With the rapid evolution of artificial intelligence (AI) technology, the regulatory frameworks for AI in the Asia–Pacific (APAC) region continue to develop quickly. Policymakers and regulators have been prompted to consider either reviewing existing regulatory frameworks to ensure their effectiveness in addressing emerging risks brought by AI, or proposing new, AI-specific rules or regulations. Overall, there appears to be a trend across the region to promote AI uses and developments, with most jurisdictions focusing on high-level and principle-based guidance. While a few jurisdictions are considering regulations specific to AI, they are still at an early stage. Further, privacy regulators and some industry regulators, such as financial regulators, are starting to play a role in AI governance.

This blog post provides an overview of various approaches in regulating AI and managing AI-related risks in the APAC region.  

  • AI-Specific Laws and Regulations

Several jurisdictions in the region are moving toward AI-specific regulations, including the People’s Republic of China (hereinafter referred to as China), South Korea, and Taiwan.

  • China has been most active in shaping regulations specific to generative AI technologies since 2023. It has taken a multifaceted approach that combines AI-specific regulations, national standards and technical guidance to govern generative AI services and the regulatory focus has been on services that are provided to the public in China. The Interim Administrative Measures for Generative Artificial Intelligence Services represent a milestone as the first comprehensive regulation specifically addressing generative AI services (a summary of this regulation can be found in our previous post here). Several non-binding technical documents and national standards have been issued or are being drafted to further implement this regulation. Prior to the regulation that specifically addresses generative AI services, China had issued regulations for deep synthesis and algorithmic recommendations. Further, China promulgated rules on conducting an ethical review of scientific activities involving generative AI.
  • Beyond a few provisions on narrow aspects scattered in other regimes, South Korea does not presently have a comprehensive AI-specific regulatory framework. Proposed in early 2023, the draft Act on Fostering the AI Industry and Securing Trustworthy AI remains currently pending before the National Assembly. If enacted, it would set out the first comprehensive legislative framework governing the usage of AI in South Korea, generally reflecting an approach that would permit AI usage and developments subject to subsequent safeguards if and as needed. In parallel, the Personal Information Protection Commission (PIPC) has been advocating for a flexible approach to AI based on self-regulation, with support from the PIPC. Furthermore, the Korean Fair Trade Commission (KFTC) will soon start a detailed study to identify potential AI-induced risks in terms of consumer protection as well as unfair or anti-competitive practices, which might result in KFTC-supervised self-regulation of certain AI aspects through industry codes of conduct supplemented by a set of guidelines on AI, or even proposed legislation or amendments to existing consumer protection or antitrust rules. 
  • Similarly, Taiwan is drafting a basic law governing AI, i.e., the Basic Law for Development of Artificial Intelligence, which will set out fundamental principles for AI development and for the government to promote the development of AI technologies. However, it is still uncertain whether and when Taiwan will pass this draft law.
  • Non-binding AI Principles and Guidelines

Other jurisdictions in the APAC region take a voluntary approach for the moment, relying on non-binding principles and guidelines as well as existing laws to address AI-related issues. Such jurisdictions include Australia, Japan, Singapore, India, Hong Kong, Thailand and Vietnam.

For instance, Australia has so far taken a soft-law approach. Australia’s AI Ethics Principles were published in 2019, setting out principles for certain aspects in relation to AI governance, including fairness, privacy protection and security, reliability and safety, transparency and explainability, and accountability. Similarly, Japan has no comprehensive AI-specific regulation but only provides non-binding guidance. Singapore, India, Hong Kong, Thailand and Vietnam also have their own AI-related guidelines.

In addition to non-binding guidelines, some regulators also provide practical tools for AI services. For instance, Singapore launched an AI governance testing framework and toolkit in May 2022 and the initiative of a generative AI evaluation sandbox in October 2023, providing a common baseline of evaluation testing methods and benchmarks to assess generative AI products.

In these jurisdictions that have not yet issued specific AI regulations, enforcement in relation to AI could be carried out under existing laws. For instance, in order to understand the implications of the development and use of AI on data privacy in Hong Kong, the privacy regulator of Hong Kong – the Office of the Privacy Commissioner for Personal Data (PCPD) – carried out compliance checks on 28 organizations from August 2023 to February 2024 to understand their practices regarding the collection, use and processing of personal data in the development or use of AI, as well as their AI governance structure. Some jurisdictions have started to experiment with the best approach to regulate AI services, even though AI regulations are not in place yet. For instance, India’s regulator – the Ministry of Electronics and Information Technology – issued a non-binding advisory on March 1, 2024, asking all AI tools (including AI models, software using generative AI or any algorithms) currently being tested, in development or are potentially unreliable, to seek approval from the government before being released to the public. However, the requirement mandating government approval of AI tools was soon withdrawn by an advisory issued later in that month.

