Jurisdiction Library

The EU AI Act applies a risk-based regime: prohibited AI uses are banned, high-risk systems face strict compliance duties, and transparency rules apply to user-facing and synthetic-content AI.

Peru regulates AI through a risk-tier approach that requires transparency, explainability, human oversight, data-protection compliance, and auditing controls for higher-risk systems.

South Korea's AI law imposes safety, transparency, and governance obligations, with additional lifecycle risk controls, disclosure, and oversight requirements for high-impact and generative AI systems.

Taiwan currently uses a framework-style model focused on public governance principles, high-risk designation by competent authorities, risk assessment, and personal-data protection by design.

Vietnam's AI law sets risk-tier classification, prohibits manipulative and harmful uses, requires labeling/transparency for AI-generated content, and mandates incident handling and risk-based controls.

Across Africa, AI governance is still emerging and is currently shaped by national data-protection laws, country-level digital/AI strategies, and African Union policy frameworks.

Australia currently regulates AI through privacy, consumer-protection, and anti-discrimination law, supplemented by national AI ethics principles and evolving policy initiatives.

Canada currently governs AI through existing privacy and human-rights law, public-sector automated decision rules, and policy guidance, while dedicated federal AI legislation remains proposed but unenacted.

China regulates AI through administrative AI measures plus cybersecurity, data-security, and privacy law, creating a comprehensive state-supervised framework despite no single standalone AI statute.

Across the Middle East, AI governance is mainly strategy-led and sector-based, with countries like the UAE and Saudi Arabia relying on national AI programs plus data and cybersecurity law.

New Zealand's AI governance relies on existing privacy, human-rights, and fair-trading law, alongside public-sector algorithm accountability commitments.

Singapore combines enforceable data and consumer law with government AI governance frameworks and assurance tools to drive responsible deployment.

The UK follows a regulator-led AI model under existing law, with core obligations driven by UK GDPR, anti-discrimination law, and sector regulators rather than a single AI statute.

The United States does not yet have a comprehensive federal AI law, instead relying on existing statutes and a fragmented state-level framework, with ongoing federal efforts to establish a unified national approach.