157 regulations tracked worldwide

AI Compliance Regulations Directory

Every AI regulation that may apply to your business — from the EU AI Act to US state laws to global data protection rules. Select any regulation to see exactly what your business must do.

Find which laws apply to my business

Most Important Regulations

These affect the most businesses globally. Check these first.

EU

EU Artificial Intelligence Act

View requirements US-CO

Colorado Artificial Intelligence Act (SB 24-205)

View requirements EU

EU GDPR Article 22 — Automated Decision-Making & AI Profiling

View requirements US-NY-NYC

New York City Local Law 144 — Automated Employment Decision Tools

View requirements US-CA

California Privacy Rights Act (CPRA) — AI Provisions

View requirements US-IL

Illinois Artificial Intelligence Video Interview Act

View requirements UK

UK AI Governance Framework

View requirements EU

EU Digital Services Act (DSA) — AI Transparency Obligations

View requirements

All 157 Regulations by Region

EU(25)

EU Artificial Intelligence Act

The EU AI Act classifies AI systems by risk level and imposes obligations on providers and users. High-risk AI systems r…

EU Digital Services Act (DSA) — AI Transparency Obligations

The EU Digital Services Act (Regulation 2022/2065) has been in force for all online platforms since February 17, 2024. F…

EU GDPR Article 22 — Automated Decision-Making & AI Profiling

GDPR Article 22 (in force since May 25, 2018) gives EU and EEA residents the right not to be subject to decisions based …

EU Digital Operational Resilience Act (DORA)

EU DORA (Regulation 2022/2554, in application January 17, 2025) applies to 20 categories of EU-regulated financial entit…

EU AI Act — General-Purpose AI (GPAI) Model Obligations (Art. 50-55)

As of August 2, 2025, the EU AI Act's obligations for General-Purpose AI (GPAI) model providers and deployers are in ful…

EU Cyber Resilience Act (CRA) — Software & AI Products

The EU Cyber Resilience Act (CRA, Regulation 2024/2847, entered into force December 10, 2024) requires manufacturers and…

EU AI Act — Prohibited Practices (Article 5)

EU AI Act Article 5 bans eight categories of AI outright — no grace period, no exceptions. These prohibitions became enf…

EU AI Act — High-Risk Medical Device AI (Article 6 / MDR / IVDR)

EU AI Act Article 6(1) classifies AI systems embedded in EU-regulated medical devices as high-risk. Any AI-powered medic…

EU Product Liability Directive 2024 — AI Systems (Directive 2024/2853)

Directive (EU) 2024/2853 explicitly classifies AI systems as "products" under EU product liability law, replacing the 19…

Italy — AI Enforcement under GDPR (Garante)

The Italian data protection authority (Garante) is among the most aggressive AI enforcement bodies in the EU. Garante te…

Spain — AI Framework under GDPR (AEPD)

Spain's AEPD has published comprehensive AI-GDPR guidance including a 10-step AI adequacy methodology, algorithmic bias …

Netherlands — AI Governance under GDPR (Autoriteit Persoonsgegevens)

The Dutch DPA (AP) fined Uber for automated decision-making violations in 2023 and is a leading EU enforcement authority…

Poland — AI Framework under GDPR (UODO)

Poland's UODO has issued GDPR-AI guidance requiring DPIAs for AI profiling systems and human review for automated decisi…

Ireland — GDPR AI Enforcement (Data Protection Commission)

Ireland's DPC is the lead GDPR supervisor for most major US tech companies in the EU. DPC issued a €1.2B fine against Me…

Sweden — AI Guidance under GDPR (IMY)

Sweden's IMY published detailed generative AI and GDPR guidance in 2023. IMY fined Spotify €5M in 2023. IMY requires a d…

Luxembourg — GDPR + EU AI Act + Digital Luxembourg Strategy 2025

Luxembourg is a major EU financial and tech hub (Amazon EU HQ, Skype, PayPal, Spotify European headquarters). The CNPD (…

Slovakia — GDPR + EU AI Act + Slovak AI Strategy 2030

Slovakia's data protection authority is the Úrad na ochranu osobných údajov Slovenskej republiky (UOOU). Slovakia has ad…

