governments

The views expressed are those of the author and do not necessarily reflect the views of ASPA as an organization.

By Tanya Settles
September 19, 2025

The State of Colorado took a bold step in 2024 by passing the Consumer Protections for Artificial Intelligence Act, colloquially known as the Colorado Artificial Intelligence Act (CAIA). This is the first comprehensive state law in the United States designed to regulate high-risk artificial intelligence (AI) systems. The law requires developers and deployers to use “reasonable care” to avoid algorithmic discrimination, conduct impact assessments, disclose AI use to consumers and other people, and provide avenues for human review of adverse decisions. These provisions aim to increase fairness and transparency in areas where AI profoundly impacts people. Implementation of CAIA was initially set for February 2026 but was delayed to June 2026 through the AI Sunshine Act. This extension provides local governments a brief window of opportunity to prepare for full implementation and compliance with the law.

Preparing Guardrails for Trust

Colorado counties and municipalities are included as potential deployers and developers under the Act. This matters because local governments are often the first point of contact for community members in a variety of circumstances and for some may be the first encounter with AI-augmented decision making. Results of a global study regarding public trust of AI by KPMG and the University of Queensland found that over 60 percent of people are wary about trusting AI systems and about one-third of respondents lack confidence in government and commercial organizations to develop, use and govern AI. Most people expect and welcome AI regulation but regulatory progress has been slow. Legislatures across all 50 states considered some form of legislation connected to artificial intelligence in 2025 but most efforts failed. This underscores that current law and policy structures are unprepared and ill structured to regulate the rapid development of AI uses and lag in garnering public trust of such systems.

At the local government level, these risks are tangible. Without guardrails:

• Community members may never know that an AI tool was a substantial factor in their case
• Erroneous or biased data may silently shape consequential outcomes in benefits, permitting or employment
• Appeals to adverse decisions may be slow or inaccessible leaving people with little recourse for a non-human decision

The Colorado law’s transparency requirements — advance notice, plain-language explanations and the right to correction — are critical. These safeguards ensure people who need services are not left in the dark about how decisions are made, but transparency alone does not resolve deeper issues.

Gaps in the Current Framework

The CAIA is a good start, but there are important unresolved gaps in regulation that still need to be considered as the legislature continues debate on improvements and local governments prepare for compliance:

Ambiguity in Scope: The Act hinges on terms like “consequential decision,” “reasonable care” and “substantial factor,” yet none are tightly defined and do not reflect how AI actually works. This ambiguity invites inconsistent application and litigation risk exposure.

Narrow Focus on Discrimination: By emphasizing algorithmic discrimination against protected classes, the law adopts an important civil rights framework but leaves out other harms such as faulty data entry or poorly calibrated risk models. Such harms may fall outside the protections of CAIA.

Limited Enforcement Pathways: Enforcement rests primarily with the Colorado Attorney General. Individuals facing adverse decisions may not be able to pursue claims under the Act except through broader consumer-protection statutes. For people harmed by flawed local government AI, relief depends on the enforcement priorities of the Attorney General.

Uneven Government Application: In the months since enacting the CAIA, other states have picked up the issue of AI regulation, and the United States federal government has a different strategy that hinges on removing “burdensome regulations.” This creates a patchwork of applications that are difficult to align and lacking a national AI framework, as some have suggested, potentially creates gaps for local governments.

The Trust Paradox

Colorado’s AI Act is framed as a consumer protection measure aimed at preventing algorithmic discrimination and harm. While the statute doesn’t explicitly reference “trust,” its requirements regarding public disclosures, human-in-the-loop safeguards, risk assessments and correction rights are mechanisms to build public confidence in AI-assisted decision making.

The paradox is that if state and local governments lack the fiscal and staffing capacity to meaningfully implement these protections, the law may have an opposite effect. Community members will see disclosure forms, appeal rights and transparency statements but may find the processes hollow and performative. Appeals may go underfunded, reviews perfunctory or disclosures too vague to be useful. Instead of strengthening confidence, the gap between promise and delivery risks deepening public skepticism toward both AI and the governments that use it. In an era of budget shortfalls and federal funding shifts, the greatest danger of the Colorado AI Act is not overregulation but that incomplete implementation could erode the very trust the law was designed to foster.

---

Author: Tanya Settles is the CEO of Paradigm Public Affairs, LLC. Tanya’s areas of work include relationship building between local governments and communities, restorative justice and policy and program strategy and evaluation. Tanya can be reached at [email protected]. The opinions in this column and any mistakes are hers alone.

(1 votes, average: 5.00 out of 5)
Loading...