What is AI regulation in Laos?
AI regulation: countries and regions
Laos (the Lao People's Democratic Republic) has no dedicated AI law, no AI-specific statute and no standalone AI regulator. AI is governed indirectly through the Law on Electronic Data Protection (No. 25/NA, 2017), the Law on Telecommunications, the Ministry of Technology and Communications and the national digital economy strategy. A National AI Strategy is being drafted, guided by the UNESCO ethics framework, and Laos follows the voluntary ASEAN Guide on AI Governance and Ethics.
Reviewed by Jackie, Head of Learning & Development, Levellers · Last reviewed 8 June 2026
What this means
There is no single rulebook for artificial intelligence in Laos. As of mid-2026, the country has not passed any AI-specific law, has not created an AI regulator and has not yet finalised a national AI strategy. This is consistent with Laos being one of the least digitally developed ASEAN members and scheduled to graduate from Least Developed Country status on 24 November 2026.
Instead, anything you do with AI in Laos is governed by general laws that happen to touch it: the Law on Electronic Data Protection, which controls how electronic personal data is collected and used; the Law on Telecommunications and related ICT and cyber laws; and the broad national digital economy plans led by the Ministry of Technology and Communications. AI is mentioned in policy and strategy documents rather than in binding statutes.
The direction of travel is towards more structure. The government, working with UNESCO, completed an AI ethics readiness assessment and announced that a forthcoming National AI Strategy will be shaped by it. At the regional level, Laos sits inside ASEAN's voluntary, principles-based approach to AI rather than a binding regime.
Why it matters
For organisations, the practical point is that the absence of a dedicated AI law does not mean the absence of legal duties. If your AI system processes personal data about people in Laos, the Law on Electronic Data Protection applies regardless of whether the tool is "AI". If you deploy AI over telecommunications networks or online services, telecom, ICT, cybercrime and content rules apply.
Because the rules are scattered and general rather than AI-specific, the burden falls on you to map which laws bite. There is little detailed AI guidance, limited case practice and an institutional landscape that is still forming. That creates uncertainty: duties around transparency, automated decision-making, redress and accountability are thin or untested. Planning for the coming National AI Strategy and for ASEAN-aligned expectations now is cheaper than retrofitting later. Laos is also a state where data localisation, a single internet gateway ambition and content controls shape the operating environment, so AI deployments intersect with sovereignty and security concerns.
How it works
No dedicated AI statute or regulator
Laos has not enacted an AI law and has no AI-specific regulatory body. Regional and policy analyses consistently group Laos with the ASEAN members that have neither a dedicated national AI strategy nor an AI agency in force. AI is therefore regulated by general instruments and by policy documents, not by a bespoke framework.
The Law on Electronic Data Protection (No. 25/NA, 2017)
The closest thing to an AI-relevant baseline is the Law on Electronic Data Protection, certified by the National Assembly on 12 May 2017 and promulgated by Presidential Decree No. 117/P on 23 June 2017. It defines principles and measures for collecting, accessing, using and disclosing electronic data. It splits electronic data into two types: general data and specific data, with specific data covering official data and personal data that may not be accessed, used or disclosed without permission. Data collectors must inform the data owner of the purpose of collection and obtain approval. The law applies to domestic and international individuals, legal entities and organisations located or operating within Lao territory. Breaches are enforced in conjunction with the Penal Code. The Ministry of Technology and Communications (formerly the Ministry of Posts and Telecommunications) is the lead administering authority.
The telecoms and digital regulator
The Ministry of Technology and Communications (MTC) is the central authority for telecommunications, ICT and the digital agenda. It administers the Law on Telecommunications (Amended) No. 05/NA, adopted on 16 November 2021 and published in the Official Gazette in 2022, alongside the Law on Information and Communication Technology, the Law on Electronic Data Protection and high technology and cybercrime laws. The MTC's Digital Government Center coordinates e-government, and the Applied Research Institute of Smart Technology under the MTC is the body drafting the AI strategy. There is no separate, independent AI authority.
The national digital strategy
Laos governs AI mostly through digital economy policy. In late 2021 the National Assembly adopted a stacked set of documents: the 20-Year National Digital Economy Development Vision (2021 to 2040), the 10-Year National Digital Economy Development Strategy (2021 to 2030) and the 5-Year National Digital Economy Development Plan (2021 to 2025). These pursue three pillars (digital government, digital economy, digital society). The 5-Year Plan (2021 to 2025) targets the digital economy contributing at least 5 per cent of GDP, and the longer vision aims to grow it from about 3 per cent of GDP to 10 per cent by 2040. A National Committee on Digital Transformation, chaired by Prime Minister Sonexay Siphandone, oversees the agenda and held its first meeting on 3 August 2023. AI features as an enabling technology within these plans rather than as a regulated category.
The draft National AI Strategy and the UNESCO assessment
Laos began UNESCO's AI Ethics Readiness Assessment Methodology (RAM) in January 2025 and launched the resulting Country Report on 27 January 2026 at a national workshop co-organised by the MTC and UNESCO. The government announced that a forthcoming National AI Strategy will be guided by the UNESCO Recommendation on the Ethics of Artificial Intelligence (2021). A draft strategy to 2035 has been initiated by the Applied Research Institute of Smart Technology under the MTC. The strategy is not yet adopted, so it is a policy in progress, not law.