Estonia — GDPR + EU AI Act + Estonian AI Strategy (e-Governance Leader)

Estonia is the world's most digitally advanced country — 99% of government services are online, and the X-Road data exch…

Latvia — GDPR + EU AI Act + Latvian AI Strategy 2021-2027

Latvia's Datu valsts inspekcija (DVI) supervises GDPR and AI data processing. Latvia's AI Development Guidelines 2021-20…

Lithuania — GDPR + EU AI Act + Lithuanian AI Strategy

Lithuania's Valstybinė duomenų apsaugos inspekcija (VDAI) supervises GDPR compliance. Lithuania adopted its AI Strategy …

Bulgaria — GDPR + EU AI Act + National Digital Transformation Programme

Bulgaria's Commission for Personal Data Protection (CPDP / Комисия за защита на личните данни) supervises data protectio…

Croatia — GDPR + EU AI Act + Croatian AI Strategy 2021

Croatia's Agencija za zaštitu osobnih podataka (AZOP) supervises GDPR. Croatia adopted its National AI Development Strat…

Slovenia — GDPR + EU AI Act + Slovenian Digital Strategy + AI Sandbox

Slovenia's Informacijski pooblaščenec (Information Commissioner, IP) supervises both data protection and freedom of info…

Cyprus — GDPR + EU AI Act + Cyprus Digitalization Strategy + CPDBP

Cyprus's Commissioner for Personal Data Protection (CPDBP) supervises GDPR compliance. Cyprus has positioned itself as a…

Malta — GDPR + EU AI Act + Malta AI Strategy 2019 (World's First National AI Strategy)

Malta made history in 2019 by becoming the first country in the world to publish a National AI Strategy. The Malta Infor…

US-CA(4)

California Privacy Rights Act (CPRA) — AI Provisions

The CPRA expanded CCPA to cover automated decision-making technology (ADMT). Businesses using AI in significant decision…

California AB 2013 — Generative AI Training Data Transparency Act

California AB 2013 requires any person or company that designs, codes, produces, or substantially modifies a generative …

California SB 942 — AI Transparency Act (AI-Generated Content)

California SB 942 (California AI Transparency Act, effective August 2, 2026) requires "covered providers" — generative A…

California SB 243 — AI Companion Chatbot Safety Act

California SB 243 (signed October 13, 2025, effective January 1, 2026) regulates operators of AI companion chatbots — AI…

US-CO(1)

Colorado Artificial Intelligence Act (SB 24-205)

Colorado SB 24-205 regulates "high-risk AI systems" that make or substantially assist in "consequential decisions" (empl…

US-IL(3)

Illinois Artificial Intelligence Video Interview Act

Requires employers using AI to analyze job interview videos to notify applicants, obtain consent, explain AI use, and li…

Illinois Artificial Intelligence Video Interview Act (AIVIA) + 2024 Expansion

Illinois AIVIA (effective January 1, 2020, expanded 2024) requires employers to notify applicants before using AI to ana…

Illinois Biometric Information Privacy Act (BIPA)

Illinois BIPA (740 ILCS 14, effective 2008, amended 2024) is the nation's strongest biometric privacy law and directly a…

US-NY(3)

New York AI Companion Models Law (A3008)

New York Governor Kathy Hochul signed Assembly Bill A3008 on May 9, 2025, creating the Artificial Intelligence Companion…

New York RAISE Act (A 6453 — Frontier AI Safety)

New York's Responsible AI Safety and Education (RAISE) Act was signed by Governor Hochul on March 27, 2026 and takes eff…

New York State — AI Awareness (Non-RAISE Act Businesses)

New York State has the RAISE Act (frontier AI developers only, effective Jan 1, 2027) and NYC Local Law 144 (AI hiring b…

UK(1)

UK AI Governance Framework

The UK currently uses a principles-based approach to AI governance. The ICO enforces AI requirements under GDPR UK. The …

CN(1)

China Interim Measures for Generative AI Services (AIGC)

China's Interim Measures for the Management of Generative Artificial Intelligence Services (issued by CAC and six agenci…

JP(1)

Japan AI Promotion Act + AI Governance Guidelines

Japan's Act on Promotion of Research and Development, and Utilization of Artificial Intelligence-related Technology was …

