The code of practice arrives just in time to help enterprises comply with the second wave of EU AI Act rules, which will enter force on August 2. Credit: Shutterstock The European Commission has published the General-Purpose AI Code of Practice to help enterprises comply with their obligations on transparency, copyright, safety, and security under the European Union’s AI Act. Following the code of practice is voluntary — but the Commission presented it as a way for enterprises to be sure they meet their obligations under the law. The Code of Practice was originally scheduled for publication in May, and some European enterprises had called for application of the EU AI Act as a whole to be delayed. However, a Commission spokesperson said earlier this week that it and that it would publish its guidance “in the coming days.” The is now here, but there are still some elements missing: The Commission has promised to deliver additional “guidelines on key concepts related to general-purpose AI models” by the end of July. The next wave of EU AI Act rules that the code and guidelines are supposed to help explain enter force on August 2. A model documentation form makes up one-third of the code’s nine-page, covering aspects of model design including data sources, training, energy consumption, licensing, distribution, and acceptable use. The idea is that enterprises will fill out the form for each model they create to demonstrate their compliance with the AI Act’s obligations. The six-page calls on enterprises crawling the web to feed their AI models to respect protection measures intended to prevent scraping of websites such as robots.txt or Cloudflare’s new measures to identify AI bots. Code-compliant AI models should also be designed so as to prevent them regurgitating copyright works. At 40 pages, it’s the that will take enterprises developing and distributing general-purpose AI models the longest to digest. It covers a series of measures to which signatories of the code of practice must commit, covering the creation of a framework for safety and security, the identification, analysis, and acceptance of systemic risks, safety and security mitigations, allocation of responsibility, and reporting on model safety and security and on serious incidents. That amounts to a lot of paperwork for each AI model — and signatories will be expected to keep it for at least 10 years after the model has been placed on the market. The Code of Practice was developed by 13 independent experts with input from model providers, enterprises, academics, and AI safety experts. SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe