Official guidance

Government Resources

Public-sector frameworks, policies, and guidance from government agencies around the world, grouped by country.

View by By country Timeline Browse the agency directory →

United States

NIST AI Risk Management Framework (AI RMF 1.0)

National Institute of Standards and Technology (NIST) — Artificial Intelligence

Voluntary framework released by NIST to help organizations manage risks across the AI lifecycle, organized around the Govern, Map, Measure,...

If a company tells you it is using AI responsibly, odds are it is leaning on the NIST AI Risk Management Framework — the closest thing the United States has to a shared AI safety vocabulary. The framework is voluntary, w...

Read more →
Blueprint for an AI Bill of Rights

White House OSTP non-binding framework setting out five principles for the design and use of automated systems: safe and effective systems,...

The Blueprint for an AI Bill of Rights is the single most cited consumer-facing AI document from the Biden-era White House. It is not a law, and the Trump-era archive URL makes that obvious. It still matters because its...

Read more →

United Kingdom

A pro-innovation approach to AI regulation (UK AI White Paper)

UK government white paper proposing a context-based, principles-led approach to AI regulation delivered through existing sectoral regulators...

The UK chose not to pass a single AI law. Instead it told its existing regulators — the ICO for data, the CMA for competition, the MHRA for medicines, and others — to apply five principles to AI inside their own sectors....

Read more →
ICO Guidance on AI and Data Protection

Information Commissioner's Office (ICO)

ICO hub of guidance explaining how UK GDPR principles apply to AI systems, covering fairness, lawfulness, transparency, accountability, and...

If your AI system touches personal data anywhere in the UK, the ICO is the regulator that can fine you. This hub is how the ICO tells organisations to interpret UK GDPR in an AI context — fairness, lawfulness, transparen...

Read more →

Canada

Artificial Intelligence and Data Act (AIDA) — Companion Document

Innovation, Science and Economic Development Canada (ISED)

ISED-published overview of the proposed Artificial Intelligence and Data Act (part of Bill C-27) setting out Canada's intended risk-based fr...

Canada tried to pass a national AI law and did not finish the job. The Artificial Intelligence and Data Act was the federal framework tucked inside Bill C-27, but the bill lapsed when Parliament was prorogued in early 20...

Read more →
Directive on Automated Decision-Making

Mandatory Treasury Board directive requiring Canadian federal departments to complete an Algorithmic Impact Assessment and apply proportiona...

This directive is not optional guidance — it is a binding Treasury Board instruction that every federal department in Canada must follow before using an automated system to make administrative decisions about people. It...

Read more →

Australia

Australia's AI Ethics Principles

Department of Industry, Science and Resources — National AI Centre

Eight voluntary principles — including human-centred values, fairness, privacy, reliability, transparency, contestability, and accountabilit...

Australia does not yet have a dedicated AI law, so these eight voluntary principles — human-centred values, fairness, privacy, reliability, transparency, contestability, and accountability among them — are what federal a...

Read more →

Germany

EU Artificial Intelligence Act (Regulation 2024/1689)

The world's first comprehensive AI law, taking a risk-based approach that prohibits certain practices, imposes strict obligations on high-ri...

The EU AI Act is the first comprehensive AI law on the planet and the one that AI vendors everywhere — including American and Chinese ones — actually restructure their products around, because the EU market is too big to...

Read more →

France

CNIL Recommendations on AI and the GDPR

Commission Nationale de l'Informatique et des Libertés (CNIL)

CNIL's set of recommendations helping AI developers apply the GDPR through the AI lifecycle, covering purpose definition, legal basis, train...

France has the most assertive data-protection regulator in Europe, and the CNIL has decided not to wait for the EU AI Act to start enforcing against AI systems. Its recommendations walk developers through purpose definit...

Read more →

Japan

AI Guidelines for Business (Ver. 1.0)

Joint METI and MIC guidelines consolidating earlier Japanese AI R&D, utilization, and governance texts into a single living document setting...

Japan deliberately chose a soft-law approach over the EU-style hard law, and these joint METI and MIC guidelines are the result. They fold several earlier Japanese AI texts into a single living document aimed at three au...

Read more →

India

National Strategy for Artificial Intelligence (#AIForAll)

NITI Aayog

NITI Aayog discussion paper setting out India's AI strategy across five priority sectors — healthcare, agriculture, education, smart cities,...

India frames its AI strategy as "AI for All," and this NITI Aayog discussion paper is the source document for that slogan. It sets out five priority sectors — healthcare, agriculture, education, smart cities, and smart m...

Read more →

Singapore

Model AI Governance Framework for Generative AI

AI Verify Foundation

Framework published by IMDA and the AI Verify Foundation extending Singapore's Model AI Governance Framework to generative AI, covering acco...

Singapore has positioned itself as the Asia-Pacific clearinghouse for practical AI governance, and this framework is why. Published by IMDA and the AI Verify Foundation, it extends the older Model AI Governance Framework...

Read more →