Regulatory Frameworks Inventory.
Detailed repository of global AI acts, policy drafts, and compliance standards currently in effect or under review.
| LOC | Date ↓ | Regulation Title | Summary | Status | Action |
|---|---|---|---|---|---|
 | 2026-01-05 | CNIL AI how-to sheets (English) — GDPR-compliant AI system development | Legal and advisory teams supporting AI development (including within professional services firms and client advisory work) should align internal playbooks and c... | in effect | View |
 | 2025-09-25 | Italy Law 132/2025 on artificial intelligence (principles, authorities, delegations, amendments) | High impact across public sector, regulated actors, and the legal system: it establishes national AI governance (authorities and coordination), sets operational... | in force | View |
| | 2025-07-22 | CNIL finalises GDPR recommendations for AI system development and announces future work | Supports compliance teams by signalling CNIL’s expectations and practical focus areas (model GDPR applicability analyses, annotation governance, and secure deve... | View | |
| | 2025-06-01 | CNIL synthesis of consultation inputs on legitimate interest for AI development | AI developers relying on legitimate interest should operationalise a documented assessment workflow and evidence safeguards for large-scale training and web scr... | View | |
| | 2025-04-29 | Cour de cassation: release of report 'Preparing the Court of tomorrow' on AI | Relevant to courts considering AI tooling: provides an evaluation methodology and a governance model emphasising human oversight and ethics. | View | |
| | 2025-04-18 | Puglia Regional Law 4/2025 promoting open innovation and artificial intelligence | Moderate impact concentrated in Puglia: it enables and structures regional programs (platform, hubs, competence center, training) and introduces a near-term imp... | in force | View |
| | 2025-02-14 | AgID draft guidelines — adoption of AI systems in the public administration (consultation) | Requires public administrations to formalise AI governance: human oversight for critical decisions, security-by-design with periodic checks, risk management pro... | draft | View |
| | 2025-02-07 | CNIL practical sheet: informing individuals about personal data use in AI development | Requires AI developers/controllers to enhance privacy notice design and operational timing—particularly for web-scraped or third‑party data—including public-fac... | View | |
| | 2025-02-07 | CNIL practical sheet: enabling data subject rights in AI training datasets and models | Requires AI developers/controllers to implement practical workflows for rights requests that address dataset/model distinctions, identification challenges, and ... | View | |
| | 2024-12-20 | GPDP case on ChatGPT — EUR 15m fine and six‑month information campaign | High enforcement relevance for providers of generative AI services that process personal data. Requires robust legal-basis analysis for training, clear transpar... | suspended (interim) | View |