Global Tech Policy Tracker — 2026-03-31

New Legislation & Proposals

EU: AI-Generated Nudification Ban Under the AI Act

Researchers Marie Seck and Magdalena Maier, writing for TechPolicy.Press, examined an emerging provision within the EU AI Act framework that would ban AI-generated non-consensual nudification images. Published March 31, the analysis highlights that while the intent of the ban is clear, enforcement faces significant technical and jurisdictional hurdles — particularly around detection of synthetic content generated outside EU borders.

• What it does: Proposes a prohibition on AI systems that generate non-consensual sexualised images of real people ("nudification")
• Who it affects: AI image generation platforms, social media companies, and content moderation services operating in the EU
• Timeline: Linked to the AI Act's August 2026 compliance deadlines for relevant provisions
• Key provisions: Ban on nudification-capable tools offered to consumers; obligations on platforms to detect and remove such content; questions remain about extraterritorial enforcement

Regulatory Actions

Brookings vs. Trump Administration's National AI Framework

The Brookings Institution published a sharp critique of the White House's national AI legislative framework this morning, co-authored by Tom Wheeler and Bill Baer. The piece, titled "The Empty National AI Policy Framework: Who Is In Charge of Those In Charge?", argues that the framework lacks any meaningful accountability structure — identifying no independent oversight body, no enforcement mechanism, and no answer to the core question of who has ultimate responsibility for AI harms.

• Action: Formal think-tank analysis published March 31, 2026, raising governance accountability concerns about the White House framework released on March 20
• Significance: Brookings' critique amplifies the growing bipartisan worry that a federal AI framework without a designated regulator may simply replicate — at national scale — the gaps it purports to close at the state level. This framing could shape Congressional hearings expected later in Q2 2026.

1 sources

brookings.edu

brookings.edu

CDT Europe: Digital Omnibus & CSAM Scanning Gap

The Centre for Democracy & Technology Europe's March 2026 Tech Policy Brief, published March 31, flags two pressing developments: trilogue negotiations on the EU's Digital Omnibus on AI are set to conclude in the coming months ahead of the AI Act's August application date, and the expiration of the voluntary CSAM scanning derogation may create a legal enforcement gap — leaving platforms uncertain about whether they can lawfully continue scanning for child sexual abuse material without a new legal basis.

• Action: CDT published its monthly policy digest summarizing active EU legislative developments in digital rights and AI governance
• Significance: The CSAM scanning gap is particularly time-sensitive; if no replacement legal instrument is passed before the derogation expires, platforms that voluntarily scan for CSAM may face GDPR exposure for doing so — a perverse regulatory outcome that could reduce child safety protections in the short term.

1 sources

cdt.org

cdt.org

Industry Response

Fortune published a major feature on March 31 — "Is Europe too regulated to win the AI race — or ready for a second act?" — drawing on perspectives from executives across a 44-country market. The piece reflects growing anxiety among European tech incumbents and startups alike: that the regulatory overhead of the AI Act, GDPR, and the incoming Digital Networks Act is creating compounding compliance costs that US and Chinese competitors do not face. However, counterarguments in the piece suggest the EU's regulatory clarity may ultimately attract enterprise customers who need legal certainty for AI deployment.

Meanwhile, the Lexology Q1 2026 AI Update (published March 31) notes a notable court precedent from February 2026 in New York, where a defendant used Anthropic's Claude AI to prepare his criminal defense — raising new questions about AI's role in legal proceedings and potential future liability for model providers.

What This Means

• The US accountability vacuum is widening. The Brookings critique crystallises what many legal observers have noted: the Trump AI framework tells industry what federal law should say but designates no agency to enforce it. Without a named regulator, the framework may be aspirational at best, and lobbying cover at worst.
• The EU's August 2026 deadline is creating acute compliance pressure. Multiple sources confirm that high-risk AI system transparency requirements take effect August 2, 2026 — now just four months away. Companies with EU exposure need to treat this as a hard deadline, not a guideline.
• The CSAM scanning legal gap is an unintended consequence worth watching. If EU legislators do not resolve the derogation expiry before trilogue concludes, child safety obligations and GDPR privacy rules could collide in a way that effectively penalises responsible platform behaviour.
• Europe's regulatory density is becoming a strategic variable. The Fortune analysis and CDT brief together suggest a market split: smaller AI startups face disproportionate compliance costs, while large enterprises may prefer the EU's legal certainty. Regulators in Brussels will need to address SME burden specifically if they want to avoid hollowing out domestic AI innovation.

Region Scorecard