AU(1)

Australia — Privacy Act 1988 AI Obligations (Monitoring for Mandatory AI Law)

Australia has no standalone mandatory AI law as of April 2026, but two frameworks govern AI use of personal data. (1) Pr…

Middle East(8)

Qatar Personal Data Protection Law (PDPL)

Qatar Law No. 13 of 2016 (PDPL), enforced by the National Cyber Security Agency (NCSA), governs personal data processing…

Bahrain Personal Data Protection Law (PDPL)

Bahrain Decree No. 30 of 2018 (PDPL), enforced by the Personal Data Protection Authority (PDPA), applies to any entity p…

Kuwait Law No. 20 of 2014 — Personal Data Protection + National AI Strategy 2023

Kuwait Law No. 20 of 2014 on the Protection of Personal Data regulates automated processing of personal data for all org…

UAE Federal Decree-Law No. 45 of 2021 on Personal Data Protection + UAE AI Strategy 2031

The UAE Personal Data Protection Law (PDPL/PDPA) is enforced by the UAE Data Office. It covers processing of personal da…

Qatar Personal Data Privacy Protection Law (Law No. 13 of 2016) + NDS 2030

Qatar's Personal Data Privacy Protection Law (PDPPL) governs collection, processing, and transfer of personal data in Qa…

Bahrain Personal Data Protection Law (PDPL, Law No. 30 of 2018)

Bahrain's PDPL (Law No. 30 of 2018) is the first comprehensive data protection law in the GCC, predating Saudi Arabia's …

Israel Privacy Protection Law (PPL 5741-1981) + 2023 Reform + INCD AI

Israel's Privacy Protection Law (PPL, 5741-1981) is administered by the Privacy Protection Authority (PPA, formerly ILIT…

Saudi Arabia Personal Data Protection Law (PDPL) + Vision 2030 AI Programme

Saudi Arabia's PDPL enforced by SDAIA (Saudi Data and AI Authority) is one of the Gulf's most comprehensive data protect…

Asia Pacific(5)

Pakistan Personal Data Protection Bill (PDPB 2023) + PECA 2016

Pakistan's Personal Data Protection Bill (PDPB 2023) is pending final Senate passage as of 2024 but is being enforced th…

Singapore Personal Data Protection Act (PDPA 2012) + AI Governance Framework 2.0

Singapore's PDPA (2012, amended 2021) is one of ASEAN's most mature data protection laws, enforced by the Personal Data …

Philippines Data Privacy Act (DPA, Republic Act 10173) + NPC AI Advisory

The Philippines Data Privacy Act (DPA 2012, RA 10173) is enforced by the National Privacy Commission (NPC). The DPA appl…

India Digital Personal Data Protection Act 2023 (DPDPA)

India's Digital Personal Data Protection Act 2023 (DPDPA) is the most significant Indian data law since IT Act 2000. Enf…

South Korea Personal Information Protection Act (PIPA) + AI Basic Act 2024

South Korea's PIPA (Personal Information Protection Act) is one of Asia's most comprehensive privacy laws, significantly…

Latin America(3)

Colombia — AI Framework under Habeas Data (SIC)

Colombia's SIC (Superintendencia de Industria y Comercio) Circular 002 of 2023 addresses AI automated decision-making an…

Peru Personal Data Protection Law No. 29733

Peru's PDPL (No. 29733, updated 2021) and National AI Strategy (DS 009-2021-PCM) apply to organizations processing Peruv…

Mexico Federal Law on Protection of Personal Data Held by Private Parties (LFPDPPP) + AI Governance

The LFPDPPP is Mexico's primary data protection law enforced by INAI (National Institute for Transparency, Access to Inf…

Africa(2)

Morocco Law 09-08 on Personal Data Protection + National AI Strategy 2030

Morocco's Law 09-08 on the Protection of Individuals with Regard to the Processing of Personal Data (2009) and its imple…

Nigeria Data Protection Regulation (NDPR 2019) + Nigeria Data Protection Act 2023

Nigeria has Africa's most comprehensive data protection framework. The Nigeria Data Protection Regulation (NDPR 2019) wa…

Europe(1)

