EU Publishes Voluntary Guidelines for Advanced AI Models amid Company Pushbacks

The new European Commission's Code of Practice for General-Purpose AI (GPAI) Models, though introduced as a voluntary guideline, effectively functions as a quasi-regulatory framework. This Code, aligned with the EU AI Act, emphasizes transparency, safety, and copyright compliance, setting a new compliance baseline. Further approvals are needed for it to be implemented, which is tentatively expected at the end of the year.

HR Policy Global’s Take: The EU's AI Act, enacted last June, sets out specific regulations for GPAI that will take effect on August 2. Without a clear enforcement timeline, signing the new Code showcases goodwill and protects companies from immediate penalties. We advise our member companies subject to the Act to review the Code, even if they are not GPAI providers.

Key changes in transparency, copyright, and security:

• Transparency: The Code specifies operational standards for transparency, requiring continuous updates and more detailed documentation, with exemptions for open-source models unless deemed risky.
• Copyright: Providers must exclude infringing sources and respect rights-reservation protocols, with new warnings for open-source models. A removed provenance check leaves a blind spot.
• Security and Safety: Providers must implement state-of-the-art measures and conduct risk assessments, with reduced burdens for smaller providers. Clarified obligations focus on monitoring and addressing security threats.

The Code was published amid massive pushbacks from businesses. CEOs from companies like Airbus and BNP Paribas are calling for a two-year pause on the act, fearing it could jeopardize the development of AI in Europe. However, the EU is not planning to delay the implementation timeline. 

Key points of concern:

• Legal Certainty: Employers are worried about the lack of clarity and consistency in AI regulations, which might lead to a patchwork of rules across member states.
• Competitiveness: The current rules are seen as putting European companies at a disadvantage compared to US and Chinese firms.

Extraterritorial reach of the EU AI Act. The Act applies to both EU and non-EU entities using AI systems that affect the EU market. A US developer and provider of AI tools used in the EU must ensure their global AI governance and practice comply with the law. As global regulatory frameworks converge, aligning with the Act’s standards early may offer a competitive edge for global companies.