After initially claiming it had nothing to see here on the artificial intelligence front, Sacramento has now acknowledged that state agencies are using six automated decision systems officially labeled as high-risk. The reversal, disclosed Friday, reveals tools woven into correctional, education and benefits programs that officials concede can materially affect Californians' lives, and it is already fueling fresh demands for tighter oversight from privacy and civil rights advocates.
In a new inventory, the California Department of Technology reports that for the 2025 program year, state agencies identified six in-use high-risk automated decision systems, plus one system still in development and one discontinued proof-of-concept. Officials say they got there only after validating agency responses through follow-up meetings and giving departments a chance to correct earlier filings. The report applies a 2023 statutory definition of high-risk systems that assist or replace human discretionary decisions that have legal or similarly significant effects.
One of the most immediate examples: the California Department of Corrections and Rehabilitation confirms it uses the COMPAS assessment and related tools to shape rehabilitative plans and parole supervision. The department says the system is meant to help match people to programs and levels of supervision, not to replace human judgment. CDCR describes COMPAS as a needs-assessment that supports case planning while allowing staff to override recommendations. The inventory also calls out a Thomson Reuters unemployment fraud detection product at the Employment Development Department, a tool that prior reporting has linked to the late-2020 pause of benefits for a large number of claimants.
Which Systems Made The List
On the corrections side, the report tags three tools at CDCR as high-risk: COMPAS, the California Static Risk Assessment (CSRA) and the Parole Violation and Disposition Tracking System (PVDTS). Together, they influence incarcerated people’s access to programs, community supervision plans and parole violation records.
Higher education shows up too. The inventory identifies two systems at California State University campuses: Proctorio, which monitors remote exams, and Turnitin’s AI writing-detection product, used to flag potential AI-generated student work.
In the benefits arena, the Employment Development Department reports using Thomson Reuters' Unemployment Insurance Fraud Detect system to help screen for potential fraud in unemployment claims.
The inventory also notes two projects that are not currently in standard production. The Department of Cannabis Control reported a Cannabis Product Image Analyzer that is still in development, and CSU disclosed a discontinued proof-of-concept that used GPT technology for hiring review. These details come from the California Department of Technology inventory.
What Did Not Make The Cut, And Why It Matters
Just as notable as what is in the inventory is what is missing. Some of the state's splashiest generative AI pilots, heavily promoted by the governor's office, do not appear on the high-risk list.
That includes "Poppy," the internal digital assistant that recently completed a pilot across dozens of departments and is slated for a broader rollout in July. GenAI.ca.gov describes Poppy as a secure generative AI platform for state employees, but the pilot does not show up in the high-risk inventory.
Reporters have also pointed out that the inventory omits a CSU contract to trial ChatGPT for campus use, and that a separate bill aimed at further limiting automated decisionmaking, SB 1248, quietly died in the appropriations process last month, according to coverage from Times of San Diego. For critics, that combination of unlisted pilots and stalled legislation is starting to look less like an oversight problem and more like a policy choice.
Legal Fallout And What Comes Next
The new inventory exists because of AB 302, a 2023 law that added Government Code section 11546.45.5 and requires the Department of Technology to send lawmakers an annual list of high-risk automated decision systems. On paper, the framework is supposed to force basic transparency around how state agencies use models that can influence housing, jobs, education, public benefits and criminal justice outcomes. For the bill text itself, see the official record on LegInfo.
State officials say the follow-up meetings with agencies and the chance to amend earlier submissions led to a more accurate and complete inventory this year. Advocates counter that while this is a step forward, key pilots and procurement practices are still out of public view, which makes it hard to know where the riskiest systems actually sit.
With AB 302 requiring annual updates, expect lawmakers and advocacy groups to keep pressing. On the table are stricter reporting rules, clearer thresholds for what counts as high-risk and some form of public or independent audit. Sacramento may have admitted to its first wave of high-risk AI, but no one is expecting this to be the last list.
