[{"_1":2,"_88":-5,"_89":-5},"loaderData",{"_3":4,"_26":27},"root",{"_5":6,"_17":10,"_18":19,"_20":21,"_22":10,"_23":-5,"_24":-5,"_25":10},"user",{"_7":8,"_9":10,"_11":10,"_12":-5,"_13":-5,"_14":15,"_16":-5},"roles",[],"isAuthenticated",false,"isPremium","planName","subscriptionStatus","featureFlags",{},"insightsBudget","isDevelopmentHost","userPreferences",{},"recaptchaSiteKey","6LcvOJcUAAAAAHsB-gPGfGktcRlKpH7OTIU_dMTD","isImpersonating","impersonation","affiliateStatus","isFreedomPortal","routes/v2/article/layout",{"_28":29,"_30":31},"notFound",true,"relatedArticles",[32,76],{"_33":34,"_35":36,"_37":38,"_39":40,"_41":42,"_43":44,"_45":46,"_47":48,"_49":50,"_51":52,"_53":54,"_55":56,"_57":58,"_59":60,"_61":62,"_63":64,"_65":66,"_67":68,"_69":70,"_71":72,"_73":74,"_75":74},"mediaId",6570022,"mediaKeyId","3192489-b9684625ecf2e8733414ae2e39e20ac2","parentId",3192489,"title","Senate Internet and Technology Committee advances most bills on 6-item agenda; one measure fails","audioSeconds",263,"startMs",1385350,"endMs",1648452,"viewUrl","/Search/View?dp=1&key=3192489-b9684625ecf2e8733414ae2e39e20ac2&start=1385&end=1648","thumbnailUrl","https://assets.pipeline.soar.com/3192489-b9684625ecf2e8733414ae2e39e20ac2/thumbnail_1385350.jpg","articleUrl","/articles/6570022/New-York/Senate-Internet-and-Technology-Committee-advances-most-bills-on-6-item-agenda-one-measure-fails","mediaUrl","https://secure.pipeline.soar.com/6570022-70aa38589dc781c7c028d94ddd89a2a2/orig.mp4?Expires=1771166447&Signature=Lsfkqs5crniL5U3ZHxw0FPpcDLhr9cKQbHx~3TJK8PZtjfrbO4OBNo~CpqDIXKgkK0qyLFZWnjbtnbn4Q6aEas-ql5e0mz1xg2JZEjP~DvUZBUzjCmK8KHBQpsWredKhyrZ2R3BDx~eBRqZ4rgh9G5vco-Gg3qm8mgIn0CZmqswdnej1hHwyzC4RxgJQftJm4ovmitq~Zq3LcJfR6azRRe8~dwxbnubP~5UvNGKMssolVeO-26qLNQjwgv44QKZ0XqPKfmC1Cji0k7dt36tZCDV6LFvErNozxCrLEJYXuKtzfwtQ7RDFFW97i2aWQikJQZyN-CMFWMPdjiWHnAdC8A__&Key-Pair-Id=KUT5TJCACFTXG","author","New York - Internet And Technology","date","2025-05-05T17:45:35.493Z","article","At the March 5 meeting of the Senate Internet and Technology Committee, members considered six bills on the committee agenda. Most measures were moved out of committee for further consideration; one bill failed in committee and one was sent as a dual reference to the Codes Committee.

Senate Bill 955 (Kavanaugh) would amend the Multiple Dwelling Law and Multiple Residence Law regarding smart access systems and the data they collect. The bill was moved in committee, seconded and recorded as reported to first reading; the committee recorded two opposing votes and one without recommendation during the voice vote.

Senate Bill 1338 (Parker) would amend the Public Authorities Law to add emerging-technology industrial classifications for clean environment and energy technologies. The motion carried without recorded opposition and the bill was reported to first reading.

Senate Bill 3591 (Ashby) would require age verification for certain internet websites. That bill failed in committee; the transcript records recorded opposition and the chair stated the bill failed.

Senate Bill 3699 (Sanders), the Facial Recognition Technology Act, was moved and reported to first reading after a voice vote with no recorded opposition or without-recommendation entries in the transcript.

