The European Union has launched its most ambitious regulatory framework to date for overseeing the development and use of artificial intelligence (AI). The recent release of the AI Code of Practice, accompanying the enforcement of the AI Act, signals a pivotal shift in how tech giants like OpenAI, Google, and Microsoft will have to operate if they want to maintain access to the European market.
While major technology companies have grown accustomed to privacy regulations such as the General Data Protection Regulation (GDPR), the scope and depth of these new obligations pose an unprecedented challenge. The message from Brussels is clear: the development of large language models and generative AI systems can no longer advance outside the rule of law—especially when issues of copyright, data transparency, and social risk are at stake.
A Pioneering Regulation with Tight Deadlines
Approved in 2024 after lengthy negotiations among EU member states, the AI Act is the world’s first comprehensive legal framework dedicated to artificial intelligence. Although the law formally comes into force on August 2, 2025, companies are granted a grace period: one year for new models and two years for existing ones. However, this transitional window has not eased concerns among tech corporations, which view the legislation as a direct threat to their business models.
To support early compliance, the European Commission has introduced the AI Code of Practice as a voluntary guideline. In practice, it serves as the preferred path for early alignment. The Commission has made it clear: companies adhering to the code are more likely to meet AI Act requirements on time and avoid penalties that can reach up to 7% of global annual turnover. For companies with revenues exceeding €100 billion, the economic risk is obvious.
Transparency: The Most Challenging Clause for AI Developers
One of the core pillars of the new code is transparency, requiring developers to disclose in detail how their models are trained and fine-tuned. This includes information on:
- The volume and origin of training data
- Energy consumption during training
- Computational resources used
- Criteria for data selection
This level of disclosure may force companies like OpenAI to reveal their “secret sauce.” So far, tight control over datasets and infrastructure has been a major competitive advantage. The European Commission, however, argues that transparency is essential so that regulators and the public can audit the environmental impact, biases, and information sources behind AI systems.
On the other hand, companies warn that this requirement could expose trade secrets, undermine innovation, and open the door to mass litigation over the use of copyrighted data.
The Copyright Conundrum
The second major section of the European code directly addresses copyright, now one of the most contentious issues between AI developers and content creators. According to the document, companies must:
- Respect paywalls and avoid bypassing tracking restrictions on websites
- Refrain from using protected materials to train AI models without authorization
- Document licensing mechanisms or proof of data use permissions
Adding complexity, some countries—like Denmark—are advancing national legislation to grant individuals copyright over their likeness. A pending law would allow citizens to claim damages if their faces or voices are used in unauthorized deepfakes. Taken together, the EU is crafting a legal landscape where indiscriminate use of protected data could lead to a flood of lawsuits.
Security and Fundamental Rights: High-Risk AI Under Scrutiny
The third key area of the code focuses on safety and fundamental rights protection. The AI Act designates certain applications of AI as high-risk, requiring developers to comply with stricter requirements. These include:
- Mass surveillance systems
- Automated border control tools
- Platforms for manipulative content or disinformation
- AI-powered autonomous weapons
In today’s climate—marked by disinformation, social polarization, and diminishing public trust—the EU insists that artificial intelligence must not evolve unchecked. The regulation reflects a commitment to ensuring that AI innovation does not come at the expense of human rights, democracy, or societal safety.
A Turning Point for Global AI Governance
With this bold move, the European Union has positioned itself as a global leader in AI governance. The AI Act and its accompanying Code of Practice set a new benchmark for balancing technological advancement with ethical responsibility. As the world watches closely, the implications are far-reaching—not just for tech companies, but for the future relationship between AI and society itself.
For OpenAI, Google, Microsoft, and others, the message is simple: if you want to operate in Europe, you must play by the rules—and those rules are about to change.