Methodology

How country scores are constructed, what the numbers mean, and what this tool can and cannot tell you.

What this is

The AI Regulation Map visualizes the current state of AI governance in 196 countries across six dimensions, each scored 1–5. It is intended as a reference view for policy researchers, academics, and civil society: a place to form a comparable mental model of how different jurisdictions approach AI, and a jumping-off point to the primary sources behind each score.

The project was originally seeded from the EA Forum AI Governance Tracker in early 2026. Since then every country has been independently re-researched and re-scored by the automated pipeline described below; the current dataset no longer derives from that source.

Epistemic caveat. Scores are inferred by Claude from public sources and refreshed monthly. They are not produced by human coders and have not been independently audited. Treat them the way you would treat a well-read colleague's summary: useful for orientation, worth verifying before citation.

The six dimensions

Each country is scored on five dimensions, plus a composite maturity index shown by default. Three dimensions (regulation status, policy lever, enforcement level) are normative: higher means more developed. Two (governance type, actor involvement) are descriptive: they record how a country governs (centralized vs. distributed, narrow vs. broad participation), not how well. Descriptive dimensions are excluded from the composite.

Since June 2026, each dimension score is the mean of four concrete sub-indicators, each rated 1–5 against a written definition (for enforcement level, for example: sanctions framework, actions actually taken, dedicated authority, monitoring practice). This produces quarter-point decimal scores that are traceable to specific facts; the full sub-indicator table per country is published in subscores.json. Scoring is calibrated so that 5 means the global frontier at the time of scoring, meaning the standard set by the two or three most advanced jurisdictions for that aspect, not perfection. Countries scored before June 2026 carry integer scores until their next research pass.

Regulation Status

The existence and maturity of AI-specific regulation: binding law, a draft bill, a national strategy, or nothing at all.

1
No regulation or minimal engagement; AI is not named in policy documents. Example: many least-developed countries with no ICT ministry position on AI.
2
Early-stage engagement: voluntary guidelines, a sectoral code of practice, or an advisory committee. Example: a national ethics advisory board with non-binding recommendations.
3
National strategy or draft legislation in progress; public consultation underway. Example: a published national AI strategy without enabling legislation.
4
Active, enacted AI regulation covering a substantial slice of deployment contexts. Example: a jurisdiction with binding sector-specific AI rules (finance, health).
5
Comprehensive, binding, cross-sector AI regulation with explicit enforcement mechanisms. Example: the EU under the AI Act.

Policy Lever

The breadth of policy instruments in use, from narrow, sector-specific tools to broad, cross-cutting frameworks.

1
Narrow: one tool, one sector, or indirect leverage only (e.g. data protection law being bent to cover AI).
2
Two or three instruments in related areas: e.g. a national strategy paired with sectoral guidance, or a regulatory sandbox alongside a code of practice.
3
Mixed: several instruments: standards, procurement guidance, R&D funding, some sectoral rules.
4
Multiple instruments across several domains, with at least one binding regulation and active funding, standards, or capacity-building work in parallel.
5
Broad: a horizontal regulatory framework plus sectoral adaptations, public investment, and compliance infrastructure.

Governance Type

Where authority for AI regulation sits: concentrated in a single body vs. distributed across agencies, sectors, and levels of government. Descriptive, not a quality scale: a 1 here means highly centralized, not bad; a 5 means highly distributed, not good. This dimension does not enter the maturity index.

1
Centralized: a single national authority sets and enforces policy.
2
Lead authority with informal delegation to one or two sectoral bodies; coordination happens ad hoc.
3
Hybrid: a lead body coordinates with sectoral regulators or sub-national jurisdictions.
4
Multi-actor network with formal coordination mechanisms; independent regulators hold clearly delineated remits.
5
Distributed: authority is spread across independent regulators, courts, and sub-national governments; coordination is emergent rather than imposed.

