Detailed overview
Pakistan does not currently have a comprehensive AI Act with direct penalties equivalent to the EU AI Act. Its AI framework is based on the National Artificial Intelligence Policy 2025, digital-government reforms, future data-protection development, sectoral rules and existing laws.
The National AI Policy 2025 is a government policy framework issued by the Ministry of Information Technology and Telecommunication. It aims to establish an AI ecosystem for responsible and ethical AI adoption, strengthen local innovation, protect individuals, support public-service delivery, and drive inclusive economic growth while preserving human rights and the rule of law.
The policy is organised around several pillars: AI innovation ecosystem, awareness and readiness, secure AI ecosystem, transformation and evolution, AI infrastructure, and international partnerships. It includes measures such as centres of excellence in AI, innovation funding, workforce upskilling, public-sector readiness, cybersecurity, transparency and human oversight, data privacy, open-source AI governance, generative AI guidance, AI sandboxes and a national AI compute grid.
Pakistan's policy recognises that AI involves personal-data processing and connects the AI framework with the draft Personal Data Protection Act, Pakistan Cloud First Policy, Digital Pakistan Policy, Digital Nation Pakistan Act and other national digital-transformation instruments. This means that AI systems involving personal data, identity, cloud services, public services or digital infrastructure should be reviewed against the wider digital-governance framework.
Pakistan also plans sandbox environments and agile regulatory arrangements for AI experimentation. A sandbox is a controlled environment where AI solutions can be tested with policy or regulatory oversight before broader deployment. This is especially relevant for AI used in public services, finance, healthcare, education, agriculture and other high-impact sectors.
Pakistan does not currently have one AI-specific fine table. Penalties depend on the underlying law breached, such as cybercrime, telecoms regulation, data protection once applicable, consumer protection, financial regulation, healthcare regulation, employment law, public-procurement rules or criminal law.
Practical requirements & details
Sourced from the National Artificial Intelligence Policy 2025 issued by the Ministry of Information Technology and Telecommunication, together with related instruments (draft Personal Data Protection Act, Cloud First Policy, Digital Pakistan Policy, Digital Nation Pakistan Act).
Policy pillars
- AI innovation ecosystem — centres of excellence, innovation funding, R&D.
- Awareness and readiness — workforce upskilling and public-sector readiness.
- Secure AI ecosystem — cybersecurity, transparency, human oversight, data privacy.
- Transformation and evolution — including generative AI guidance and open-source AI governance.
- AI infrastructure — national AI compute grid.
- International partnerships.
Connected legal framework
- Review AI systems against the draft Personal Data Protection Act (when enacted), the Pakistan Cloud First Policy, the Digital Pakistan Policy and the Digital Nation Pakistan Act.
Sandboxes & agile regulation
- Sandbox environments for AI experimentation under policy or regulatory oversight before broader deployment.
- Especially relevant for AI in public services, finance, healthcare, education and agriculture.
Penalties
- No AI-specific fine table.
- Penalties depend on the underlying law breached: cybercrime, telecoms regulation, data protection (once applicable), consumer protection, financial regulation, healthcare regulation, employment law, public-procurement rules or criminal law.