The Council of Europe AI Convention: the first binding AI treaty, ratified by the EU

While most attention in 2026 went to the EU's own simplification of the AI Act, the bloc quietly took a different kind of step: on 15 May 2026 the European Union ratified the Council of Europe Framework Convention on Artificial Intelligence and Human Rights, Democracy and the Rule of Law — the first legally binding international treaty devoted to AI. The European Parliament had given its consent to the conclusion on 11 March 2026; ratification followed at the 135th Session of the Council of Europe's Committee of Ministers in Chișinău.

This is a different instrument from the AI Act, and confusing the two misreads both. The Convention (treaty series CETS No. 225) was adopted on 17 May 2024 and opened for signature in Vilnius on 5 September 2024 — including for non-European states such as the United States, the United Kingdom, Japan and Canada. It does not regulate products on a market. It binds states.

What it actually binds: states, not companies

The AI Act has direct effect: it imposes obligations on providers and deployers that a market-surveillance authority can enforce. The Convention does not. It requires parties — the states and the EU that ratify it — to give effect to its principles through their own legal order. For the European Union, the AI Act, together with the GDPR and related law, largely serves as that transposition; the Commission describes the Convention as "fully in line with" the AI Act.

The treaty's central design choice is a graduated and differentiated approach. Article 1(2) requires that measures "shall be graduated and differentiated as may be necessary in view of the severity and probability of the occurrence of adverse impacts" on human rights, democracy and the rule of law. The same logic — calibrate the burden to the risk — underlies the AI Act, and it is no coincidence: the two instruments were negotiated in parallel.

Scope: a deliberate flexibility on the private sector

The most-debated provision is Article 3, on scope. For the public sector the obligation is direct. For private actors it is softened: under Article 3(1)(b) each party must address risks from AI activities "by private actors … in a manner conforming with the object and purpose of this Convention," and may choose how — either by applying the Convention's principles directly to private actors or "by taking other appropriate measures to fulfil the obligation." A party declares its choice on ratification. This two-track design was the price of bringing non-European states with lighter domestic regimes to the table.

Two carve-outs further limit reach. Under Article 3(2) a party "shall not be required to apply this Convention to activities … related to the protection of its national security interests," subject to respect for international law and democratic institutions. Under Article 3(4), "matters relating to national defence do not fall within the scope of this Convention." These exclusions echo the AI Act's own national-security and military carve-outs — see our analysis of the AI Act, defence and national security.

The principles parties must give effect to

Chapter III sets out the substantive commitments, each to be implemented through domestic measures:

• Human dignity and individual autonomy (Art. 7).
• Transparency and oversight (Art. 8), tailored to context, including the

identification of AI-generated content.

• Accountability and responsibility for adverse impacts (Art. 9).
• Equality and non-discrimination, including gender equality (Art. 10).
• Privacy and personal data protection (Art. 11).
• Reliability — quality and security across the AI lifecycle (Art. 12).
• Safe innovation, including controlled testing environments under the

supervision of a competent authority (Art. 13) — the treaty-level counterpart to the AI Act's regulatory sandboxes.

On top of the principles, the Convention requires remedies (Art. 14): accessible and effective remedies for violations, documentation of relevant AI system information, and the ability to contest decisions and lodge complaints with a competent authority. Procedural safeguards (Art. 15) apply where AI significantly affects rights, and persons must be notified when they are interacting with an AI system rather than a human — the same instinct behind Article 50 of the AI Act.

Article 16 obliges parties to adopt measures for the identification, assessment, prevention and mitigation of risks, applied iteratively across the lifecycle, with testing before deployment and after significant modification. For that assessment the Council of Europe has supplied its own method, the HUDERIA and COBRA model.

Entry into force: ratified, but not yet in force

The EU's ratification does not by itself switch the treaty on. Under Article 30(3), the Convention enters into force "on the first day of the month following the expiration of a period of three months after the date on which five signatories, including at least three member States of the Council of Europe, have expressed their consent to be bound." The EU's ratification on 15 May 2026 is a significant step toward — not the crossing of — that threshold. Until five parties (three of them Council of Europe members) have ratified, the binding force remains latent, even as signatories continue to align their domestic law.

Why it matters beyond the EU

For organisations operating only inside the EU, the Convention changes little in the short term: their binding obligations come from the AI Act. Its weight is felt elsewhere. By design it reaches across the Atlantic and into the Asia-Pacific, and it gives jurisdictions without a horizontal AI statute a ready-made set of principles to transpose. It is the spine of the international layer of AI governance — the binding instrument around which the OECD Principles, NIST framework and ISO standards arrange themselves. The 2026 EU ratification is the clearest signal yet that the treaty, and not only the AI Act, is meant to anchor how democracies converge on AI.