As AI-driven products proliferate and global regulations adapt, regulators are swiftly initiating reforms for AI governance. The regulatory landscape in this field is becoming more dynamic, with diverse enforcement strategies being adopted all around the globe.
While the US, the EU, the UK, and China often steal the spotlight, other jurisdictions are also making significant steps in AI governance. In fact, more and more jurisdictions are trying to keep pace in the race to achieve the best balance between innovation and regulatory oversight.
Recognizing the challenge of staying updated with this myriad of policy changes, we at Legal Nodes have compiled this overview of leading jurisdictions in AI governance. While it may not encompass every AI governance update – given the vast number of jurisdictions and swift policy shifts – we believe our summary provides valuable insights into the broader AI regulatory framework.
This guide aims to assist AI startups, investors, and those interested in AI regulations in navigating and grasping the evolving regulatory environment. It represents regions accounting for 70% of the global GDP in 2023 and half the world's population. We've organized these jurisdictions into three main regions: Europe, the Americas, and Asia-Pacific.
European Union AI policy details
In the EU, the comprehensive AI Act is nearing its final form, having entered the last negotiation phase. While discussions continue, the core structure and content of the regulation are largely settled.
For a deeper dive into this regulation, refer to our recent overview of the EU AI Act, which we published after its endorsement by the EU Parliament.
Alongside the AI Act, other important legislations in the realm of AI are in the pipeline. Notably, the proposed AI Liability Directive aims to clarify civil liability concerning damages induced by AI systems.
Which European authorities are overseeing AI compliance?
- European Data Protection Board as well as the European Data Protection Supervisor
- The EU AI Board as outlined by the proposed AI Act
- AI regulatory bodies of member states, such as the newly created Spanish AI Supervision Agency
- Data Protection Authorities of Member States
💡Worth checking: a free EU AI Act self-assessment tool
United Kingdom AI policy details
The UK hasn't rolled out a comprehensive AI regulation, and does not plan to do so. Instead, it advocates a context-sensitive, balanced approach, using existing sector-specific laws for AI guidance.
Learn more about the UK’s approach in this in-depth review of the UK's AI Regulatory Regime.
Which UK authorities are managing AI-related regulation?
In the UK, national AI strategy is overseen by a specialized AI authority - Office for AI. Other authorities relevant for AI compliance include:
Switzerland AI policy details
Switzerland has also opted against introducing a standalone AI regulation, taking a path similar to the UK. It focuses on selectively amending existing laws to accommodate AI. This approach includes:
- integrating AI transparency rules into existing data protection laws; and
- modifying the local competition laws, product liability laws, and general civil laws to address AI system needs.
A more substantial vision of the Swiss envisioned framework to AI regulation was clarified by the Position Paper from 2021 by the Swiss Digital Society Initiative in collaboration with the University of Zurich.
Which Swiss authorities manage AI-related regulation?
The United States AI policy details
While the U.S. lacks a unified AI regulation, it has established numerous guidelines and frameworks to govern the AI sector on a federal level. The existing legal landscape encompasses:
Executive Orders, such as:
- Maintaining American Leadership in AI
- Promoting the Use of Trustworthy AI in the Federal Government Act
Legislations and Proposed Bills:
- AI Training Act
- National AI Initiative Act
- Algorithmic Accountability Act (proposed)
- Transparent Automated Governance Act (proposed)
- Global Technology Leadership Act (proposed)
To sum up, the US is adopting a case-by-case strategy to AI governance enforcement, avoiding an overly precautionary approach.
Which US authorities manage AI-related policies?
In the US, the absence of a dedicated AI law means that the oversight and regulation of AI deployment fall to existing agencies. These agencies responsible for ensuring AI guidelines include:
- Federal Trade Commission
- Department of Justice
- Consumer Financial Protection Bureau
- Equal Employment Opportunity Commission
Canada AI policy details
Canada is advancing the AI and Data Act (AIDA) to safeguard Canadians from high-risk AI and promote responsible AI practices in line with global norms. AIDA emphasizes safety, human rights, and curbs reckless AI applications.
In addition to AIDA, Canada has rolled out a Directive on Automated Decision-Making which lays down specific standards that the federal government must adhere to when utilizing automated decision-making systems.
Which Canadian authorities manage AI-related regulation?
