The Council of the EU and the European Parliament reached a preliminary agreement at the beginning of May on amendments to certain rules concerning Artificial Intelligence. The draft is currently at the stage of final approval by EU bodies. The proposed changes indicate that the European regulator is preserving a relatively strict approach to Artificial Intelligence governance, with continued emphasis on safety, accountability, privacy, and formal oversight.
The most immediate change concerns timing. Currently, the provisions of the EU Artificial Intelligence Act regarding high-risk Artificial Intelligence systems are scheduled to take effect on August 2, 2026. It is proposed to extend the implementation deadlines by up to 16 months. The new implementation dates are December 2, 2027, for autonomous high-risk Artificial Intelligence systems and August 2, 2028, for high-risk Artificial Intelligence systems embedded in products. The deadline for establishing national-level Artificial Intelligence regulatory sandboxes is also planned to be postponed until August 2, 2027. The European Commission plans to ensure that the necessary standards and tools are in place before the main rules take effect, giving providers additional time to prepare for compliance.
At the same time, several provider obligations are being reinforced rather than softened. The obligation for providers to register Artificial Intelligence systems in the EU database for high-risk systems is reinstated, even if they believe their systems are exempt from such a requirement. The “strict necessity” standard for processing special categories of personal data is also reinstated, even if such processing is carried out for the purpose of detecting and correcting bias. These measures reflect concern that Artificial Intelligence systems still carry a range of privacy-related risks and signal that businesses should audit internal processes and align their systems with stricter standards.
Transparency rules may arrive faster. The implementation period for transparency measures in relation to Artificial Intelligence, including the detection and labelling of outputs generated by Artificial Intelligence, is planned to be reduced from 6 months to 3 months. The new deadline is December 2, 2026. A new prohibition also targets the use of Artificial Intelligence to create sexual and intimate content without the recipient’s consent, as well as materials depicting child sexual abuse. Although this provision is primarily aimed at users, providers are expected to reflect the ban in their terms of use and define sanctions for violations.
The amendments also seek to clarify how the Act interacts with sector-specific rules. To avoid duplication in sectoral legislation, it is proposed to use separate implementing acts. The machinery sector is excluded from the scope of direct application of the Act, while the European Commission would be empowered to adopt delegated acts for that sector. The competences of the Artificial Intelligence Office are further clarified, and the European Commission would take on a new obligation to provide guidance and recommendations to operators of high-risk Artificial Intelligence systems to simplify conformity assessments for companies. Final adoption still requires approval by the Council of the EU and the European Parliament.
