Catalog completeness
Coverage of the field
Where external conformance measures per-article quality and silent cells maps gaps within the tracked matrix, this measures catalog breadth: does the catalog track the AI-governance instruments that actually exist? The tracked baseline is computed live; the gaps come from an independent, by-jurisdiction landscape survey (refute-by-default, reconciled against the catalog source). This is an honest gap register, not a completeness claim — the real-world denominator is a snapshot, not an exhaustive census, so it under-claims rather than inflates. Machine-readable at /wiki/catalog-completeness.json.
Inclusion criteria
A tracked entry is a distinct, significant AI-governance instrument: a binding law/regulation/executive order, a major standard or treaty, a formal government framework, or a high-profile multilateral declaration. Minor or ephemeral guidance, blog posts, sub-provisions of a tracked instrument, and never-enacted drafts are out of scope. 'major' gaps are binding or field-shaping; 'notable' gaps are real and AI-relevant but secondary (sectoral, sub-national, adjacent, or soft-law).
Identified gaps are candidates for the human-gated contribution pipeline (research + adversarial verification + named-editor ratification, charter §7.11) — nothing on this page auto-adds an instrument.
Major gaps (12)
Binding or field-shaping instruments not yet tracked — the priority additions.
| Instrument | Jurisdiction | Type | Year |
|---|---|---|---|
| BIS Advanced Computing / Semiconductor Export Controls (ECCN 3A090/4A090, 2022-2024 rules)Binding EAR controls on advanced AI chips/compute and semiconductor manufacturing equipment — the entire hardware-side lever of US AI governance, absent from the catalog (referenced only contextually inside the EO entries). | US federal (Commerce / BIS) | regulation | 2022-2024 |
| National Security Memorandum on AI (NSM-25) + national-security AI risk-management frameworkFirst US national-security memorandum on AI (Oct 2024) directing frontier-AI security and govt adoption plus a national-security risk-management framework; a peer of the tracked EOs, distinct from EO 14110. | US federal (White House / NSC) | framework | 2024 |
| America's AI Action Plan ('Winning the Race')The current governing US federal AI strategy (Jul 2025, 90 policy actions, mandated by EO 14179); its three companion EOs (data-center permitting, AI-stack exports, 'woke AI' procurement) fold under it as sub-actions rather than separate major entries. | US federal (White House / OSTP) | framework | 2025 |
| EO 14365 'Ensuring a National Policy Framework for AI' (state-law preemption)Dec 2025 EO creating an AI Litigation Task Force to challenge state AI laws and conditioning federal grants on non-enforcement; directly bears on the catalog's tracked state instruments (CA SB-53, CO SB 24-205, TX HB-149). | US federal (White House) | executive-order | 2025 |
| National AI Initiative Act of 2020 (NAIIA, Div. E of P.L. 116-283)Foundational US AI statute creating the National AI Initiative Office and the statutory mandate under which NIST's AI work (incl. the tracked AI RMF) sits; the legislative bedrock of US AI governance. | US federal (Congress) | statute | 2020 |
| Taiwan Basic Act on Artificial IntelligencePrinciples-based framework law (third reading concluded Dec 2025, awaiting promulgation) setting seven core AI principles led by MODA; effectively enacted, no Taiwan instrument tracked. | Taiwan | statute | 2025 |
| Vietnam Law on Artificial Intelligence (Law No. 134/2025/QH15)Southeast Asia's first comprehensive standalone AI law (passed Dec 2025, effective Mar 2026): EU-inspired three-tier risk framework; no Vietnam instrument tracked. | Vietnam | statute | 2025 |
| China Measures for Labeling of AI-Generated and Synthetic Content (+ GB 45438-2025 mandatory standard)Binding CAC labeling regime (effective Sep 2025) with the world's first mandatory national AI-content-labeling standard; distinct from the tracked CN-GENAI-2023 Interim Measures (which only references it as context) — deduped across three slices. | China | regulation | 2025 |
| China Provisions on Algorithmic Recommendation in Internet Information ServicesBinding CAC rule (effective Mar 2022) governing recommendation algorithms plus the algorithm-filing registry that underpins China's whole AI-enforcement model; only referenced contextually inside the tracked CN-GENAI-2023. | China | regulation | 2022 |
| TC260 AI Safety Governance Framework (v1.0 2024 / v2.0 2025)China's national risk-taxonomy framework (CBRN, loss-of-control, open-source governance) — its closest analogue to the tracked NIST AI RMF and the only China instrument addressing frontier/catastrophic risk. | China | framework | 2024 |
| UN Independent Scientific Panel on AI + Global Dialogue on AI Governance (A/RES/79/325)Two standing UN AI mechanisms established Aug 2025 (a 40-member scientific panel issuing annual assessments + a Global Dialogue); distinct from the tracked 2024 UNGA resolution and the Global Digital Compact. | International (UN General Assembly) | framework | 2025 |
| Paris AI Action Summit Statement on Inclusive and Sustainable AIThe next leaders' declaration in the tracked Bletchley/Seoul series (Feb 2025), notable for US/UK refusal to sign and the pivot from 'safety' to 'action/inclusion'; the catalog tracks the predecessors but not this one. | International (62 signatories) | declaration | 2025 |
Notable gaps (47)
Real and AI-relevant but secondary — sectoral, sub-national, adjacent, or soft-law.
