Artificial Intelligence - South Africa

There is no codified, standalone AI law in South Africa; AI is regulated indirectly via existing technology-neutral and sectoral legislation rather than a dedicated AI Act.

Cabinet approved publication (25 March / 1 April 2026) and the Draft National AI Policy was gazetted on 10 April 2026 for a 60-day comment period (closing 10 June 2026), proposing a risk-based, human-centred framework.

Minister Solly Malatsi withdrew the draft on 26/27 April 2026 after reporting revealed at least six of 67 academic citations were non-existent (apparently AI-hallucinated); he called it an 'unacceptable lapse' and promised a revised draft with stricter oversight.

The Protection of Personal Information Act governs AI processing of personal data—including profiling, automated decision-making, transparency, accuracy and cross-border transfers—and is enforced by the Information Regulator.

The Cybercrimes Act (data/system interference), the Consumer Protection Act (fairness/safety of products), and the Electronic Communications and Transactions Act (automated processes) apply to AI use, alongside sectoral rules in finance, health and telecoms.

The DCDT published an AI Policy Framework / discussion material in 2024 emphasising responsible adoption, data governance, infrastructure and skills, providing the conceptual basis the later draft policy built upon.