The US Said Move Fast. The EU Said Prove It’s Safe. China Said Nothing and Filed 38,000 AI Patents. Which AI Regulation Is Actually Winning in 2026?
On August 2, 2026, forty days from today, the EU begins enforcing high-risk AI regulation rules against every company on earth that touches a European user. The fines cap at €35 million or 7% of global revenue, whichever is higher. Only 18% of organizations have a fully implemented AI governance framework. Do the math.
Meanwhile, the United States has spent 2025 and 2026 systematically dismantling the modest federal guardrails that existed, threatening to cut broadband funding to any state that dares write its own AI law, and watching its frontier model lead over China shrink from 9.26 percentage points in January 2024 to 2.7 percentage points by March 2026. And China? China filed 38,210 generative AI patents between 2014 and 2023. The US filed 6,276.
This is the AI regulation comparison that actually matters in 2026. Not who wrote the most thoughtful white paper, but who is winning on the metrics that determine whether AI becomes a strategic asset or a liability over the next decade. The answer is more unsettling than any of the three governments will admit.
The Race That Isn’t a Race
Before scoring the contestants, it’s worth questioning the framing itself. Prof. Rostam Neuwirth, a law professor at the University of Macau who researches AI regulatory comparative law, puts the problem directly:
“This terminology also has a temporal aspect, which means that different jurisdictions are competing or ‘racing’ to adopt laws regulating AI which, however, is not only detrimental to finding the optimal moment for regulatory intervention, but likely also obstructs the establishment of a future-proof regulatory framework for a rapidly evolving technology.”
Prof. Rostam Neuwirth, University of Macau, Communications of the ACM, February 2026
Neuwirth’s deeper concern is harder to ignore: “The single biggest unaddressed risk is not a technical failure, but a human one: the failure to renew the debate on humanity’s long-range goals in an age of transformative technology.”
That said, the race framing exists because it describes something real. The US, EU, and China are making fundamentally different bets on the same question: does governing AI before you know what it can do make you safer, or just slower? The three answers on offer are move fast, prove it, and don’t ask. Each carries a specific set of risks that are now materializing.
The United States: Move Fast, Remove Guardrails
The Deregulatory Playbook
On January 23, 2025, President Trump signed Executive Order 14179, revoking Biden’s AI safety order (EO 14110) on day one of his second term. The core policy: “sustain and enhance America’s global AI dominance” through a “minimally burdensome” regulatory framework. The directive told OMB to revise its AI memoranda within 60 days and mandated an AI Action Plan within 180 days.
That action plan arrived July 23, 2025, anchored to three pillars: accelerating innovation, building AI infrastructure, and leading in international AI diplomacy. The framing was “Build Baby Build.” Three more executive orders accompanied it, covering federal AI procurement and infrastructure.
Then, in December 2025, the administration went further. A new executive order explicitly targeted state-level AI regulation as a threat to innovation, mobilizing the DOJ to challenge “onerous” state AI laws through litigation and conditioning broadband funding through the BEAD Program on states not enacting conflicting AI laws. Colorado’s algorithmic discrimination law was called out by name. An attempted 10-year moratorium on state AI laws, bundled into the “One Big Beautiful Bill Act,” was defeated in the Senate in January 2026. The war on state regulation continues through other means.
What the US Actually Has
Here’s what the US regulatory architecture looks like on the ground as of June 2026: no comprehensive federal AI law, a patchwork of sector-specific oversight through the FTC, FDA, EEOC, and CFPB, 1,000-plus AI-related bills introduced across states and territories in 2025 alone, and California SB 942 (AI transparency requirements) in force since January 1, 2026.
The “no regulation” narrative is misleading, though. US federal agencies issued 59 AI-related regulations in 2024, more than double the 2023 count, from twice as many agencies, according to the Stanford HAI AI Index 2025. The US does regulate AI. It just does so in silos, without any unified framework, and without anyone clearly in charge when something crosses sector lines.
Only 31% of Americans trust their own government to regulate AI effectively, the lowest level of any surveyed country globally, according to the Stanford HAI 2026 AI Index. The administration is removing safeguards that its own public doesn’t believe it can manage responsibly. That’s a political time bomb if a high-profile AI harm event lands during an election cycle.
The US also declined to sign the Paris AI Action Summit’s “Statement on Inclusive and Sustainable AI” in February 2025, alongside the UK. China signed it. That absence from the multilateral table is a choice with strategic consequences that haven’t fully played out yet.
