EU General-Purpose AI Code of Practice
EU-GPAI-COP-2025 · EU
EU General-Purpose AI Code of Practice is a Voluntary code from EU, adopted on 2025-08-02 and effective 2025-08-02. Current status: In force. Operational bridge between EU AIA Arts. 53-55 (general-purpose AI obligations) and provider compliance. Art. 56(8) AIA gives adherent providers a presumption of compliance with the substantive obligations — distinct from industry self-pledges (Anthropic RSP, OpenAI Preparedness, DeepMind FSF) and from intergovernmental voluntary codes (Seoul, G7 Hiroshima). Chapter 1 (Transparency) operationalises Art. 53(1)(a)-(c) model documentation + training-data summary obligations; Chapter 2 (Copyright) operationalises Art. 53(1)(c) opt-out compliance + Art. 53(1)(d) text-and-data-mining respect; Chapter 3 (Safety & Security) operationalises Art. 55 systemic-risk-tier obligations including capability evaluations + serious-incident reporting + cybersecurity protections + model-weight access controls. AI Office monitors implementation; Article 65 binding-decision procedure routes cross-DPA disputes. Not a binding regulation in itself — providers may choose alternative means to demonstrate compliance — but the Code is the AI Office's canonical reference and the operational rulebook national-competent-authorities consult during inspections.
Scope and obligations
Operational bridge between EU AIA Arts. 53-55 (general-purpose AI obligations) and provider compliance. Art. 56(8) AIA gives adherent providers a presumption of compliance with the substantive obligations — distinct from industry self-pledges (Anthropic RSP, OpenAI Preparedness, DeepMind FSF) and from intergovernmental voluntary codes (Seoul, G7 Hiroshima). Chapter 1 (Transparency) operationalises Art. 53(1)(a)-(c) model documentation + training-data summary obligations; Chapter 2 (Copyright) operationalises Art. 53(1)(c) opt-out compliance + Art. 53(1)(d) text-and-data-mining respect; Chapter 3 (Safety & Security) operationalises Art. 55 systemic-risk-tier obligations including capability evaluations + serious-incident reporting + cybersecurity protections + model-weight access controls. AI Office monitors implementation; Article 65 binding-decision procedure routes cross-DPA disputes. Not a binding regulation in itself — providers may choose alternative means to demonstrate compliance — but the Code is the AI Office's canonical reference and the operational rulebook national-competent-authorities consult during inspections.
EU General-Purpose AI Code of Practice addresses 4 contested AI-governance topics explicitly, 1 via general principles,.
Topics governed
- governsFoundation Models / GPAI— Chapter 3 (Safety & Security) operationalises Art. 55 systemic-risk-tier obligations for GPAI providers
- governsTransparency Obligations— Chapter 1 (Transparency) — 13 commitments + ~40 measures operationalising Art. 53(1)(a)-(c) model documentation + training-data summary
- governsTraining-Data Rights— Chapter 2 (Copyright) — Art. 53(1)(c) training-data summary obligations + Art. 53(1)(d) text-and-data-mining opt-out compliance
- governsCatastrophic & Existential Risk— Chapter 3 systemic-risk-tier capability evaluations + serious-incident reporting + model-weight access controls (Art. 55 substrate)
- implicitSynthetic Content Provenance— Chapter 1 transparency commitments brush against Art. 50(2) deployer marking + Art. 53(1)(a) provider documentation
Cross-jurisdiction comparison
How peer instruments treat the topics EU General-Purpose AI Code of Practice governs.
