GPAIs and the EU AI Act

From DeepSeek to ChatGPT: GPAI providers need comply with the AI Act soon 

At LegalAir, we are specialised in guiding businesses in in legal compliance with the EU AI Act as well as ethical and technical challenges that come with the use of AI. With the compliance deadline set for August 2, 2025, general-purpose AI (GPAI) providers such as those behind DeepSeek and ChatGPT must prepare now to meet the AI Act’s obligations and continue operating within the European market without getting fined or suffering reputational damage. 

The scope of the AI Act for GPAI Providers 

The AI Act classifies general-purpose AI models (Article 3(63) AI Act) as systems trained with large datasets and capable of performing a wide array of tasks across applications.  

According to Recitals 98 and 99 of the AI Act, models with at least one billion parameters, trained with self-supervision at scale, inherently meet the “significant generality” threshold, making them key targets for compliance under the AI Act. For providers of these systems, the obligations extend beyond the technical domain into governance, risk management and transparency. 

Your compliance checklist 

The AI Act introduces certain obligations for GPAI providers, within chapter V. In short, providers must: 

  • Document the technical specifics of their models, including architecture, parameters, and training processes, to support AI Office reviews and downstream integration; 
  • Publish a training content summary, ensuring users understand the model’s capabilities and limitations, and 
  • Put a robust copyright policy in place to comply with EU intellectual property laws, ensuring training data respects legal rights. 

For GPAI models deemed to pose systemic risks, providers must assess, mitigate, and document these risks, including cybersecurity and incident reporting. While some open-source GPAI models are exempt from certain documentation requirements, those with systemic risks must fully comply. 

The way forward 

The EU AI Act is an important step towards creating a safe, innovative, and trustworthy AI ecosystem within the European Union. Providers of general-purpose AI models must take proactive measures to navigate this new regulatory landscape. At LegalAir, we believe that compliance is not just a regulatory burden—it is a strategic advantage. It builds trust, safeguards innovation, and ensures access to the lucrative European market. Whether you are a provider like DeepSeek, a downstream integrator, or an open-source developer, LegalAir is here to help you thrive. 

Let’s build a compliant and innovative AI future together. Contact us today to get started 

 

Published On: januari 31st, 2025Categories: AI blogs, News2 min read0 Comments on GPAIs and the EU AI Act