⚖️ Law & Policy

The EU AI Act is law, but who enforces it? A policy analysis examines whether data protection authorities—already stretched thin by GDPR—should take on AI regulation, or whether dedicated agencies are needed. The institutional choice will shape how AI governance actually works in practice.

The EU AI Act and the DSM Copyright Directive were designed to govern different aspects of the digital economy. But generative AI sits at their intersection, creating legal ambiguities that neither framework anticipated. Five papers examine how this regulatory gap is being navigated—and why it matters for every jurisdiction watching the EU experiment.

Generative AI models are trained on vast quantities of copyrighted material collected through web scraping. Whether this constitutes infringement depends on which jurisdiction you ask—and on legal doctrines (fair use, TDM exceptions) that were designed for a pre-generative world. Five papers map the legal landscape and its fractures.

AI governance faces a trilemma: move too fast and privacy erodes, regulate too tightly and innovation stagnates, defer too long and accountability becomes impossible. Five papers from five continents reveal how the US, EU, India, and Africa are navigating these trade-offs differently—with no consensus in sight.

Generative AI severs the link between human creativity and creative output that copyright law has assumed for three centuries. Five papers examine whether AI-generated works should enter the public domain, receive sui generis protection, or force a reconceptualization of what authorship means.

The EU's GDPR has become the de facto global standard for data privacy—but ASEAN's diverse legal traditions, economic priorities, and institutional capacities make transplantation problematic. Five papers examine whether harmonization is converging toward interoperability or fragmenting into incompatible national regimes.

India deploys AI facial recognition at massive scale—from airports to cricket stadiums—while its Digital Personal Data Protection Act remains in early implementation. Five papers examine the widening gap between surveillance capability and legal safeguards, and what it means for 1.4 billion citizens.

The EU's Digital Markets Act represents a regulatory paradigm shift: from ex post enforcement of competition rules to ex ante obligations on designated 'gatekeepers.' Five papers examine whether this new model can effectively constrain platform power—and whether it will reshape antitrust globally.

Every social media interaction generates data that platforms monetize, researchers analyze, and governments surveil. Five papers examine the ethical, legal, and commercial dimensions of social media data—and whether current frameworks give users meaningful control over their digital selves.

When an autonomous vehicle causes an accident, who is liable—the manufacturer, the software developer, the owner, or the AI itself? Five papers reveal that existing tort law cannot answer this question, and that the emerging regulatory frameworks (Germany's AV Act, EU AI Act) are only partial solutions.

The EU mandates platforms to remove hate speech. The US protects most speech under the First Amendment. Elon Musk's Twitter/X relaxed moderation as a free speech experiment. Five papers examine what these divergent approaches reveal about whether law can reduce online harm without creating tools for censorship.

Over 130 countries are exploring CBDCs. Cryptocurrency exchanges operate across borders. And regulatory frameworks range from outright bans to full integration. Five papers reveal a global regulatory landscape that is fragmented, reactive, and struggling to keep pace with financial technology innovation.

AI risk assessment tools are already used in bail, sentencing, and parole decisions across multiple jurisdictions. Five papers examine whether these tools mitigate human bias or encode historical discrimination into the machinery of justice—and whether algorithmic justice can be democratically legitimate.

AI-powered hiring tools screen resumes, conduct video interviews, and score candidates at scale. But growing evidence shows these systems can replicate and amplify employment discrimination—and existing employment law is poorly equipped to address algorithmic bias that has no identifiable discriminatory intent.

With over 50 million cases pending in Indian courts alone, traditional litigation has failed as an access-to-justice mechanism. Online Dispute Resolution promises to resolve disputes faster, cheaper, and more accessibly—but questions about digital divides, due process, and quality of justice persist.

Children's online privacy faces a paradox: the people legally responsible for protecting it—parents—are often the ones violating it through 'sharenting.' Four papers examine how Indonesia, the EU, the US, and Malaysia navigate the tension between parental rights and children's digital autonomy.

Cyber attacks cross borders in milliseconds. Legal cooperation between jurisdictions takes months or years. This temporal mismatch—between the speed of threats and the speed of law—defines the cybersecurity governance challenge. Five papers examine why international cooperation fails and what frameworks might work.