| Instrument | Jurisdiction | Type | Year |
|---|---|---|---|
| AI Liability Directive (COM/2022/496) — withdrawn 2025AI-specific civil-liability proposal (rebuttable causation presumptions, evidence disclosure) formally withdrawn Oct 2025; worth a 'proposed, withdrawn' entry paralleling how the catalog handles CA SB-1047 as vetoed — the withdrawal is itself a governance event. | EU | statute | 2022 (proposed); withdrawn 2025 |
| EU Digital Services Act (Regulation (EU) 2022/2065)Platform regulation bearing directly on AI via VLOP systemic-risk duties (algorithmic amplification, generative-AI/deepfake risk), recommender transparency and AI-content labelling; AI-adjacent but a major lever over deployed AI. | EU | regulation | 2022 |
| EU Data Act (Regulation (EU) 2023/2854)Horizontal rules on IoT/cloud data access governing the training/operational data feeding AI and interacting with AI Act Art.10; data-supply infrastructure for AI rather than an AI-specific rulebook. | EU | regulation | 2023 |
| Digital Omnibus on AI (amendments to Regulation (EU) 2024/1689)Commission package materially amending the tracked AI Act timeline/scope (deferred high-risk deadlines, eased SME burdens, penalty caps); important currency context for EU-AIA-2024 even though not a standalone instrument. | EU | statute | 2025 (provisional agreement 2026) |
| Spain Draft Law for the Good Use and Governance of AI (+ AESIA)Draft national AI bill implementing the AI Act (prohibited practices, mandatory AI-content labelling, fines up to 7% turnover) under AESIA, Europe's first dedicated AI regulator. | Spain | statute | 2025 (draft) |
| Germany AI Act implementation act (KI-MIG, draft)Draft designating the Bundesnetzagentur as Germany's AI market-surveillance authority and setting penalties; the governance/enforcement transposition by the EU's largest member state. | Germany | statute | 2025 (draft) |
| EU AI Continent Action Plan + Apply AI StrategyThe EU's pro-innovation industrial counterweight to its regulatory stack (AI Factories, InvestAI ~EUR 200bn); analogous in role to the tracked UK Pro-Innovation White Paper. | EU | framework | 2025 |
| Framework for AI Diffusion (AI Diffusion Rule)Jan 2025 interim rule that created the first-ever export control on closed AI model weights (ECCN 4E091) before being rescinded May 2025; historically significant as the first model-weight control. | US federal (Commerce / BIS) | regulation | 2025 |
| EO 'Preventing Woke AI in the Federal Government'Jul 2025 EO conditioning federal LLM procurement on 'truthful'/'ideologically neutral' outputs; a binding procurement-conditioning instrument and one of the three AI Action Plan companion EOs. | US federal (White House) | executive-order | 2025 |
| EEOC Title VII Guidance on AI / Algorithmic Selection ProceduresApplies Title VII disparate-impact (four-fifths rule) to AI hiring tools and holds employers liable for third-party vendor tools; a leading federal employment-AI instrument. | US federal (EEOC) | guidance | 2023 |
| FTC Operation AI Comply (FTC Act §5 enforcement)The primary federal consumer-protection AI enforcement vehicle against deceptive AI claims ('AI washing') and AI-supercharged fraud, continued into 2025-26. | US federal (FTC) | guidance | 2024 |
| FDA AI-Enabled Device Software Functions Guidance (+ PCCP)FDA total-product-lifecycle AI/ML medical-device guidance plus the finalized Predetermined Change Control Plan; the leading sectoral health-AI regulatory regime. | US federal (FDA) | guidance | 2024-2025 |
| CFPB Circular 2023-03 (adverse-action notices for AI credit decisions)Requires specific, accurate adverse-action reasons even for complex-AI credit denials under ECOA/Reg B; a key financial-sector AI accountability instrument. | US federal (CFPB) | guidance | 2023 |
| US Copyright Office, Copyright and AI Reports (Parts 1-3)Multi-part reports setting the federal position that fully AI-generated output is uncopyrightable and analyzing AI training on copyrighted works; the authoritative US IP-AI policy framework. | US federal (US Copyright Office) | guidance | 2024-2025 |
