The European Commission announced that a code of practice to help companies comply with the EU’s artificial intelligence rules may only be implemented by the end of 2025. This delay follows calls from various stakeholders, including major tech firms, for additional time to prepare for the new regulations.
The commission is considering providing a grace period for companies that agree to comply with the new AI Code. This initiative aims to facilitate a smoother transition for businesses adapting to the upcoming regulations.
Denmark has introduced a law that grants individuals copyright over their likenesses to combat deepfakes, making it illegal to share such content without consent. Other European countries are also taking steps to regulate deepfakes through various laws that focus on transparency and the protection of individual rights.
Diverse AI regulations are forcing companies to rethink their software design as they navigate complex global landscapes. Organizations must balance the need for compliance with the urgency of innovation, leading to a shift towards localized solutions that accommodate varying regulatory frameworks.
Lobbyists are making a final effort to delay the rules for General Purpose AI (GPAI) as the European Commission prepares to publish the voluntary Code of Practice. Despite these attempts, the Commission has indicated that the GPAI rules will still apply beginning in August.
The French CNIL has clarified that training AI models on personal data from public sources can be lawful under GDPR’s legitimate interest basis, provided certain conditions are met. However, this guidance does not resolve other regulatory issues such as copyright and database rights that continue to impact AI training practices.
The European Union’s stringent data protection laws have intensified scrutiny on global tech firms, particularly after a ruling against the Chinese AI company DeepSeek for allegedly mishandling user data. This regulatory landscape presents both challenges and opportunities for compliance-focused companies in the AI sector.
Artificial intelligence is becoming essential for the risk function, helping chief risk officers (CROs) to navigate compliance and data governance challenges. With a growing number of organizations adopting AI technologies, it is crucial for CROs to develop effective AI strategies to manage risks and drive innovation.
The pharmaceutical industry is facing a significant compliance gap regarding AI data security, with only 17% of companies implementing automated controls to protect sensitive information. This lack of safeguards exposes 83% of organizations to serious risks, including regulatory violations and the potential loss of valuable intellectual property.
On June 22, 2025, Governor Abbott signed the Texas Responsible Artificial Intelligence Governance Act, making Texas the third state in the U.S. to adopt comprehensive AI legislation. The Act establishes baseline duties for AI developers and deployers, prohibits social scoring, and creates a regulatory sandbox for testing innovative AI applications.
