AI Policy & Governance, European Policy
CDT’s First Contribution to the Code of Practice Process on GPAI models
The Centre for Democracy and Technology Europe welcomes the publication of the first draft of the Code of Practice for General-Purpose AI (GPAI) Models by the AI Office. This first set of feedback, submitted by CDT Europe through a closed survey as a participant to the Code of Practice process, responds to one of the several drafts that will be produced in the coming months. The final version of the Code is expected to be announced in May 2025.
As we discussed in an earlier piece, the final Code of Practice will play a complementary role to the AI Act – compliance with the measures set in the Code will allow GPAI model providers to demonstrate compliance with their obligations under the Act.
In our written comments to the consultation, we call for improvements to the first draft of the Code of Practice in the following areas:
- Documentation. We ask for the Code of Practice to require more detailed information from GPAI model providers on testing outcomes, including any mitigations undertaken, the impact of those decisions and the impact on the models.
- Transparency. The draft should expand the categories of information shared with downstream providers seeking to deploy AI models responsibly, including information on methods to detect unsuitability of data sources, biases in the data, and details on testing processes and results.
- Systemic risks. The taxonomy included in the first draft insufficiently addresses risks to fundamental rights and gives outsized prominence to theoretical safety risks of unclear likelihood. The draft should include additional risk categories to reflect the full spectrum of fundamental rights concerns and ensure that mitigations taken to address risks do not pose threats to fundamental rights themselves, such as the right to freedom of expression.
- Open source models. The draft does not sufficiently consider the needs of open source providers, and its provisions should be clarified to reduce the burden on open source providers.