The ASEAN context
As an ASEAN member, Laos operates under the ASEAN Guide on AI Governance and Ethics, endorsed at the Fourth ASEAN Digital Ministers Meeting which concluded on 2 February 2024, and the Expanded ASEAN Guide on AI Governance and Ethics covering generative AI, launched at the fifth ASEAN Digital Ministers' Meeting on 16 to 17 January 2025. The Guide is voluntary and built on seven principles: transparency and explainability; fairness and equity; security and safety; human-centricity; privacy and data governance; accountability and integrity; and robustness and reliability. ASEAN also adopted the ASEAN Responsible AI Roadmap (2025 to 2030) in March 2025. This is a soft-law, consensus-based approach rather than a binding regional regime, which suits members at very different stages of readiness.
Examples
Example 1: a fintech using AI credit scoring. A lender in Vientiane that uses an automated model to score borrowers has no AI-specific statute to follow, but the Law on Electronic Data Protection governs the personal data it ingests. The lender must have a lawful basis and inform data owners of the purpose, and it should anticipate that the forthcoming National AI Strategy and ASEAN principles will expect transparency and human oversight of automated decisions.
Example 2: a government service pilot. The MTC and partners have explored AI in public services and health. Such pilots are run under digital government policy and the relevant data and telecom laws, with UNESCO's readiness assessment used as the ethical reference point, rather than under an AI law with binding obligations and penalties.
Example 3: a regional software vendor selling an AI tool into Laos. A company operating across ASEAN can use the voluntary ASEAN Guide as a common baseline, while checking Lao data protection duties (consent, purpose, cross-border transfer rules) because those bind even though no AI-specific rule exists.
Common misunderstandings
"Laos has an AI law." It does not. There is no AI-specific statute and no AI regulator; AI is covered only by general laws and by policy.
"There are no rules, so anything goes." Wrong. Data protection, telecom, ICT, cybercrime and content laws all apply to AI systems, and some carry criminal penalties.
"The ASEAN Guide is binding in Laos." It is voluntary guidance, not enforceable law. It shapes expectations and the draft national strategy but does not create direct legal duties.
"The National AI Strategy is already in force." It is being drafted and was not adopted as of mid-2026. Treat references to it as forward-looking.
"Data protection in Laos works like the UK GDPR." The Law on Electronic Data Protection is narrower and less detailed, with different definitions, lighter enforcement machinery and a national-security framing.
Risks and boundaries
This article describes the regulatory architecture, not legal advice. The key boundary is that Laos has no dedicated AI framework: claims that a Lao "AI Act" or "AI authority" exists are inaccurate. The National AI Strategy is pending, and its content, timing and legal status could change.
Several points are uncertain or evolving. The Law on Telecommunications (2021) has been reported as not yet fully implemented in practice. The single internet gateway ambition has faced funding delays. Reporting that AI was referenced in the 2025 constitutional amendments comes from secondary descriptions; the specific article and wording could not be verified from an official English text, so treat that claim with caution. Enforcement of data protection is light, and AI-specific duties around transparency, redress and automated decision-making are not clearly established. Anyone relying on this should verify current status against primary Lao sources before acting.
What to do next
Treat data protection as the live obligation. Map whether your AI processes personal data of people in Laos and comply with the Law on Electronic Data Protection: lawful basis, purpose notification, consent for specific data, and care with cross-border transfers.
Adopt the ASEAN principles voluntarily now. Using the seven ASEAN principles and the UNESCO ethics framework as your internal baseline future-proofs you against the coming National AI Strategy and signals good faith.
Build governance you can show. Keep records of AI use, maintain human oversight of consequential automated decisions, and run impact assessments even though they are not yet mandated.
Watch for the National AI Strategy and any implementing decrees. Assign someone to monitor MTC and Official Gazette publications, because the framework is moving from policy towards more formal instruments.
Engage local counsel for material deployments. Because rules are scattered across data, telecom, ICT and content laws, sector-specific legal review is prudent before launch.
Have a question or a suggestion, or want to understand how we research and review these guides? Read about our editorial standards and how to reach us.
FAQs
Does Laos have an AI law?
No. As of mid-2026 there is no AI-specific statute and no AI regulator in Laos. AI is governed by general data, telecom and ICT laws and by policy.
What law most affects AI in Laos?
The Law on Electronic Data Protection (No. 25/NA, 2017), which governs the collection, use and disclosure of electronic personal data and applies to domestic and foreign entities operating in Laos.
Who regulates digital technology in Laos?
The Ministry of Technology and Communications is the central authority for telecommunications, ICT, data protection and the digital agenda. There is no separate AI regulator.
Is there a national AI strategy?
A National AI Strategy to 2035 is being drafted by the Applied Research Institute of Smart Technology under the Ministry of Technology and Communications and will be guided by the UNESCO ethics framework. It was not yet adopted as of mid-2026.
How does ASEAN affect AI rules in Laos?
ASEAN provides the voluntary ASEAN Guide on AI Governance and Ethics and a Responsible AI Roadmap. These are soft law: they shape national policy but do not bind directly.
Are there penalties for misusing data in AI systems?
Yes. Breaches of the Law on Electronic Data Protection are enforced together with the Penal Code, which can carry administrative and criminal consequences.
Does Laos require AI impact assessments?
There is no statutory AI impact assessment requirement. Running one voluntarily is good practice and aligns with ASEAN and UNESCO expectations.
Will this change soon?
Likely yes. The completed UNESCO readiness assessment and the draft National AI Strategy point towards more structured governance, but timing and legal force remain uncertain.