The Private Capital Argument
The strongest argument for the US approach is the investment gap. Stanford HAI’s 2026 AI Index puts US private AI investment at $285.9 billion in 2025, 23.1 times greater than China’s $12.4 billion and 63 times greater than the UK’s. Global corporate AI investments hit $581.7 billion in 2025, up 130% from 2024. The US is capturing a disproportionate share of that capital precisely because it has kept barriers low.
The counterargument matters, though. Chinese government guidance funds are estimated to have deployed $184 billion from 2000 to 2023, with broader estimates reaching $912 billion across all industries including AI. The headline 23x private capital advantage collapses when state funding is incorporated into the calculation.
The European Union: Prove It’s Safe or Pay the Price
The Law That Changed the Rules
Regulation (EU) 2024/1689, the EU AI Act, is the world’s first comprehensive, legally binding AI framework. It entered into force August 1, 2024, and has been in phased rollout since. The structure is a risk-tiered pyramid: prohibited practices at the top (already enforceable since February 2025), General Purpose AI model obligations in the middle (active August 2025), and high-risk system compliance at the foundation (August 2, 2026).
The penalty structure exceeds GDPR. Prohibited AI violations carry fines up to €35 million or 7% of global annual turnover. High-risk violations: €15 million or 3%. Even incorrect information submitted to regulators: €7.5 million or 1%. GDPR tops out at €20 million or 4% of turnover. The EU has deliberately designed the AI Act to cost more than ignoring it.
What’s Enforced Right Now
The EU AI Office is not waiting for August. In January 2026, it issued a formal order for X (formerly Twitter) to retain all internal data related to its AI chatbot Grok. It launched an investigation into Meta’s WhatsApp Business APIs. Multiple investigations into workplace emotion recognition and social scoring systems are underway. No public fines have been issued as of June 2026, but the enforcement apparatus is visibly active.
On the GPAI (General Purpose AI) side, 26 major providers signed the Code of Practice when it became active in August 2025. Microsoft, Google, Amazon, OpenAI, and Anthropic are all signed. Meta refused. That refusal triggered “Ecosystem Investigations” and exposure to 7% global revenue penalties. Meta’s confrontational approach is, as of this writing, the clearest case study in what not to do under the EU AI Act framework.
The May 2026 Delay and What It Means
On May 7, 2026, EU lawmakers reached political agreement through the Digital Omnibus package to delay several high-risk AI compliance deadlines. Standalone Annex III high-risk systems get a 16-month postponement to approximately December 2027. Products covered by EU product safety rules get a 12-month extension. Transparency obligations for AI-generated content were pushed to December 2, 2026, only a three-month extension.
This delay has not been formally adopted as of June 24, 2026. Legal advisors across Travers Smith, McKenna Consultants, and Holland & Knight are unanimous: treat August 2, 2026 as the binding date. Any extension is schedule relief for those already substantially compliant, not a reason to delay compliance work that takes six to twelve months to complete.
If your organization deploys AI in any Annex III category, specifically hiring algorithms, credit scoring, biometrics, law enforcement tools, education assessment systems, or medical diagnostics, conformity assessments typically require six to twelve months. If you haven’t started, you are already in potential violation territory as of August 2.
40% of enterprise AI systems currently have unclear risk classifications, per a 2026 appliedAI study of 106 enterprise deployments. Get your Annex III classification done before the enforcement window opens.
The Brussels Effect: Real or Overstated?
The Brussels Effect, a concept documented by Columbia Law professor Anu Bradford, describes how EU regulations become de facto global standards because it’s more efficient for multinationals to comply with the strictest framework everywhere than to maintain regional compliance versions. The GDPR is the textbook example: €7.1 billion in cumulative fines have been issued globally, and every major tech company has restructured its data handling to EU standards rather than building separate EU-only processes.
The AI Act is already showing early Brussels Effect dynamics. Adobe and OpenAI have globally embedded C2PA (Coalition for Content Provenance and Authenticity) watermarking standards rather than building EU-only compliance modules. The EU required it; the rest of the world got it anyway.
The skeptical case is worth hearing, though. The EU produced just three notable AI models in 2024, while writing the world’s most comprehensive AI law. If the regulating entity isn’t a meaningful producer, the Brussels Effect has limited commercial payoff for Europe itself. The EU is setting rules for an industry it’s watching largely from the outside.
