The Governance dimension describes the situation of the countries in the region regarding AI institutionalization and governance. The governance dimension is composed of three subdimensions: Vision and Institutionalization, International Collaboration, and Regulation.
This dimension has a weight of 25% of the total index score.
The Governance dimension describes the situation of the countries in the region regarding AI institutionalization and governance. The governance dimension is composed of three subdimensions: Vision and Institutionalization, International Collaboration, and Regulation.
This dimension has a weight of 25% of the total index score.
Two Realities in the Region Facing a Common Challenge
While countries such as Brazil, Chile, and Uruguay have robust national AI strategies, multi-stakeholder coordination bodies, and long-term visions, seven countries have yet to define a roadmap or consolidate a national strategy for AI development.
These contrasting realities risk creating a fragmented region with uneven regulatory safeguards, leaving entire countries unable to fully benefit from AI.
However, recent advances in countries like Costa Rica and Cuba, and ongoing efforts in Panama and the Bolivarian Republic of Venezuela, show that there is still time to shape national AI agendas.
In this context, coordinated initiatives to share best practices and uphold common ethical standards would benefit the region as a whole.
National Strategies: Between Declaration and Implementation
Although nine countries have national AI strategies, only a few have advanced in updating them, allocating execution budgets, or defining actionable implementation plans.
Without progress in operationalizing these strategies, they risk becoming aspirational documents with weak financial alignment, no impact indicators, and limited evaluation mechanisms.
This lack of implementation not only reduces policy effectiveness but also undermines governmental credibility with citizens and AI ecosystem stakeholders.
The region must transition toward “living strategies,” aligned with national development plans, supported by long-term continuity and strong intersectoral governance.
Citizens Remain Absent from Algorithmic Governance
While most countries with AI strategies reference some form of citizen participation or multi-stakeholder engagement, only a few, such as Brazil, Chile, and Uruguay, have included robust public consultation, community workshops, and inclusive mechanisms that consider all relevant sectors.
The more participatory the design process, the greater the legitimacy, social ownership, and impact of the resulting policies.
Only by incorporating diverse perspectives can AI strategies reflect real societal needs and strengthen public trust in technologies that affect daily life. Democratic AI governance requires placing citizens at the center.
A Regional Silence in the Design of International Standards
Limited participation in international standardization bodies, such as ISO SC 42 and SC 27, significantly restricts the region’s influence over global AI and cybersecurity rules.
This absence is not merely symbolic: it means others will define the technical standards Latin America and the Caribbean must later adopt, standards that may fail to account for regional realities, infrastructure constraints, or cultural contexts.
Strengthening the presence of regional experts in these forums is a strategic investment to ensure global standards reflect local needs and to promote the exchange of best practices.
Global Commitments Without Local Roots: The Risk of Symbolic Compliance
Countries across the region have endorsed multiple international AI declarations, such as the Santiago Declaration, OECD principles, and various multilateral ethical commitments.
However, these commitments have not always translated into national regulatory frameworks or concrete action.
For instance: nearly all countries signed the Santiago Declaration, yet seven still lack an AI strategy; growth in AI investment has been significant in only one country; and participation in the ISO AI committee remains very limited.
This disconnect reinforces the gap between rhetoric and practice, reducing the effectiveness of international initiatives and weakening public confidence.
To avoid symbolic compliance, global commitments must be reflected in domestic policies and operational mechanisms that drive real progress.
A Region Vulnerable to Cyberattacks
Cybersecurity remains one of the weakest components of the AI ecosystem in Latin America and the Caribbean.
While several countries have advanced in enacting cybercrime legislation and protecting critical infrastructure, with 18 of the 19 countries scoring above 60, most still lack institutional capacity, qualified specialists, and robust governance structures to address the growing threats of increasingly complex digital environments.
Si bien varios países han avanzado en la promulgación de leyes sobre ciberdelitos e infraestructura crítica, donde 18 de los 19 países supera los 60 puntos, la mayoría carece de capacidades institucionales, personal técnico calificado y estructuras de gobernanza adecuadas para enfrentar las amenazas crecientes en entornos digitales complejos.
AI, by its nature, strengthens prevention in well-prepared contexts but also amplifies vulnerabilities, including data manipulation and attacks targeting critical systems.
Strengthening cybersecurity must be treated as a strategic priority, an urgent effort that must progress in tandem with AI deployment to ensure that benefits are not accompanied by uncontrolled risks.
