The Obligations of Providers of General-Purpose AI Models

During the legislative process, the EU Artificial Intelligence (AI) Act was amended to include provisions related to general-purpose AI (GPAI) models. These broadly relate to transparency towards downstream users and relevant regulators, in addition to obligations connected to intellectual property. In this paper, we provide detailed analysis of these new provisions in the context of current technological applications and emerging trajectories, connecting them to computing literature and practice, and the broader context of connected and adjacent legal regimes, in particular copyright and relevant emerging case law. We find that there are a significant number of inclarities, tensions and contradictions both within the text, between the text and other legal regimes, and between the text and guideline documents, such as the Code of Practice on General-Purpose AI and recent guidelines by the European Commission. We identify a range of issues with the scoping of the provisions which may undermine its policy goals and create loopholes for regulatory avoidance, such as those relating to non-commercial models, open-source models, and model finetuning along the value chain. We find that the Code of Practice contains significant omissions and misstatements, some of which may present a compliance risk for an entity choosing to rely on the Code. We do not consider the provisions on GPAI models which present a systemic risk, which are dealt with elsewhere in the volume which this work will form a part of.