regulation

EIOPA released a consultation on AI governance and risk management for insurance. The Opinion guides insurance entities on AI use, emphasizing risk assessment, proportional governance, ethics, data management, and accountability. It highlights the importance of fairness, transparency, and documentation, while encouraging a customer-centric approach and regular review of AI strategies. Adequate data governance and redress mechanisms are mandated, not introducing new laws but clarifying existing regulations. Feedback is due by May 12, 2025.

https://datamatters.sidley.com/2025/03/14/eiopa-publishes-consultation-on-opinion-on-ai-governance-and-risk-management/

EU's new GPAI Code, delayed but published on March 11, aims to aid compliance under the AI Act for General Purpose AI providers. While it includes streamlined commitments and user-friendly documentation, concerns remain from tech bodies about copyright and risk evaluation requirements. Further guidance on GPAI models is forthcoming. Finalization is due by May; if not completed by August 2025, common rules may be established by the Commission. The success of this voluntary Code is crucial for practical implementation of the AI Act.

https://thelens.slaughterandmay.com/post/102k49e/ai-acts-new-gpai-code-out-finally

EU's AI Act now mandates first obligations.

https://www.jdsupra.com/legalnews/the-eu-s-ai-act-the-first-obligations-3018655/

EU AI Act requires organizations to implement a governance system for AI systems, classify them by risk, and prepare for compliance within two years. Violations can incur hefty penalties. Companies should establish clear responsibility lines among IT, legal, and compliance teams, conduct risk assessments, and create an inventory of AI solutions. A proactive approach is needed to meet the law's requirements and mitigate risks involved with AI usage.

https://www.ey.com/en_nl/insights/ai/eu-ai-act-roadmap-what-does-the-ai-act-mean-for-your-organization

Industry expresses major concerns over the draft EU AI Code of Practice, highlighting unresolved copyright issues and burdensome obligations that could hinder AI innovation. Critics from various sectors say the code lacks legal clarity and fails to address key risks effectively. Feedback on this draft is open until March 30, with a final version expected by May.

https://www.euronews.com/next/2025/03/12/industry-flags-serious-concerns-with-latest-draft-of-eu-ai-code-of-practice

EU AI Act's new draft Code for AI model makers offers gentler guidance for compliance, aiming to clarify obligations around transparency and copyright for general purpose AI providers. Feedback for finalizing the Code is being collected until March 30, 2025, amidst concerns about potential overregulation as the EU responds to pressures from the U.S. administration. Key aspects include streamlined commitments and nuanced language that may benefit larger AI companies' data practices. The final version will clarify roles and responsibilities of AI model makers.

https://techcrunch.com/2025/03/11/eu-ai-act-latest-draft-code-for-ai-model-makers-tiptoes-towards-gentler-guidance-for-big-ai/

EU's AI Act, adopted June 2024, regulates AI use, categorizing systems by risk levels. It presents opportunities and risks in counter-terrorism, where AI aids recruitment and security while also raising ethical and human rights concerns. AI may enhance crime prevention through predictive policing but risks bias and privacy violations, especially affecting marginalized communities. Real-time biometric recognition has exceptions for counter-terrorism, potentially infringing rights. The Act lacks sufficient safeguards against misuse in security contexts, thus requiring rigorous enforcement to balance efficiency in justice with democratic freedoms.

https://gnet-research.org/2025/03/10/the-eus-ai-act-implications-on-justice-and-counter-terrorism/