Actor Involvement

Which actors shape AI policy: narrow expert circles vs. broad engagement with industry, civil society, academia, and the public. Descriptive, not a quality scale, and scored on domestic process: international standard-setting activity does not substitute for civil-society access at home. This dimension does not enter the maturity index.

1
Limited: policy is set inside government with minimal external input.
2
Industry is consulted informally; civil society and academia have no structured access.
3
Consultative: published consultations, industry working groups, some academic input.
4
Standing multi-stakeholder bodies include industry, academia, and at least one civil-society voice; international coordination is ad hoc.
5
Broad: structured multi-stakeholder processes including civil society, trade unions, and international partners.

Enforcement Level

How strictly existing rules are enforced, from rules on paper only, to active supervision with penalties.

1
No enforcement mechanism; obligations are not tied to any authority.
2
Obligations reference an authority but no sanctioning framework is in place; compliance is effectively voluntary.
3
Soft enforcement: oversight bodies exist but audits and penalties are rare.
4
Sanctioning framework exists and has been used selectively; enforcement is inconsistent across sectors or regions.
5
Active enforcement: penalties have been issued, audits are routine, and a dedicated authority publishes enforcement actions.

Maturity Index

A regulatory maturity index (the arithmetic mean of the three normative dimensions: regulation status, policy lever, and enforcement level), labelled Maturity Index on the map and exported as the Average Score column. Governance type and actor involvement are excluded because they describe regulatory style, not development; averaging them in would reward or punish countries for being centralized or distributed. Shown by default on the map because it gives the fastest cross-country read, but the individual dimensions are where the interesting signal lives.

Continuity note: Before June 2026 the composite averaged four dimensions (including the two descriptive ones, excluding enforcement) and all scores were integers. Comparisons across that boundary should use the per-dimension scores, which kept their definitions.

Confidence levels

Each country record carries a confidence label that reflects how much public, primary evidence was available to the research pass.

Confidence is currently assigned at the record level (per country), not per individual dimension. We consider per-field confidence a future enhancement.

Data update cadence

A GitHub Action runs on the 1st of each month and researches any country whose record is older than a staleness threshold or flagged as low confidence. Manual overrides (single-country re-research, forced refresh of the whole dataset) are possible via scripts/update_data.py.

Every month's run is preserved as a snapshot in public/history.json, which drives the timeline slider on the main page, so the "score at date X" view is always reproducible from the raw data.

Evidence grounding (July 2026). Research runs can be grounded in verified policy-initiative records from the OECD.AI Policy Observatory (Policy Navigator/GAIIN): for covered countries, the model scores against those records as stated facts rather than open-ended recall, and the records themselves are shown in each country's Policy initiatives panel section. Every run, grounded or not, is recorded with its model, prompt version, and token counts in a public research_runs provenance table (see Data & API).

Known limitations

Data access for analysts

Every data file behind this site is a static, versioned artifact: no API key, no rate limits. Load it directly into your tools:

py
pd.read_csv("https://airegulationmap.org/scores.csv")
R
read.csv("https://airegulationmap.org/regulation_data.csv")
json
/history.json (score snapshots), /data/subscores.json (sub-indicators), /data/blocs.json (bloc membership)

Column definitions match this page. The git history of each file is the audit trail: every monthly update is one commit, so any past state of the dataset is retrievable and citeable by commit hash. The in-app Export button produces the same data merged into a single CSV/JSON.

For queryable access (filtered extracts, score history, the sources database, policy-initiative records, and run provenance) the same data is served by a public read-only REST API with CSV export. Endpoints and copy-paste examples live on the Data & API page.

Citing this site

Every view on the site — a single country, a comparison set, a historic date, a specific score dimension — has a stable permalink encoded in the URL query string. Include that permalink in your citation so readers can reproduce the exact view.

Suggested formats:

The in-app "Cite" button on any country panel generates these strings for the current view and copies them to your clipboard.

Source code and contact

The site is open source at github.com/riadeane/airegulationmap. Issues and pull requests welcome. Made by Ria Deane.