| Illinois Biometric Information Privacy Act (BIPA, 740 ILCS 14)First US biometric-privacy law with a private right of action ($1k/$5k per violation); the dominant constraint on AI face/voice systems and basis of the $650M Facebook settlement. | US — Illinois | statute | 2008 |
| Texas Capture or Use of Biometric Identifier Act (CUBI, ch. 503)AG-enforced biometric notice/consent law (up to $25k/violation) constraining AI facial/voice systems; basis of the $1.4B Meta and $1.375B Google settlements. | US — Texas | statute | 2009 |
| Tennessee ELVIS Act (HB 2091/SB 2096)First US law targeting AI voice cloning: extends right of publicity to voice and bans unauthorized AI replicas/deepfakes; effective Jul 2024. | US — Tennessee | statute | 2024 |
| Utah Artificial Intelligence Policy Act (SB 149)First US state AI consumer-protection statute: generative-AI disclosure duties plus the Office of AI Policy and a regulatory sandbox; in force May 2024. | US — Utah | statute | 2024 |
| Utah HB 452 (AI mental-health chatbot regulation)First US mental-health-chatbot statute: AI therapy chatbots must disclose AI status and restrict health-data sale/sharing; effective May 2025. | US — Utah | statute | 2025 |
| Montana Right to Compute Act (SB 212)First US 'right to compute' law applying strict scrutiny to government restrictions on computational resources/AI; the lone deregulatory entry, useful for landscape balance. | US — Montana | statute | 2025 |
| Connecticut SB 1295 (CTDPA automated-decision/profiling amendments)Extends opt-out/profiling rights to any automated decision with legal/significant effect and requires AI impact assessments; effective Jul 2026 (the enacted CT instrument, vs the dead SB 2). | US — Connecticut | statute | 2025 |
| California AB 2655 (Defending Democracy from Deepfake Deception Act)Requires large platforms to detect/label/remove materially deceptive AI election content; outside the tracked CA frontier/transparency/chatbot set (partly enjoined on First Amendment grounds). | US — California | statute | 2024 |
| California AB 1836 / AB 2602 (performer digital-replica protections)SAG-AFTRA laws barring unauthorized AI digital replicas of deceased and living performers; outside the tracked CA AI set, effective Jan 2025. | US — California | statute | 2024 |
| China Ethical Norms for New Generation AIMOST committee code (6 norms + 18 lifecycle requirements); the foundational national AI-ethics document, non-binding but widely referenced. | China | guidance | 2021 |
| China Trial Measures for Ethics Review of Science and TechnologyMOST measures (effective Dec 2023) mandating institutional ethics review for high-risk activities including high-autonomy/opinion-mobilization AI. | China | regulation | 2023 |
| China Global AI Governance Initiative + Global AI Governance Action PlanChina's diplomatic AI-governance pitch (2023 Initiative + 2025 WAIC 13-action plan with a proposed World AI Cooperation Organization); parallels the tracked Bletchley/Seoul/Hiroshima declarations — deduped across slices. | China (international) | framework | 2023-2025 |
| China Cybersecurity Law amendment adding an AI-development articleNPC amendment (effective Jan 2026) adding the first AI-specific provision in primary national legislation on safe/sound AI development. | China | statute | 2025 |
| China Draft Measures on Human-like (Anthropomorphic) Interactive AI ServicesCAC draft (comment to Jan 2026) for AI companion services: AI-disclosure pop-ups, anti-overdependence and emotional-manipulation controls; functional analogue to the tracked CA SB-243 — track as proposed/pending. | China | regulation | 2025 (draft) |
| South Korea Public Official Election Act Art. 82-8 (deepfake election ban)Enforced ban on election-campaign deepfakes in the 90 days before polling (effective Jan 2024); an early operational AI-specific electoral statute, distinct from the tracked KR AI Basic Act. | South Korea | statute | 2023 |
| Australia Voluntary AI Safety Standard (10 guardrails)Government 10-guardrail voluntary standard, the de facto national reference after mandatory guardrails were paused (Dec 2025 National AI Plan); note the tracked 'AU-AI-STRATEGY-2024' code is the African Union strategy, not Australia, so Australia is genuinely untracked — deduped across slices. | Australia | standard | 2024 |
