AI Sigil Logo
Contact Us
Back to all insights
A clipboard with a checklist of compliance requirements

Sections

EU AI Act: Key Updates on Copyright Compliance for AI Providers

EU AI Act Guidelines Draft Hones Copyright Specifications

The latest draft from the EU AI Office on the Code of Practice (CoP) concerning general-purpose model provider obligations under the EU AI Act has been deemed more workable than its predecessors. Set for finalization by May 2, the forthcoming obligations will take effect on August 2, 2025. Compliance is crucial, as non-compliance can result in fines of up to 3% of annual global turnover or 15 million euros (approximately $16.2 million), whichever is higher, and may even lead to an EU ban on the model.

More than 1,000 stakeholders have collaborated with the EU AI Office on the CoP. This article provides an overview of the CoP’s status regarding copyright-related obligations.

Practice and Compliance

The EU AI Act introduced the concept of a CoP as a detailed guide for general-purpose AI (GPAI) model providers to meet their obligations. While adherence to the CoP is voluntary, it showcases compliance with the act until “harmonized standards” are established. Providers may also explore alternative means of compliance, subject to individual assessment by the European Commission.

The third draft of the CoP has eased copyright-related measures, establishing that compliance should be commensurate and proportionate to the size and capacity of individual providers.

Copyright Policy

GPAI model providers are required to implement a policy to comply with European copyright law. CoP specifications mandate the following:

  • Providers must assign internal compliance responsibilities, summarizing all copyright-relevant commitments in a single document. Regular updates to this policy summary are encouraged.
  • To mitigate risks of copyright infringement from downstream AI systems, providers must make “reasonable efforts” to prevent model memorization of training content that could lead to such output. Copyright-infringing use of the model must be prohibited in their policy and terms, with exceptions for open-source models.
  • Previous drafts suggested that obligations related to modification and fine-tuning were limited to those actions, but this was removed from the CoP text. Nonetheless, this statement remains in the AI Office’s GPAI model Q&A and will be part of the EU AI Act guidance.

Opt-Outs and Training

Providers must identify and comply with machine-readable rights reservations, or opt-outs, from rightsholders regarding the use of content for text and data mining that would otherwise be allowed under the EU TDM copyright exception. This obligation extends to AI training conducted both within and outside the EU.

Specifics for text and data mining of lawfully accessible material include:

  • In line with the TDM copyright exception, providers must not circumvent effective technological measures (e.g., paywalls) during web crawling. Such circumvention would violate the requirement for content to be lawfully accessible.
  • Providers should make “reasonable efforts” to exclude “piracy domains” from their web crawling.
  • For third-party datasets not obtained via web crawling, providers must exert “reasonable efforts” to ascertain whether the material respects rights reservations outlined in the Robot Exclusion Protocol (robots.txt).

Regarding machine-readable opt-outs:

  • Providers must utilize web crawlers that adhere to robots.txt to comply with the current standards recognized by legal scholars and technical experts.
  • “Best efforts” must be made to comply with other appropriate machine-readable protocols expressing opt-outs, ensuring that these protocols are the result of a cross-industry standard-setting process.
  • Rightsholders retain the freedom to effectuate their opt-out through any appropriate means, although such alternatives will not be specifically covered by the CoP.

Although not mandated by the act, the CoP advises providers to designate a point of contact for affected rightsholders. Definitions for a training data summary and the “placing on the market” of a GPAI model are not included in the CoP.

Takeaways

While the CoP does not resolve all legal and technical uncertainties surrounding GPAI model compliance, it provides a structured compliance pathway. The EU AI Act only requires providers to implement a policy for compliance with EU copyright law and the EU TDM exception. The CoP adds substantial specification, particularly regarding robots.txt as the standard for TDM opt-outs, significantly reducing uncertainties while encouraging collaborative standard establishment among stakeholders.

A key challenge remains the definition of what model providers must do to prevent copyright-infringing output from downstream systems. Although the latest draft has moved away from the term “overfitting,” the current directive—preventing repeated memorization of training content in output—remains ambiguous. The revisions in the drafting process reflect an acknowledgment of stakeholder input on practical and feasible solutions. Stakeholders are invited to provide final feedback by March 30 and participate in the concluding discussion rounds, marking the last opportunity for input before implementation.

Note: This article does not necessarily reflect the opinion of any specific organization or individual.

More Insights

A pair of boxing gloves.