Environmental laws exist but enforcement is weak. AI-powered satellite monitoring can detect illegal deforestation, methane leaks, and emissions violations in real time—creating evidence that courts and regulators can act on. Three papers examine whether technology can close the enforcement gap.

When a person dies, their digital life persists—social media profiles, email accounts, cryptocurrency wallets, cloud storage, and AI-generated digital twins. Current inheritance law was designed for physical property and has no coherent framework for the digital estate. Two papers examine the emerging governance challenges.

When an autonomous AI system causes harm, existing legal frameworks struggle to assign liability. The EU AI Act, the revised Product Liability Directive, and national adaptations are attempting to fill this gap—but fundamental tensions between product liability, negligence, and algorithmic opacity remain unresolved.

The EU and US have adopted fundamentally different philosophies toward digital privacy—rights-based vs. sectoral regulation. As global data flows accelerate, this divergence creates compliance burdens, enforcement gaps, and geopolitical friction that three recent comparative studies examine in detail.

Cryptocurrencies defy existing legal categories: they function as currency, commodity, security, and utility token depending on context. Regulators worldwide are grappling with classification frameworks that determine which agencies have authority and which rules apply. Three 2025 papers trace the divergent approaches.

Climate litigation has emerged as a powerful mechanism for holding corporations accountable for climate commitments. Shareholder derivative actions, duty-of-care claims, and human rights-based arguments are reshaping corporate governance. Three papers analyze the legal strategies, their successes, and their limits.

Deepfake technology can generate hyper-realistic synthetic media of any person without their consent—for fraud, pornography, political manipulation, or entertainment. Legal frameworks are racing to address harms that existing laws on defamation, copyright, and privacy were not designed for.

For three decades, platforms enjoyed broad immunity for user-generated content. The EU's Digital Services Act, national NetzDG-style laws, and mounting political pressure are dismantling this immunity—but the replacement frameworks raise their own questions about censorship, compliance costs, and global fragmentation.

CRISPR gene editing has moved from laboratory to clinic, with the first approved CRISPR therapy (CASGEVY) now available in Europe and the US. But the regulatory frameworks governing somatic therapy, germline editing, and agricultural applications diverge dramatically across jurisdictions—and the hardest governance questions remain unanswered.

The 1967 Outer Space Treaty was written for a world of government space agencies. Today, SpaceX, Blue Origin, and dozens of commercial operators launch satellites, plan lunar mining, and sell space tourism. The legal frameworks governing liability, resource rights, and environmental protection in space are struggling to keep up.

The EU AI Act mandates transparency and explanation for high-risk AI systems. The GDPR's Article 22 provides rights around automated decision-making. But can complex neural networks actually be explained in legally meaningful terms? Three papers examine the tension between legal mandates and technical reality.

Cybercrime is inherently transnational—an attacker in one country targets victims in another through infrastructure in a third. The Budapest Convention and the new 2024 UN Convention on Cybercrime attempt to create cooperative frameworks, but jurisdictional conflicts, evidentiary challenges, and geopolitical tensions persist.

Millions of gig workers fall between established legal categories—classified as independent contractors but subject to platform control that resembles employment. The EU Platform Work Directive, national court rulings, and new regulatory frameworks are reshaping labor law for the algorithmic age.

The EU mandates risk-based compliance, the US is shifting from laissez-faire toward structured oversight, and China ties AI development to state objectives. A 2025 comparative analysis in Economic and Political Studies examines these three regulatory philosophies and what their divergence means for global coordination.

The EU AI Act requires generative AI providers to disclose copyrighted training data. But does transparency actually protect creators, or does it merely formalize a system where their work is used without meaningful consent? Recent legal analyses examine the Article 53(1)(d) transparency requirement and its limits.

AI systems process data across borders, but data privacy regulation remains fragmented by jurisdiction. The result is a compliance patchwork where GDPR, China's PIPL, and US sectoral laws create conflicting requirements for global AI deployments.

The EU AI Act represents the first comprehensive regulatory framework for artificial intelligence, but its intersection with criminal justice systems exposes fundamental tensions between algorithmic governance and constitutional protections that regulation alone may not resolve.

The EU AI Act is a landmark, but three recent studies reveal nine structural blind spots—from information asymmetry to jurisdictional gaps—and show how OpenAI's own documents confirm the drift from 'ethics' to 'safety' rhetoric. CSR frameworks and geopolitical risk taxonomies may fill what law alone cannot.