In September 2024, in California, landmark AI legislation was passed. Among other, this included law AB 2013, which requires that developers provide publicly available information on their websites about training data. On the other hand, Governor Newsom vetoed SB 1047 or the “AI Safety Bill,” which was said to apply overly “stringent standards to even the most basic functions.”
The case of California is just the latest example of how AI-related regulations are taking precedence across the world, from the EU AI Act to the Ministry of AI in Dubai. It also is part of a broader international debate on AI’s impact, and the question of how to balance innovation with ethics. However, it’s not just AI regulations that are making a splash – governments and international organizations are setting standards that span multiple facets of the digital landscape, from privacy protection to fostering a resilient digital economy. But with so many digital regulations across the world, how can companies know which ones are important – especially companies that span multiple jurisdictions? And how should companies deal with these in light of the many elections in 2024 that are already shaping the future?
IDC’s Worldwide Digital Regulation Radar solves this problem (IDC #US523524224). It categorizes digital regulation into four main areas: environmental, data and AI, privacy and security, and digital economy enablement regulations.
IDC’s Worldwide Digital Regulations and Policies Radar
In the next sections, we’ll take a look at exactly what these categories mean.
Data and AI Regulations
The rapid adoption of artificial intelligence and big data analytics presents complex regulatory challenges. Ensuring that these technologies are used ethically, safely, and transparently is crucial for maintaining public trust and innovation. As examined in AI Regulations and Policies Around the World, 2023, (US#51356423), AI regulations can be currently mapped out loosely on a spectrum. They range from jurisdictions with no regulation to strict regulation, and jurisdictions that legislate AI as a single technology to those that legislate it according to multiple issues/technologies that are addressed as they arise. In Navigating the Fragmented U.S. AI and GenAI Regulatory Landscape, we also outlined some general approaches to the types of laws being implemented in the US. These include:
1. Safe AI: Regulations to ensure the safe development and deployment of AI.
2. Profiling and discrimination: Regulations designed to prevent AI from exacerbating existing biases or creating new forms of discrimination, as well as limiting profiling of consumers.
3. Consumer warning and transparency: Requiring AI developers and companies to specifically warn the consumer of the US of AI or the use of their data.
4. General registration and documentation: Regulation requiring documentation of data, safety measures, registration of AI deployments, etc.
Overall, policymakers are pushing for regulations that hold AI developers accountable for potential biases, errors, and impacts on employment. Governments worldwide are also exploring stricter regulations for data privacy and security, which are closely linked to AI regulations. For example, in India, the Digital Personal Data Protection Act came into effect in September 2023 and has sections directly implicating AI training data sets on top of protecting personal data.
For more information on individual laws, see our Worldwide Regulation Radar and AI Regulations Around the World reports.
Privacy and Security Regulations
As aforementioned, digital privacy and security regulations are some of the most established forms of digital regulation and are strongly linked to AI. They reflect growing public concern over personal data protection, cybersecurity, and the right to privacy in the digital age. These acts are increasingly common around the world. This includes general data protection laws such as the EU’s GDPR and the California Consumer Privacy Act (CCPA). These regulations emphasize user consent, transparency, and individual rights over data ownership.
Many countries have also introduced cybersecurity regulations to safeguard national infrastructure, corporate networks, and personal data from cyber threats. The U.S.’s Cybersecurity Information Sharing Act (CISA) and China’s Cybersecurity Law are examples of national laws that mandate certain security practices for digital infrastructure.
ESG Regulations and Policies
As digital technology expands, so does its carbon footprint. Data centers, AI computation needs, and electronic waste contribute significantly to environmental impact, requiring digital regulations that promote sustainability and environmental responsibility. The EU is leading in sustainability disclosures with the Corporate Sustainability Reporting Directive (CSRD) and Sustainable Finance Disclosure Regulation (SFDR). We therefore see many countries around the world following this, for example with stock exchange disclosures and reporting mandates. Governments are also creating legislation to support better energy policy, management of waste, and more.
Digital Economy Enablement
Digital economy enablement regulations focus on promoting technological infrastructure, innovation, and competitiveness in the digital space. These include incentives, subsidies, and policies that support the growth and sustainability of the digital economy. For a more comprehensive list of incentives, take a look at The Digital States – Part 1, 2024: What Government-Supported Investment Opportunities Exist for the Technology Market? (US#51025223). Some key types of digital incentives include:
- 5G and Network Infrastructure Promotion: 5G technology is critical for advancing connectivity and enabling new digital services. Countries such as South Korea, the U.S., and China have enacted policies to accelerate 5G rollout through spectrum allocation, subsidies, and grants for telecommunications providers.
- Semiconductor and Tech Manufacturing Subsidies: In response to global supply chain disruptions, countries are investing in domestic semiconductor manufacturing. The U.S. CHIPS Act, for instance, provides subsidies and incentives to reduce reliance on foreign-made chips and bolster domestic tech production.
- Digital Startups and Innovation Funds: Governments often support the digital economy by fostering startup ecosystems and innovation hubs. For example, India’s Digital India Initiative provides funding, tax breaks, and incubator programs to encourage digital innovation and entrepreneurship.
- International Trade Agreements for Digital Products: Many trade agreements, such as the Digital Economy Partnership Agreement (DEPA) between Chile, New Zealand, and Singapore, facilitate cross-border data flow, digital services, and e-commerce, making it easier for digital companies to operate internationally. This will be covered in-depth in Digital Economy Strategies’ upcoming report on digital trade agreements.
The Future of Digital Regulation
As digital technology’s influence on society continues to grow, governments are increasingly adopting a balanced approach that fosters both growth and responsibility. While regulations around privacy, security, and environmental impact address pressing ethical concerns, enablement policies incentivize the adoption and expansion of emerging technologies. Additionally, regulation is subject to change, of course, especially with 2024 being the “year of elections.” For a closer look at EU-level regulation, the EMEA Digital Regulations and Policies Radar (#EUR152325424) gives a glimpse at the most important EU digital legislation. Furthermore, the US election, which occurred on November 5th, will have major repercussions for tech companies. Three key areas it will impact include digital AI regulation, data privacy and cybersecurity, and tech innovation and trade policy. For a deeper dive on how the US election impacts these policies, sign up for the upcoming State of the Market webinar on November 13, 2024. Additionally, follow IDC’s Digital Economy Strategies CIS to get the latest updates on how digital regulation is impacting the business landscape.