Europe presses AI rules while industry pushes back

Europe’s artificial intelligence rulebook is moving from drafting to enforcement, even as industry groups press Brussels to cut parts of it back. (digital-strategy.ec.europa.eu) The European Union’s Artificial Intelligence Act, Regulation (EU) 2024/1689, applies on a staggered schedule: banned uses started on February 2, 2025, rules for general-purpose models started on August 2, 2025, and the main obligations for high-risk systems are due on August 2, 2026. (digital-strategy.ec.europa.eu; bm.consulting) On April 13, 2026, EuroISPA said the European Parliament and European Union member states should quickly finish work on the “Digital Omnibus on AI,” a simplification package the European Commission proposed on November 19, 2025. EuroISPA said the text should stay “innovation-friendly” and keep simplification “at its core.” (euroispa.org) The fight is over how much paperwork should attach to systems that are not in the law’s highest-risk bucket. The Commission’s framework is risk-based, with the toughest duties aimed at “high-risk” systems and bans for a narrower set of prohibited practices. (digital-strategy.ec.europa.eu) Registration is one flashpoint. The European Commission’s service desk says the European Union database covers high-risk systems listed in Annex III and other systems that face registration duties, while public authorities deploying high-risk systems must meet registration obligations under Article 49. (ai-act-service-desk.ec.europa.eu; ai-act-service-desk.ec.europa.eu) EuroISPA backed fixed compliance deadlines for high-risk systems, but asked negotiators to remove registration burdens for non-high-risk systems and to lengthen a proposed grace period for some Article 50 labeling rules to 12 months. It also said the grace period should cover new systems placed on the market after August 2, 2026, not just systems already on the market before that date. (euroispa.org) Brussels is not signaling a pause in implementation. On December 4, 2025, the Commission said its Artificial Intelligence Office was preparing 2026 guidance on high-risk classification, transparency, provider and deployer duties, value-chain responsibilities, substantial modification, and the law’s overlap with other European Union rules. (digital-strategy.ec.europa.eu) That “substantial modification” issue is where compliance can shift under a company’s feet. The Commission’s service desk says a distributor, importer, deployer, or third party can become the provider of a high-risk system if it substantially modifies the system, changes its intended purpose into a high-risk use, or rebrands it under its own name. (ai-act-service-desk.ec.europa.eu) The law defines substantial modification as a post-market change not foreseen in the original conformity assessment that affects compliance, and Recital 128 gives examples such as a change of operating system or software architecture. That is one reason the Commission has said it will issue separate guidance on substantial modification in 2026. (artificialintelligenceact.eu; ai-act-service-desk.ec.europa.eu; digital-strategy.ec.europa.eu) In regulated sectors such as life sciences, advisers say ordinary software updates can create that kind of exposure. USDM wrote on April 13, 2026, that an artificial intelligence feature switched on through a platform update inside a validated environment can appear without a validation impact assessment, GAMP 5 classification, or change-control record. (usdm.com) So the European debate has narrowed to two tracks running at once: simplify parts of the rulebook before August 2, 2026, and prepare for the duties that are already scheduled to bite on that date. (euroispa.org; digital-strategy.ec.europa.eu)