Written by: Haim Ravia, Dotan Hammer
The most recent phase of the European Union’s Artificial Intelligence Act (EU AI Act) officially began on August 2, 2025, as three major chapters of the law entered into force. This date also marks the application deadline for new General Purpose AI (GPAI) models placed on the market from this day on, meaning that any model deployed from this point forward must fully comply with the Act. GPAI models placed on the market before this date still have until August 2, 2027, to fully comply. The European Commission also published guidelines clarifying how these provisions should be implemented.
Providers of GPAI models are now required to maintain documentation describing their training and testing methods, results of model evaluations, and additional information for downstream users. Providers must also implement policies to ensure full compliance with copyright law, including processes for identifying and respecting rights reservations made by content owners. Finally, these providers are required to publish a summary of the datasets used for model training. Any providers of GPAI suspected of containing systemic risks must also conduct continuous risk assessments, implement safety and security measures, and report serious incidents.
To support compliance, the EU has introduced a voluntary GPAI Code of Practice, a framework developed by independent experts. The Code offers guidance on meeting transparency, copyright, and system safety requirements. Though non-binding, provider of GPAI that follow the Code can benefit from greater legal certainty as to their compliance posture.
Click here to read The General-Purpose AI Code of Practice.
Click here to read Guidelines on the scope of obligations for providers of general-purpose AI models under the AI Act.