When it comes to oversight and guidance on these matters, two significant entities stand out:
- Ministry of Innovation, Science and Economic Development
- Office of the Privacy Commissioner of Canada
Brazil AI policy details
Brazil is actively developing a comprehensive AI Bill, which seeks to prohibit specific high-risk AI systems, sets up a dedicated regulatory body, and imposes civil liability on AI developers and deployers.
Additionally, it would require prompt reporting of significant security breaches and guarantee individuals the right to understand AI-driven decisions and correct biases.
Which Brazilian authorities manage AI-related regulation?
The following authorities oversee the compliance of AI regulation:
China AI policy details
China stands at the forefront of jurisdictions who are actively introducing AI regulations. As they work on drafting a holistic AI framework, several specific AI applications are already governed by existing rules. These encompass:
- Algorithmic Recommendations Management Provisions
- Ethical Norms for New Generation AI
- Opinions on Strengthening the Ethical Governance of Science and Technology
AI governance initiatives in progress include:
Which Chinese authorities are responsible for AI regulation?
Chinese AI governance laws foresee targeted enforcement approaches, with regulatory entities whose roles frequently intersect and overlap. Prominent regulatory entities include:
- Cyberspace Administration of China
- Ministry of Industry and Information Technology
- State Administration for Market Regulation
Japan AI policy details
Japan doesn't have strict AI regulations. Instead, the government relies on guidelines and lets the private sector manage their AI use. Key guidelines include:
Japanese sector-specific laws, including data protection, antimonopoly, and copyright, while not explicitly designed for AI, remain relevant in its context.
Which Japanese authorities are involved in AI policies?
- Ministry of Economy, Trade and Industry
- Council for Science, Technology and Innovation
- Personal Information Protection Commission
India AI policy details
India currently lacks specific legislation for AI governance. However, the upcoming Digital India Act is set to focus on the regulation of high-risk AI applications.
Also, in response to the challenges posed by AI, a specialized task force has been established. The task force is charged with delving into AI's ethical, legal, and societal facets, paving the way for a prospective AI regulatory body and enhancing the nation's AI legislative landscape.
Which Indian authorities are involved in AI-related policies?
- NITI Aayog: The National Institution for Transforming India
- Ministry of Electronics and Information Technology
- Ministry of Commerce and Industry.
Australia AI policy details
Australia hasn't introduced specific AI governance laws or policies. Instead, the government emphasizes leveraging current regulatory structures for AI oversight.
To get a better outlook on the structure and status of AI governance in Australia, we recommend checking out the recent report “The State of AI Governance in Australia” issued by the University of Technology Sydney in May 2023.
Which Australian authorities are involved in AI-related policies?
- Department of Industry, Science and Resources
- Office of the eSafety Commissioner
- Office of the Victorian Information Commissioner
- Competition and Consumer Commission
The future of global AI regulations
The recent years have seen a growing focus on the regulation of AI technology. This trend shows no signs of slowing down, and it raises the following question: what will the future global regulatory landscape look like?
We can already start to build a picture using hints from various different jurisdictional and international approaches. For instance, the fairly recent pledge from G7 leaders highlights their dedication to setting AI standards. They emphasized the need for inclusive AI governance and interoperability, aiming to foster trustworthy AI that aligns with their shared democratic values.
It seems likely that closely connected regions, like the EU and the US, will work towards harmonizing their legislation. This will be important to help prevent potential regulatory gaps and facilitate easier collaboration and trade for the innovators.
On the other hand, it's likely that several regions might choose to differentiate themselves by adopting a more business-friendly approach to AI regulation, avoiding excessive restrictions. This approach might be particularly evident in countries like Switzerland and the UK.
Unfortunately, a unified global approach to AI regulation seems elusive in the near future. Considering this, a more practical solution might be to focus on the fundamental ethical aspects of AI, which are more universally agreed upon compared to specific AI regulations.
💡Worth checking: DPO vs. AI Ethics Officer: Who Do You Need to Stay AI-Compliant?
Prepare yourself for the global AI compliance trend
To assist you in navigating these changes, we recommend consulting with a privacy compliance expert from Legal Nodes. Our team is prepared to help you tackle global AI regulatory challenges, ensuring consistent AI compliance across different use cases.
Kostiantyn is a Data Protection Specialist at Legal Nodes and holds a certification as an Information Privacy Professional in Europe (CIPP/E). Fuelled by his passion for law and technology, he is committed to the protection of fundamental human rights, including data protection. He adds a musical touch to his repertoire as an enthusiastic jazz pianist in his spare time.