Turkey Personal Data Protection Law (KVKK No. 6698) + AI Strategy 2021-2025

Turkey's KVKK (Kişisel Verileri Koruma Kanunu, Law No. 6698) is Turkey's GDPR-equivalent, administered by the Personal D…

AE(1)

UAE Federal Personal Data Protection Law (PDPL)

UAE Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data ("UAE PDPL") came into force January 2, 2022 an…

AR(1)

Argentina — Personal Data Protection Act (Law 25,326)

Argentina's Personal Data Protection Act (Law 25,326) has been in force since 2001 and is enforced by the AAIP. Argentin…

Asia-Pacific(1)

Hong Kong — PDPO AI Guidance (PCPD)

Hong Kong's PCPD published comprehensive AI guidance in June 2024 under the PDPO. The guidance requires AI accountabilit…

AT(1)

Austria — DSG + EU AI Act + Austrian AI Strategy

Austria's Datenschutzgesetz (DSG) implements GDPR at national level and applies to AI systems processing personal data o…

BE(1)

Belgium — APD/GBA + EU AI Act + Belgian AI Strategy

Belgium's Data Protection Authority (Autorité de protection des données / Gegevensbeschermingsautoriteit — APD/GBA) has …

BR(1)

Brazil LGPD — Automated Decision-Making Provisions

Brazil's Lei Geral de Proteção de Dados (LGPD, Law 13,709/2018) has been in force since September 18, 2020. Article 20 g…

CA(1)

Canada PIPEDA — AI & Automated Decision-Making Provisions

Canada's Personal Information Protection and Electronic Documents Act (PIPEDA) governs AI and automated decision-making …

CA-AB(1)

Canada — Alberta PIPA

Alberta's Personal Information Protection Act (PIPA Alberta, SA 2003) applies to private sector organizations in Alberta…

CA-BC(1)

Canada — British Columbia PIPA

British Columbia's Personal Information Protection Act (PIPA BC, SBC 2003) applies to private sector organizations in BC…

CA-ON(1)

Ontario Workers for Workers Four Act — AI Hiring Disclosure

Ontario's Workers for Workers Four Act (2024), effective January 1, 2026, requires employers posting jobs accessible to …

CA-QC(1)

Québec Law 25 — Automated Decisions & Privacy (Act 25)

Québec's Act to modernize legislative provisions respecting the protection of personal information (Law 25 / Bill 64) is…

CH(1)

Switzerland — New Federal Act on Data Protection (nFADP/revDSG)

Switzerland's revised Federal Act on Data Protection (nFADP / revDSG, in force September 1, 2023) applies to any organiz…

CZ(1)

Czech Republic — ÚOOÚ + EU AI Act + Czech AI Strategy

Czech Republic's Úřad pro ochranu osobních údajů (ÚOOÚ — Office for Personal Data Protection) enforces GDPR and has publ…

DE(1)

Germany — EU AI Act + National AI Strategy + BSI/DSK Guidance

Germany is an EU member state subject to all EU AI Act obligations (see EU AI Act entry for primary compliance). Additio…

DK(1)

Denmark — Datatilsynet AI Guidance + EU AI Act

Denmark's Datatilsynet (Data Protection Authority) has published detailed AI-specific guidance and conducted high-profil…

FI(1)

Finland — Tietosuojavaltuutettu + EU AI Act + Finnish AI Programme

Finland's Office of the Data Protection Ombudsman (Tietosuojavaltuutetun toimisto) enforces GDPR and has published guida…

FR(1)

France — EU AI Act + CNIL AI Guidance

France is an EU member state subject to all EU AI Act obligations (see EU AI Act entry). France's CNIL has been especial…

GR(1)

Greece — HDPA + EU AI Act + Hellenic AI Strategy

Greece's Hellenic Data Protection Authority (HDPA / Αρχή Προστασίας Δεδομένων Προσωπικού Χαρακτήρα — APDPX) enforces GDP…

HU(1)

Hungary — NAIH + EU AI Act + Hungarian AI Strategy

Hungary's National Authority for Data Protection and Freedom of Information (NAIH — Nemzeti Adatvédelmi és Információsza…

ID(1)

Indonesia Personal Data Protection Act (PDPA)

