NYC Local Law 144 (Automated Employment Decision Tools)
Effective date
Penalty
$375 to $1,500 per violation. Each day of AEDT use without bias audit is a separate violation. Each person not notified is a separate violation.
Obligations mapped
5 obligations
Legislative update
A December 2025 NYC Comptroller audit found the enforcement agency (DCWP) reviewed only 32 companies and identified limited violations. The Comptroller's own review found 17 potential violations, signaling increased enforcement scrutiny. The NY RAISE Act (S6953B) would create a statewide AI governance framework that may interact with LL144.
Overview
If your company uses automated tools to screen resumes, rank candidates, or evaluate employees for hiring or promotion in New York City, Local Law 144 may apply. Before using the tool, where applicable you may need to have an independent auditor complete a bias audit testing for disparate impact across sex, race, and ethnicity categories. Where applicable, you may need to publish the audit results on your website and notify every candidate that the tool is being used and what it evaluates. Each day you use the tool without a current audit is a separate violation ($375 to $1,500). Each person you fail to notify is a separate violation.
This is a municipal AI regulation.
See if this regulation applies to your company with the free exposure scan.
Who this applies to
This regulation applies to the following roles:
- Deployers and users of covered AI systems and tools
- Organizations operating in New York City
This regulation applies to companies that use or deploy AI tools and systems built by other vendors. If your company uses AI-powered products in the areas listed below, this regulation may apply to you.
Section 20-871(a)(1); 6 RCNY Section 5-301 · Section 20-871(a)(2); 6 RCNY Section 5-303 and related sections
AI categories covered
- automated employment decision
Specific AI use cases:
- hiring screening
- promotion evaluation
- Resume screening and ranking
- candidate ranking
- Video interview analysis
- Candidate assessment and scoring
- Workforce scheduling and optimization
What this requires you to do
5 obligations identified from statutory analysis.
Section 20-871(a)(1); 6 RCNY Section 5-301
Section 20-871(b)(3); 6 RCNY Section 5-304(d)
Section 20-871(b)(2); 6 RCNY Section 5-304(b)
Section 20-871(b)(1); 6 RCNY Section 5-304(a)-(c)
Section 20-871(a)(2); 6 RCNY Section 5-303
Regulation summaries are simplified for readability and may not capture every nuance of the underlying statute. Verify important details against primary sources linked on this page.
Enforcement and penalties
$375 to $1,500 per violation. Each day of AEDT use without bias audit is a separate violation. Each person not notified is a separate violation.
Penalty amounts are based on statutory text and may be subject to adjustment, judicial interpretation, or enforcement discretion.
Legislative history
guidance issued
Law firms warn of incoming stricter enforcement phase
enforcement action
NY State Comptroller audit finds DCWP enforcement ineffective. 75% of 311 calls misrouted, only 1 of 32 flagged companies despite 17+ violations.
effective
Enforcement begins
delayed
DCWP delays enforcement from April 15 to July 5, 2023
effective
Statutory effective date
signed
Enacted as Local Law 144 of 2021 by Mayor de Blasio
Related regulations
- UpcomingAI-Specific
Colorado ADMT / AI Act (SB 26-189)
Colorado SB 26-189 repeals and reenacts SB 24-205 into an automated decision-making technology (ADMT) framework for consequential decisions. Starting January 1, 2027, covered developers may need to provide deployers with technical documentation and material-update notices. Covered deployers may need point-of-interaction notices, post-adverse-outcome disclosures, data-access and correction processes, human-review and reconsideration workflows, and three-year compliance records. SB 24-205 risk-management, impact-assessment, and reasonable-care artifacts remain useful governance evidence, but they are historical or reusable controls rather than standalone current-law duties under the new Colorado framework.
Effective
- UpcomingPrivacy ADM
CCPA/CPRA Automated Decision-Making Technology Regulations
California's ADMT regulations require businesses using automated decisionmaking technology for significant decisions (employment, finance, housing, education, healthcare) to provide pre-use notices, offer opt-out rights, respond to access requests, and conduct risk assessments with annual CPPA filing under penalty of perjury.
Effective
- In EffectAI-Specific
Illinois Biometric Information Privacy Act (BIPA)
Illinois BIPA may apply to written consent before collecting fingerprints, facial scans, voiceprints, iris scans, or hand geometry. Where applicable, companies may need to publish a retention/destruction policy, provide written notice, obtain written releases, and may be barred from selling or profiting from biometric data. Any aggrieved person can sue for $1,000 to $5,000 per violation without proving harm.
Effective
New York AI regulation guide lists every tracked rule for this jurisdiction with timelines and obligation tallies.
Regulation summaries are simplified for readability and may not capture every nuance of the underlying statute. Verify important details against primary sources linked on this page.