Policy Analysis · Research Case Study
The Global Neural Data Governance Gap
China published national BCI ethics guidelines in February 2024. Chile amended its constitution in 2021. UNESCO adopted the first global framework in November 2025. The United States has four state laws and a proposed study. No federal BCI-specific data protection law exists. This is a comparative analysis of who is protecting neural data, how they define it, and what every jurisdiction can learn from the others—especially as quantum Harvest Now, Decrypt Later (HNDL) threats raise the stakes for everyone.
Executive Summary
Neural data is biometric data you cannot reset. Unlike a password, unlike a token, unlike a key—if your neural signature is compromised, there is no rotation policy. Your brain's electrical patterns are yours for life.
As of March 2026, the global landscape for neural data protection is fragmented. Latin America leads on constitutional neurorights. China has national-level BCI ethics guidelines. The EU regulates neurotechnology indirectly through the AI Act and GDPR. France has a voluntary charter. The Council of Europe's Convention 108+ provides binding coverage for 46 states. The United States has no federal law specifically addressing neural data privacy—only a patchwork of five enacted state laws and the MIND Act, a proposed study (not a regulation).
This gap matters for everyone. The Harvest Now, Decrypt Later (HNDL) threat does not respect borders. Neural data encrypted with pre-quantum algorithms today can be stored by any adversary and decrypted when cryptographically relevant quantum computers arrive. Zuchongzhi 3.0, Willow, Jiuzhang—the quantum trajectory is clear across multiple countries. Neural data harvested today does not expire. The brain does not get a firmware update. Every jurisdiction benefits from raising the global floor of neural data protection, and the countries furthest ahead have lessons to teach those still catching up.
Global Regulatory Landscape
The following table compares jurisdictions that have enacted, adopted, or formally proposed neural data protections as of March 2026. "Enacted" means the provision has legal force. "Adopted" means formally approved but may not be legally binding. "Proposed" means introduced but not yet passed.
| Jurisdiction | Instrument | Year | Scope | Status |
|---|---|---|---|---|
| Chile | Constitutional Amendment (Law 21.383, Art. 19) | 2021 | Constitutional | Enacted |
| Spain | Digital Rights Charter | 2021 | Non-binding charter | Adopted |
| China | MoST BCI Ethics Guidelines | 2024 | National guidelines | Adopted |
| China | PIPL (biometric/neural as sensitive data) | 2021 | National law | Enacted |
| Brazil (Rio Grande do Sul) | State constitutional amendment (neurorights) | 2023 | State constitutional | Enacted |
| Brazil (Federal) | PEC 29 (federal constitutional amendment) | 2023 | Federal constitutional | Proposed |
| Mexico | Constitutional amendment proposals | 2024 | Federal constitutional | Proposed |
| Uruguay | Neurorights bill | 2024 | Federal legislation | Proposed |
| European Union | AI Act (Reg. 2024/1689) + GDPR | 2024 | Supranational regulation | Enacted |
| France | Charter for Responsible Development of Neurotechnologies | 2022 | National voluntary charter | Adopted (voluntary) |
| Council of Europe | Convention 108+ (neural data as special-category) + Draft Guidelines on Neuroscience | 2024–25 | International convention (binding) | Enacted |
| UNESCO | Recommendation on Ethics of Neurotechnology | 2025 | International framework | Adopted (non-binding) |
| Global Privacy Assembly | Resolution on Neurotechnologies | 2024 | International resolution | Adopted (non-binding) |
| United States (Federal) | MIND Act (S.2925) | 2025 | Federal (study mandate) | Proposed |
The Federal Gap
The MIND Act (S.2925), introduced September 2025 by Senators Cantwell, Schumer, and Markey, does not create protections. It directs the FTC to study neural data governance and recommend standards. Even if passed, it produces a report—not a regulation. Meanwhile, China's MoST guidelines have been in effect since February 2024, and China's PIPL already classifies biometric data (including neural) as sensitive personal information at the national level.