China: Deploy Hard, Control Tight
Not One Law but a Stack
Western coverage of Chinese AI regulation usually frames it as either “strict censorship” or “anything goes for national champions.” Both are wrong. China has actually built the most granular AI regulatory architecture of the three jurisdictions, layer by layer, without a single omnibus law until now.
The sequence: Algorithm Recommendation Measures in March 2022 (first in the world for recommender systems), Deep Synthesis Measures in January 2023 (covering AI-generated video, audio, and images, predating similar EU and US requirements), Generative AI Interim Measures in August 2023 (the world’s first binding regulation specifically for generative AI, requiring model registration, pre-launch security assessments, and legally sourced training data), and Cybersecurity Law amendments taking effect January 1, 2026, with immediate severe fines for data leaks. China’s June 2026 announcement of a unified national AI law consolidates this stack into a single framework.
The enforcement mechanism is sharply different from the EU. China can suspend services, require algorithm modifications, and demand government audits. Non-compliance doesn’t just cost money. It can mean loss of operating license. For a business, that’s existential, not just financial.
The Patent Strategy
The 38,210 versus 6,276 generative AI patent figure from the WIPO Patent Landscape Report on Generative AI is the most alarming data point in this article’s headline. China filed more than six times as many GenAI patents as the US between 2014 and 2023. In 2024, China filed 1.8 million total patent applications, accounting for 49.1% of the global total, up from 34.6% in 2014. By IP intensity relative to GDP, China files 4,977 resident applications per $100 billion of GDP, outpacing Japan (4,150) and Germany (1,241).
The quality caveat matters, though. China’s GenAI patent grant ratio is approximately 32% (Baidu is highest at 45%; others range from 22% to 30%). Most Chinese patents lack international PCT protection, meaning their legal enforceability outside China is limited. For investors and IP strategists: the question is not how many patents but how many defensible, internationally filed, commercially deployed patents. On that narrower measure, the gap narrows considerably.
The Compute Constraint
Here’s where the China-winning narrative hits its hardest structural limit. US total AI compute stands at 39.7 million petaflops, roughly 50% of global total. China’s total is 400,000 petaflops, seventh globally, below even India’s 1.2 million petaflops.
As Sean Kenji Starrs, a lecturer in International Development at King’s College London who studies global technology competition, notes: “China’s compute is the world’s seventh largest with 400,000 petaflops, far below even India’s 1.2 million petaflops. This is the result of the US export ban on Nvidia and AMD’s most advanced chips.”
That 99-to-1 compute gap is the most consequential single data point in the entire AI race discussion. It’s also the direct product of US regulatory action, not market forces. Export controls are doing strategic work that no domestic AI law has managed to replicate.
The Deployment Play Others Are Missing
The researcher cited in the Communications of the ACM analysis makes the case for China’s actual strategy clearly: “The true objective is not to restrict innovation but to coordinate and accelerate it, ensuring that its technology firms sprint forward while remaining securely under political control.”
The deployment story also extends beyond US and EU markets. China is deploying affordable AI models at scale across Global South markets where US and EU products don’t reach, are too expensive, or are politically unwelcome. Foreign Policy reported in May 2026 that frontier US models are priced beyond the reach of most of the world. China’s regulatory framework is strict on content control but permissive on commercial deployment precisely where it matters for market expansion.
The 2026 Scorecard: Who’s Actually Ahead
| Metric | United States | European Union | China |
|---|---|---|---|
| Private AI Investment (2025) | $285.9 billion | ~$23 billion est. | $12.4 billion (+$184B+ gov. funds est.) |
| Notable AI Models (2024) | 40 | 3 | 15 |
| GenAI Patents (2014-2023) | 6,276 | Low | 38,210 |
| AI Compute (Petaflops) | 39.7 million (50% global) | Distributed across members | 400,000 (7th globally) |
| Top Model Quality Gap (vs US) | Benchmark leader | No frontier model | 2.7% behind (Mar 2026) |
| Regulatory Framework | Sector-specific, no federal law | Comprehensive, risk-based, binding | Layered sectoral stack, unified law incoming |
| Max Penalty | Varies by sector/agency | €35M or 7% global revenue | License revocation (existential) |
| Global Public Trust to Regulate AI | 31% (lowest globally) | Higher than US or China | Unverified comparable |
There is no single winner. But there is a clear asymmetry across three distinct dimensions.
