What is AI regulation in Yemen?
AI regulation: countries and regions
Yemen has no dedicated artificial intelligence law, no national AI strategy and no AI regulator. As of mid 2026, neither the internationally recognised government in Aden nor the de facto authority in Sana'a has published an AI-specific framework. AI use is governed indirectly by the 1991 Constitution, the Penal Code, electronic payments law and sector rules, plus voluntary international commitments such as the UNESCO Recommendation on the Ethics of AI, which Yemen adopted as a UNESCO member.
Reviewed by Jackie, Head of Learning & Development, Levellers · Last reviewed 8 June 2026
What this means
AI regulation means the laws, policies, standards and institutions that govern how artificial intelligence systems are built, bought and used. In most jurisdictions this is a mix of binding rules and softer guidance. Yemen sits at the thin end of that spectrum: there is no AI statute, no published national AI strategy, and no regulator with an AI mandate.
This is not a quirk. Yemen has been in armed conflict since 2014, and governance is split between the internationally recognised government based in Aden and the Houthi de facto authority in Sana'a. State institutions, including the Ministry of Telecommunications and Information Technology, operate as parallel structures. Telecommunications infrastructure has been heavily damaged. Against that backdrop, AI lawmaking has not been a priority for either administration.
So when people ask what governs AI in Yemen, the honest answer is: general law and sector rules that were never written with AI in mind, plus Yemen's status as a member of bodies such as UNESCO and the League of Arab States. The picture is best described as a monitoring situation rather than a regulatory regime.
Why it matters
For anyone deploying or governing AI that touches Yemen, the absence of a dedicated framework cuts two ways. It means there is no AI licensing regime, no statutory high-risk classification and no AI-specific penalty schedule to comply with. But it also means there is little local legal certainty, weak enforcement and no data protection authority to turn to. Liability for an AI-driven harm would be assessed under general civil, criminal and sector law, interpreted by a strained and fragmented judiciary.
This matters most for humanitarian agencies, financial service providers, telecoms operators and public bodies, which are the organisations most likely to deploy AI in Yemen today. Sensitive use cases such as identity verification, cash distribution, biometric enrolment and conflict-related analytics carry real risks to vulnerable people, yet sit in a near-vacuum of binding domestic safeguards. Operators cannot assume a local rulebook will protect them or the people whose data they process; they have to import their own governance standards.
How it works
No AI-specific law or strategy
Yemen has not enacted an AI act and has not published a national AI strategy or policy document. This holds for both the Aden government and the Sana'a authority. It contrasts sharply with several Gulf and North African states that have adopted national AI strategies. Yemen is therefore not a risk-based regime in the sense the EU AI Act is, and it has not chosen between a sectoral and horizontal model because it has adopted neither. The practical takeaway: there is no single instrument to read, and compliance turns on which sector and which legal effect a system has.
The Constitution and general law that fill the gap
In the absence of AI rules, the durable anchors are general legal instruments. The Constitution of the Republic of Yemen protects freedom of expression (Article 42) and the confidentiality of correspondence and communications (Article 53), which may be interfered with only as specified by law and by court order. The Penal Code (the Crimes and Penalties Law, Law No. 12 of 1994) criminalises certain privacy and communications intrusions and can be applied, imperfectly, to digital wrongdoing. The Right to Access Information Law No. 13 of 2012 addresses information held by public bodies. None of these were designed for automated decision-making, profiling or model training.
No data protection law, no regulator
Yemen has no comprehensive personal data protection law and no data protection authority. There are no statutory data subject rights such as access, deletion or portability, and cross-border data transfers are unregulated. The closest sector instrument is Law No. 40 of 2006 on Electronic Payment Systems and Financial and Banking Operations, adopted on 28 December 2006, which governs confidentiality within banking and payments rather than personal data generally. Civil society groups have repeatedly called for a dedicated data protection law, but none has been enacted. This gap is central to AI governance, because data protection is the usual legal handle on AI systems that process personal data.
Sector and criminal rules that can reach AI conduct
Where AI causes a concrete harm, existing regimes apply by their general terms: telecoms licensing and confidentiality obligations, banking and payments rules, customs administration, consumer protection, employment law, healthcare and medical confidentiality, intellectual property and the criminal law. Yemen also lacks a modern, dedicated cybercrime statute; prosecutors rely on Penal Code provisions and Law No. 40 of 2006 as partial remedies, which Yemeni legal scholars describe as inadequate for digital harms. The result is that AI compliance in Yemen is driven by the underlying activity, not by any AI label.
