California’s AI Transparency Act risks harming open source—here’s how to fix it

Governor Gavin Newsom’s administration is reviewing California’s latest Artificial Intelligence Transparency Act, but a growing chorus of tech leaders is sounding the alarm. GitHub, alongside Black Forest Labs, Hugging Face, and Mozilla Corporation, has joined forces to propose targeted amendments to Senate Bill 942 (SB 942), as revised in SB 1000, before it becomes law. The coalition argues that the current wording introduces a critical flaw that could undermine the very foundation of open source development.

Open source licenses hinge on permanence—new bill threatens that core principle

The crux of the issue lies in a seemingly minor clause within the draft legislation. Under the proposed rules, developers would be required to revoke open source licenses if downstream users fail to meet specific obligations. This provision directly conflicts with the fundamental tenet of open source licensing: permanence and irrevocability. These principles are essential because they enable developers worldwide to build, reuse, and share code with confidence, knowing their work remains accessible regardless of project outcomes.

Open source licenses like the MIT License or Apache License 2.0 are designed to remain in effect indefinitely. This stability is what allows global collaboration—from indie developers to multinational corporations—to flourish. Introducing revocation clauses could introduce widespread uncertainty, disrupting projects that rely on trusted, long-term dependencies. The coalition’s letter emphasizes that this approach is not only unnecessary but also counterproductive to the bill’s stated goals of transparency and accountability.

Why current enforcement already covers developers—and how EU’s model offers a better path

Proponents of the bill argue that its transparency requirements are essential for maintaining AI accountability. However, the coalition points out that developers who modify and deploy AI systems are already subject to direct legal coverage under the proposed law. Enforcement mechanisms, including audits and public disclosures, are already in place to ensure compliance without resorting to license revocation.

Instead of reinventing the wheel, the coalition urges California lawmakers to align the bill with the European Union’s AI Act and its Transparency Code of Practice. The EU’s framework recognizes the unique nature of open source ecosystems and prioritizes documentation over punitive measures. Under this model, developers are encouraged to notify downstream users of best practices rather than face the risk of license revocation. This approach preserves the spirit of transparency while safeguarding the collaborative ethos that drives innovation.

Balancing transparency with innovation: a call for stakeholder feedback

GitHub’s decision to join this coalition underscores the broader stakes for California’s tech ecosystem. The state has long been a hub for open source innovation, hosting projects that power everything from enterprise software to cutting-edge AI research. Disrupting this ecosystem could have far-reaching consequences, stifling creativity and slowing progress.

The coalition has submitted a formal letter outlining its concerns and proposing amendments. Now, GitHub is urging the developer community to engage directly with policymakers. Sharing technically grounded feedback—especially from open source contributors and civil society—can help refine the bill into a model that balances transparency with collaboration. Policymakers in Sacramento have an opportunity to set a precedent that other states can follow, ensuring AI governance supports both accountability and innovation.

The debate over SB 942 is far from over. As California moves closer to finalizing its AI transparency framework, the outcome will shape the future of open source development—not just in the Golden State, but across the globe. Developers, researchers, and advocates have a chance to influence the law before it’s too late.