Pending Law Data Protection Context Relevance

Ukraine Draft PDP Law

Draft Law 8153 on Personal Data Protection

Ukraine's draft GDPR-aligned data protection law establishing 72-hour breach notification and automated processing rules.

Jurisdiction

Ukraine

Enacted

Unknown

Effective

Unknown

Enforcement

To be established

GDPR-aligned framework under consideration

What It Requires

Transparency

Must disclose AI nature, data practices, or algorithmic decisions

User Rights

Must honor access, correction, and deletion requests

Who Must Comply

This law applies to:

• Data controllers and processors in Ukraine (when enacted)
• Entities processing data of Ukrainian residents
• Automated decision-making systems

Capability triggers:

◐ automatedDecisionMaking (increases)

● Required ◐ Increases applicability

Who bears obligations:

Developer Deployer

This regulation places direct obligations on deployers (organizations using AI systems).

Safety Provisions

• GDPR-aligned data protection framework
• 72-hour breach notification to supervisory authority
• Automated processing safeguards
• Data Protection Impact Assessment for high-risk
• Cross-border transfer restrictions

Enforcement

Enforced by

To be established

Penalties

To be determined upon enactment

Primary Source

DataGuidance Ukraine Overview (opens in new tab)

https://www.dataguidance.com/

Quick Facts

Binding: No
Mental Health Focus: Yes
Child Safety Focus: No
Algorithmic Scope: Yes

Why It Matters

Ukraine's GDPR-aligned framework (when enacted) will create familiar compliance pathway for AI chatbot platforms serving Ukrainian users with automated risk assessments.

Recent Developments

Draft under consideration; passage timing affected by ongoing conflict

Cite This

APA

Ukraine. (n.d.). Draft Law 8153 on Personal Data Protection. Retrieved from https://nope.net/regs/ua-draft-law-8153

BibTeX

@misc{ua_draft_law_8153,
  title = {Draft Law 8153 on Personal Data Protection},
  author = {Ukraine},
  year = {n.d.},
  url = {https://nope.net/regs/ua-draft-law-8153}
}

Related Regulations

In Effect CH • Data Protection

Switzerland FADP

Switzerland's revised data protection law with Article 21 automated decision transparency requirements, human review rights, and fines up to CHF 250,000.

In Effect PT • Data Protection

Portugal Digital Rights Charter

Portugal's Charter of Digital Rights with Article 9 requiring AI to respect fundamental rights and establishing algorithmic auditability principles.

In Effect RS • Data Protection

Serbia PDP Law

Serbia's GDPR-aligned data protection law with profiling safeguards and DPIA requirements.

In Effect AT • AI Safety

Digital Austria 2.0

Austria's digital sovereignty framework establishing Sovereignty Compass for AI audits and mandatory Digi-Check for all legislation.

In Effect EE • AI Safety

Estonia Kratt Plan

Estonia's €85M AI and Data Action Plan establishing safety testing framework and human-centered AI deployment principles.

In Effect AT • AI Safety

Austria AI Service Center

Austria's national AI authority established within RTR (Rundfunk und Telekom Regulierungs-GmbH) for EU AI Act market surveillance coordination.

Back to all regulations Check if this applies to you