EU

European Commission publishes final General-Purpose AI Code of Practice, aimed at governing AI operations ahead of the EU AI Act's August rules. Code is voluntary, offering compliance benefits like reduced administrative burden. It addresses safety, transparency, and copyright obligations, developed with input from 1,000+ stakeholders. Debate continues on its effectiveness and regulatory burden, with companies expressing concerns over its prescriptiveness and need for implementation time. Official endorsement from member states is next, allowing organizations to voluntarily comply.

https://iapp.org/news/a/european-commission-receives-final-version-of-general-purpose-ai-code-of-practice

TLDR: The EU Artificial Intelligence (AI) Act 2024 establishes a regulatory framework for AI, promoting human-centric use while ensuring safety and ethical standards. It categorizes AI risks into four levels and restricts harmful applications. The Act mandates compliance from August 2026, with interim obligations starting February 2025, emphasizing AI literacy among HR professionals to mitigate risks. The legislation aims to foster trust and encourage responsible AI adoption, while requiring significant efforts in education and guidance for effective implementation.

https://www.cipd.org/ie/views-and-insights/thought-leadership/insight/implications-eu-ai-act/

European Commission released guidelines on prohibited AI practices under the EU AI Act on February 4, 2024. These non-binding guidelines clarify interpretations and enforcement of Article 5's prohibitions, impacting developers and deployers of AI systems. Key prohibitions include:

1. Predictive policing: AI cannot predict criminal behavior based on profiling or personality traits.
2. Untargeted facial image scraping: Prohibits collecting facial data from the internet without targeting specific individuals.
3. Emotion recognition in workplaces/education: Bans AI systems recognizing emotions in these contexts to prevent discrimination.

Exceptions exist for certain practices, but companies must ensure compliance to navigate the regulatory landscape.

https://www.lexology.com/library/detail.aspx?g=ef05513f-5e88-4614-86b4-659468de7f05

Support for delaying parts of the EU's AI Act is increasing, following a meeting of member states and the European Commission's tech leaders. They propose a “stop the clock” approach due to impending deadlines and unresolved guidelines. Member states differ on how long to postpone implementations, with calls for up to two years for some components. The AI industry endorses this delay, citing the need for additional time for compliance. However, any amendments would require legislative review, and predictions on outcomes are uncertain, highlighting divisions within the Commission.

https://iapp.org/news/a/support-for-ai-act-pause-grows-but-parameters-still-unclear

EU AI Act mandates AI literacy for providers and users of AI systems since February 2025. Compliance expectations are vague, emphasizing staff training to understand AI risks and legal implications. All stakeholders, including contractors and clients, must be educated on AI. Tailored approaches are required, particularly for high-risk systems. No universal standards exist; training is context-specific. Non-compliance may lead to enforcement from August 2026, but exact penalties are unclear. Effective AI literacy is essential for sound AI governance, regardless of direct AI Act applicability.

https://www.dataprotectionreport.com/2025/05/ai-literacy-the-commissions-pointers-on-building-your-programme/

EU AI Act mandates firms to ensure staff and clients are AI literate, training on AI systems required, addressing ethical, legal aspects. Enforcement starts August 2026; records of training suffices.

https://financialregulation.linklaters.com/post/102kbdp/eu-guidance-suggests-firms-may-need-to-train-clients-and-service-providers-on-ai

EU AI Act takes effect August 2024, prohibiting harmful AI practices (e.g., subliminal manipulation, social scoring). Tips for compliance include focusing on prohibited use cases, early screening of new AI projects, and balancing governance with practicality.

https://www.tlt.com/insights-and-events/insight/prohibited-ai—taking-a-practical-approach-to-compliance/

TLDR: EU AI Act, effective August 2024, prohibits harmful AI practices: subliminal manipulation, social scoring, and biometric tracking in public. Compliance requires assessing current AI uses, screening future applications, and maintaining an efficient governance framework. Focus on high-risk, prohibited cases and leverage existing compliance processes to ensure adherence.

https://www.tlt.com/insights-and-events/insight/prohibited-ai—taking-a-practical-approach-to-compliance/

AI washing poses legal risks as companies exaggerate AI capabilities amid vague definitions in the EU's AI Act. Legal clarity is essential but increases scrutiny, with potential penalties for false claims. Companies face liability for misleading assertions to investors and customers. Developing accurate communications and verifying AI claims are crucial to mitigate legal repercussions.

https://www.clydeco.com/en/insights/2025/05/the-fine-print-of-ai-hype-the-legal-risks-of-ai-wa