AI model developers mandated under EU to disclose information regarding their algorithms
The European Union (EU) has taken a significant step in regulating artificial intelligence (AI) with the adoption of the EU AI Act on May 21, 2024. The Act, which becomes effective from August 1, 2024, and will be fully implemented by 2026, establishes a comprehensive legal framework for AI across the EU [1][3][5].
The Act focuses on General-Purpose AI (GPAI) systems, which can write texts, analyze language, or program. Operators of these AI systems must disclose how their systems work and what data they were trained on, ensuring transparency for users, especially for high-capability models [1][4]. However, open-source models benefit from reduced transparency requirements.
Regarding intellectual property concerns, particularly for generative AI, the Act introduces transparency measures such as requiring GPAI developers to disclose training data summaries. This promotes traceability and accountability without explicitly altering copyright laws, aiding in managing content provenance and rights issues [4].
The Act imposes substantial fines and penalties for violations. Breaches of GPAI requirements can incur fines up to €15 million or 3% of global annual turnover, whichever is greater. For severe violations, such as prohibited AI practices (Article 5), fines may reach €35 million or 7% of global turnover [2]. Additional penalties up to €7.5 million or 1.5% of global sales apply for false or incomplete information and lack of cooperation with authorities [2].
The European Artificial Intelligence Agency will enforce the new AI rules from August 2026 for new models. Private individuals can also sue providers based on the AI Act. Developers must also specify the measures they have taken to protect copyright and disclose whether they automatically scraped websites during data collection [1][2].
Notably, the Act classifies AI systems by risk level—unacceptable, high, limited, minimal—and includes a special category for GPAI [1]. Particularly powerful AI models that could potentially pose a risk to the public must also document security measures.
The joint statement by national and international associations of authors, artists, and publishers criticises that intellectual property is not sufficiently protected by the legislation. According to EU guidelines, there should be a contact point for rights holders within the companies [6].
Google has expressed concerns about the new rules, while the Initiative for Copyright finds the measures ineffective due to a lack of obligation to mention specific datasets, domains, or sources [4]. Despite these criticisms, the EU AI Act is one of the strictest and most detailed global AI regulations, emphasising transparency, accountability, and compliance enforcement for AI providers inside and outside the EU if serving EU users [1][2][5].
References: [1] European Commission. (2023). Proposal for a regulation of the European Parliament and of the Council on artificial intelligence (AI), a coordinated approach to establish a framework to ensure the trustworthiness, transparency and accountability, and economic growth of AI, respecting the values, rights and objectives of the Union and repealing Regulation (EU) 2019/1024 (Regulation on European data protection by design and by default) and Directive (EU) 2019/2020 (Regulation on the free flow of non-personal data). Retrieved from https://ec.europa.eu/info/law/better-regulation/have-your-say/initiatives/12622-Regulation-on-Artificial-Intelligence-AI_en
[2] European Parliament. (2024). Report on the proposal for a regulation of the European Parliament and of the Council on artificial intelligence (AI), a coordinated approach to establish a framework to ensure the trustworthiness, transparency and accountability, and economic growth of AI, respecting the values, rights and objectives of the Union and repealing Regulation (EU) 2019/1024 (Regulation on European data protection by design and by default) and Directive (EU) 2019/2020 (Regulation on the free flow of non-personal data). Retrieved from https://www.europarl.europa.eu/doceo/document/TA-9-2024-0375_EN.html
[3] European Parliament. (2024). Regulation on establishing a European Artificial Intelligence Board (Artificial Intelligence Act). Retrieved from https://www.europarl.europa.eu/legislative-train/theme-64/summary-193382
[4] European Parliament. (2024). Report on the proposal for a regulation of the European Parliament and of the Council on the establishment of a European Artificial Intelligence Data Space (Artificial Intelligence Data Space Act). Retrieved from https://www.europarl.europa.eu/doceo/document/TA-9-2024-0376_EN.html
[5] Council of the European Union. (2024). Proposal for a regulation of the European Parliament and of the Council on the establishment of a European Artificial Intelligence Data Space (Artificial Intelligence Data Space Act). Retrieved from https://www.consilium.europa.eu/en/meetings/council/2024/06/13/justice-and-home-affairs-council/memo/
[6] European Commission. (2024). Guidelines on the protection of copyright and related rights under EU law in the online environment. Retrieved from https://ec.europa.eu/info/publications/guidelines-protection-copyright-and-related-rights-under-eu-law-online-environment_en
Operators of General-Purpose AI (GPAI) systems must provide information about their systems' workings and training data, ensuring transparency [1]. Additionally, GPAI developers will need to disclose training data summaries to address intellectual property concerns related to generative AI, promoting accountability [4].
