EU

EU regulators are slow to define rules for regulating ChatGPT, despite its rapid user growth. OpenAI's chatbot must comply with the EU's Digital Services Act (DSA) and AI Act, but clarity on its categorization and requirements is lacking until mid-2026. The discrepancy between these laws and their alignment with ChatGPT's functionalities pose challenges in assessing risks, particularly regarding public health and elections. Potential penalties for non-compliance could be substantial.

https://www.politico.eu/article/eu-chatgpt-ai-digital-law-tech-openai-regulations-legal/

EU's AI Act lacks regulation for biological AI models (BAIMs) which could pose significant biosecurity risks. Despite recognizing biological threats, existing guidance primarily applies to general-purpose AI like language models, leaving BAIMs potentially unregulated. Clarifying that BAIMs can be classified under the Act is crucial to prevent misuse and enhance safety, as these models can facilitate dangerous biological actions while the current laws create a regulatory blind spot. Timely intervention is essential as BAIM capabilities develop, ensuring oversight aligns with emerging biological risks.

https://www.techpolicy.press/biological-ai-is-slipping-through-europes-ai-law-for-now/

Europe's AI Act and Apply AI Strategy aim for values-based AI regulation and innovation, despite pressure from US tech companies to delay enforcement. Effective regulation is crucial for trust, investment security, and consumer protection. Europe’s technological and democratic sovereignty hinges on prioritizing public values over mere market convenience. The goal is a complementary AI Democracy Action plan to enhance governance and reduce dependency on US tech, affirming Europe's commitment to democratic digital sovereignty and fundamental rights.

https://www.techpolicy.press/europe-wrote-the-ai-rulebook-can-it-deliver-on-its-ambitions/

Italy has enacted its first national AI law, effective October 10, 2025, complementing the EU AI Act. The law emphasizes principles of transparency, accountability, and human oversight in AI, clarifying that AI must support rather than replace human decisions. It mandates disclosure to employees when AI is used in hiring and performance evaluation, and enforces data protection aligned with GDPR. It allows pseudonymized data for research under safeguards, penalizes AI-generated deepfakes, and restricts data mining for copyright compliance. Implementing decrees are expected within a year, requiring businesses to adapt governance frameworks and ensure compliance.

https://www.fisherphillips.com/en/news-insights/italy-enacts-first-national-ai-law-in-europe.html

EU AI Act is world's first comprehensive AI law promoting innovation and protecting health, safety, and rights. It categorizes AI systems by risk, with compliance phased in by 2027. High-risk systems face stringent obligations; unacceptable risks are prohibited. The Act emphasizes transparency, human oversight, and adapts to technological changes. Support exists for SMEs, ensuring streamlined processes and reduced burdens. AI literacy is critical for compliance. The Act addresses various areas like biometric data and outlines specific prohibitions, ensuring responsible AI use.

https://ai-act-service-desk.ec.europa.eu/en/faq