Back to Home

RF AI Law vs AI Act: comparison

The Russian AI law project emphasizes sovereignty and model localization, unlike the risk-oriented AI Act of the EU. Differences in bans, liability and TDM will affect developers. Analysis of key articles for IT specialists.

AI regulation: RF vs EU in 2026
Advertisement 728x90

Comparing Russia's AI Law and the EU AI Act: Key Regulatory Aspects

The European AI Act, effective from 2024, employs a risk-based model. AI systems are classified by risk levels: unacceptable (prohibited, e.g., social scoring), high (strict requirements for credit scoring and hiring), limited (transparency for chatbots and deepfakes), and minimal (no restrictions). The goal is to protect health, safety, and human rights. Fines can reach €35 million.

Russia's draft law from March 18, 2026, emphasizes technological sovereignty. Critical models must be developed and trained in Russia using Russian data with the involvement of Russian citizens. The focus is on protecting traditional values and preventing the exploitation of vulnerabilities.

Differences in Prohibitions and Restrictions

In the EU, prohibitions are specific: emotion recognition systems in schools and workplaces, photo "undressing" apps. Russian law introduces a broad concept of "exploitation of vulnerabilities"—age, psychological, physical characteristics—which could cover targeted advertising or propaganda.

Google AdInline article slot

General-Purpose AI models in the EU require technical documentation, data summaries, and copyright compliance. Models with systemic risks are overseen by the AI Office. In Russia—"sovereign and national large fundamental models": development and training exclusively in Russia for import substitution.

Responsibility and Control Mechanisms

European fines are fixed and transparent. Russia's draft (Article 11) establishes liability with "prior knowledge" of risks, with a presumption of guilt unless proven otherwise. Exemption is possible with "exhaustive measures."

  • Article 11.2: Developer, operator, or service owner is liable if they knew or should have known about potential harm, unless they prove otherwise.
  • Article 11.3: Exemption with exhaustive preventive measures.
  • Article 11.6: Operator's recourse to the developer for proven model deficiencies.

The territorial principle in the EU is extraterritorial—applies to all handling European data. In Russia—activities on the country's territory, but services with >500,000 daily users are subject to additional obligations (Article 10).

Google AdInline article slot
  • Article 10.1: Developer ensures security, prevents discrimination, documents architecture.
  • Article 10.2: Operator suspends operation in case of threats.
  • Article 10.3g: For popular services—obligations under the "Information Law."

Intellectual Property and TDM

Russian law permits text and data mining without reservations:

Article 13.5: Not a violation—extracting data from protected objects for datasets or AI training with lawful access.

The EU allows TDM, but rights holders can prohibit the use of their works.

Google AdInline article slot

Key Takeaways

  • The EU's risk-based approach focuses on human rights, Russia's on sovereignty and localization.
  • EU fines are stricter in amounts, Russia's involve judicial expertise with a presumption of guilt.
  • TDM in Russia is freer, without rights holders' opt-out.
  • High-audience services in Russia face strict control regardless of developer.
  • Both laws take effect in 2026–2027, setting rules for the AI industry.

— Editorial Team

Advertisement 728x90

Read Next