Brazil AI Bill

AI Framework Bill (PL 2338/2023)

Risk-based framework similar to EU AI Act. Would prohibit excessive-risk AI (social scoring, autonomous weapons), require impact assessments for high-risk AI, with penalties up to BRL 50M or 2% Brazilian turnover.

Jurisdiction

Brazil

Enacted

Pending

Effective

TBD

Enforcement

TBD

Senate approved December 10, 2024. Forwarded to Chamber of Deputies March 17, 2025. Special committee established April 29, 2025 to analyze legislation.

Library of Congress

Why It Matters

Would be first comprehensive AI law in Latin America. Copyright provisions are globally unique.

Recent Developments

Under review by special committee in Chamber of Deputies. No expected date for final vote. Risk-based framework modeled partly on EU AI Act.

At a Glance

Applies to

Foundation ModelGeneral ChatbotAutonomous VehicleRecruitment AICredit ScoringHealthcare AIAutomated Decision System

Harms addressed

Discrimination

Requires

Risk Assessment Transparency Human Oversight

Who Must Comply

AI developers and deployers in Brazil

Obligations fall on:

Safety Provisions

Excessive risk AI prohibited (social scoring, autonomous weapons)
High-risk AI requires algorithmic impact assessments
Copyright protections allowing creators to prohibit AI training use
Fair remuneration requirements for training data

Compliance & Enforcement

Penalties

BRL 50M or 2% revenue (whichever higher)

Primary Source

Library of Congress

https://www.loc.gov/item/global-legal-monitor/2025-05-23/brazil-senate-advances-discussions-on-bill-to-regulate-ai-use/

View on map

Brazil

Focus Areas

Algorithmic accountability

Cite This

APA

Brazil. (n.d.). AI Framework Bill (PL 2338/2023).

Related Regulations

Enacted US-NY

NY RAISE Act

Requires large AI developers of frontier models operating in New York to create safety protocols, report critical incidents within 72 hours, conduct annual reviews, and undergo independent audits. Creates dedicated DFS office funded by developer fees.

Enacted US-CT

CT SB 1295

Creates COMPLETE BAN on targeted advertising to under-18s regardless of consent. Requires AI impact assessments. Connecticut issued first CTDPA fine ($85,000) in 2025.

Enacted US-CO

Colorado AI Act

First comprehensive US state law regulating high-risk AI systems. Modeled partly on EU AI Act with developer and deployer obligations for consequential decisions.

In Effect CA-QC

Quebec Law 25

Quebec's major privacy reform modernizing data protection laws with extraterritorial scope similar to GDPR. First Canadian provincial framework to directly address AI implications through automated decision-making provisions requiring disclosure, explanation rights, and human intervention options.

Enacted NZ

NZ Biometric Code

Sets specific legal requirements under Privacy Act for collecting and using biometric data such as facial recognition and fingerprint scans. Prohibits particularly intrusive uses including emotion prediction and inferring protected characteristics like ethnicity or sex.

Enacted US-TX

TX Healthcare AI Law

Requires healthcare practitioners using AI for diagnosis to review all AI-generated records and disclose AI use to patients. Mandates EHR data localization (Texas patient data must be physically stored in US). Applies to covered entities and third-party vendors.

All regulations Check if this applies to you

Last updated February 11, 2026. Verify against primary sources before relying on this information.