Chile: The Constitutional Standard
On October 14, 2021, Chile's Congress adopted Law 21.383, amending Article 19 of the constitution. The amendment states that scientific and technological development "must be at the service of people and conducted with respect to life and physical and psychic health," and that the law "shall especially protect cerebral activity as well as the information derived from it."
Chile's approach gives brain data the same legal status as an organ—it cannot be bought, sold, trafficked, or manipulated. A companion neuroprotection bill provides specific regulations including informed consent requirements and restrictions on recreational neurotechnology use.
In August 2023, Chile's Supreme Court issued a landmark ruling in Girardi v. Emotiv Inc.—the first judicial enforcement of neurorights anywhere in the world. The Court found that Emotiv violated constitutional rights to psychological integrity and privacy by retaining anonymized EEG data for research without separate consent. The ruling established that neurodata is sensitive, personal, and biometric data, and cannot be appropriated even in anonymized form without specific consent. This is not theoretical law. It has been enforced against a real company, on real neural data.
Strengths
- Constitutional-level protection (highest legal force)
- Brain data treated as non-commodifiable (organ status)
- Judicial enforcement precedent (Supreme Court 2024)
- Companion legislation with specific consent requirements
Limitations
- Implementing legislation still in progress
- No explicit technical standards for neural data encryption
- Enforcement capacity limited in a developing economy
- Definition scope debated in academic literature
China: National-Level BCI Ethics
In February 2024, China's Ministry of Science and Technology (MoST) published the "Guidelines for Research Ethics in Brain-Computer Interface," based on recommendations from the National Research Ethics Committee. The guidelines address seven dimensions: legality and compliance, social and scientific values, informed consent, privacy protection, risk prevention and control, qualification requirements, and responsibility mechanisms.
The guidelines distinguish between therapeutic BCI (designed to help neurological disabilities) and augmentative BCI (enhancing healthy individuals), urging "moderation" for augmentative applications and warning they could "exacerbate social inequality if adopted without restraint." They also require thorough risk-benefit assessment to minimize impacts on human reasoning, decision-making, cognitive behaviors, and individual autonomy.
China's PIPL (Personal Information Protection Law, 2021) independently classifies biometric data—which includes neural data—as sensitive personal information requiring explicit consent and purpose limitation at the national level.
Strengths
- National-level scope (applies across all provinces)
- BCI-specific (not a general privacy law amendment)
- Distinguishes therapeutic vs. augmentative BCI
- Backed by PIPL's biometric data protections
- Addresses cognitive autonomy and social fairness
Limitations
- Ethics guidelines, not binding legislation
- Enforcement transparency is limited
- State surveillance exemptions are not addressed
- No independent oversight mechanism documented
- Dual-use concerns: military BCI research is separate
The Dual-Use Problem
China's MoST guidelines apply to research ethics. They do not address military or intelligence applications of BCI technology. This separation is not unique to China—the US has the same structural gap between DARPA's N3 program and consumer neural data protections, and the EU's AI Act exempts national security applications. Every major power maintains a firewall between civilian ethics frameworks and defense research. The honest observation is that no country's published guidelines constrain military or intelligence use of neural data. This is a universal blind spot, not a single-country problem.
United States: The State Patchwork
As of March 2026, five US states have enacted laws explicitly addressing neural data (Colorado, California, Montana, Connecticut, Oregon), with a sixth (Alabama) having passed the state House. At least ten more have introduced bills. Each defines "neural data" differently, amends different existing statutes, and provides different enforcement mechanisms. There is no federal neural data privacy law.