The US is winning the innovation race. Private capital, frontier model production, and compute infrastructure all point the same direction. But there is no governance architecture for when something goes catastrophically wrong, and the public doesn’t trust the government to manage it. That’s a structural bet that no catastrophic failure occurs before enough political will develops to legislate properly.
The EU is winning the standards race. The Brussels Effect is real, and C2PA watermarking going global is early evidence it’s working in AI. But the EU is losing the production race badly. Three notable AI models from a market of 450 million people and the world’s most comprehensive AI law is a poor return on regulatory investment.
China is winning the deployment race. Patent volume, industrial robot installation (295,000 in 2024 versus Japan’s 44,500 and the US’s 34,200), benchmark convergence, and affordable model exports to Global South markets all point the same direction. But compute constraints and political content controls create a ceiling on global model trustworthiness that private capital alone won’t easily remove.
Starrs, who is skeptical of doomsday narratives, offers useful grounding: “We should first make clear how far ahead the US is. As of early November 2025, it boasts all of the world’s top ten AI firms by market value as well as 37 of the top 50.” The US structural advantage in commercial AI is still the dominant fact. But it is also a fact that’s getting less dominant every quarter.
Jensen Huang of Nvidia said in November 2025, “China is going to win the AI race,” then walked it back to “China is nanoseconds behind America in AI.” His incentive (relaxed export controls so Nvidia can sell more chips to China) is worth keeping in mind. Researchers at King’s College London and Queen Mary noted that “Huang should take solace in the fact that he helms the most valuable company in history, and not peddle in self-interested alarmism.” Both the original alarm and the correction are useful data points about how politicized this conversation has become.
The CTO Playbook: What This Means for Your Stack
If You Deploy Annex III AI Systems
August 2, 2026 is forty days away. If your organization deploys hiring algorithms, credit scoring models, biometric identification systems, law enforcement AI tools, education assessment systems, or medical diagnostic AI, and any of those outputs touch EU users, you are in scope for full enforcement. The conformity assessment process, including documentation, technical standards compliance, and ongoing monitoring obligations, takes six to twelve months to complete properly. The clock has functionally run out for late starters.
Even if the Digital Omnibus delay is formally adopted, treat August 2 as binding. Extensions are not relief; they’re margin for those already compliant. An organization that hasn’t started conformity work and is banking on the delay is misreading the enforcement posture of the EU AI Office.
The “Comply Up” Strategy
The dominant enterprise approach as of 2026 is to build to EU standards globally, then layer on jurisdiction-specific requirements. This works because EU requirements are the most comprehensive and well-documented. Build the audit trails, conformity assessments, and monitoring architecture for Brussels, and you have a solid foundation for US and UK requirements.
China is the critical exception. Chinese compliance is not EU compliance plus a translation layer. Algorithm registration with the Cyberspace Administration of China (CAC), content labeling requirements, mandatory security self-assessments, and the “true and accurate” output requirement have no EU equivalents. Budget for a distinct compliance track. Companies that try to extend their EU compliance program to cover China without a separate workstream are creating regulatory risk in both directions.
For Founders and AI Startups
The US deregulatory environment is genuinely advantageous for iteration speed, but it doesn’t insulate you from risk. California SB 942 took effect January 1, 2026. Colorado’s algorithmic discrimination law is active as of June 2026. If you serve any EU users, you are in scope regardless of where you’re incorporated. The assumption that federal deregulation protects you from all regulatory exposure is a compliance posture that will eventually catch up with you.
The opportunity is real. For detailed context on how US federal versus state AI law creates your current compliance environment, our US AI Regulation 2026 guide breaks down the current patchwork by sector and jurisdiction.
On the positive side, the EU’s SME provisions have been extended to small mid-cap companies. Reduced documentation requirements and lower penalty thresholds create real compliance advantages for smaller organizations. And the AI governance platform market is projected to reach $492 million in 2026 spending alone. That’s early innings for a compliance tools category that barely existed eighteen months ago.
For Investors
The 38,210 patent figure sounds alarming but requires context before it drives any investment thesis. China’s GenAI patent grant ratio is 32% to 45% depending on the filer. Most of those patents are domestically filed with limited international PCT protection. The due diligence question is not “how many patents” but “how many defensible, internationally filed, commercially deployed patents with clear freedom-to-operate in target markets.”