| Topic | EU-AIA-2024 | US-EO-14110 | US-EO-14179 | UK-WHITEPAPER-2023 | CN-GENAI-2023 | G7-HIROSHIMA | OECD-AI-PRIN | COE-AI-CONV | UN-RES-2024 | NIST-AI-RMF | BLETCHLEY-2023 | SEOUL-2024 | NIST-AI-RMF-GENAI | CA-SB-1047 | IN-DPDP-2023 | BR-AIBILL-2024 | ASEAN-AI-GUIDE-2024 | AU-AI-STRATEGY-2024 | ANTHROPIC-RSP-2024° | OPENAI-PREPAREDNESS-2023° | DEEPMIND-FSF-2024° | META-FRONTIER-2024° | UK-US-AISI-MOU-2024 | WH-VOLUNTARY-2023 | SG-MODEL-AI-2024 | JP-METI-AI-2024 | NYC-LL-144-2021 | CO-SB-24-205 | IL-HB-3773-2024 | EU-GDPR-2016 |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Foundation Models / GPAI | governs | governs | silent | implicit | governs | governs | implicit | implicit | silent | governs | governs | governs | governs | governs | implicit | governs | implicit | silent | governs | governs | governs | governs | governs | governs | governs | governs | silent | silent | silent | silent |
| Transparency Obligations | governs | implicit | silent | implicit | conflicts | governs | governs | governs | implicit | governs | implicit | governs | governs | implicit | implicit | governs | governs | silent | governs | implicit | implicit | governs | implicit | governs | governs | governs | silent | silent | silent | governs |
| Training-Data Rights | implicit | silent | silent | silent | governs | silent | silent | implicit | silent | implicit | silent | silent | governs | silent | governs | implicit | silent | implicit | silent | silent | silent | implicit | silent | silent | silent | implicit | silent | silent | silent | governs |
| Catastrophic & Existential Risk | implicit | governs | silent | implicit | silent | governs | silent | silent | implicit | implicit | governs | governs | governs | governs | silent | governs | silent | silent | governs | governs | governs | governs | implicit | implicit | silent | silent | silent | silent | silent | silent |
°= industry self-imposed voluntary framework. Comparing a voluntary code's "governs" tint with a binding regulation's "governs" tint flattens the legal-force distinction; use the instrument-page banner for the operative status of each.
How to cite this article
APA 7
Policy Window. (2025). EU General-Purpose AI Code of Practice [Wiki article — Instrument]. https://policywindow.org/wiki/gpai-code-of-practice
Chicago 17
Policy Window. 2025. "EU General-Purpose AI Code of Practice." Wiki article (Instrument). https://policywindow.org/wiki/gpai-code-of-practice.
BibTeX
@misc{policywindow-gpai-code-of-practice,
title = {EU General-Purpose AI Code of Practice},
author = {Policy Window},
year = {2025},
howpublished = {General-Purpose AI Code of Practice, drafted by the European AI Office under Article 56 of Regulation (EU) 2024/1689 (EU AI Act); co-drafted by ~1000 stakeholders across providers, civil society, academia, and regulators; three chapters (Transparency, Copyright, Safety & Security) covering 13 commitments + ~40 measures.},
url = {https://policywindow.org/wiki/gpai-code-of-practice},
note = {Primary source: https://digital-strategy.ec.europa.eu/en/policies/ai-code-practice}
}References
- General-Purpose AI Code of Practice, drafted by the European AI Office under Article 56 of Regulation (EU) 2024/1689 (EU AI Act); co-drafted by ~1000 stakeholders across providers, civil society, academia, and regulators; three chapters (Transparency, Copyright, Safety & Security) covering 13 commitments + ~40 measures.
- Chapter 3 (Safety & Security) operationalises Art. 55 systemic-risk-tier obligations for GPAI providers
- Chapter 1 (Transparency) — 13 commitments + ~40 measures operationalising Art. 53(1)(a)-(c) model documentation + training-data summary
- Chapter 2 (Copyright) — Art. 53(1)(c) training-data summary obligations + Art. 53(1)(d) text-and-data-mining opt-out compliance
- Chapter 3 systemic-risk-tier capability evaluations + serious-incident reporting + model-weight access controls (Art. 55 substrate)
- Chapter 1 transparency commitments brush against Art. 50(2) deployer marking + Art. 53(1)(a) provider documentation
Cite this article
6 formats · 1-click copyPersistent identifier: https://policywindow.org/wiki/gpai-code-of-practice — committed-stable URL with content-versioning via ?asOf= (rollout pending per methodology §7). DOIs via Zenodo are on the roadmap.
Track this article
Save EU General-Purpose AI Code of Practice to your local reading list, follow the RSS changelog for any catalog change, or compare with a peer article. All three work without signup.