IA 360
Regulatory Framework

European Parliament Approves Its Position on the AI Act

The European Parliament votes on its negotiating mandate for the AI Act, with obligations for generative AI and bans on uses like real-time facial recognition. Final negotiations with EU countries begin.

5 min read Leer en español

The European Parliament today approved its negotiating position on the Artificial Intelligence Act (AI Act), the regulation that aims to become the world's first comprehensive legal framework for governing this technology. The vote in the Strasbourg plenary passed with 499 votes in favor, 28 against and 93 abstentions, a broad show of support that gives MEPs a mandate to negotiate the final text with the Council of the EU and the European Commission.

What the approved text contains

Parliament's position keeps the approach of the Commission's original proposal, presented in April 2021: classifying AI systems according to their level of risk and applying obligations proportional to that risk. The greater the potential danger to people's rights and safety, the stricter the requirements for transparency, human oversight and prior assessment.

The most significant addition compared to the initial proposal is the inclusion of specific rules for so-called generative AI models and foundation models, the category that systems like GPT-4 or Stable Diffusion belong to. MEPs have agreed that companies developing this type of model will have to clearly disclose which content has been generated by artificial intelligence, design systems to prevent the generation of illegal content, and publish summaries of the copyrighted data used to train their models. This last point responds directly to the controversy that has surrounded text- and image-generation tools in recent months, with authors, illustrators and publishers accusing them of having been trained on protected works without authorization or compensation.

The bans Parliament is introducing

The text voted on today expands the list of prohibited uses already present in the Commission's proposal. Among the practices the European Parliament wants to ban are real-time remote biometric identification in public spaces, emotion recognition systems in the workplace, education, policing, border management and law enforcement, biometric categorization based on sensitive characteristics such as sexual orientation or religion, and predictive policing systems based on profiling or location.

This expansion of the bans was one of the most contentious points during internal negotiations among the parliamentary groups, with parties like the European People's Party pushing for exemptions for security forces that ultimately did not make it into the approved version.

Why this vote matters

The European Union has spent more than two years working on this regulation, which aims to become a global reference standard in a similar way to how the General Data Protection Regulation (GDPR) set the international pace on privacy starting in 2018. The Council of the EU, representing the governments of member states, had already set its own general position in December 2022. With today's vote, the three European institutions —Parliament, Council and Commission— enter the trilogue phase, the three-way negotiations in which the regulation's final text will be settled.

The political calendar adds pressure to the process: Spain takes over the rotating presidency of the Council of the EU next July, and the Spanish government has expressed its intention to push for a close to the negotiations during its six months at the helm of the institution, before the 2024 European Parliament elections complicate the legislative agenda.

What remains to be decided

The thorniest points of the negotiation remain open. Council and Parliament start from different positions on matters such as the exact scope of obligations for foundation models, how small and medium-sized enterprises that integrate these systems without having developed them themselves should be treated, and the role national authorities will play alongside a potential European AI oversight office.

While these negotiations move forward, the law will remain unenforced for months, even years: once the final text is agreed, the regulation typically allows for two-year adaptation periods before coming fully into force. For companies already deploying generative AI systems in Europe, today's message is clear: the rules of the game are taking shape, and transparency about the origin of training data and machine-generated content is set to stop being a voluntary option and become a legal obligation.

Share this article

This website uses cookies to improve the browsing experience. Cookie policy.