AI Sigil Logo
Contact Us
Back to all insights
A magnifying glass to signify scrutiny and oversight in AI practices.

Sections

Key Copyright Considerations in the EU’s General-Purpose AI Code of Practice

Overview of the EU AI Office’s General-Purpose AI Code of Practice

The EU AI Office has released the third draft of its General-Purpose AI Code of Practice, which is closely tied to the EU AI Act. This document highlights essential copyright issues that arise in the context of developing and implementing AI technologies.

Created on April 14, 2025, this latest draft aims to streamline the commitments and measures for providers of general-purpose AI models (GPAI models). These providers will be evaluated based on their adherence to the Code when the AI Act’s key provisions come into effect in August 2025.

Key Aspects of the Code of Practice

The Code of Practice outlines several commitments and measures that GPAI model providers must adhere to, which include:

  1. Transparency and Copyright-Related Rules: Providers must establish clear policies that comply with EU copyright law.
  2. Risk Assessment: Providers are required to conduct a comprehensive risk assessment for systemic risks.
  3. Technical Risk Mitigation: Measures must be in place to mitigate technical risks associated with systemic risks.
  4. Governance Risk Mitigation: Effective governance measures should be established to address systemic risks.

Substantive Scope of Training Data Obligations

A critical obligation under the AI Act pertains to the use of training data. Providers of GPAI models must develop policies that ensure compliance with EU copyright and related rights. It is essential that these policies respect the rights of content creators, particularly in cases where a right holder has opted out of allowing their material to be used for AI training.

A notable interpretation by a German court has broadened the obligation to consider opt-outs under copyright law to include any machine-readable declarations, including those articulated in natural language. The Code of Practice specifies these obligations and differentiates between instructions given in accordance with the Robot Exclusion Protocol (robots.txt) and other machine-readable protocols. While compliance with robots.txt is mandatory, adherence to other protocols is based on the provider’s best efforts.

Summary of the Third Draft

The third draft of the Code of Practice is significantly more concise compared to its predecessor, providing clearer commitments for signatories. The measures pertaining to copyright compliance have been refined to include:

  • Measure I.2.1(1)/(2): Signatories must maintain and implement an up-to-date copyright policy and are encouraged to publish a summary of this policy.
  • Measure I.2.2: Signatories may only use lawfully accessible copyright-protected content when web crawling, ensuring they do not circumvent technological protection measures.
  • Measure I.2.3:
    • (1): Signatories must identify and comply with rights reservations when crawling the web, specifically regarding robots.txt.
    • (2): Reasonable measures must be taken to inform rightsholders about the web crawlers used and their compliance features.
  • Measure I.2.4: Reasonable efforts must be made to obtain information about protected content web crawled by third parties.
  • Measure I.2.5: Signatories must mitigate the risk of copyright infringement through design considerations and contractual prohibitions.
  • Measure I.2.6: A designated point of contact must be established for the lodging of complaints.

Final Thoughts on EU Copyright and AI

Navigating the landscape of AI copyright law within the European Union necessitates a nuanced understanding of both legal principles and practical application. There are significant discrepancies between EU and US copyright laws, particularly regarding the fair use doctrine, which is not recognized in the same manner within EU jurisdictions.

The text and data mining (TDM) exception outlined in Articles 3 and 4 of Directive (EU) 2019/790 (DSM-D) is particularly relevant to AI training, though its implementation remains somewhat ambiguous due to a lack of case law.

As the AI Act, EU copyright law, and other regulations like the General Data Protection Regulation operate concurrently, understanding these interrelations is crucial for stakeholders involved in AI development and deployment.

More Insights

A robot with a safety helmet.

AI Regulations: Comparing the EU’s AI Act with Australia’s Approach

September 24, 2025 AI,AI Regulation,European Union AI Governance,Regulatory Frameworks
Global companies need to navigate the differing AI regulations in the European Union and Australia, with the EU's AI Act setting stringent requirements based on risk levels, while Australia adopts a...
Read More
A blueprint of a university campus integrating AI technology.

Quebec’s New AI Guidelines for Higher Education

September 24, 2025 AI,AI Governance,AI Regulation Awareness,Artificial Intelligence Governance
Quebec has released its AI policy for universities and Cégeps, outlining guidelines for the responsible use of generative AI in higher education. The policy aims to address ethical considerations and...
Read More
A magnifying glass focusing on a document labeled "AI Guidelines."

AI Literacy: The Compliance Imperative for Businesses

September 24, 2025 AI,AI Literacy,AI Regulation Awareness,Compliance Requirements
As AI adoption accelerates, regulatory expectations are rising, particularly with the EU's AI Act, which mandates that all staff must be AI literate. This article emphasizes the importance of...
Read More
A network server illustrating the infrastructure behind AI and its regulation.

Germany’s Approach to Implementing the AI Act

September 24, 2025 AI,AI Regulation,European Union AI Governance,Regulatory Frameworks
Germany is moving forward with the implementation of the EU AI Act, designating the Federal Network Agency (BNetzA) as the central authority for monitoring compliance and promoting innovation. The...
Read More
A lock with a digital fingerprint scanner

Global Call for AI Safety Standards by 2026

September 23, 2025 AI,AI Regulation,Artificial Intelligence Governance,Global Collaboration
World leaders and AI pioneers are calling on the United Nations to implement binding global safeguards for artificial intelligence by 2026. This initiative aims to address the growing concerns...
Read More
A smart home device

Governance in the Era of AI and Zero Trust

September 23, 2025 AI,AI Ethics,AI Governance,EU AI Compliance
In 2025, AI has transitioned from mere buzz to practical application across various industries, highlighting the urgent need for a robust governance framework aligned with the zero trust economy...
Read More
A blueprint to illustrate the planning and framework needed for AI governance.

AI Governance Shift: From Regulation to Technical Secretariat

September 23, 2025 AI,AI Governance,AI Regulation,Regulatory Framework
The upcoming governance framework on artificial intelligence in India may introduce a "technical secretariat" to coordinate AI policies across government departments, moving away from the previous...
Read More
A lock shaped like a computer chip to illustrate the concept of securing AI systems.

AI Safety as a Catalyst for Innovation in Global Majority Nations

September 23, 2025 AI,AI Safety Regulations,AI Security,Global AI Policy
The commentary discusses the tension between regulating AI for safety and promoting innovation, emphasizing that investments in AI safety and security can foster sustainable development in Global...
Read More
A magnifying glass illustrating the importance of scrutiny and transparency in AI governance.

ASEAN’s AI Governance: Charting a Distinct Path

September 23, 2025 AI,AI Governance,Global AI Policy
ASEAN's approach to AI governance is characterized by a consensus-driven, voluntary, and principles-based framework that allows member states to navigate their unique challenges and capacities...
Read More