EU proposal dilutes key AI Act provisions as privacy law rollbacks continue
It seems the EU is tweaking its rules at a curious moment. Europe has been tightening data-privacy laws, yet the latest draft looks like it backs off on the AI safeguards that were supposed to go hand-in-hand with them. Unveiled while privacy legislation is already being rolled back, the proposal zeroes in on the AI Act - the Europe-wide framework that officially kicked off in 2024, though many of its clauses are still on hold.
Critics point out that the amendment probably lengthens the interim window before the toughest requirements hit high-risk AI tools that could cause “serious risks.” In plain terms, developers and operators would get a bit more breathing room before they have to prove they meet the highest standards. Some wonder whether the EU is leaning toward flexibility rather than the original goal of curbing potentially harmful AI. The change also appears to water down a key piece of the AI Act, extending the grace period for rules that govern high-risk systems posing serious risks.
The proposal also waters down a key part of Europe's sweeping artificial intelligence rules, the AI Act, which came into force in 2024 but had many elements that would only come into effect later. The change extends the grace period for rules governing high-risk AI systems that pose "serious risks" to health, safety, or fundamental rights, which were due to come into effect next summer. The rules will now only apply once it's confirmed that "the needed standards and support tools are available" to AI companies. One change that's likely to please almost everyone is a reduction in Europe's ubiquitous cookie banners and pop-ups.
Brussels has started to loosen the GDPR, cutting back the cookie-consent pop-ups that used to cause a lot of noise. At the same time, the AI Act that came out in 2024 is seeing a pretty clear rollback. The new draft simply pushes the deadline for high-risk AI systems farther out, adding a grace period whose length isn’t spelled out.
Some industry folks seem relieved - fewer hoops to jump through - but a handful of privacy groups are already warning that Europe’s reputation as a data-rights leader could take a hit. It looks like the change is coming from pressure on both sides: tech companies, a few U.S. interests, and a push to revive sluggish growth.
Still, I’m not sure the delayed safeguards will end up watering down the whole point of the AI framework. The shift feels like a move away from the stricter tone we saw before, and it’s hard to say how it will play out for user privacy or algorithmic accountability in the long run. What’s clear is that lawmakers will have to juggle economic hopes with the values that originally drove the rules.
Related Reading
Policy & Regulation X users can no longer tag @grok for image edits; feature not paywalled
Policy & Regulation Dutch Government Assumes Control of Chipmaker Nexperia Amid Tech Tensions
Policy & Regulation Indian IT firms view data platforms as IP amid cloud‑partner reliance
Common Questions Answered
How does the EU proposal change the enforcement timeline for high‑risk AI systems under the AI Act?
The proposal extends the grace period for high‑risk AI systems that pose serious risks to health, safety, or fundamental rights, pushing back the start of strict enforcement from the originally planned summer date to an unspecified later date. This delay means that the required standards and support will not be mandatory until the new timeline is confirmed.
What impact does the EU's rollback of privacy legislation have on the AI Act's safeguards?
The rollback includes softening GDPR provisions, such as trimming cookie consent dialogs, which coincides with the AI Act's dilution of key safeguards. Critics argue that weakening privacy rules alongside delayed AI regulations could erode overall protections for individuals' data and fundamental rights.
Why have industry groups welcomed the EU's amendment to the AI Act?
Industry voices appreciate the reduced compliance burden resulting from the extended grace period for high‑risk AI systems, giving companies more time to adapt to the forthcoming standards. They view the delay as a practical relief amid complex regulatory requirements.
What concerns do privacy advocates raise about the EU's recent AI Act amendment?
Privacy advocates warn that extending the enforcement timetable and diluting key provisions may weaken protections for health, safety, and fundamental rights. They fear the changes could set a precedent for further erosion of both AI and data‑privacy safeguards in Europe.