Tariffs and the EU AI Act: Impacts on the Future of AI Innovation

April 15, 2025 AI,AI Regulation,EU AI Compliance,Regulatory Frameworks for AI
The article discusses the complex impact of tariffs and the EU AI Act on the advancement of AI and automation, highlighting how tariffs can both hinder and potentially catalyze innovation. It...
Read More
A compass indicating direction and guidance in AI governance

Europe’s Ambitious AI Sovereignty Action Plan

April 15, 2025 AI,Artificial Intelligence Governance,European Union AI Governance,Global AI Policy
The European Commission has unveiled its AI Continent Action Plan, a comprehensive strategy aimed at establishing Europe as a leader in artificial intelligence. This plan emphasizes investment in AI...
Read More
A pair of binoculars

Balancing Innovation and Regulation in Singapore’s AI Landscape

April 15, 2025 AI,AI Ethics,AI Governance,AI Regulation
Singapore is unveiling its National AI Strategy 2.0, positioning itself as an innovator and regulator in the field of artificial intelligence. However, challenges such as data privacy and AI bias loom...
Read More
A light bulb illustrating innovation and clarity in responsible AI practices.

Ethical AI Strategies for Financial Innovation

April 15, 2025 AI,AI Regulation,Ethical AI,Financial Technology
Lexy Kassan discusses the essential components of responsible AI, emphasizing the need for regulatory compliance and ethical implementation within the FinTech sector. She highlights the EU AI Act's...
Read More
A pair of hands

Empowering Humanity Through Ethical AI

April 15, 2025 AI,AI Ethics,Ethical AI
Human-Centered AI (HCAI) emphasizes the design of AI systems that prioritize human values, well-being, and trust, acting as augmentative tools rather than replacements. This approach is crucial for...
Read More
A digital energy meter

AI Safeguards: A Step-by-Step Guide to Building Robust Defenses

April 15, 2025 AI,ThinkTank
As AI becomes more powerful, protecting against its misuse is critical. This requires well-designed "safeguards" – technical and procedural interventions to prevent harmful outcomes. Research outlines...
Read More
A compass pointing towards ethical AI use

EU AI Act: Pioneering Regulation for a Safer AI Future

April 15, 2025 AI,AI Regulation,Artificial Intelligence Regulation,European Union AI Governance
The EU AI Act, introduced as the world's first major regulatory framework for artificial intelligence, aims to create a uniform legal regime across all EU member states while ensuring citizen safety...
Read More
A digital lock symbolizing data privacy

EU’s Ambitious AI Continent Action Plan Unveiled

April 15, 2025 AI,AI Governance,AI Regulation,EU Compliance
On April 9, 2025, the European Commission adopted the AI Continent Action Plan, aiming to transform the EU into a global leader in AI by fostering innovation and ensuring trustworthy AI. The plan...
Read More
A handshake signifying collaboration and mutual agreement in contractual relationships.

Updated AI Contractual Clauses: A New Framework for Public Procurement

April 15, 2025 AI,AI Regulation,EU Compliance,Regulatory Compliance
The EU's Community of Practice on Public Procurement of AI has published updated non-binding AI Model Contractual Clauses (MCC-AI) to assist public organizations in procuring AI systems. These...
Read More

Ready to become AI compliant?

Take the first steps in your transformation towards international AI compliance.

Book a Discovery Call See Frameworks

Explore

Need More Assistance?

Our expert sales team is here to answer your questions, just leave your email and we’ll get in touch.

Research & Market Studies
A digital energy meter
AI Safeguards: A Step-by-Step Guide to Building Robust Defenses
As AI becomes more powerful, protecting against its misuse is critical. This requires well-designed "safeguards"...
A light bulb
Algorithmic Audits: A Practical Guide to Fairness, Transparency, and Accountability in AI
Algorithmic auditing is crucial for ensuring AI systems are fair, transparent, and accountable. A comprehensive...
A compass
AI Explainability: A Practical Guide to Building Trust and Understanding
As AI systems exert increasing influence over our lives, understanding how they arrive at conclusions...
A shield symbolizing protection against unregulated AI practices.
AI Governance: Transparency, Ethics, and Risk Management in the Age of AI
AI is rapidly transforming society, creating both opportunities and risks. A proposed AI governance framework...
Latest News on AI Compliance
A lighthouse
Leading with Responsibility: Harnessing AI for Competitive Advantage
The article discusses the importance of responsible AI practices as organizations rapidly adopt generative AI...
A roadmap
EU’s Call for Startup Input on AI Compliance Challenges
The European Commission is seeking feedback from startups regarding the regulatory challenges they face under...
A bridge representing the connection between startups and regulatory frameworks
EU Aims to Lighten AI Compliance Burdens for Startups
The European Commission is seeking feedback from startups regarding the regulatory challenges imposed by the...
A lock and key
Europe’s AI Future: From Regulation to Innovation
The EU's newly unveiled AI Continent Action Plan aims to enhance AI leadership and deployment...

© 2023 AI Sigil

Medium Envelope