The European Union has introduced the first draft of the General-Purpose AI (GPAI) Code of Practice, a significant extension to its AI regulatory framework. Building on the EU AI Act, which took effect on August 1, 2024, this draft Code specifically targets foundational AI models like large language models and generative AI systems. These models, adaptable for various applications, play a central role in the EU’s efforts to mitigate AI-associated risks while fostering innovation.
Scope and Objectives
The Code focuses on helping GPAI providers comply with Articles 53 and 55 of the EU AI Act, prioritizing transparency, risk management, and ethical practices. It seeks to ensure alignment with EU principles, proportionality to risks, and future-proofing against emerging AI challenges.
Addressing Systemic Risks
To tackle GPAI’s wide-reaching impacts, the Code introduces a taxonomy of systemic risks, including:
• Cyber threats: Exploitation of vulnerabilities by offensive capabilities.
• Manipulation and misinformation: Risks to democracy and public trust.
• Loss of control: Issues with autonomous and powerful AI systems.
• Discrimination: Large-scale illegal discrimination risks.
Providers are expected to align their risk assessments with this taxonomy, updating their practices as new risks emerge.
Compliance Framework
The Code outlines stringent requirements for providers of GPAI models:
1. Transparency: Clear documentation on model design, use cases, and risks.
2. Acceptable Use Policies: Defining permitted and prohibited applications.
3. Risk Mitigation: Implementing measures like adversarial testing and expert evaluations.
4. Governance: Embedding accountability at executive and board levels.
Providers of high-risk models face additional scrutiny, including comprehensive safety and security frameworks to manage risks throughout the model lifecycle.
Next Steps
Stakeholders, including industry leaders and EU Member State representatives, are collaborating to refine the draft. The final Code, expected by April 2025, aims to balance compliance requirements with flexibility for SMEs and open-source developers.
Takeaway
The draft GPAI Code of Practice underscores the EU’s proactive approach to regulating foundational AI technologies. By emphasizing transparency, risk management, and ethical compliance, the EU sets a global standard for responsible AI development. Businesses engaging with the EU market should begin assessing potential compliance gaps to align with these evolving regulations, demonstrating leadership in responsible AI innovation.
News Source:jdsupra,This article does not represent our position.
