AI model developers required to disclose details under new EU regulations
======================================================================
The European Union has introduced new rules for providers of Artificial Intelligence (AI) models, effective from August 2, 2023. These regulations, outlined in the EU AI Act, aim to ensure a harmonized approach to AI across the European Union.
The new rules focus on three key areas: transparency, safety measures, and intellectual property protection.
Transparency
Providers of General-Purpose AI (GPAI) models must maintain detailed technical documentation and publish summaries of the training data used for their systems. This is to comply with Article 53(1)(a) and (b) of the AI Act. The transparency obligations also include sharing relevant information with regulators and downstream users to enable informed use and regulatory oversight.
Safety Measures
Safety and security requirements apply primarily to providers of the most advanced GPAI models that pose systemic risks, as defined under Article 55 of the AI Act. These providers must conduct thorough model evaluations, implement risk mitigation strategies, report incidents, and adopt cybersecurity safeguards to reduce potential harms from their AI systems.
Intellectual Property Protection (Copyright)
Providers are required to comply with EU copyright laws, including ensuring that training data and model outputs respect intellectual property rights. The GPAI Code of Practice offers guidance on how to align these copyright compliance obligations under Article 53 of the AI Act, helping providers avoid infringing proprietary content in training and deployment.
The General-Purpose AI Code of Practice is a voluntary compliance framework designed to help providers demonstrate adherence while reducing administrative burdens. The Code’s transparency and copyright chapters apply to all GPAI providers, while the safety and security chapter targets those with models that have systemic risk.
The EU Commission can impose fines of up to 15 million euros or three percent of a company's total global annual turnover for violations of the AI Act.
Enforcement and Exemptions
The European Artificial Intelligence Authority will not enforce the rules until August 2026 for new models and August 2027 for models already on the market before August 2, 2025. Private individuals can sue providers based on the AI Act. Models already on the market before August 2, 2025, will not be under control until August 2027.
Criticism has been raised by associations regarding the lack of intellectual property protection in the new EU rules for AI models. The new rules do not specify how intellectual property concerns will be addressed.
These new rules apply to providers such as ChatGPT and Gemini, among others. The new AI Act allows private individuals to take legal action against providers. Particularly powerful AI models that could potentially pose a risk to the general public must also document safety measures.
References:
- EU AI Act
- General-Purpose AI Code of Practice
- European Commission - AI Act
- European Commission - AI Act Review
- The EU AI Act regulating Artificial Intelligence (AI) models requires providers such as ChatGPT and Gemini to maintain detailed technical documentation and publish summaries of the training data used for their systems, as detailed in the Transparency section.
- Providers of General-Purpose AI (GPAI) models must comply with EU copyright laws, including ensuring that training data and model outputs respect intellectual property rights, as stated in the Intellectual Property Protection (Copyright) section of the EU AI Act.
