regulation

EU AI Act Summary: The EU AI Act, adopted by the European Parliament, regulates AI development and use, balancing adoption with individual rights. It categorizes AI risks as unacceptable, high, and low/minimal. Unacceptable risks, like harmful subliminal influences, are banned. High-risk systems must comply with strict standards, while low-risk systems face fewer regulations. The Act will gradually implement over time, with measures including prohibitions on risky systems, establishment of national AI regulatory sandboxes, and guidance on high-risk categories. Organizations must assess and document their AI systems regarding these classifications.

https://kpmg.com/dk/en/ai/the-eu-ai-act-what-you-need-to-know.html

EU's General-Purpose AI Code of Practice, published July 10, 2025, aids industry compliance with AI Act on safety, transparency, and copyright. It's voluntary for AI model providers, offering legal certainty and reduced administrative burdens. The code includes chapters on Transparency, Copyright, and Safety, applicable to advanced models with systemic risks. Providers can sign the code to demonstrate compliance.

https://digital-strategy.ec.europa.eu/en/policies/contents-code-gpai

EU's AI code mandates companies disclose training data and respect copyright, facing fines up to 7% of revenue for noncompliance. Guidelines aim to help tech giants like OpenAI and Google follow the AI Act, which includes transparency about model development and safety measures.

https://www.techspot.com/news/108644-europe-ai-code-urges-companies-disclose-training-data.html

European Commission publishes final General-Purpose AI Code of Practice, aimed at governing AI operations ahead of the EU AI Act's August rules. Code is voluntary, offering compliance benefits like reduced administrative burden. It addresses safety, transparency, and copyright obligations, developed with input from 1,000+ stakeholders. Debate continues on its effectiveness and regulatory burden, with companies expressing concerns over its prescriptiveness and need for implementation time. Official endorsement from member states is next, allowing organizations to voluntarily comply.

https://iapp.org/news/a/european-commission-receives-final-version-of-general-purpose-ai-code-of-practice

TLDR: The EU Artificial Intelligence (AI) Act 2024 establishes a regulatory framework for AI, promoting human-centric use while ensuring safety and ethical standards. It categorizes AI risks into four levels and restricts harmful applications. The Act mandates compliance from August 2026, with interim obligations starting February 2025, emphasizing AI literacy among HR professionals to mitigate risks. The legislation aims to foster trust and encourage responsible AI adoption, while requiring significant efforts in education and guidance for effective implementation.

https://www.cipd.org/ie/views-and-insights/thought-leadership/insight/implications-eu-ai-act/

European Commission released guidelines on prohibited AI practices under the EU AI Act on February 4, 2024. These non-binding guidelines clarify interpretations and enforcement of Article 5's prohibitions, impacting developers and deployers of AI systems. Key prohibitions include:

1. Predictive policing: AI cannot predict criminal behavior based on profiling or personality traits.
2. Untargeted facial image scraping: Prohibits collecting facial data from the internet without targeting specific individuals.
3. Emotion recognition in workplaces/education: Bans AI systems recognizing emotions in these contexts to prevent discrimination.

Exceptions exist for certain practices, but companies must ensure compliance to navigate the regulatory landscape.

https://www.lexology.com/library/detail.aspx?g=ef05513f-5e88-4614-86b4-659468de7f05

Support for delaying parts of the EU's AI Act is increasing, following a meeting of member states and the European Commission's tech leaders. They propose a “stop the clock” approach due to impending deadlines and unresolved guidelines. Member states differ on how long to postpone implementations, with calls for up to two years for some components. The AI industry endorses this delay, citing the need for additional time for compliance. However, any amendments would require legislative review, and predictions on outcomes are uncertain, highlighting divisions within the Commission.

https://iapp.org/news/a/support-for-ai-act-pause-grows-but-parameters-still-unclear

EU AI Act mandates AI literacy for providers and users of AI systems since February 2025. Compliance expectations are vague, emphasizing staff training to understand AI risks and legal implications. All stakeholders, including contractors and clients, must be educated on AI. Tailored approaches are required, particularly for high-risk systems. No universal standards exist; training is context-specific. Non-compliance may lead to enforcement from August 2026, but exact penalties are unclear. Effective AI literacy is essential for sound AI governance, regardless of direct AI Act applicability.

https://www.dataprotectionreport.com/2025/05/ai-literacy-the-commissions-pointers-on-building-your-programme/

EU AI Act mandates firms to ensure staff and clients are AI literate, training on AI systems required, addressing ethical, legal aspects. Enforcement starts August 2026; records of training suffices.

https://financialregulation.linklaters.com/post/102kbdp/eu-guidance-suggests-firms-may-need-to-train-clients-and-service-providers-on-ai

EU AI Act takes effect August 2024, prohibiting harmful AI practices (e.g., subliminal manipulation, social scoring). Tips for compliance include focusing on prohibited use cases, early screening of new AI projects, and balancing governance with practicality.

https://www.tlt.com/insights-and-events/insight/prohibited-ai—taking-a-practical-approach-to-compliance/