Existing Industry Practice for the EU AI Act's General-Purpose AI Code of Practice Safety and Security Measures

• URL: http://arxiv.org/abs/2504.15181v1
• Date: Mon, 21 Apr 2025 15:44:01 GMT
• Title: Existing Industry Practice for the EU AI Act's General-Purpose AI Code of Practice Safety and Security Measures
• Authors: Lily Stelling, Mick Yang, Rokas Gipiškis, Leon Staufer, Ze Shen Chin, Siméon Campos, Michael Chen,
• Abstract summary: This report provides a detailed comparison between the measures proposed in the EU AI Act's General-Purpose AI (GPAI) Code of Practice (Third Draft) and current practices adopted by leading AI companies.<n>As the EU moves toward enforcing binding obligations for GPAI model providers, the Code of Practice will be key to bridging legal requirements with concrete technical commitments.<n>This report is not meant to be an indication of legal compliance nor does it take any prescriptive viewpoint about the Code of Practice or companies' policies.
• Score: 0.10993800728351737
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: This report provides a detailed comparison between the measures proposed in the EU AI Act's General-Purpose AI (GPAI) Code of Practice (Third Draft) and current practices adopted by leading AI companies. As the EU moves toward enforcing binding obligations for GPAI model providers, the Code of Practice will be key to bridging legal requirements with concrete technical commitments. Our analysis focuses on the draft's Safety and Security section which is only relevant for the providers of the most advanced models (Commitments II.1-II.16) and excerpts from current public-facing documents quotes that are relevant to each individual measure. We systematically reviewed different document types - including companies' frontier safety frameworks and model cards - from over a dozen companies, including OpenAI, Anthropic, Google DeepMind, Microsoft, Meta, Amazon, and others. This report is not meant to be an indication of legal compliance nor does it take any prescriptive viewpoint about the Code of Practice or companies' policies. Instead, it aims to inform the ongoing dialogue between regulators and GPAI model providers by surfacing evidence of precedent.

Related papers

• In-House Evaluation Is Not Enough: Towards Robust Third-Party Flaw Disclosure for General-Purpose AI [93.33036653316591]
  We call for three interventions to advance system safety.<n>First, we propose using standardized AI flaw reports and rules of engagement for researchers.<n>Second, we propose GPAI system providers adopt broadly-scoped flaw disclosure programs.<n>Third, we advocate for the development of improved infrastructure to coordinate distribution of flaw reports.
  arXiv  Detail & Related papers  (2025-03-21T05:09:46Z)
• International Agreements on AI Safety: Review and Recommendations for a Conditional AI Safety Treaty [0.0]
  Malicious use or malfunction of advanced general-purpose AI (GPAI) poses risks that could lead to'marginalisation or extinction of humanity' To address these risks, there are an increasing number of proposals for international agreements on AI safety. We propose a treaty establishing a compute threshold above which development requires rigorous oversight.
  arXiv  Detail & Related papers  (2025-03-18T16:29:57Z)
• Position: A taxonomy for reporting and describing AI security incidents [57.98317583163334]
  We argue that specific are required to describe and report security incidents of AI systems.<n>Existing frameworks for either non-AI security or generic AI safety incident reporting are insufficient to capture the specific properties of AI security.
  arXiv  Detail & Related papers  (2024-12-19T13:50:26Z)
• The Fundamental Rights Impact Assessment (FRIA) in the AI Act: Roots, legal obligations and key elements for a model template [55.2480439325792]
  Article aims to fill existing gaps in the theoretical and methodological elaboration of the Fundamental Rights Impact Assessment (FRIA)<n>This article outlines the main building blocks of a model template for the FRIA.<n>It can serve as a blueprint for other national and international regulatory initiatives to ensure that AI is fully consistent with human rights.
  arXiv  Detail & Related papers  (2024-11-07T11:55:55Z)
• COMPL-AI Framework: A Technical Interpretation and LLM Benchmarking Suite for the EU Artificial Intelligence Act [40.233017376716305]
  The EU's Artificial Intelligence Act (AI Act) is a significant step towards responsible AI development.<n>It lacks clear technical interpretation, making it difficult to assess models' compliance.<n>This work presents COMPL-AI, a comprehensive framework consisting of the first technical interpretation of the Act.
  arXiv  Detail & Related papers  (2024-10-10T14:23:51Z)
• Operationalizing the Blueprint for an AI Bill of Rights: Recommendations for Practitioners, Researchers, and Policy Makers [20.16404495546234]
  Several regulatory frameworks have been introduced by different countries worldwide. Many of these frameworks emphasize the need for auditing and improving the trustworthiness of AI tools. Although these regulatory frameworks highlight the necessity of enforcement, practitioners often lack detailed guidance on implementing them. We provide easy-to-understand summaries of state-of-the-art literature and highlight various gaps that exist between regulatory guidelines and existing AI research.
  arXiv  Detail & Related papers  (2024-07-11T17:28:07Z)
• Report of the 1st Workshop on Generative AI and Law [78.62063815165968]
  This report presents the takeaways of the inaugural Workshop on Generative AI and Law (GenLaw) A cross-disciplinary group of practitioners and scholars from computer science and law convened to discuss the technical, doctrinal, and policy challenges presented by law for Generative AI.
  arXiv  Detail & Related papers  (2023-11-11T04:13:37Z)
• The risks of risk-based AI regulation: taking liability seriously [46.90451304069951]
  The development and regulation of AI seems to have reached a critical stage. Some experts are calling for a moratorium on the training of AI systems more powerful than GPT-4. This paper analyses the most advanced legal proposal, the European Union's AI Act.
  arXiv  Detail & Related papers  (2023-11-03T12:51:37Z)
• Use case cards: a use case reporting framework inspired by the European AI Act [0.0]
  We propose a new framework for the documentation of use cases, that we call "use case cards" Unlike other documentation methodologies, we focus on the purpose and operational use of an AI system. The proposed framework is the result of a co-design process involving a relevant team of EU policy experts and scientists.
  arXiv  Detail & Related papers  (2023-06-23T15:47:19Z)
• A Methodology for Creating AI FactSheets [67.65802440158753]
  This paper describes a methodology for creating the form of AI documentation we call FactSheets. Within each step of the methodology, we describe the issues to consider and the questions to explore. This methodology will accelerate the broader adoption of transparent AI documentation.
  arXiv  Detail & Related papers  (2020-06-24T15:08:59Z)
• Response to Office of the Privacy Commissioner of Canada Consultation Proposals pertaining to amendments to PIPEDA relative to Artificial Intelligence [0.0]
  The Montreal AI Ethics Institute (MAIEI) was invited by the Office of the Privacy Commissioner of Canada (OPCC) to provide comments. The present document includes MAIEI comments and recommendations in writing.
  arXiv  Detail & Related papers  (2020-06-12T09:20:04Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.