In Personal Data Protection, All Roads Lead to Rome, or Brussels
A strong personal data protection framework is essential for the responsible development of artificial intelligence and digital technologies.
In this edition, 11 of the 19 ILIA countries have both an updated data protection law and a clearly defined authority overseeing enforcement.
Although the type of enforcing authority varies, sometimes housed within a ministry, other times within an independent agency, most countries have adopted the European GDPR as their core reference.
This model continues to guide ongoing reform processes, such as in Costa Rica, which seeks alignment with European standards to facilitate data exchange between the digital economies of both regions.
Sustainability: The Missing Principle in Latin American AI
Despite increasing global attention to AI’s environmental impact, most national frameworks in the region overlook sustainability within their digital transformation agendas. Energy-intensive training models, high-consumption data centers, and short-lifespan devices collectively contribute to a growing carbon footprint.
Without policies incorporating sustainability, energy efficiency, and circular economy principles, AI expansion may conflict with regional climate goals.
As the construction of new data centers becomes essential to strengthen computing capacity, it is increasingly urgent to integrate mitigation measures into their development.
Leveraging renewable energy sources could serve as a foundational step toward cleaner and more environmentally responsible AI across the region.
Promoting Data Centers: The Bottleneck in AI Infrastructure
Data centers –critical for data processing and secure storage– face significant regulatory barriers in the region.
In many countries, permitting processes are slow, regulations outdated, and coordination across government levels limited.
These challenges restrict private investment, create legal uncertainty, and delay the rollout of essential infrastructure for digital transformation.
Modernizing and harmonizing regulations, establishing streamlined permitting systems, and implementing targeted investment incentives could accelerate the development of resilient, sustainable, and sovereign data centers across the region.
Green Data: An Industry Taking Shape
The data center industry in the region is still emerging, with only four ILIA countries, Brazil, Chile, Colombia, and Mexico, showing strong sector development.
Colombia stands out not only for having a mature industry but also for having one of the highest proportions of facilities compliant with international sustainability standards.
Leadership in this space is closely linked to factors such as the presence of global operators, energy availability, favorable regulatory frameworks, and rising demand for digital services.
However, the region still lacks systematic reporting on sustainability performance and regulatory frameworks encouraging widespread adoption.
The Dominican Republic illustrates a promising approach: despite having a moderately developed industry, it holds the region’s highest share of sustainable facilities, demonstrating that a commitment to sustainability can be built early and can serve as a model for other emerging markets.
While countries such as Brazil, Chile, and Uruguay have robust national AI strategies, multi-stakeholder coordination bodies, and long-term visions, seven countries have yet to define a roadmap or consolidate a national strategy for AI development. These contrasting realities risk creating a fragmented region with uneven regulatory safeguards, leaving entire countries unable to fully benefit from AI.
However, recent advances in countries like Costa Rica and Cuba, and ongoing efforts in Panama and the Bolivarian Republic of Venezuela, show that there is still time to shape national AI agendas. In this context, coordinated initiatives to share best practices and uphold common ethical standards would benefit the region as a whole.
Although nine countries have national AI strategies, only a few have advanced in updating them, allocating execution budgets, or defining actionable implementation plans. Without progress in operationalizing these strategies, they risk becoming aspirational documents with weak financial alignment, no impact indicators, and limited evaluation mechanisms.
This lack of implementation not only reduces policy effectiveness but also undermines governmental credibility with citizens and AI ecosystem stakeholders. The region must transition toward “living strategies,” aligned with national development plans, supported by long-term continuity and strong intersectoral governance.
While most countries with AI strategies reference some form of citizen participation or multi-stakeholder engagement, only a few, such as Brazil, Chile, and Uruguay, have included robust public consultation, community workshops, and inclusive mechanisms that consider all relevant sectors.
The more participatory the design process, the greater the legitimacy, social ownership, and impact of the resulting policies. Only by incorporating diverse perspectives can AI strategies reflect real societal needs and strengthen public trust in technologies that affect daily life. Democratic AI governance requires placing citizens at the center.
Limited participation in international standardization bodies, such as ISO SC 42 and SC 27, significantly restricts the region’s influence over global AI and cybersecurity rules.
This absence is not merely symbolic: it means others will define the technical standards Latin America and the Caribbean must later adopt, standards that may fail to account for regional realities, infrastructure constraints, or cultural contexts.
Strengthening the presence of regional experts in these forums is a strategic investment to ensure global standards reflect local needs and to promote the exchange of best practices.