Enacted Laws
| State | Law | Effective | Mechanism |
|---|---|---|---|
| Colorado | HB 24-1058 (amends Colorado Privacy Act) | Aug 2024 | Neural data added as "biological data" under sensitive data |
| California | SB 1223 (amends CCPA) | Jan 2025 | Neural data as sensitive personal information under CCPA |
| Montana | Neural data added to genetic information protections | 2024 | Extended genetic privacy safeguards to neurotechnology data |
| Connecticut | SB 1295 (amends Connecticut Data Privacy Act) | Jul 2026 | Neural data as sensitive data; CNS-only scope (narrower than others) |
| Oregon | HB 2008 (amends Oregon Consumer Privacy Act) | Jan 2026 | Neural data added to sensitive data category |
Proposed Bills (as of March 2026)
| State | Approach | Notable Feature |
|---|---|---|
| Minnesota | SF 1240 (standalone Neurodata Rights Act) | Introduces "cognitive liberty" and "consciousness bypass" as legal constructs; applies to government entities |
| Illinois | HB 2984 (amends BIPA) + SB 2994 (amends Genetic Info Privacy Act) | Private right of action via BIPA ($1,000–$5,000 per violation, strongest US enforcement) |
| Massachusetts | H.103 (standalone) + H.4746 (comprehensive privacy act); Senate passed companion 40-0 | Prohibits collection unless strictly necessary; includes limited private right of action |
| Vermont | H.366 (Neurological Rights) + H.814 (BCI consent) | Introduces "conscious bypass" prohibition; $10K/violation; private right of action |
| Alabama | HB 263 (passed House Feb 2026, pending Senate) | Mirrors Colorado's definition; standalone biological/neural data bill |
| California | SB 44 (BCI-specific, adds to SB 1223) | Purpose-limitation and mandatory deletion for BCI data; narrowest technologically-specific scope |
The Definition Problem
Each state defines "neural data" differently. These are not cosmetic differences—they determine what is actually protected.
Colorado
"Information generated by the measurement of the activity of an individual's central or peripheral nervous systems and that can be processed by or with the assistance of a device."
Scope limit: Nested under "biological data" definition, which only applies when used "for identification purposes." This significantly narrows coverage.
California
"Information that is generated by measuring the activity of a consumer's central or peripheral nervous system, and that is not inferred from nonneural information."
Scope limit: Excludes data inferred from non-neural sources. Behavioral data that reveals cognitive state (typing patterns, gaze tracking) is not covered.
Minnesota (Proposed)
Standalone neural data privacy statute, not an amendment to an existing consumer privacy law. Separate protections for neural data and mental privacy.
Scope limit: As a standalone bill, coverage depends on passage rather than existing enforcement infrastructure.
The Goldilocks Problem
The Future of Privacy Forum calls this the "neural data Goldilocks problem": define too narrowly and you miss real threats (Colorado's identification-only scope misses research exploitation); define too broadly and you capture all physiological data, creating compliance chaos. No state has found the right balance yet. The result is that a BCI company operating in all 50 states faces at least four different legal definitions of what "neural data" means, with more coming.
European Union: Indirect but Broad
The EU does not have a neurorights law. Instead, it regulates neurotechnology through two existing frameworks:
GDPR: Neural data qualifies as biometric data and health data under the GDPR, both of which are "special categories" requiring explicit consent under Article 9. This provides baseline protection across all 27 member states, but was not designed with BCI in mind.
AI Act (Regulation 2024/1689): Entered into force August 1, 2024, with prohibited practices effective February 2, 2025, and full application by August 2, 2026. BCI systems that qualify as medical devices require third-party conformity assessment as high-risk AI. The Act prohibits emotion recognition in workplaces and educational institutions (Article 5(1)(f))—a provision that directly impacts neurotechnology capable of inferring cognitive or emotional states.
The combination provides stronger de facto neural data protection than any US state law, without using the word "neurorights."
International Frameworks
UNESCO Recommendation on Ethics of Neurotechnology (Nov 2025)
The first global framework for neurotechnology ethics, adopted at UNESCO's 43rd General Conference. Sets rights-based principles for the full neurotechnology lifecycle. Warns against use on children for non-therapeutic purposes. Prohibits workplace productivity monitoring via neurotechnology. Non-binding but provides normative reference for national legislation.