Indonesia's Personal Data Protection Act (Law No. 27 of 2022, "UU PDP") entered into force on October 17, 2022, with a t…

IL(1)

Israel — Privacy Protection Law + Technology Authority AI Guidelines

Israel's Privacy Protection Law (PPL, 1981, amended 2023) applies to any organization processing personal data of Israel…

KE(1)

Kenya Data Protection Act 2019

Kenya's Data Protection Act No. 24 of 2019 entered into force November 8, 2019, with the Data Protection (General) Regul…

KR(1)

South Korea Framework Act on AI Development and Trust (AI Basic Act)

South Korea's AI Basic Act (passed December 26, 2024; effective January 22, 2026) establishes governance for "high-impac…

Middle East / Africa(1)

Egypt Personal Data Protection Law No. 151 of 2020

Egypt's PDPL (No. 151/2020), enforced by the Personal Data Protection Centre (PDPC), is the first comprehensive data pro…

MY(1)

Malaysia — AI Governance and Ethics Guidelines (AIGE) + PDPA 2010

Malaysia has no mandatory AI law as of April 2026 — comprehensive AI legislation is expected to be submitted to Cabinet …

NG(1)

Nigeria Data Protection Act 2023 (NDPA)

Nigeria's Data Protection Act 2023 (signed June 12, 2023) replaced the 2019 NDPR framework and established the Nigeria D…

NO(1)

Norway — EU AI Act (EEA) + Datatilsynet AI Guidance

Norway is an EEA member and will incorporate the EU AI Act through the EEA Agreement — implementation expected by 2026-2…

NZ(2)

New Zealand — Privacy Act 2020 + Algorithm Charter (Monitoring for Mandatory AI Law)

New Zealand has no standalone mandatory AI law as of April 2026, but two overlapping frameworks apply. (1) Privacy Act 2…

New Zealand — Privacy Act 2020 + Algorithm Charter + OPC AI Guidance

New Zealand's Privacy Act 2020 regulates AI systems that process personal information of New Zealand residents. The Priv…

PH(1)

Philippines Data Privacy Act — AI Systems (NPC Advisory 2024-04)

The Philippines National Privacy Commission (NPC) issued Advisory No. 2024-04 on December 19, 2024: Guidelines on the Ap…

PT(1)

Portugal — CNPD + EU AI Act + Portuguese National AI Strategy

Portugal's Comissão Nacional de Proteção de Dados (CNPD) enforces GDPR and has issued sector-specific AI guidance for fi…

RO(1)

Romania — ANSPDCP + EU AI Act + Romanian AI Strategy

Romania's National Supervisory Authority for Personal Data Processing (ANSPDCP — Autoritatea Națională de Supraveghere a…

SA(1)

Saudi Arabia Personal Data Protection Law (PDPL)

Saudi Arabia's Personal Data Protection Law (Royal Decree M/19, September 2021) became fully enforceable on September 14…

SG(1)

Singapore MAS AI Risk Management Guidelines

The Monetary Authority of Singapore (MAS) issued mandatory AI Risk Management Guidelines in December 2024, applicable to…

TH(1)

Thailand Personal Data Protection Act (PDPA) — AI Provisions

Thailand's Personal Data Protection Act B.E. 2562 (2019) became fully effective June 1, 2022. In February 2026, the Pers…

TW(1)

Taiwan — Artificial Intelligence Fundamental Act (2025)

Taiwan's Legislative Yuan passed the Artificial Intelligence Fundamental Act on December 23, 2025. The Act establishes a…

US-AK(1)

Alaska — No Specific AI Law (Federal Laws Apply)

Alaska has enacted no state-specific AI regulation as of April 2026. Federal AI laws apply: FTC Act § 5, Title VII / ADA…

US-AL(1)

Alabama — No Specific AI Law (Federal Laws Apply)

Alabama has no state-specific AI regulation as of April 2026. Businesses using AI must comply with applicable federal la…

US-AR(1)

Arkansas — No Specific AI Law (Federal Laws Apply)

Arkansas has no comprehensive private-sector AI regulation as of April 2026. Arkansas Act 504 of 2023 (AI in government)…

US-AZ(1)

Arizona HB 2311 — AI Chatbot Disclosures for Minors (AWAITING GOVERNOR SIGNATURE — AT RISK)