Senate Bill 5609 (Salazar) would amend the Executive Law to prohibit law-enforcement use of biometric surveillance, establish a biometric surveillance regulation task force and include a repeal provision. The committee moved the bill; the record shows the measure is a dual reference and was recorded to the Codes Committee. The transcript noted two \"without recommendation\" entries, two opposing votes and one recorded \"I\" in the roll of responses during the voice vote.

Senate Bill 7263 (Gonzalez) would amend the General Business Law to impose liability for damages caused by a chatbot impersonating certain licensed professionals. The motion to move the bill was seconded; the voice vote recorded one opposed. The transcript does not include an explicit committee disposition phrase for this bill, though the motion was carried in committee and the meeting then adjourned.

The committee\u0000chair also noted a pending Supreme Court case relevant to the age-verification measure and said the state may await that decision when shaping its approach to related legislation. The meeting then moved to adjournment.","mediaType","Video","parentTitle","Senate Standing Committee on Internet and Technology - 05/05/2025","oneSentenceSummary","At the March 5 meeting the committee considered six bills on smart-access systems, technology classifications, age verification, facial recognition, biometric surveillance and chatbot liability; most were moved out of committee or reported, one bill failed and one was sent for dual reference to Codes.","taxTitle","Internet And Technology, Standing Committee, Senate, Legislative, New York","taxId",25205,"location","New York","headline","","shortSummary",{"_33":77,"_35":36,"_37":38,"_39":78,"_41":79,"_43":80,"_45":81,"_47":82,"_49":83,"_51":84,"_53":85,"_55":56,"_57":58,"_59":86,"_61":62,"_63":64,"_65":87,"_67":68,"_69":70,"_71":72,"_73":74,"_75":74},6570025,"State comptroller auditors tell Senate panel New York lacks reliable IT inventory and comprehensive AI governance",1347,12995,1360914,"/Search/View?dp=1&key=3192489-b9684625ecf2e8733414ae2e39e20ac2&start=12&end=1360","https://assets.pipeline.soar.com/3192489-b9684625ecf2e8733414ae2e39e20ac2/thumbnail_12995.jpg","/articles/6570025/New-York/State-comptroller-auditors-tell-Senate-panel-New-York-lacks-reliable-IT-inventory-and-comprehensive-AI-governance","https://secure.pipeline.soar.com/6570025-e991f7f63cae2f3d99eff48c3a9eb9b7/orig.mp4?Expires=1771166447&Signature=Af3QjqAIUgF0kFYo2~Ai2a4lfjCX0lhOrXeBwBubisRX1CyipFU~gywZ0MARGibVZPuMCkUXnBf6cSVUwVKNm8pDI~5CJ1KwCIs7WUuCu6l9g60ZDfJtA-YIdjXHXTxIKkGQS~nJhD6FHjTqRAub4ooBhjElAUW-nEuK1s70C2GrfDmPtgCWleiJyqqqhGjwbwPZ1LbghaA4B1wVXwAIjt-f8Ekj22V~lJw-HW1QuZo7oZKhTbpvxrtQm7NSrQvC3dfc85ZgctF3b6PIwtASFYp4srMIH4nqJAR4OQ5nmLz5tW0tpSnDr3xRAfG2UGJ0FTESu0fvW8DjzTE6dEL9hg__&Key-Pair-Id=KUT5TJCACFTXG","At a March 5 meeting of the Senate Internet and Technology Committee, the Office of the State Comptroller presented two audits that found widespread weaknesses in New York State\u0000Information Technology Services\u0000(ITS) hardware asset controls and in statewide AI governance.

The audits, described by Tita Kim, deputy controller for state government accountability, and David Schafer, head of AI audits, found that ITS could not reliably account for thousands of computers and other devices and that agencies lack a comprehensive inventory or operational playbooks for AI systems. The auditors told the committee that those gaps create fiscal, operational and cybersecurity risk and make meaningful oversight difficult.

