Kazakhstan’s Initiative for AI Regulation
On May 14, 2025, Kazakhstan’s Mazhilis, the lower house of Parliament, approved a draft law on artificial intelligence (AI) in its first reading, signaling the nation’s commitment to establishing a legal framework for the development and utilization of AI technologies. This legislative move aims to address the significant opportunities and serious risks associated with the rapid advancement of AI.
Addressing the Legal Gap
The swift evolution of AI technologies has outpaced existing legal regulations, creating a pressing need for a structured governance approach. The new draft bill seeks to fill this gap, reflecting Kazakhstan’s understanding of the global challenges posed by AI and its intention to respond systematically.
Sholpan Saimova, head of the Center for Public Legislation and Public Administration at the Institute of Parliamentarism, emphasized that the law mirrors major global trends in AI regulation. Notably, the EU’s AI Act, established in 2024, serves as the world’s first risk-based AI legislation and has become a model for countries, including Kazakhstan.
Human-Centric Approach to AI
The proposed legislation adopts a human-centric approach, viewing AI as a tool designed to serve people and protect public interests. Key principles outlined in the bill include:
- Legality
- Fairness
- Equality
- Transparency
- Explainability
- Accountability
- Prioritization of human well-being
Saimova stated, “The principle of transparency and explainability ensures that AI-driven decisions are understandable and verifiable, especially when they affect citizens’ rights.” This emphasis on human well-being underlines that technology should empower individuals rather than replace them, maintaining individual autonomy.
Collaborative Development of the Bill
The draft law was crafted through extensive collaboration involving deputies, ministry representatives, legal experts, IT professionals, and economists. Organizations such as the Atameken National Chamber of Entrepreneurs and Kazakhtelecom contributed to the working group, reflecting a broad range of stakeholder input.
Saimova remarked on the encouraging aspect of open and constructive discussions among all parties, ensuring diverse perspectives are integrated into the legislation.
Provisions for Data Security and Public Safety
The bill contains provisions aimed at ensuring the safety of AI users, protecting personal data, and maintaining transparency. It mandates that AI systems comply with data protection and confidentiality standards, explicitly banning the unauthorized collection, storage, or distribution of personal information.
Additionally, the working group is evaluating the introduction of criminal liability for mass or automated processing of personal data that jeopardizes large groups of individuals.
Establishing a Specialized AI Jurisdiction
Evgeny Pitolin, managing director of Datastar, discussed the potential for Kazakhstan to establish a specialized AI jurisdiction. He noted that if correctly implemented, this bill could position Kazakhstan as the second country globally to regulate AI through dedicated legislation. Such a framework could expedite AI adoption across various sectors by providing clarity where digitalization has previously stalled.
Pitolin highlighted that the bill encompasses three fundamental principles: transparency of AI algorithms and decision-making, prioritizing human well-being over technology, and ensuring data and cybersecurity. These principles are particularly vital when AI is integrated into critical infrastructure or governmental operations, which inherently require heightened transparency and accountability.
Addressing Urgent Threats
Unlike other nations, Kazakhstan’s draft law opts for a differentiated approach, imposing stricter regulations only on autonomous, high-risk AI systems. It confronts urgent threats such as deepfakes, AI-driven consumer fraud, and unauthorized data access, aligning these issues with amendments to the Administrative Code and other digital legislation. The law will enhance accountability for developers and AI system owners when harm occurs to citizens’ rights, health, or safety.
Impact on the IT Labor Market
Beyond its legal implications, the law is expected to transform Kazakhstan’s IT labor market and influence investments in cybersecurity. A significant outcome will be the necessity for widespread retraining in areas like data handling, AI system design, and digital security.
Pitolin remarked, “The law indirectly pushes for education reform. Tech professionals who do not update their skills in big data and AI risk being left behind—not because AI will replace them, but because they will not be able to adapt.”
As demand grows for professionals who can navigate both IT and legal regulations, the need will also rise for specialists who understand the ethical dimensions of operating within digital environments.