| New Zealand AI Strategy ('Investing with Confidence')NZ's first national AI strategy (Jul 2025), deliberately light-touch with no AI law, anchored on the OECD AI Principles. | New Zealand | framework | 2025 |
| Malaysia AI Governance and Ethics (AIGE) Guidelines + National AI OfficeNational AI Office (Dec 2024) plus 7-principle AIGE guidelines; among ASEAN's first national-level AI governance guidance and a foundation for future legislation. | Malaysia | guidance | 2024 |
| WHO Guidance on Ethics and Governance of Large Multi-Modal Models for Health40+ recommendations on generative/LMM AI in health; the leading sector-specific international AI-governance instrument for healthcare. | International (WHO) | guidance | 2024 |
| ISO/IEC 23894:2023 (AI Risk Management Guidance)First dedicated international standard on AI-specific risk management (adapts ISO 31000); the companion guidance referenced by ISO/IEC 42001. | International (ISO/IEC JTC 1/SC 42) | standard | 2023 |
| IEEE 7000-2021 / Ethically Aligned Design (P7000 series)Model process for addressing ethical concerns in system design plus the P7000 family (transparency, bias); the leading professional-body AI ethics engineering standards. | International (IEEE SA) | standard | 2021 |
| Council of Europe HUDERIA MethodologyHuman-rights/democracy/rule-of-law risk-and-impact-assessment methodology; the operational HRIA companion to the tracked CoE Framework Convention, but a distinct instrument. | International (Council of Europe) | framework | 2024 |
| International AI Safety Report (Bengio-chaired)IPCC-style scientific synthesis on advanced-AI risks commissioned at Bletchley; a recurring authoritative evidence base now anchoring the summit series. | International (30-nation commission, UK AISI secretariat) | framework | 2025 |
| Canada AI and Data Act (AIDA, Bill C-27) — lapsedThe landmark Canadian risk-based AI statute, which died when Parliament prorogued Jan 2025; worth a lapsed/historical entry but not a major current instrument. | Canada | statute | 2022 (proposed); died on order paper 2025 |
| Canada Voluntary Code of Conduct on Advanced Generative AIISED-led six-principle voluntary signatory code (30+ signatories) bridging to AIDA; the active Canadian governance instrument after AIDA lapsed. | Canada | framework | 2023 |
| UK Data (Use and Access) Act 2025, s.80 (automated decision-making)Enacted UK reform replacing UK GDPR Art.22 with a safeguards regime for AI/automated decision-making (s.80 in force Feb 2026); the catalog tracks the 2023 UK White Paper but not this binding ADM reform. | United Kingdom | statute | 2025 |
| UK ICO Guidance on AI and Data Protection (+ AI & biometrics strategy)The UK regulator's applied AI/GenAI guidance (web-scraping transparency, ADM) with a statutory AI/ADM Code of Practice mandated for ~2026. | United Kingdom | guidance | 2023 |
| Saudi Arabia SDAIA AI Ethics PrinciplesNational 7-principle risk-based AI ethics framework backstopped by the PDPL; the leading Gulf AI-governance instrument, no Saudi instrument tracked. | Saudi Arabia | framework | 2023 |
| Saudi Arabia Personal Data Protection Law (PDPL, Royal Decree M/19)Comprehensive data-protection statute governing personal-data inputs to AI and the enforcement backbone for SDAIA's AI ethics regime. | Saudi Arabia | statute | 2023 |
| UAE Charter for the Development and Use of Artificial IntelligenceFederal 12-principle human-centric AI charter anchoring AI Strategy 2031; no UAE instrument tracked. | United Arab Emirates | declaration | 2024 |
| DIFC Data Protection Regulation 10 (autonomous & semi-autonomous systems)Binding DIFC regulation on personal data processed by autonomous/AI systems; among the first enforceable AI-referencing legal provisions in the UAE. | United Arab Emirates (DIFC) | regulation | 2023 |
| Israel Policy on AI Regulation and Ethics ('Responsible Innovation')Risk-based, sectoral soft-regulation policy with six ethics principles and sandboxes; no horizontal AI statute, no Israel instrument tracked. | Israel | framework | 2023 |
| Indonesia MCI Circular Letter No. 9/2023 on AI EthicsIndonesia's foundational AI ethics circular (nine core values) ahead of a pending binding Presidential Regulation on high-risk AI. | Indonesia | guidance | 2023 |