Global Privacy Assembly Resolution (Nov 2024)
Adopted at the 46th Annual Conference. Establishes principles for processing personal information in neuroscience and neurotechnology. Addresses decision-making freedom, neural data confidentiality, equality in brain capacity enhancement, and protections against discrimination. Neurodata classified as "highly sensitive personal data" requiring enhanced privacy and security measures.
UN Human Rights Council Advisory (2024)
The UN HRC Advisory Committee addressed neurotechnology's impact on human rights, contributing to the broader international discourse. The UN General Assembly report A/80/283 examines neurotechnology governance gaps and recommends member state action.
OECD Neurotechnology Guidelines (2019—ongoing)
The OECD issued the first international neurotechnology guidelines in 2019 (Recommendation OECD/LEGAL/0457). Defines "personal brain data" as data relating to "the functioning or structure of the human brain of an identified or identifiable individual." The OAS Inter-American Juridical Committee followed with recommendations in 2021 and 2023. These non-binding instruments established the normative vocabulary now used in binding legislation. OECD Neurotechnology Toolkit released April 2024 for member-state implementation.
France: Voluntary Charter (2022)
France's Charter for the Responsible Development of Neurotechnologies (2022), developed with the national ethics committee (CCNE), has 34 signatories from public and private sectors. Implements the OECD recommendation. Commits signatories to protect cognitive liberty, mental privacy, and psychological continuity; provide clear information on neural data collection and use; and enable data portability in machine-readable formats. Voluntary only, but the most advanced national implementation of OECD principles.
Council of Europe: Convention 108+ (Binding)
Convention 108+ (amended 2018) is binding law for its 46 ratifying states. Neural data falls under Article 6 as special-category data given "its inherent sensitivity and potential risk of discrimination or injury to individual dignity." Requires prior data processing impact assessment (Article 10). In March 2025, the Committee published draft Guidelines on Neuroscience (T-PD(2025)1) interpreting Convention 108+ principles specifically for neural data. This is the strongest existing binding international framework for neural data protection.
The HNDL Threat: Why Global Coordination Matters
Every regulation discussed above addresses who can collect neural data and under what conditions. None of them address what happens when encrypted neural data is intercepted and stored by any adversary today, then decrypted when quantum computing breaks the underlying cryptography.
This is the Harvest Now, Decrypt Later (HNDL) threat, and neural data is uniquely vulnerable to it. The threat is not country-specific—it applies to any entity (state or non-state) with storage capacity and a long-term decryption strategy. Every jurisdiction's citizens are at risk, which is why international collaboration on PQC adoption for neural data is in everyone's interest.
Why Neural Data Is the Worst-Case HNDL Target
- Irrevocable. Passwords can be rotated. Keys can be revoked. Certificates can be reissued. Neural signatures cannot be changed. Your brain's electrical patterns are biometrically yours for life. A compromised neural dataset has no expiration date.
- Lifelong identifier. Neural patterns are as stable as fingerprints for identification purposes, but far richer. They encode not just identity but cognitive patterns, emotional responses, and neurological health status. HNDL-harvested neural data from 2024 is still valid in 2040.
- Growing attack surface. Consumer BCI adoption is accelerating. Every EEG headband, every ANC earbud with neural inference, every meditation app with brainwave monitoring generates data that transits networks. The volume of harvestable neural data increases every year.
- Pre-quantum encryption. Most BCI data today is encrypted with RSA or ECC. Both are vulnerable to Shor's algorithm. NIST finalized PQC standards (ML-KEM/FIPS 203, ML-DSA/FIPS 204, SLH-DSA/FIPS 205) in August 2024, but adoption is slow. The NSA CNSA 2.0 roadmap mandates PQC for new classified systems by 2027, full transition by 2035. Consumer BCI has no such mandate.