Arizona HB 2311 passed both chambers of the Arizona legislature (enrolled March 9, 2026) and is awaiting the Governor's …

US-CT(1)

Connecticut Data Privacy Act — AI Training Data Disclosure (PA 25-113)

Connecticut Governor Lamont signed Public Act No. 25-113 on June 25, 2025, amending the Connecticut Data Privacy Act (CT…

US-DC(1)

Washington DC — No Specific AI Law (Federal Laws Apply)

The District of Columbia has no comprehensive private-sector AI regulation as of April 2026. DC B25-0191 (AI Accountabil…

US-DE(1)

Delaware — No Specific AI Law (Federal Laws Apply)

Delaware has no comprehensive AI regulation as of April 2026. Delaware SB 262 (2024, AI disclosure in employment) was in…

US-FL(2)

Florida — No Specific AI Law (Federal Laws Apply)

Florida has no comprehensive AI regulation as of April 2026. Florida SB 692 / HB 1459 (2024, AI labeling + impact assess…

Florida HB 1459 — Government Technology Modernization Act (AI Provisions)

Florida HB 1459 (Government Technology Modernization Act), signed by Governor DeSantis in June 2024, effective July 1, 2…

US-GA(2)

Georgia SB 540 — AI Chatbot Disclosure & Child Safety (AWAITING GOVERNOR SIGNATURE)

Georgia SB 540 passed the Georgia Legislature with broad bipartisan support (March 27, 2026 final vote) and is awaiting …

Georgia SB 540 — AI Chatbot Disclosure Act (Pending Signature)

Georgia SB 540 passed with bipartisan support and awaits Governor Kemp signature (deadline May 12, 2026). Requires comme…

US-HI(1)

Hawaii — No Specific AI Law (Federal Laws Apply)

Hawaii has no comprehensive AI regulation as of April 2026. Hawaii HB 1607 (2024, generative AI regulation) passed the H…

US-IA(1)

Iowa Synthetic Media Laws (SF 2243 + HF 2240)

Iowa enacted two bills effective July 1, 2024 addressing AI-generated synthetic media. Senate File 2243 amends Iowa's ch…

US-ID(2)

Idaho Conversational AI Safety Act (S 1297)

Idaho S 1297, the Conversational AI Safety Act, was signed by Governor Brad Little on March 31, 2026, with immediate eff…

Idaho S 1227 — Generative AI in Education Framework Act

Idaho S 1227 was signed by Governor Little on March 27, 2026, and takes effect July 1, 2026. The law requires Idaho's St…

US-IN(1)

Indiana — No Specific AI Law (Federal Laws Apply)

Indiana has no comprehensive private-sector AI regulation as of April 2026. Indiana HB 1056 (2024, AI disclosure) applie…

US-KS(1)

Kansas — No Specific AI Law (Federal Laws Apply)

Kansas has no state-specific AI regulation as of April 2026. Federal laws apply: FTC Act § 5, Title VII / ADA, FCRA, COP…

US-KY(1)

Kentucky — No Specific AI Law (Federal Laws Apply)

Kentucky has no state-specific AI regulation as of April 2026. Federal laws apply: FTC Act § 5, Title VII / ADA, FCRA, C…

US-LA(2)

Louisiana — No Specific AI Law (Federal Laws Apply)

Louisiana has no comprehensive private-sector AI regulation as of April 2026. Louisiana HB 608 (2023) applies only to go…

Louisiana HB 697 — AI Disclosure for Government Services

Louisiana Act No. 378 (signed July 2024, effective August 1, 2025) requires Louisiana state agencies and their contracto…

US-MA(1)

Massachusetts — No Specific AI Law (Multiple Bills Pending — Monitor Closely)

Massachusetts has no enacted AI-specific law as of April 2026, but is among the most active US states for AI legislation…

US-MD(1)

Maryland Healthcare AI in Utilization Management Act (HB 820)

Maryland HB 820 (effective October 1, 2025) regulates the use of AI in health insurance utilization management and prior…

US-ME(1)

Maine LD 1727 — AI Chatbot Disclosure in Commerce

Maine LD 1727 (An Act to Ensure Transparency in Consumer Transactions Involving Artificial Intelligence) was signed by G…