Countries across the region have endorsed multiple international AI declarations, such as the Santiago Declaration, OECD principles, and various multilateral ethical commitments. However, these commitments have not always translated into national regulatory frameworks or concrete action.
For instance: nearly all countries signed the Santiago Declaration, yet seven still lack an AI strategy; growth in AI investment has been significant in only one country; and participation in the ISO AI committee remains very limited. This disconnect reinforces the gap between rhetoric and practice, reducing the effectiveness of international initiatives and weakening public confidence.
To avoid symbolic compliance, global commitments must be reflected in domestic policies and operational mechanisms that drive real progress.
Cybersecurity remains one of the weakest components of the AI ecosystem in Latin America and the Caribbean. While several countries have advanced in enacting cybercrime legislation and protecting critical infrastructure, with 18 of the 19 countries scoring above 60, most still lack institutional capacity, qualified specialists, and robust governance structures to address the growing threats of increasingly complex digital environments.
AI, by its nature, strengthens prevention in well-prepared contexts but also amplifies vulnerabilities, including data manipulation and attacks targeting critical systems. Strengthening cybersecurity must be treated as a strategic priority, an urgent effort that must progress in tandem with AI deployment to ensure that benefits are not accompanied by uncontrolled risks.
A strong personal data protection framework is essential for the responsible development of artificial intelligence and digital technologies. In this edition, 11 of the 19 ILIA countries have both an updated data protection law and a clearly defined authority overseeing enforcement.
Although the type of enforcing authority varies, sometimes housed within a ministry, other times within an independent agency, most countries have adopted the European GDPR as their core reference. This model continues to guide ongoing reform processes, such as in Costa Rica, which seeks alignment with European standards to facilitate data exchange between the digital economies of both regions.
Despite increasing global attention to AI’s environmental impact, most national frameworks in the region overlook sustainability within their digital transformation agendas. Energy-intensive training models, high-consumption data centers, and short-lifespan devices collectively contribute to a growing carbon footprint.
Without policies incorporating sustainability, energy efficiency, and circular economy principles, AI expansion may conflict with regional climate goals. As the construction of new data centers becomes essential to strengthen computing capacity, it is increasingly urgent to integrate mitigation measures into their development.
Leveraging renewable energy sources could serve as a foundational step toward cleaner and more environmentally responsible AI across the region.
Data centers –critical for data processing and secure storage– face significant regulatory barriers in the region. In many countries, permitting processes are slow, regulations outdated, and coordination across government levels limited.
These challenges restrict private investment, create legal uncertainty, and delay the rollout of essential infrastructure for digital transformation. Modernizing and harmonizing regulations, establishing streamlined permitting systems, and implementing targeted investment incentives could accelerate the development of resilient, sustainable, and sovereign data centers across the region.
The data center industry in the region is still emerging, with only four ILIA countries, Brazil, Chile, Colombia, and Mexico, showing strong sector development. Colombia stands out not only for having a mature industry but also for having one of the highest proportions of facilities compliant with international sustainability standards. Leadership in this space is closely linked to factors such as the presence of global operators, energy availability, favorable regulatory frameworks, and rising demand for digital services.
However, the region still lacks systematic reporting on sustainability performance and regulatory frameworks encouraging widespread adoption. The Dominican Republic illustrates a promising approach: despite having a moderately developed industry, it holds the region’s highest share of sustainable facilities, demonstrating that a commitment to sustainability can be built early and can serve as a model for other emerging markets.
Conducts a comprehensive review of the AI strategies and policies of each of the 19 countries in the region, considering both their content and the monitoring mechanisms.
Existence of institution
Evaluates the participation of countries in relevant instances for the establishment of global AI governance and the influence they achieve in those spaces.
Participation in ISO
Considers the bills, laws, and current regulations in each of the 19 countries, along with regulations on cybersecurity and personal data protection. It also evaluates ethical and sustainability aspects for AI development.
Legal initiative
Conducts a comprehensive review of the AI strategies and policies of each of the 19 countries in the region, considering both their content and the monitoring mechanisms.
Evaluates the participation of countries in relevant instances for the establishment of global AI governance and the influence they achieve in those spaces.
Participation in ISO
Considers the bills, laws, and current regulations in each of the 19 countries, along with regulations on cybersecurity and personal data protection. It also evaluates ethical and sustainability aspects for AI development.
Access the 2025 edition of ILIA and learn about the main findings on the state of AI in Latin America and the Caribbean.
