AI Law Comparison Tables | AI Governance Reference

Table of Contents

1. Regulatory Approach
2. Penalties & Enforcement
3. Individual Rights
4. Scope & Definitions
5. Sector-Specific Regulation
6. Implementation Status

1. Regulatory Approach Comparison

Jurisdiction	Approach	Primary Instrument	AI Definition	Risk Classification
EU	Comprehensive horizontal regulation	AI Act (Regulation 2024/1689)	Broad — machine-based system with autonomy, inference capability	4 tiers: Unacceptable, High, Limited, Minimal
US (Federal)	Sector-specific; executive action; voluntary	Executive Orders; agency guidance; NIST RMF	Varies by agency; no single federal definition	No single classification; sector-dependent
US (States)	Fragmented; issue-specific laws	State laws (Colorado, Illinois, NYC, etc.)	Varies by state	Colorado: “high-risk” for consequential decisions
China	Technology-specific regulations	Algorithm, Deep Synthesis, GenAI rules	Technology-specific definitions per regulation	By technology type, not risk level
UK	Pro-innovation; sector regulators	White Paper; existing regulators (FCA, Ofcom, etc.)	Adaptability and autonomy-focused	Cross-sectoral principles; sector risk assessment
Canada	Proposed legislation + existing directives	AIDA (proposed); ADM Directive (federal gov)	AIDA: technological system using ML or similar	ADM Directive: 4-level impact assessment
Japan	Social Principles; soft law; sector guidance	Social Principles of Human-Centric AI (2019)	Broad; not formally defined in binding law	No formal classification
South Korea	Comprehensive framework + sector laws	AI Framework Act (2025)	Defined in framework law	High-risk AI designation
Singapore	Governance framework; voluntary	Model AI Governance Framework	Broad; technology-neutral	Risk-proportionate; sector-based
Brazil	Proposed comprehensive law	AI Bill (PL 2338/2023)	Broad; based on OECD definition	Risk-based (influenced by EU AI Act)

2. Penalties & Enforcement

Jurisdiction	Maximum Penalty	Enforcement Body	Private Right of Action	Criminal Liability
EU AI Act	€35M or 7% global turnover (prohibited practices)	National authorities + AI Office (GPAI)	Not directly; through national law	Not in AI Act; possible under national law
EU GDPR	€20M or 4% global turnover	National DPAs (Data Protection Authorities)	Yes (Articles 79, 82)	Varies by member state
US Federal	Varies by agency (FTC: unlimited in theory)	FTC, EEOC, HHS, SEC, CFPB, etc.	Agency-specific; tort law available	Only for specific violations (fraud, etc.)
Illinois BIPA	$5,000 per intentional violation	State AG + private litigation	Yes (major source of class actions)	No
Colorado AI Act	$20,000 per violation (UCPA penalties)	State Attorney General (exclusive)	No	No
China	Up to 10× illegal gains; license revocation	CAC; sector regulators	Limited	Possible for serious violations
UK	Sector-dependent (e.g., ICO: £17.5M/4%)	Sector regulators (ICO, FCA, Ofcom, etc.)	Sector-dependent	Sector-dependent
Canada (proposed)	C$25M or 5% global revenue (AIDA)	AI & Data Commissioner (proposed)	Proposed in AIDA	Yes for reckless/serious harm (proposed)
South Korea	Up to 3% of relevant revenue	AI Committee; sector agencies	Yes for damages from AI	No specific AI criminal provisions
Brazil (proposed)	2% of revenue (up to R$50M per violation)	National AI Authority (proposed)	Yes (proposed)	Under discussion

3. Individual Rights

Right	EU	US	China	UK	Canada
Right to know AI is being used	AI Act Art. 50	Varies by state/sector	Multiple regulations	ICO guidance	ADM Directive
Right to explanation of AI decision	GDPR Art. 22; AI Act Art. 86	ECOA (credit); no general right	Algorithm rules require disclosure	UK GDPR Art. 22	ADM Directive
Right to human review	GDPR Art. 22(3); AI Act Art. 14	Sector-specific only	Limited provisions	UK GDPR Art. 22	ADM Directive
Right to opt out of AI profiling	GDPR Art. 21	State privacy laws (CA, CO, etc.)	Algorithm recommendation rules	UK GDPR Art. 21	PIPEDA principles
Right to contest AI decision	AI Act Art. 86	Due process (gov only)	Complaint mechanisms	No specific right	ADM Directive
Right to non-discrimination by AI	AI Act; equality directives	Civil Rights Act; EEOC	General equality provisions	Equality Act 2010	Human Rights Act