The Quantum Race
| System | Country | Year | Capability |
|---|---|---|---|
| Jiuzhang 3 | China | 2023 | 255 photons, 1016x classical speedup (photonic) |
| Willow | US (Google) | 2024 | 105 qubits, below-threshold error correction (superconducting) |
| Zuchongzhi 3.0 | China | 2025 | 105 qubits, 1015x classical speedup, commercially deployed |
None of these systems are cryptographically relevant quantum computers (CRQCs). Breaking RSA-2048 requires millions of logical qubits with low error rates. Most specialists estimate CRQCs arriving in the 2028–2035 range. But the trajectory matters for HNDL: the question is not whether CRQCs will arrive, but whether harvested data will still be sensitive when they do. For neural data, the answer is always yes. EEG-based biometric signatures have demonstrated stable individual identification over nine-month periods with >90% accuracy—these patterns do not expire.
Confirmed Research Gap
No peer-reviewed paper has constructed a formal HNDL threat model for BCI or neural data specifically. No government or regulatory body has issued guidance addressing HNDL threats to neural data. NIST's PQC migration guidance (IR 8547) does not mention neurotechnology. CNSA 2.0 does not reference BCI or medical device data streams. No major BCI manufacturer (Neuralink, Synchron, Emotiv) has published quantum-resistant encryption specifications. This intersection—PQC requirements for neural data—is an open gap in both the research literature and the regulatory landscape.
The Global Coordination Gap
No single country has solved this end-to-end. Chile leads on constitutional neurorights but lacks technical encryption mandates. China has national BCI ethics guidelines and the PIPL, but civilian protections and military BCI programs are structurally separate. The EU has the strongest de facto protection through GDPR + AI Act, but no neuro-specific legislation. The US has NIST PQC standards (world-leading cryptographic research) but no federal neural data law to mandate their adoption for BCI.
The opportunity is clear: every jurisdiction has something to teach and something to learn. Chile's constitutional approach, China's BCI-specific scope, the EU's enforcement infrastructure, and America's PQC standards are complementary pieces of a puzzle that no one has assembled yet.
The urgency is also clear. Every day of neural data transmitted under pre-quantum encryption is a day of data available for HNDL by any adversary. The brain does not get a patch cycle. This is why international coordination—through UNESCO, the Global Privacy Assembly, and bilateral research agreements—matters more than any single country's regulations.
Where QIF Fits
The Quantum-Informed Framework (QIF) addresses the technical layer that no regulation currently covers. Regulations define who can collect neural data. QIF addresses how to protect it at the signal level.
NSP (Neural Sensory Protocol)
Post-quantum secure by design. NSP specifies ML-KEM for key encapsulation at the neural interface boundary. If adopted, neural data would be encrypted with PQC from the point of collection—eliminating the HNDL window.
Neurowall
Zero-trust signal validation at the hardware-biology boundary. Amplitude bounds, rate limiting, and anomaly detection. Regulations protect data after collection; Neurowall protects the signal before it becomes data.
TARA Threat Registry
99 documented attack techniques across 6 domains. Provides the technical threat intelligence that policy frameworks need to write specific, enforceable protections rather than broad principles.
NISS Scoring
Quantitative impact measurement. Maps technical severity to clinical and rights-based outcomes. Gives regulators a standardized way to assess the impact of specific BCI attacks, not just the presence of a vulnerability.
Epistemic note: QIF, NSP, Neurowall, TARA, and NISS are proposed frameworks in development. They have not been peer-reviewed, adopted by any standards body, or independently validated. They are presented here as a technical research contribution, not as established standards.
Recommendations
1. Federal Neural Data Privacy Law
The MIND Act is a study, not a law. The US needs binding federal legislation with a uniform definition of neural data, minimum consent requirements, and enforcement authority. Chile, China, and the EU have all demonstrated that national-level (or supranational) coordination works better than fragmented state-by-state approaches.