The compute gap is where your attention should go. China’s 400,000 petaflops versus the US’s 39.7 million petaflops represents a 99-to-1 disadvantage that is the direct product of US chip export controls on Nvidia and AMD. The $295 billion Chinese data center buildout announced in June 2026, designed to run on domestic chips and largely exclude Nvidia and AMD, is the most strategically significant recent development in the AI regulation space. If China achieves compute parity by 2028 to 2029 using domestic hardware, the patent volume plus benchmark convergence plus deployment scale equation changes substantially. Watch the Huawei Ascend chip roadmap as your leading indicator.
For context on how export controls are already reshaping the hardware market, see our coverage of Nvidia chip export controls in 2026.
Four Scenarios Where Everything Goes Wrong
These aren’t catastrophism. They’re the scenarios that legal scholars, policy analysts, and the ACM’s own research are already flagging as plausible within the next 24 months. The AI regulation comparison becomes moot if any of these materialize before any jurisdiction has a functional incident response protocol.
Scenario A: The Accountability Vacuum
A foundation model trained by a US company, fine-tuned by an EU company, deployed through a Chinese distribution partner, and causing documented harm to users in all three jurisdictions triggers simultaneous regulatory investigations. Each jurisdiction points to the others’ framework as primary. No international AI incident response protocol exists. The researcher cited in the ACM analysis identified this risk directly: “The first catastrophic incident involving a frontier AI model will therefore likely occur outside the territorial jurisdiction where it was trained. In the aftermath, every legal regime will be left pointing fingers, with no single entity clearly liable.”
This isn’t hypothetical. The cross-border compliance problem is already visible in daily practice. As the same researcher notes: “An AI module deemed ‘limited-risk’ in the US could be reclassified as ‘high-risk’ under the EU’s AI Act or even be prohibited for use on certain populations in China, making cross-border contract indemnities nearly impossible to draft.”
Scenario B: Enforcement Triggers Market Fragmentation
The EU AI Office issues major fines against a US AI lab for GPAI violations post-August 2026. The Trump administration’s DOJ responds by framing it as a trade dispute and threatening tariffs. The “Brussels Effect” runs in reverse: US labs withdraw EU access or geo-block services rather than comply. The AI market fragments into incompatible regional markets. The companies most exposed in this scenario are the ones that built compliance architecture assuming a unified global framework would eventually converge. It might not.
Scenario C: China’s Compute Catch-Up
The $295 billion Chinese data center buildout, running on domestic Huawei Ascend chips and domestic alternatives, reduces the compute gap faster than US export controls can compensate for. If China achieves meaningful compute parity by 2028 to 2029, the benchmark convergence already underway (from 17.5 percentage points behind on MMLU in 2023 to 0.3 points by end of 2024) combines with patent volume and deployment scale to create genuine strategic dominance. The chip export control strategy, which is currently doing more strategic work than any AI law, then becomes the most consequential regulatory decision of the 2020s, and the question becomes whether it held long enough.
Scenario D: The Innovation-Safety False Choice Resolves Badly
The Stanford 2026 AI Index documents 362 AI incidents in 2025, up from 233 in 2024. The report’s assessment is direct: “Responsible AI is not keeping up with AI capability.” The US deregulatory bet is a wager that no major consumer harm event occurs before political will develops to legislate properly. If a high-profile harm event happens in 2026 or 2027, the post-incident legislation will be rushed, punitive, and poorly designed. Reactive AI governance is almost always worse than proactive governance on any metric that matters for long-term innovation.
Frequently Asked Questions
The EU AI Act (Regulation 2024/1689) is the world’s first comprehensive, binding AI law. It entered into force August 1, 2024. Prohibited AI practices have been enforceable since February 2025. High-risk AI system obligations covering hiring, biometrics, credit scoring, law enforcement tools, medical diagnostics, and education assessment take full effect August 2, 2026, with penalties up to €35 million or 7% of global annual revenue.
The US has no comprehensive federal AI law as of June 2026. It regulates AI sector-by-sector through agencies including the FTC, FDA, EEOC, and CFPB. President Trump’s January 2025 executive order explicitly removed prior safeguards to prioritize innovation speed and directed the DOJ to challenge state-level AI laws. The EU, by contrast, uses a single risk-based framework with binding rules and major fines applying to any company serving EU users regardless of where they’re headquartered.