= Explicit legal provision = Partial or indirect coverage

4. Scope & Definitions

Dimension	EU AI Act	US (EO 14110)	China	OECD
AI Definition	Machine-based system designed to operate with varying levels of autonomy, that may exhibit adaptiveness, and that infers how to generate outputs	Machine-based system that can, for a given set of human-defined objectives, make predictions, recommendations, or decisions	Technology-specific (algorithm recommendation, deep synthesis, generative AI defined separately)	Machine-based system that can, for explicit or implicit objectives, infer how to generate outputs such as predictions, recommendations, or decisions
Covers public sector	Yes (with law enforcement provisions)	Yes (primary focus of EO)	Yes	Yes
Covers private sector	Yes	Limited (agency-specific)	Yes	Yes (recommendations)
Extraterritorial reach	Yes (Brussels Effect — applies to systems used in EU)	Limited (dual-use export controls)	Yes (for services to Chinese users)	N/A (non-binding)
Covers open-source	Limited exemptions for open-source GPAI	No specific provisions	Yes (registration required)	Addressed in 2024 update

5. Sector-Specific Regulation

Sector	EU	US	China	UK
Healthcare	AI Act (high-risk) + MDR + IVDR	FDA (SaMD framework; 950+ clearances)	NMPA regulations	MHRA; NICE ESF
Financial Services	AI Act + existing EU financial regulation	OCC SR 11-7; SEC guidance; CFPB	PBOC; CBIRC guidance	FCA; PRA SS1/23
Employment	AI Act (high-risk) + Platform Workers Directive	EEOC; NYC LL144; state laws	Labor law provisions	Equality Act; ICO guidance
Autonomous Vehicles	Type approval; AI Act	NHTSA; state laws (50 states vary)	MIIT regulations; city pilots	Automated Vehicles Act 2024
Law Enforcement	AI Act (high-risk + biometric prohibitions)	No federal law; DOJ guidance; city bans	Extensive deployment; limited public regulation	Sector-specific guidance; Bridges v. South Wales Police
Education	AI Act (high-risk for admissions, assessment)	FERPA; ED guidance	MOE guidance; content requirements	DfE AI strategy
Military	National security exemption in AI Act	DoD 3000.09; NSM	CMC guidelines; civil-military fusion	MOD AI Strategy; JSP 936

6. Implementation Status (as of February 2026)

Jurisdiction	Primary AI Law	Status	Key Dates	Enforcement Active
EU	AI Act	Phased implementation	Prohibitions: Feb 2025; GPAI: Aug 2025; High-risk: Aug 2026	Partial (prohibitions enforced)
US Federal	No comprehensive law	Executive action; agency rules	Ongoing (EO 14110 revoked Jan 2025; agency actions continue)	Yes (existing authorities)
Colorado	SB 24-205	Enacted; pre-enforcement	Effective: Feb 2026	Pending
China	Multiple regulations	Fully operational	Algorithm: Mar 2022; Deep Synthesis: Jan 2023; GenAI: Aug 2023	Yes
UK	No comprehensive law	Sector-based approach	Ongoing regulatory updates	Yes (existing regulators)
Canada	AIDA (proposed)	Stalled in Parliament	Uncertain	No (ADM Directive: federal gov only)
South Korea	AI Framework Act	Enacted 2025	Enforcement beginning 2025-2026	Yes (phased)
Brazil	AI Bill (PL 2338/2023)	Under parliamentary review	Expected 2026	No
Japan	No binding AI law	Guidelines-based	Ongoing updates to guidelines	Soft enforcement via guidance
Singapore	No binding AI law	Governance framework + PDPA	Framework updated periodically	PDPA enforced; AI framework voluntary

Previous Timeline Next Home