EU Strengthens AI Regulations, Bans Harmful Applications While Simplifying Compliance for Businesses
The European Union has reached a provisional agreement to amend key components of the EU AI Act, a significant move that aims to simplify compliance for businesses while tightening restrictions on harmful AI applications. This includes a ban on so-called “nudifier” apps and AI-generated child sexual abuse material. The agreement, finalized by negotiators from the European Parliament and the Council, is part of the EU’s broader “digital omnibus” package, which seeks to refine the implementation of its landmark AI legislation.
The updated proposal is designed to alleviate compliance burdens and reduce legal uncertainty for AI providers while preserving the core risk-based framework of the AI Act. Lawmakers emphasize that these changes aim to make regulations more practical without compromising essential safeguards related to safety, privacy, and fundamental rights.
EU AI Act Deadlines Pushed to Reduce Legal Uncertainty
Among the most significant changes in the proposed amendments is the postponement of several obligations associated with high-risk AI systems. Under the revised timeline, regulations for AI systems classified as high-risk due to their applications will now take effect from December 2, 2027. This category includes AI utilized in biometric identification, critical infrastructure, education, employment, law enforcement, and border management.
Additionally, AI systems functioning as safety components under sector-specific EU product safety laws will now face compliance obligations starting August 2, 2028. The agreement also delays watermarking requirements for AI-generated content until December 2, 2026, a shift from the previously proposed implementation date of February 2027. Watermarking tools are intended to help identify and trace AI-generated images, audio, and video content. Lawmakers assert that these postponements are necessary to ensure that technical standards and implementation guidance are fully established before the rules become enforceable.
EU Bans Nudifier Apps and AI-Generated Abuse Content
A critical aspect of the agreement focuses on enhancing restrictions surrounding harmful AI-generated sexual content. Negotiators have reached a consensus to prohibit AI systems designed to create child sexual abuse material or generate explicit deepfake content involving identifiable individuals without consent. This restriction encompasses images, videos, and audio content.
The ban specifically targets companies that deploy such AI systems in the EU market, as well as providers who fail to implement reasonable safeguards against misuse. Users who utilize these systems to create illegal or non-consensual explicit material will also be affected. The decision directly addresses “nudifier” apps, which employ AI to digitally remove clothing or fabricate explicit imagery of individuals. Companies operating these systems will have until December 2, 2026, to comply with the new requirements.
Michael McNamara, co-rapporteur for the Civil Liberties, Justice and Home Affairs committee, stated that the agreement strengthens the EU’s capacity to act against AI systems that threaten human dignity and fundamental rights. He expressed satisfaction with the morning’s agreement on the AI Omnibus, highlighting the importance of banning nudification apps and the creation of child sexual abuse material using AI systems.
Simplification Measures for AI Providers and SMEs
The amendments also introduce several simplification measures aimed at reducing overlapping compliance requirements for companies developing AI technologies. Under the new framework, machinery products with AI features will no longer need to comply separately with both the EU AI Act and sector-specific safety laws if existing safety regulations already provide equivalent protection.
Furthermore, lawmakers have narrowed the definition of “safety component” within the EU AI Act. This means that AI functions designed solely to assist users or enhance product performance will not automatically be classified as high-risk unless their failure poses health or safety risks. Another significant change allows companies to process personal data when strictly necessary to detect and correct bias in AI systems, provided that appropriate safeguards are in place.
The agreement also extends certain exemptions previously available only to small and medium-sized enterprises (SMEs) to small mid-cap companies. EU officials indicate that this move is intended to facilitate the scaling of AI innovation among startups and growing technology firms within Europe. Arba Kokalari, co-rapporteur for the Internal Market and Consumer Protection committee, remarked that the revised rules strike a balance between innovation and regulation, asserting that the agreement demonstrates that politics can keep pace with technology.
Next Steps for the EU AI Act Amendments
The provisional agreement still requires formal approval from both the European Parliament and the Council before it can be enacted into law. EU lawmakers are targeting a final adoption date before August 2, 2026, which marks the scheduled start date for existing high-risk AI system regulations under the original AI Act framework.
These negotiations are part of the EU’s ongoing efforts to establish global standards for artificial intelligence governance while addressing concerns related to safety, transparency, and the misuse of generative AI technologies.
Source: thecyberexpress.com
Keep reading for the latest cybersecurity developments, threat intelligence and breaking updates from across the Middle East.
