This browser is not actively supported anymore. For the best passle experience, we strongly recommend you upgrade your browser.
Insights Insights
All Posts
| 1 minute read

EU's AI Code of Practice In Process; First Draft Released for Comment

Get in touch

Avatar
Mitzi Hill
Partner

Get in touch

Avatar
Mitzi Hill
Partner

The EU passed a statute earlier this year that will take effect as the world's first comprehensive AI law.  Among other things, it defines a hierarchy of risk and outlines how higher-risk AI models must be managed.  There will be a “Code of Practice” to go along with the AI Act, similar to implementing regulations that often accompany US legislation.  The first draft of the CoP has been released for review and comment by regulators; there are four rounds of drafting planned.  The CoP will have legal effect, and can be enforced by the AI Office of the EU.  

Fines for violating the AI Act can reach up to 15 million Euros (or 3% of global revenue).  

WHY IT MATTERS

The EU has taken a leading, and systematic, approach to AI regulation that will create unified requirements across the bloc.  This should, in theory, lead to more a predictable legal environment both for industries and for individuals in the EU.  It should also make compliance easier, since there will be one law, rather than multiple laws released by separate member countries.  The model is based on the EU's bloc-wide privacy laws.

The Code of Practice is designed to supplement the AI Act and provide a reference set of best practices.  Adherence to the CoP can be used to demonstrate compliance with the Act itself, and “may be enforceable” by the AI Office as well.  Commitment to the CoP may also influence the size of a fine assessed for violating the AI Act.  Thus, businesses operating in the EU have good reason to understand what the CoP eventually says, because it could be binding in part, could provide helpful guidance, and may help protect against harsher penalties.    

Interestingly, the European AI Office has outsourced drafting of the first round of the CoP to “independent practitioners,” who have presented this first draft for review by regulators and other stakeholders.  The entire process is designed to be "iterative," with four rounds of drafting and review between now and April 2025.  

 

The Chairs and Vice-Chairs present this first draft as a foundation for further detailing and refinement...They also outline guiding principles and objectives for the Code....Open questions are included to highlight areas for further progress. The final draft will set out clear objectives, measures, and, where relevant, key performance indicators (KPIs). The final document will play a crucial role in guiding the future development and deployment of trustworthy and safe general-purpose AI models. It should detail transparency and copyright-related rules for providers of general-purpose AI models. For a small number of providers of most advanced general-purpose AI models that could pose systemic risks, the Code should also detail a taxonomy of systemic risks, risk assessment measures, as well as technical and governance mitigation measures.
digital-strategy.ec.europa.eu/...
A lawyer's desk in an office,with legal documents, computers, and hammers placed neatly.The setting is organized for legal consulting services, contract reviews,will drafting,document certification

Tags

data security and privacy, hill_mitzi, insights, ai and blockchain

Get in touch

Avatar
Mitzi Hill
Partner

Get in touch

Avatar
Mitzi Hill
Partner

Latest Insights