Skip to main content
NOPE
Pending Law Data Protection

Cambodia Draft PDPL

Draft Personal Data Protection Law

Cambodia's draft data protection law establishing human intervention rights for automated decisions (Article 34) and mandatory DPO requirement.

Jurisdiction

Cambodia

Enacted

Pending

Effective

TBD

Enforcement

To be established

Expected passage 2026-2027

DataGuidance Cambodia Overview

Why It Matters

Cambodia's Article 34 human intervention requirement for automated decisions will directly impact AI chatbots making risk assessments when enacted. Monitor for passage.

Recent Developments

Draft under consideration, expected passage 2026-2027

At a Glance

Applies to

AI CompanionMental Health AppGeneral Chatbot

Who Must Comply

  • Data controllers and processors in Cambodia (when enacted)
  • Entities processing data of Cambodian residents
  • Automated decision-making systems

Obligations fall on:

Safety Provisions

  • Human intervention rights for automated decisions (Article 34)
  • Data Protection Officer mandatory
  • Consent requirements for data processing
  • Breach notification required
  • Cross-border transfer restrictions

Compliance & Enforcement

Penalties

To be determined upon enactment

View on map

Cambodia

Focus Areas

Mental health & crisis
Algorithmic accountability

Cite This

APA

Cambodia. (n.d.). Draft Personal Data Protection Law.

Related Regulations

In Effect BN

Brunei PDPO

Brunei's personal data protection order requiring DPIA and imposing penalties up to 10% Brunei turnover or $1M.

In Effect IN

India DPDP Act

STRICTEST children's provisions in APAC. Children = under 18; verifiable parental consent MANDATORY; PROHIBITION on tracking, behavioral monitoring, targeted advertising to children.

In Effect ID

Indonesia PP 17/2025

Indonesia's comprehensive child online protection regulation establishing age-appropriate design requirements for electronic systems accessible to children. Most granular age classification globally (5 groups). Requires risk assessments, privacy-by-default, parental consent, DPIAs, and prohibits data profiling of children. First of its kind in Asia and Global South.

In Effect CN

China CSL Amendments

First major revision of China's foundational Cybersecurity Law since 2017. Introduces formal AI governance provisions, significantly increases penalties, and expands extraterritorial application to all cybersecurity violations.

In Effect AU

AU National AI Plan

National AI policy roadmap replacing previously proposed mandatory AI guardrails. Focuses on leveraging existing legal frameworks rather than new mandatory requirements. Establishes the Australian AI Safety Institute (AISI) to monitor, test, and share information on AI risks and harms.

In Effect IN

India AI Governance Guidelines

Voluntary AI governance framework built on seven core principles ('sutras'): Trust, People First, Innovation over Restraint, Fairness & Equity, Accountability, Understandable by Design, and Safety/Resilience/Sustainability. Establishes AI Governance Group, AI Safety Institute, and Technology & Policy Expert Committee.

All regulations Check if this applies to you

Last updated January 22, 2026. Verify against primary sources before relying on this information.