According to WIPO’s Patent Landscape Report on Generative AI (July 2024), China-based inventors filed 38,210 generative AI patents between 2014 and 2023, more than six times the US total of 6,276. China accounts for 49.1% of all global patent applications in 2024. However, China’s GenAI patent grant ratio is approximately 32%, and most patents lack international PCT protection, limiting enforceability outside China.
It depends on the metric. China leads in patent volume, AI publications, and industrial robot deployment, and has nearly closed the model quality gap to just 2.7% behind the US as of March 2026. But the US leads in private AI investment ($285.9 billion in 2025 versus China’s $12.4 billion), compute power (US holds 50% of global AI compute versus China’s 400,000 petaflops), and frontier model production (40 notable models in 2024 versus China’s 15).
EU AI Act penalties are tiered by violation type. Deploying prohibited AI systems (such as social scoring or untargeted biometric scraping) carries fines up to €35 million or 7% of global annual turnover. High-risk system violations carry fines up to €15 million or 3% of turnover. Providing incorrect information to regulators can result in fines up to €7.5 million or 1% of turnover. These maximums exceed GDPR’s penalty structure across all categories.
Yes. The EU AI Act has extraterritorial reach identical in structure to GDPR. It applies to any organization placing AI systems on the EU market or producing AI outputs used by EU residents, regardless of where the company is headquartered or where the AI system runs. A US firm using AI for credit decisions or hiring screening that serves European customers falls within scope even if all infrastructure is based in the US.
The Brussels Effect, documented by Columbia Law professor Anu Bradford, describes how EU regulations become de facto global standards because it’s operationally more efficient for multinationals to comply with the strictest framework universally than to maintain separate regional versions. In AI, Adobe and OpenAI have globally embedded C2PA watermarking standards (an EU Article 50 requirement) rather than building EU-only compliance infrastructure. The EU required it; the rest of the world adopted it.
China regulates AI through a layered stack of sectoral laws: algorithm recommendation rules effective March 2022, deepfake and synthetic media rules effective January 2023, generative AI interim measures effective August 2023 (the world’s first binding GenAI law), and Cybersecurity Law amendments effective January 2026. Generative AI services must register with China’s Cyberspace Administration of China, pass security assessments, use legally sourced training data, and ensure content alignment with “socialist core values.” Non-compliance can mean service suspension or loss of operating license.
The Bottom Line
No single jurisdiction is winning the AI regulation race in 2026. But the question of who’s winning obscures the more important question: is any of the three approaches actually adequate for what’s coming?
The US is winning private capital and compute infrastructure while betting that catastrophic failure doesn’t arrive before political will does. The EU is winning the standards race while producing almost nothing with the technology it’s regulating. China is winning deployment scale and benchmark convergence while facing a hardware constraint that could define the next five years.
The most honest read is Neuwirth’s: the race framing is itself the problem. It encourages bad regulatory timing, obscures deeper commonalities between approaches, and makes cooperation harder at exactly the moment when a cross-border AI incident would demand it. The first genuinely catastrophic AI event will expose every gap in all three frameworks simultaneously. Right now, no jurisdiction has a clear liability protocol for that scenario. All three will be pointing fingers.
For practitioners: treat August 2, 2026 as binding regardless of the Digital Omnibus outcome. Build EU-standard compliance globally, run a separate China compliance track, and don’t mistake federal deregulation in the US for immunity from state-level or extraterritorial exposure.
Three things to watch over the next eighteen months. First, whether the EU AI Office’s first major GPAI fine triggers a political response from the US administration that accelerates market fragmentation. Second, whether the Huawei Ascend chip program reduces China’s compute disadvantage faster than the export control architecture anticipated. Third, whether the rate of AI incidents (362 documented in 2025, up 55% from 2024) produces a consumer harm event large enough to force reactive US federal legislation before the midterm cycle.
The regulation race isn’t over. But the shape of who wins it is clarifying fast. And the regimes that fail to cooperate when the first cross-border incident hits will be writing the most consequential AI policy of the decade, just not the kind they intended.
For parallel reading on the EU’s global regulatory template, see our guides on GDPR compliance in 2026 and global data privacy laws by country. For the deepfake regulatory angle, including both EU Article 50 watermarking requirements and China’s Deep Synthesis Measures, the Arup deepfake scam breakdown is essential context.