The comptroller\u0000audits covered different areas but reached similar conclusions: policy-level guidance exists in both IT asset management and AI acceptable-use rules, but the audits found insufficient training, monitoring and enforcement to translate policy into consistent practice. Kim told the committee that without reliable data, human oversight and transparency it is hard to identify weaknesses before they cause larger problems.

The IT inventory audit, released in February 2025, reviewed the period from March 2020 through August 2024. Auditors reported that nearly 18,000 workstations were marked \"absent\" in ITS records; close to 1,000 duplicated serial-number entries; and about 1,600 records lacking any serial number. The review also found stockrooms that had not completed required quarterly counts, staff keeping unofficial \"shadow\" spreadsheets, unsecured pallets and boxes of loose hard drives in shared spaces, and a set of new or barely used computers scheduled for shredding instead of resale or donation. The auditors said the latter group amounted to roughly $530,000\u0000to\u0000$660,000 in hardware.

Those gaps, the audit concluded, leave open the possibility of undetected loss or theft, unnecessary overstocking and wasted purchases, and greater exposure to data compromise when devices are not securely wiped before disposal. The report also said ITS had delayed seven months in providing auditors with requested data and staff access, during which inventory records were altered, which auditors cited as evidence of a weak control environment.

The comptroller recommended eight steps to address the deficiencies, including continuous cleanup and validation of inventory data, securing stockrooms and mandating quarterly counts by trained staff, deploying automated tools to detect unregistered devices on the network, written emergency procedures for procurement and asset handling, evaluating resale or donation before shredding, enforcing mandatory hardware return during employee offboarding, and a policy requiring timely cooperation with auditors.

Kim told the committee that ITS agreed to accept all eight recommendations in the agency\u0000response dated January 2025, created an IT asset management team, adopted a new asset management policy, began rolling out a hardware asset management module to track devices from acquisition to disposal, and was conducting stockroom security surveys and quarterly inventory checks. The agency also indicated it would test resale and donation through the state's CREATE program and redesign offboarding forms to focus on hardware returns.

On AI governance, the auditors reviewed ITS and four agencies\u0000(NYSOCA, Department of Corrections and Community Supervision, Department of Motor Vehicles and Department of Transportation) and found no comprehensive statewide AI governance framework. The review said the ITS acceptable-use policy, originally issued in January 2024 and updated shortly before the audits, tells agencies what to do but not how to do it, leaving critical steps such as bias and accuracy testing, risk-management methods and contract-level data-use limits undefined.

Auditors said agencies interpreted the broad guidance differently, producing inconsistent practices. The audit cited an example in which the DMV excluded an application that uses facial recognition from its informal AI inventory and from its AI oversight process. Auditors also reported virtually no systematic bias or accuracy testing, limited human-oversight provisions, and inconsistent contractual terms for vendor data use. In one sample item identified as \"LIQ,\" agency staff could not clearly state how vendor data could be used until auditors met the vendor and confirmed controls.

The auditors recommended that ITS expand its current policy into a full governance toolkit, produce a statewide inventory of every AI system in use, and deliver roles-based training so nontechnical staff can identify AI components embedded in existing applications. Kim said ITS had issued inventory guidance in March and that inventories and training were already in progress. The comptroller's office also said it planned a responsible-AI training series for agency accountability professionals and that additional AI audits are underway, including reviews at SUNY campuses and several New York City agencies.

Senators on the committee voiced concern about both the cybersecurity and oversight implications of the findings. After the presentation, ITS and the auditors agreed to provide committee offices with copies of the reports and to continue following up on implementation progress.

The presentation took place at the committee's March 5 session and preceded consideration of six bills on the committee's agenda.","Deputy Controller Tita Kim and audit staff told the Senate Internet and Technology Committee March 5 that audits found unreliable hardware inventories, unsecured devices, and inconsistent AI oversight across state agencies; ITS has agreed to adopt recommendations and is rolling out fixes.","actionData","errors"]

Article not found

Senate Internet and Technology Committee advances most bills on 6-item agenda; one measure fails

State comptroller auditors tell Senate panel New York lacks reliable IT inventory and comprehensive AI governance