The fast development of AI technologies certainly poses new regulatory challenges for APAC governments. With China being the first jurisdiction to adopt AI-specific regulations, there will still be uncertainties going forward regarding how other regulators in the APAC region will address the risks brought by AI. It will be sensible for companies that develop or deploy AI technologies in the APAC region to closely monitor these developments and be prepared.

* * *

This blog post was written with contributions from Shutaro Kuwahara.

This information is not intended as legal advice. Readers should seek specific legal advice before acting with regard to the subjects mentioned herein.

Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Yan Luo Yan Luo

With over 10 years of experience in global technology regulations, Yan Luo specializes in the intersection of law and technology, focusing on regulatory compliance and risk mitigation for technology-driven business models. Her key strengths include data protection, cybersecurity, and international trade, with a

With over 10 years of experience in global technology regulations, Yan Luo specializes in the intersection of law and technology, focusing on regulatory compliance and risk mitigation for technology-driven business models. Her key strengths include data protection, cybersecurity, and international trade, with a particular emphasis on adapting to regulatory changes and ensuring compliance to support technology sector business strategies.

In recent years, Yan has guided leading multinational companies in sectors such as cloud computing, consumer brands, and financial services through the rapidly evolving cybersecurity and data privacy regulations in major Asian jurisdictions, including China. She has addressed challenges such as compliance with data localization mandates and regulatory audits. Yan’s work includes advising on high-stakes compliance issues like data localization and cross-border data transfers, navigating cybersecurity inspections for multinational companies, and providing data protection insights for strategic transactions. Additionally, Yan has counseled leading Chinese technology companies on global data governance and compliance challenges across major jurisdictions, including the EU and the US, focusing on specific regulations like GDPR and CCPA.

More recently, Yan has supported leading technology companies on geopolitical risk assessments, particularly concerning how geopolitical shifts impact sectors at the cutting edge, such as artificial intelligence and semiconductor technologies.

Yan was named as Global Data Review’s40 under 40” in 2018 and is frequently quoted by leading media outlets including the Wall Street Journal and the Financial Times.

Prior to joining the firm, Yan completed an internship with the Office of International Affairs of the U.S. Federal Trade Commission in Washington, DC. Her experiences in Brussels include representing major Chinese companies in trade, competition and public procurement matters before the European Commission and national authorities in EU Member States.

Photo of Xuezi Dan Xuezi Dan

Xuezi Dan is an associate in the firm’s Beijing office. Her practice focuses on regulatory compliance, with a particular focus on data privacy and cybersecurity. Xuezi helps clients understand and navigate the increasingly complex privacy regulatory issues in China.

She also has experience…

Xuezi Dan is an associate in the firm’s Beijing office. Her practice focuses on regulatory compliance, with a particular focus on data privacy and cybersecurity. Xuezi helps clients understand and navigate the increasingly complex privacy regulatory issues in China.

She also has experience advising clients on general corporate and antitrust matters.

Photo of Laurie-Anne Grelier Laurie-Anne Grelier

Laurie-Anne Grelier assists global companies, especially Asian multinationals, with navigating the competition law aspects of their activities and investments in Europe. Laurie-Anne cumulates more than 10 years of experience advising these companies on complex, high-stake European competition law issues, including antitrust and cartel…

Laurie-Anne Grelier assists global companies, especially Asian multinationals, with navigating the competition law aspects of their activities and investments in Europe. Laurie-Anne cumulates more than 10 years of experience advising these companies on complex, high-stake European competition law issues, including antitrust and cartel investigations, the clearance of mergers and other transactions, the structuring of licensing, distribution, collaborative and other commercial arrangements, issues related to abuse of dominant position, and the structuring of compliance programs.

Laurie-Anne further represents these companies in litigation before the European Courts, whether in their challenges of regulatory decisions or in the defense of multi-million private antitrust claims.

Laurie-Anne also advises Asian companies on the application of new regulations in the technology sector, such as the EU Digital Markets Act as well as on state aid and foreign direct investment.

Laurie-Anne has elementary proficiency in Korean.