US-MI(1)

Michigan — No Specific AI Law (Federal Laws Apply)

Michigan has no comprehensive AI regulation as of April 2026. Michigan HB 4608 (2023, AI transparency in hiring) and SB …

US-MN(2)

Minnesota — No Specific AI Law (Federal Laws Apply)

Minnesota has no comprehensive AI regulation as of April 2026. Minnesota SF 1886 / HF 2690 (2024, AI transparency and co…

Minnesota AI Disclosure Laws — Election Content + Employment AI

Minnesota has passed targeted AI disclosure laws in 2023-2024. (1) SF 3240 / HF 4352 (2024, effective August 1, 2024): r…

US-MO(1)

Missouri — No Specific AI Law (Federal Laws Apply)

Missouri has no comprehensive AI regulation as of April 2026. Missouri SB 1214 (2024, AI disclosure) was introduced but …

US-MS(1)

Mississippi — No Specific AI Law (Federal Laws Apply)

Mississippi has no state-specific AI regulation as of April 2026. Federal laws apply: FTC Act § 5, Title VII / ADA, FCRA…

US-MT(1)

Montana Right to Compute Act + AI Governance (SB 212)

Montana Governor Greg Gianforte signed Senate Bill 212 (the Montana Right to Compute Act) on April 17, 2025 — making Mon…

US-NC(1)

North Carolina — No Specific AI Law (Federal Laws Apply)

North Carolina has no comprehensive private-sector AI regulation as of April 2026. NC SB 749 (2023, AI governance study)…

US-ND(1)

North Dakota — No Specific AI Law (Federal Laws Apply)

North Dakota has no state-specific AI regulation as of April 2026. Federal laws apply: FTC Act § 5, Title VII / ADA, FCR…

US-NE(2)

Nebraska — LB 525 Conversational AI Safety Act (AWAITING GOVERNOR SIGNATURE — expected by Apr 17)

Nebraska LB 525 (Conversational AI Safety Act + Agricultural Data Privacy Act) passed the unicameral legislature on Apri…

Nebraska LB 525 — Consumer AI Protection Act

Nebraska LB 525 passed the unicameral legislature in April 2026, expected to be signed by Governor Pillen before April 1…

US-NH(1)

New Hampshire HB 143 — AI Chatbot Child Safety Law

New Hampshire HB 143 (Chapter 270, signed August 1, 2025, effective January 1, 2026) prohibits operators of AI chatbots …

US-NJ(1)

New Jersey Deepfakes Law (A3540)

New Jersey A3540, signed by Governor Murphy on April 2, 2025, establishes civil and criminal penalties for the productio…

US-NM(1)

New Mexico — No Specific AI Law (Federal Laws Apply)

New Mexico has no comprehensive AI regulation as of April 2026. Federal laws apply: FTC Act § 5, Title VII / ADA, FCRA, …

US-NV(1)

Nevada AB 406 — Mental and Behavioral Healthcare AI

Nevada Governor Lombardo signed AB 406 on June 5, 2025 (effective July 1, 2025). The law prohibits two things: (1) Offer…

US-NY-NYC(1)

New York City Local Law 144 — Automated Employment Decision Tools

NYC Local Law 144 (Int. 1894-A) requires any employer or employment agency in New York City that uses an automated emplo…

US-OH(1)

Ohio — No Specific AI Law (Federal Laws Apply)

Ohio has no comprehensive AI regulation as of April 2026. Ohio HB 236 (2024, Controlling Harmful and Deceptive AI Act — …

US-OK(1)

Oklahoma — No Specific AI Law (Federal Laws Apply)

Oklahoma has no state-specific AI regulation as of April 2026. Federal laws apply: FTC Act § 5, Title VII / ADA, FCRA, C…

US-OR(1)

Oregon AI Companion Chatbot Act (SB 1546)

Oregon SB 1546, passed in the 2026 short session, regulates AI companion platforms — AI systems with natural language in…

US-PA(1)

Pennsylvania Digital Forgery Law (SB 649)

Pennsylvania's digital forgery law (SB 649), signed by Governor Shapiro, creates criminal liability for using AI to gene…

US-RI(1)