International and regional commitments
Yemen has been a UNESCO member state since 2 April 1962 and was therefore among the member states that adopted the UNESCO Recommendation on the Ethics of Artificial Intelligence, which 193 member states adopted by acclamation on 23 November 2021 and which is applicable to all UNESCO member states. That instrument is a soft-law standard: it is applied on a voluntary basis through whatever legislative or other measures each state chooses, and it carries no direct enforcement. UNESCO's Recommendation explicitly calls for human accountability, bans social scoring and mass surveillance, and offers tools such as the Readiness Assessment Methodology and Ethical Impact Assessment. There is no public evidence that Yemen has implemented these tools.
Regionally, Yemen is a member of the League of Arab States and is covered by the Arab Digital Agenda 2023 to 2033, the long-term Arab ICT strategy developed by ESCWA and the League. The Council of Arab Ministers of Telecommunications and Information Technology adopted it at its 26th session on 23 January 2023 in Cairo (it was further endorsed by the League's Economic and Social Council in February 2023 and the Arab Summit in May 2023). Yemen signed the League of Arab States Arab Convention on Combating Information Technology Offences in Cairo on 21 December 2010 but has not ratified it; it is absent from the list of states that had ratified as of late 2021. The Arab League Educational, Cultural and Scientific Organisation (ALECSO), of which Yemen is a member, adopted the ALECSO Charter on Artificial Intelligence Ethics on 17 June 2025 in Tunis, presented as the first Arab reference framework focused on the ethical use of AI in education, culture and science; it too is voluntary. None of these regional commitments creates directly enforceable AI duties inside Yemen.
Institutions: dual administration
The body that would normally lead digital and AI policy, the Ministry of Telecommunications and Information Technology, exists in two parallel forms: one under the Aden government and one under the Sana'a authority. Both prioritise repairing damaged infrastructure and restoring basic connectivity over AI rulemaking. The Aden ministry has pursued infrastructure modernisation, including drawing on Egyptian expertise for digital transformation. The Sana'a ministry runs the dominant internet provider in the north. This bifurcation means there is no single national institution able to issue or enforce AI rules across the country.
Examples
UN-supported AI dialogues in the peace process. The UN Department of Political and Peacebuilding Affairs Innovation Cell, working with the Office of the Special Envoy for Yemen, used the AI-enabled Remesh platform to run a large-scale digital dialogue with Yemeni citizens on 8 and 9 June 2020, described as the first time the technology was deployed in an active UN mediation process. In early 2025, the peacemaking organisation CMI ran an AI-facilitated youth consultation in Yemen, conducted from January to March 2025 using a customised WhatsApp chatbot and an AI-powered qualitative analysis tool, engaging participants across 18 governorates with a 94.53 per cent survey completion rate. These are donor and UN-governed projects operating under their own ethics frameworks, not under Yemeni AI law.
Humanitarian AI for accountability. UNICEF Yemen has used AI to detect irregularities in its cash delivery process. Per UNICEF's Office of Innovation, the programme helps 1.5 million households meet essential needs each month through a national cash transfer programme, and the AI anomaly-detection work, supported by the UNICEF Venture Fund, was developed in-house by the country office team rather than by external contractors. The governance of that system comes from UNICEF's own policies and donor requirements, illustrating how, in practice, the operative safeguards for AI in Yemen are organisational rather than statutory.
Public-sector capacity building. ESCWA has run capacity-building workshops for Yemeni officials on AI-enabled geographic information system tools to map solar energy access, introducing concepts in artificial intelligence and deep learning for the energy sector. Such training reflects early, sporadic state engagement with AI tools rather than any regulatory programme.
Common misunderstandings
"Yemen must have some AI rules by now." No. There is no AI statute, no national AI strategy and no AI regulator from either administration as of mid 2026.
"Adopting the UNESCO Recommendation means Yemen has AI law." No. The UNESCO Recommendation is a voluntary, soft-law standard applied at each state's discretion. Adoption by a member state does not create enforceable domestic AI duties on its own.
