The European Parliament and the Council of the European Union reached a provisional agreement on May 7 to delay the enforcement deadlines for high-risk artificial intelligence systems under the landmark AI Act, giving businesses additional time to comply with what are considered the most demanding provisions of the legislation. The deal, part of the European Commission's Digital Omnibus initiative, pushes back the application date for standalone high-risk AI systems classified under Annex III to December 2, 2027, while obligations for high-risk AI embedded in regulated products under Annex I are deferred until August 2, 2028.
The agreement represents a significant concession to industry groups that had argued the original timelines were unrealistic given the complexity of compliance requirements and the absence of finalized technical standards. Companies deploying AI in sectors such as healthcare, law enforcement, education, and critical infrastructure had warned that rushing compliance could lead to poorly implemented safeguards or force them to withdraw AI products from the European market entirely. The delay acknowledges that meaningful compliance requires time for standards bodies to complete their work and for organizations to adapt their systems accordingly.
Beyond timeline adjustments, the Omnibus deal introduces new prohibitions that reflect evolving concerns about synthetic content. The agreement adds a ban on AI systems used to generate non-consensual intimate imagery and child sexual abuse material, including applications commonly known as nudifiers. This provision responds to a growing wave of deepfake abuse cases across Europe that have prompted calls for stronger regulatory action against tools that weaponize generative AI against individuals.
The agreement also modifies transparency obligations under the AI Act. Watermarking requirements for AI system providers under Article 50(2) are postponed until December 2, 2026, though this represents a shorter delay than the six months originally proposed. All other transparency obligations, including those applicable to organizations that deploy AI systems, will continue to take effect from August 2, 2026, as originally scheduled. The staggered approach aims to balance the need for public awareness of AI-generated content with practical implementation challenges.
Civil society organizations and digital rights advocates have criticized the delays, arguing that they effectively allow high-risk AI systems to operate without adequate oversight for an extended period. Critics contend that the deferral benefits large technology companies at the expense of citizens who may be subjected to consequential AI-driven decisions in areas such as hiring, credit scoring, and law enforcement without the protections the AI Act was designed to provide. The tension between innovation-friendly timelines and robust citizen protection remains at the heart of the debate.
The provisional agreement still requires formal adoption by both the Council and Parliament before becoming law, a process expected to take several months. Meanwhile, EU member states are establishing national AI supervisory authorities and the European AI Office continues to develop guidelines and codes of practice that will shape how the regulation is implemented across the bloc.
Comments