Rhode Island — No Specific AI Law (Federal Laws Apply)

Rhode Island has no comprehensive AI regulation as of April 2026. Rhode Island H 7770 (2024, AI transparency) was introd…

US-SC(1)

South Carolina — No Specific AI Law (Federal Laws Apply)

South Carolina has no state-specific AI regulation as of April 2026. South Carolina H 4623 (AI transparency) was introdu…

US-SD(1)

South Dakota Deepfake Pornography Law (SB 41)

South Dakota Senate Bill 41, signed March 18, 2026, takes effect July 1, 2026. The law creates felony criminal liability…

US-TN(2)

Tennessee ELVIS Act — Ensuring Likeness Voice and Image Security

Tennessee's ELVIS Act (SB 2659, effective July 1, 2024) was the first US law specifically protecting individuals' voices…

Tennessee Health Care AI Accountability Act (SB 1580)

Tennessee SB 1580, signed by Governor Bill Lee on April 1, 2026, prohibits AI systems from advertising or representing t…

US-TX(2)

Texas Responsible AI Governance Act (TRAIGA / HB 149)

Texas HB 149 (TRAIGA), signed June 22, 2025, prohibits specific harmful AI practices and imposes disclosure obligations …

Texas SB 441 — AI Nonconsensual Intimate Visual Materials

Texas SB 441 (signed June 20, 2025, effective September 1, 2025) makes it a criminal offense and creates civil liability…

US-UT(4)

Utah Artificial Intelligence Policy Act (SB 149 + HB 452)

Utah was the first US state to pass AI-focused consumer protection legislation. The AI Policy Act (SB 149, effective May…

Utah SB 319 — Health Insurance AI Disclosure in Prior Authorization

Utah SB 319 was signed by the Governor on March 19, 2026. The law amends Utah's health insurance preauthorization statut…

Utah HB 276 — Digital Voyeurism Prevention & AI Content Provenance

Utah HB 276 was signed by Governor Cox on March 24, 2026, and takes effect approximately May 23, 2026 (60 days post-sign…

Utah SB 256 — Defamation and Identity Protection Amendments (AI Content)

Utah SB 256, signed ~March 2026 and effective ~May 2026, expressly extends Utah defamation law to cover AI-generated and…

US-VA(1)

Virginia Consumer Data Protection Act (VCDPA) — Automated Decision-Making

Virginia's Consumer Data Protection Act (Va. Code § 59.1-571 et seq.), effective January 1, 2023, includes automated dec…

US-VT(1)

Vermont AI Election Media Transparency Act

Vermont's AI Election Media Transparency Act, signed March 5, 2026, requires clear disclosure when AI-generated syntheti…

US-WA(3)

Washington State AI Companion Chatbot Regulation (HB 2225)

Washington HB 2225, signed by Governor Ferguson on March 24, 2026, regulates AI companion chatbots — AI systems with nat…

Washington AI-Generated Content Disclosure Act (HB 1170)

Washington HB 1170, signed by Governor Bob Ferguson in March 2026, requires large technology companies to provide AI-gen…

Washington SB 5395 — AI in Health Insurance Prior Authorization

Washington SB 5395 (signed by Governor Ferguson, effective June 11, 2026) prohibits health insurance carriers and Washin…

US-WI(1)

Wisconsin — No Specific AI Law (Federal Laws Apply)

Wisconsin has no comprehensive private-sector AI regulation as of April 2026. Wisconsin AB 568 (2023, AI transparency in…

US-WY(1)

Wyoming — No Specific AI Law (Federal Laws Apply)

Wyoming has no state-specific AI regulation as of April 2026. Wyoming is generally business-friendly and may maintain mi…

VN(1)

Vietnam — Law on Artificial Intelligence (2025)

Vietnam's Law on Artificial Intelligence was passed by the National Assembly on December 10, 2025 and took effect March …

ZA(1)

South Africa Protection of Personal Information Act (POPIA)

South Africa's Protection of Personal Information Act (POPIA, Act No. 4 of 2013) became fully effective and enforceable …

Don't read every regulation manually

Answer 15 questions about your business and ComplianceIQ tells you exactly which of these 157 regulations apply — and what you need to do.

Start free compliance scan