Skip to main content
NOPE
In Effect Regulation Data Protection

Brunei PDPO

Personal Data Protection Order 2025

Brunei's personal data protection order requiring DPIA and imposing penalties up to 10% Brunei turnover or $1M.

Jurisdiction

Brunei

Enacted

Dec 1, 2025

Effective

Jan 1, 2026

Enforcement

Brunei Personal Data Protection Authority

DataGuidance Brunei Overview

Why It Matters

Brunei's significant penalties (10% turnover or $1M) create high-stakes compliance environment for AI chatbot platforms serving Brunei users.

Recent Developments

Enacted December 2025, effective January 2026

At a Glance

Applies to

AI CompanionMental Health AppGeneral Chatbot

Who Must Comply

  • Data controllers and processors in Brunei
  • Entities processing data of Brunei residents

Obligations fall on:

Safety Provisions

  • Data Protection Impact Assessment required
  • Consent requirements for data processing
  • Breach notification to authority
  • Cross-border transfer restrictions
  • Security safeguards

Compliance & Enforcement

Key Dates

Jan 1, 2026

All provisions take effect

Penalties

BND 1M or 10% revenue (whichever higher)

View on map

Brunei

Focus Areas

Mental health & crisis

Cite This

APA

Brunei. (2025). Personal Data Protection Order 2025.

Related Regulations

In Effect IN

India DPDP Act

STRICTEST children's provisions in APAC. Children = under 18; verifiable parental consent MANDATORY; PROHIBITION on tracking, behavioral monitoring, targeted advertising to children.

In Effect ID

Indonesia PP 17/2025

Indonesia's comprehensive child online protection regulation establishing age-appropriate design requirements for electronic systems accessible to children. Most granular age classification globally (5 groups). Requires risk assessments, privacy-by-default, parental consent, DPIAs, and prohibits data profiling of children. First of its kind in Asia and Global South.

In Effect ID

Indonesia UU PDP

Indonesia's comprehensive data protection law. Health and children's data = "specific personal data" with enhanced protections. Criminal penalties up to 6 years imprisonment.

In Effect CN

China CSL Amendments

First major revision of China's foundational Cybersecurity Law since 2017. Introduces formal AI governance provisions, significantly increases penalties, and expands extraterritorial application to all cybersecurity violations.

In Effect AU

AU National AI Plan

National AI policy roadmap replacing previously proposed mandatory AI guardrails. Focuses on leveraging existing legal frameworks rather than new mandatory requirements. Establishes the Australian AI Safety Institute (AISI) to monitor, test, and share information on AI risks and harms.

In Effect IN

India AI Governance Guidelines

Voluntary AI governance framework built on seven core principles ('sutras'): Trust, People First, Innovation over Restraint, Fairness & Equity, Accountability, Understandable by Design, and Safety/Resilience/Sustainability. Establishes AI Governance Group, AI Safety Institute, and Technology & Policy Expert Committee.

All regulations Check if this applies to you

Last updated January 22, 2026. Verify against primary sources before relying on this information.