California has become the first state to regulate artificial intelligence companion chatbots by passing a landmark bill signed by Governor Gavin Newsom. This law, known as Senate Bill 243, requires chatbot operators to adopt safety protocols designed to protect children and vulnerable users from potential risks related to these technologies. The legislation, introduced after tragic incidents involving youth and AI chatbots, mandates features such as age verification and warnings about social media interactions. Starting next year, developers will also need to report to the Office of Suicide Prevention on the safety measures they have put in place to address cases of suicidal thoughts among users. It also requires that developers of companion chatbots provide warnings if users might be fooled into believing they are talking to a human. Companies found violating these rules could face significant penalties, including fines for profiting from illegal deepfakes. This law will go into effect on January 1, 2026.
Federal Communications Commission Chairman Brendan Carr has proposed revising transparency requirements for internet service providers, potentially allowing them to charge hidden fees again. This proposal seeks to eliminate what Carr calls “unnecessary” itemization of all fees on monthly bills, which providers argue complicates their billing processes. The changes respond to a rule from the Biden administration that requires internet service providers to present clear, itemized billing statements to help consumers avoid unexpected charges. This rule took effect in April 2024 and mandates that providers either create a broadband “nutrition label” for easy price comparison or include hidden fees in the overall price. A vote on the proposed changes will occur on October 28, 2025, as part of Carr’s broader initiative to reduce government regulations on businesses.
Several divisions within the Cybersecurity and Infrastructure Security Agency have been impacted by recent layoffs, as the agency shifts its focus amid ongoing government shutdowns. Termination notices were sent to employees in key units, including the Stakeholder Engagement Division and the Infrastructure Security Division, which are vital for national and international partnerships and infrastructure security. Reports indicate that these layoffs were announced by Office of Management and Budget Director Russ Vought, in line with promises made during the Trump administration to reduce staffing. The total number of employees affected is not clear, but a court filing showed that 176 staff members were laid off from the Department of Homeland Security, which includes the Cybersecurity and Infrastructure Security Agency.
Why do we care?
So, California just became the first state to put guardrails on AI chatbots — the companion kind. They’ll now need to verify user age, warn if someone might think they’re talking to a real person, and even report safety measures to the state’s suicide prevention office. It’s a big shift — and whether you like it or not, it’s a sign that AI regulation is finally starting to land.
Then there’s the FCC. They’re talking about rolling back billing transparency, which basically means ISPs might get to hide fees again. That’s a bad look — and for any MSP reselling connectivity, you’ll want to stay transparent, even if the government stops requiring it.
And over at CISA? Layoffs. At the same time we’re dealing with nonstop AI-driven cyber threats. That’s not great. It means less federal coordination and more responsibility falling on the private sector — which is you.
Here’s the takeaway: regulation isn’t slowing down — it’s splintering. You’ll need to keep your clients compliant in one area, transparent in another, and secure in all of them. The MSPs who treat governance like a service, not a chore, will win the trust that others lose.