2. Mandate PQC for Consumer BCI
NIST PQC standards exist (FIPS 203, 204, 205). The NSA mandates PQC for classified systems by 2027. Consumer BCI should have the same requirement. Neural data is at least as sensitive as classified communications—it is biometric data that cannot be rotated.
3. Harmonize Definitions
The "Goldilocks problem" of neural data definitions creates regulatory arbitrage. A BCI company can choose to incorporate in the state with the weakest definition. Federal legislation should define neural data broadly enough to cover direct measurement and device-assisted processing, while excluding purely inferred behavioral data.
4. Address HNDL in Neural Data Regulations
No existing neural data regulation addresses the quantum threat. Regulations should mandate minimum encryption standards for neural data in transit and at rest, with a PQC migration timeline. Data retention limits are especially critical: neural data stored indefinitely under pre-quantum encryption is permanently exposed to future HNDL decryption.
5. Adopt Technical Threat Frameworks
The UNESCO recommendation and MIND Act call for risk assessment, but neither specifies a threat taxonomy. A standardized BCI threat registry (like TARA) gives regulators specific attack patterns to legislate against, rather than writing broad principles that sound protective but cannot be enforced technically.
6. International Research Collaboration
Neurosecurity is a shared problem. Academic collaboration across borders—sharing threat taxonomies, validating defensive frameworks, harmonizing definitions—raises the floor for everyone. The OECD, UNESCO, and Global Privacy Assembly frameworks provide vehicles for this coordination. The goal is not to compete on neural data protection, but to ensure no jurisdiction's citizens are left unprotected because their country started later.
Related
Threat Registry
TARA Atlas
99 BCI attack techniques across 6 domains with NISS scoring
Framework
QIF Architecture
11-band hourglass model and post-quantum security design
Working Paper
Securing Neural Interfaces
DOI: 10.5281/zenodo.18640105
Guardrail Proposal
Neurowall
Zero-trust neural firewall with PQC key encapsulation
Sources & Methodology
This analysis draws from primary legal sources, government publications, peer-reviewed articles, and verified reporting. All claims are traceable to the sources listed below. Where regulatory status is uncertain or definitions are contested, this is noted explicitly.
Chile: Law 21.383 (2021); UNESCO Courier; Chilean Supreme Court ruling analysis (Frontiers in Psychology, 2024)
China: MoST BCI Ethics Guidelines (National Science Review, 2024); Georgetown CSET translation
US States: Future of Privacy Forum: Neural Data Goldilocks Problem; Arnold & Porter: Neural Data Privacy Regulation; Morrison Foerster: State Neural Data Bills
MIND Act: S.2925 (Congress.gov); Davis Wright Tremaine analysis
EU AI Act: IAPP: Neurotechnologies under the EU AI Act; Implications of the EU AI Act for neurotechnologies (ScienceDirect)
UNESCO: UNESCO Recommendation on Ethics of Neurotechnology
Global Privacy Assembly: Resolution on Neurotechnologies (Nov 2024, PDF)
Quantum/PQC: NIST PQC Standards (Aug 2024); Zuchongzhi 3.0 (Chinese Academy of Sciences); HNDL Threat Model (Palo Alto Networks)
Latin America: Future of Privacy Forum: Neurorights in Latin America; Neurorights Foundation: Latin America Advocacy
France: French Charter for Responsible Development of Neurotechnologies (PDF)
Council of Europe: Draft Guidelines on Neuroscience, T-PD(2025)1; Convention 108+ Expert Report on Neurotechnology
Chile (judicial enforcement): Girardi v. Emotiv Supreme Court ruling analysis (Frontiers in Psychology, 2024)
Neural biometrics stability: Advancing EEG-based biometric identification (Springer, 2025); Beyond neural data: Cognitive biometrics and mental privacy (Neuron, 2024)
PQC-BCI intersection: Privacy-Preserving Brain-Computer Interfaces: A Systematic Review (arXiv, 2024)