📢THIRD DRAFT OF THE GENERAL PURPOSE AI CODE OF PRACTICE: KEY INSIGHTS FOR BUSINESSES AND LEGAL PROFESSIONALS
- PCV LLC
- Mar 11
- 3 min read
Updated: Mar 12
On the 11th of March 2025, the European Commission published the Third Draft of the General Purpose AI (GPAI) Code of Practice, a critical step toward ensuring responsible AI development and deployment. This draft, written by independent experts, provides practical guidance for AI developers, deployers, and regulators, aligning with the EU AI Act’s risk-based framework.
Why Does This Matter?
As AI systems continue to evolve, particularly those with general-purpose capabilities (such as large language models and generative AI), regulatory clarity is essential. The GPAI Code of Practice is designed to establish voluntary best practices that anticipate forthcoming mandatory compliance obligations under the EU AI Act. Organisations engaged in AI must begin adapting to these principles to ensure compliance and mitigate legal risks.
Key Takeaways from the Third Draft
Transparency and Explainability
AI providers must ensure clear documentation on system capabilities and limitations
Users should be informed when interacting with AI, particularly in decision-making processes
User friendly Model Documentation Form which allows signatories to easily document the necessary information in a single place
Copyright section contains core measures from the second drft but in a simplified and clearer form
Risk Management and Accountability
Companies should implement rigorous risk assessment frameworks to evaluate AI impact
Developers and deployers must designate responsible officers for compliance oversight
For most advanced GPAI models, the Code outlines measures for systemic risk assessment and mitigation, including model evaluations, incident reporting and cybersecurity obligations
Data Governance and Bias Mitigation
Training data should be audited for biases to ensure fairness and non-discrimination
Robust data governance measures must be in place to maintain integrity and security
Human Oversight and Safety Measures
High-risk AI applications require human oversight to prevent automation bias
Incident reporting and redress mechanisms must be established for accountability
Alignment with the EU AI Act
The Code of Practice provides a roadmap for future regulatory compliance
It encourages companies to proactively implement safeguards before legal enforcement begins
Implications for Businesses and Legal Professionals
Organisations leveraging AI should align internal policies and AI governance frameworks with the recommendations in this draft. Legal practitioners specialising in AI and technology law must stay ahead of regulatory shifts to advise clients on best practices and potential liabilities.
The European Commission provides a comprehensive Q&A section on General Purpose AI Models, offering valuable insights into regulatory considerations and compliance requirements. You can access it here: General Purpose AI Models in the AI Act | Questions & Answers.
Next Steps
In addition to the written feedback received by Sunday, 30 March 2025, Chairs and Vice-Chairs will participate in further discussions in line with the tentative timeline published by the AI Office, which will be updated with specific dates as soon as possible.
All stakeholders in the Code of Practice Plenary will have the opportunity to participate in the respective Working Group discussions. Dedicated workshops will be offered to general-purpose AI model providers and Member State representatives in the AI Board Steering Group
At Pelaghias, Christodoulou, Vrachas LLC, our Tech & AI legal team assists businesses in navigating the evolving AI regulatory landscape. Whether you are developing, deploying, or integrating AI systems, we provide compliance guidance, risk assessment strategies, and regulatory implementation support tailored to your needs.
For a consultation on how the General Purpose AI Code of Practice and the EU AI Act may impact your business, contact info@pelaghiaslaw.com.
For more updates on AI regulation and compliance, follow our insights at www.pelaghiaslaw.com.
Comments