The European Union’s pioneering AI Act has established a regulatory blueprint for the global AI industry. Its implementation has set the stage for other jurisdictions to follow suit, promoting enhanced security protocols and risk management measures for AI enterprises. This comprehensive law focuses not only on the AI companies’ compliance but also on providing a clearer understanding of regulators’ compliance assessments.
In the world of technology and policy, India is no exception. AI enterprises must adhere to a state-of-the-art security framework that delineates their systemic risk management procedures as per the EU’s Code of Practice for Artificial Intelligence. This voluntary tool, published on July 10, assists the AI industry in fulfilling their legal obligations under the EU AI Act, focusing on aspects like copyright, transparency, and security.
Section 1: The EU’s AI Code of Practice – A Voluntary Compliance Tool
The AI Code of Practice is a voluntary tool that provides guidelines to AI companies for complying with their legal obligations under the EU AI Act. However, it has been met with some resistance from AI companies, who argue that it places a disproportionate burden on them.
Section 2: OpenAI and the EU AI Act
OpenAI, on the other hand, has publicly announced its intention to adhere to the AI Code of Practice. In their statement, OpenAI stressed the importance of aligning the Code of Practice with the EU AI Continent Action Plan, which was unveiled in April. This alignment, they believe, will ensure the Code of Practice’s maximum effectiveness.
Section 3: Response from the Computer and Communications Industry Association
The AI code of practice has not been well-received by all AI firms. The Computer and Communications Industry Association (CCIA), whose members include tech giants like Meta, Amazon, Google, and Apple, has voiced its dissatisfaction. The CCIA contends that without significant enhancements to the code, signatories risk being disadvantaged compared to non-signatories. They emphasize the need for improvements in the security and safety measures outlined in the AI Code of Practice.
Section 4: Decoding the Security Requirements
The security requirements of the AI Code of Practice pertain primarily to general-purpose AI models with systemic risks, not AI systems as a whole. However, the code encourages companies to consider the broader system design, potential software integrations, and the computing power required to run the model when addressing systemic risks. Companies can identify these risks through various methods, including market analyses and comprehensive reviews.
Conclusion: Charting the Course of AI Regulations
The EU’s AI Act and its Code of Practice represent a significant milestone in the regulation of AI. Despite some criticism, it provides a much-needed framework for AI companies to navigate the complex world of AI regulations. As other jurisdictions look to follow in the EU’s footsteps, it is critical for AI companies to stay abreast of these developments and to incorporate these guidelines into their risk management strategies. The future of AI is here, and the EU’s AI Act is leading the charge. Therefore, it is crucial for AI companies to understand these regulations and adapt to them to remain competitive.
Originally published on https://www.medianama.com/2025/07/223-eus-ai-code-of-practice-security-requirements-ai-companies/