"Data protection law covers AI in Yemen." No. Yemen has no comprehensive data protection law and no data protection authority. The usual data-protection handle on AI systems simply does not exist there.
"There is nothing governing AI at all." Not quite. General constitutional, criminal, payments and sector rules still apply to AI-related conduct, even though none was written for AI. Enforcement, however, is weak and fragmented.
"One government speaks for Yemen on tech policy." No. Governance is split between Aden and Sana'a, with parallel ministries, so there is no unified national authority to set or enforce AI policy.
Risks and boundaries
The central boundary is that Yemen is a monitoring situation, not a regulatory regime, and this page is not legal advice. The lack of an AI framework should not be read as permissiveness without risk. Three points matter. First, general law still bites: an AI system that breaches communications confidentiality, defames a person, enables fraud or causes financial harm can attract liability under the Constitution, Penal Code, payments law or sector rules, however unevenly enforced. Second, the absence of a data protection law and authority means affected individuals have little local recourse, which raises ethical and reputational exposure for deployers, especially in humanitarian and identity contexts involving vulnerable populations. Third, the status is genuinely uncertain and could change: a data protection law, a cybercrime law and a national AI or digital strategy have all been recommended by analysts and civil society, but none is confirmed, and the divided governance and conflict make timing unpredictable. Treat any claim that Yemen has adopted binding AI rules with scepticism and verify against primary sources.
What to do next
Do not wait for a Yemeni rulebook; there is none, and there may not be one soon. Govern to your own standard. Bring an external baseline: map deployments to the UNESCO Recommendation on the Ethics of AI and a recognised risk-based approach, and document human accountability for any consequential decision. For data, apply a credible external standard such as GDPR-style principles by contract, since no local data protection law or authority will do it for you. Run an ethical impact assessment for sensitive use cases, particularly identity verification, biometrics, cash distribution and conflict analytics, and build in human oversight and redress. Track both administrations: monitor the Aden and Sana'a telecommunications ministries and ESCWA and ITU channels for any emerging strategy, data protection bill or cybercrime law. The trigger to revisit your approach is the publication of any AI-specific instrument, a data protection statute, the creation of a data protection authority, or ratification of a binding regional instrument; until any of those lands, assume the status quo of general law plus voluntary standards.
Have a question or a suggestion, or want to understand how we research and review these guides? Read about our editorial standards and how to reach us.
FAQs
Does Yemen have an AI law?
No. As of mid 2026 there is no dedicated AI statute and no national AI strategy from either the Aden government or the Sana'a authority.
Who regulates AI in Yemen?
No single institution. The body that would normally lead, the Ministry of Telecommunications and Information Technology, exists as two parallel ministries and focuses on infrastructure, not AI rules. There is no AI regulator and no data protection authority.
What governs AI in the absence of a dedicated law?
General law and sector rules: the Constitution, the Penal Code (Law No. 12 of 1994), the electronic payments law (Law No. 40 of 2006), the right to information law, plus telecoms, banking, healthcare and consumer rules applied by their general terms.
Has Yemen adopted the UNESCO Recommendation on the Ethics of AI?
Yes. As a UNESCO member state since 1962, Yemen was among the 193 states that adopted the Recommendation by acclamation on 23 November 2021. It is a voluntary standard, so it does not create enforceable domestic AI duties by itself.
Is there a data protection law in Yemen?
No. Yemen has no comprehensive personal data protection law and no data protection authority, so there are no statutory rights of access, deletion or portability and no regulation of cross-border transfers.
Are there real examples of AI use in Yemen?
Yes, mostly in humanitarian and peacebuilding contexts: UN-supported AI-enabled digital dialogues in the peace process, AI-facilitated youth consultations run by CMI in early 2025, and UNICEF's use of AI to detect irregularities in cash transfers.
Does any regional instrument bind Yemen on AI?
Not directly. Yemen is covered by the Arab Digital Agenda 2023 to 2033 and signed, but did not ratify, the 2010 Arab Convention on Combating Information Technology Offences. The 2025 ALECSO Arab Charter on AI Ethics is voluntary.
Could this change soon?
Possibly, but it is uncertain. A data protection law, a cybercrime law and a national AI or digital strategy have all been recommended, but none is confirmed, and divided governance and conflict make the timing unpredictable.