It feels like just yesterday we were marveling at AI's latest tricks, and now, the conversation has firmly shifted to how we actually govern it. As we move through 2025, the global push for AI regulation is more palpable than ever, yet it's also becoming clear that this isn't a simple, one-size-fits-all endeavor. Policymakers are grappling with a rapidly evolving technology, trying to fit a square peg into a round hole, as the saying goes.
One of the most significant developments we're watching is the potential pause on the European Union's landmark AI Act. Whispers from figures like Irish Member of European Parliament Michael McNamara suggest that a delay is increasingly likely. The reasoning? Stakeholders, from businesses to developers, simply need more time to understand what they're expected to adhere to. While McNamara acknowledges the Act was a welcome attempt, he also warns that too long a pause could sap its crucial momentum.
What's driving this potential reassessment? Well, there's pressure from other global players, notably the U.S., who perceive some EU digital regulations as burdensome. On top of that, there's a lag in delivering the essential implementation details for the AI Act itself. The European Commission's delay in releasing the code of practice for general-purpose AI (GPAI) is a prime example. This code is meant to be a guiding light for entities preparing for GPAI requirements, which are slated to take effect in August. With the original May 2nd finalization date long passed and no immediate sign of it being ready, an implementation delay seems like a logical, if perhaps frustrating, next step. For many covered entities, this code represents a "presumption of compliance," so its absence leaves a significant gap.
It's not just the EU, of course. The quest for regulatory balance is a global one. We're seeing different approaches emerge, with countries like Japan and South Korea charting their own courses, distinct from the EU's risk-based model. Even within the U.S., the landscape is varied, with state-level legislation tackling everything from broad AI development and use to more specific issues like automated decision-making and deepfakes.
Ben Rossen, Associate General Counsel for AI Policy and Regulation at OpenAI, pointed out something crucial at a recent Digital Policy Leadership Retreat: while AI-specific legislation is still very much in flux, it doesn't mean AI is entirely a regulatory wild west. Existing laws – consumer protection, tort law, product liability – are already being applied. Yet, the common perception persists that AI remains largely unregulated. This disconnect between existing legal frameworks and the public's perception is a significant point of friction.
Guido Scorza, a board member for Italy's data protection authority, the Garante, emphasized the need for clarity. He highlighted the ongoing tension between fostering innovation and establishing regulation, noting that regulators have a fundamental responsibility to provide legal certainty to industry. "We were, and probably still aren't, always able to give industry legal certainty in time," he admitted. "That's our most important responsibility, because it's our duty to recognize if society is changing and needs a faster regulatory solution than in the past."
The discussion also touched on the idea of self-regulation. While some companies might lean towards it in the absence of hard rules, Rossen cautioned that broad self-regulation isn't seen as a responsible approach by many in the industry. Context, it seems, is everything.
As 2025 unfolds, it's clear that the path to AI regulation is complex and dynamic. It's a journey marked by ongoing debate, evolving strategies, and a collective effort to ensure that as AI continues its rapid ascent, it does so responsibly and with a clear understanding of the rules of the road.
