EU Advances in AI Regulation: Draft of the General-Purpose AI Code of Practice Unveiled
The European Commission has released a nearly final version of the General-Purpose AI (GPAI) Code of Practice on July 10, 2025. This voluntary compliance mechanism, part of the EU Artificial Intelligence Act ("AI Act"), is designed to help providers of General-Purpose AI (GPAI) models meet specific obligations under the AI Act.
Purpose
The Code aims to guide GPAI model providers in fulfilling their legal obligations under the AI Act, particularly those related to transparency, copyright compliance, technical documentation, and risk management. It supports these providers in implementing measures to meet the specific regulatory requirements effectively and transparently, promoting trustworthy and lawful AI development and deployment.
Applicability
The Code applies specifically to providers of GPAI models, defined as developers or entities placing these models on the market under their name or trademark. It covers AI models classified as general-purpose under the AI Act (Article 3(63)), excluding models solely used for research, development, or prototyping before being placed on the market. Relevance extends not only to original developers but can extend to downstream providers who modify or integrate GPAI models into other systems, potentially assuming provider obligations if modifications are significant.
Content
The Code includes requirements and best practices related to preparation and maintenance of technical documentation, providing information and documentation to facilitate integration of GPAI models into downstream applications, ensuring compliance with EU copyright and related rights, and addressing systemic risks posed by GPAI. It is designed to complement the AI Act by translating legal obligations into actionable steps and supporting providers in demonstrating due diligence and good faith compliance.
How it aids compliance
The Code functions as a voluntary but recommended framework that helps GPAI providers systematically address and document their adherence to the AI Act’s obligations, reducing regulatory uncertainty. It helps clarify complex requirements in Articles 53 and 55 of the AI Act concerning transparency, copyright compliance, and risk mitigation. By following the Code, providers can better prepare for regulatory inspection and enforcement, easing burden and reinforcing responsible AI deployment within the EU.
Compliance requirements
All GPAI model providers are expected to comply with the Transparency and Copyright chapters of the Code. The Transparency chapter requires providers to maintain robust documentation, share information with both regulators and downstream users, and implement integrity controls. The GPAI Code of Practice serves as a transitional compliance tool, referenced under Article 56 of the AI Act.
The GPAI Code of Practice is relevant for demonstrating early adherence to Articles 53 and 55 of the AI Act, which set out requirements for transparency, copyright compliance, and systemic risk mitigation in the development and deployment of GPAI models. Providers of GPAI models with systemic risk face even stricter requirements, including model evaluations, risk mitigation, incident reporting, and cybersecurity measures. These providers are subject to the Safety and Security chapter of the Code.
Noncompliance with the GPAI provider obligations can result in fines of up to €15 million or 3% of global revenue, whichever is higher. Models with systemic risk face even stricter penalties due to their potential impact on society and the economy.
In summary, the GPAI Code of Practice under Regulation (EU) 2024/1689 is a detailed, practical guide created to assist providers of general-purpose AI models in meeting the AI Act’s requirements on transparency, documentation, copyright, and risk management, thereby fostering responsible AI innovation and regulatory alignment across the EU.
Copyright law and technology intersect in the GPAI Code of Practice, a voluntary compliance mechanism designed to help providers of General-Purpose AI (GPAI) models meet specific obligations under the EU AI Act. The Code includes requirements and best practices related to ensuring compliance with EU copyright and related rights, such as clear documentation and due attribution, which demonstrate the relevance of copyright law in AI development and deployment.
