With a May deadline looming, the EU has released a third and final draft of its Code of Practice for General Purpose AI (GPAI) compliance under the EU AI Act. The draft, published on Tuesday, refines guidance for powerful AI model providers, addressing transparency, copyright, and risk mitigation.
A new website has also been launched to enhance accessibility of the Code. Stakeholders can submit written feedback on this latest draft until March 30, 2025.
Stricter Regulations in the Code of Practice for AI Giants
The EU AI Act introduces a risk-based framework targeting the most powerful AI model makers. Compliance with these rules is crucial, as non-compliance could result in penalties of up to 3% of global annual revenue.
The latest draft of the Code of Practice offers a more streamlined structure, incorporating feedback from previous versions while refining key commitments. Experts hope to enhance clarity and coherence in the final guidance, which will be adopted later this year.
The draft outlines commitments for GPAI model providers, with detailed guidance on:
- Transparency – Including a model documentation form to ensure technology deployers can access critical compliance information.
- Copyright Compliance – Addressing concerns over AI models scraping copyrighted data without explicit permission.
- Safety & Security – Aimed at high-risk AI models that meet systemic risk thresholds (10^25 FLOPs computing power).
Concerns Over Copyright Loopholes
The copyright section remains highly contentious. The draft continues to use vague terms like “best efforts” and “reasonable measures” when describing compliance expectations for AI companies scraping data from the web. This suggests that Big AI firms may still have leeway in acquiring copyrighted content without upfront permissions.
Earlier drafts included stricter requirements, such as providing a single point of contact for copyright holders to file complaints. However, this has now been softened to merely requiring “a designated contact”, raising concerns that AI companies could ignore or reject mass complaints deemed “excessive or repetitive”.
US Pressure and Pushback on AI Regulations
The latest draft comes amid growing US criticism of the EU’s AI regulations. At the Paris AI Action Summit, US Vice President JD Vance dismissed strict AI laws, favoring an “AI opportunity” approach instead. He warned that overregulation in Europe could stifle AI innovation.
Following US pressure, the EU has already scrapped the AI Liability Directive and announced plans for an “omnibus” reform package aimed at reducing bureaucratic hurdles for businesses.
Some European AI firms, such as Mistral, have voiced strong opposition to the AI Act. At the Mobile World Congress in Barcelona, Mistral CEO Arthur Mensch admitted struggling to find technological solutions that comply with the law. He stated that the company is actively working with regulators to address these issues.
While the Code of Practice is being drafted independently, the European Commission’s AI Office is also preparing additional clarifying guidance. This will include final definitions of GPAI models and their responsibilities, potentially shaping how the law is ultimately enforced.
The finalized Code of Practice is expected to be adopted in the coming months, with additional AI Act enforcement guidelines from the European Commission following soon after. The evolving regulatory landscape suggests that further modifications or softening of AI rules may still occur under industry and international pressure.
