AI laws and regulation in North Macedonia

Low.

There is currently no dedicated AI law in force in North Macedonia.

Law on Personal Data Protection  governs personal data processing and regulates automated decision-making.

Law on Network and Information System Security (Cybersecurity Law) establishes a comprehensive framework for the security of network and information systems, setting objectives, competent authorities, and obligations for public bodies and for essential/important entities across critical sectors (e.g., energy, transport, banking, health, digital infrastructure), including risk management, incident reporting and supervision, aligned with the EU’s NIS2 Directive. It imposes proportionate technical, operational and organizational cybersecurity measures, mandates rapid incident notification, and provides for enforcement and penalties for non-compliance. AI is not specifically regulated. Any AI used by in-scope entities is captured only indirectly via the law’s technology-neutral obligations on network and information systems and supply-chain security.

There is currently no regulatory oversight of AI.. On a related note, for data protection matters the designated authority is the Macedonian Personal Data Protection Agency. For cybersecurity matters, the designated authority is the Macedonian Agency for Electronic Communications and  National Computer Incident Response Center MKD-CIRT.

There are no official AI guidance, policies or strategic frameworks in place to the best of our knowledge.

International AI standards and guidelines are not recognised locally in North Macedonia to the best of our knowledge.

Not at present.