The 35% on pre-August is the number that matters. Worth flagging though: the Omnibus delay doesn’t cover new systems placed on market after August 2026.
Transparency obligations still bite. I’ve been building the cryptographic provenance layer for exactly this gap.
Oh, very true! New systems won’t be delayed, and it’s going to be an interesting to watch how things play out. If the EU does push things back, they’ll have a natural experiment: Major model providers might decide to withhold newer models/substantial changes and ride with the existing models in the EU market, while they develop and release everywhere else. New incumbents might just avoid the EU entirely.
I'm pretty sure the timeline delay will get through in, er, time.
Actually, the biggest thing is concerned about is moving Annex I Section A to Section B. This threatens the entire regulatory framework as well as standardisation efforts.
That very specific 78% in the headline meant I had to read this 😂 I love the data driven approach. I think you are right with your predictions. Although, the longer the Omnibus process takes, the bigger the chance / risks that more changes are included (particularly if prolonged Middle East conflict threatens economic outlook).
100% — I think something will happen b/c there’s too much momentum. BTW, FeedForward adjusted its predictions to 93% after the trilogue discussion, citing the following points for increasing/decreasing likelihood.
The decreasing likelihood figures (which I’m including here for transparency) show that the AI prediction engine isn’t perfect: It got tripped up on the unrelated CSAM bills bandied about at the plenary. I added links to some of the sections (I don’t have links built-in directly to the forecasts — working on it).
Expert timeline assessment: Article by Laura Caroli explicitly states "~95% likelihood of meeting timeline given limited divergence between Parliament and Council positions," providing independent technical analysis that passage before August 2, 2026 is highly probable (https://lauracaroli.substack.com/p/ai-omnibus-where-are-we-and-where)
Active trilogue negotiations: Parliament and Council are now in trilogue negotiations, meaning the legislative process has advanced beyond initial positions to active inter-institutional bargaining—a critical procedural milestone
Limited substantive disagreement: Main debate is over technical details like grace period length (Parliament wants 3 months to November 2026 vs Council's 6 months to February 2027 for Article 50 transparency requirements), not fundamental opposition
This all sounds right to me, but I am quite honestly not connected enough to the Brussels legislative machine to make any precise predictions. Having said that, on the AI Act piece, it just seems odd to me to limit reforms to the current rearranging of the deckchairs rather than making sure the law is future-proof and broad enough to address all existing and upcoming AI risks (on the other side of the pond, there is a lot of focus on AI chatbot / companion harms with 100+ bills). The EU almost missed addressing gen AI. But I don't it learned from that near-miss (why would you need to include separate gen AI articles last minute if your AI law is future-proof ...).
re: your footnote #3, i'd have hoped that CSAM and non-consensual creation/distribution of people's porn would already attract both criminal offense and 4% of global revenue fines
is this a jurisdiction fight, and the AI act will tighten it so that the Irish entity gets rekt? why would that work where presumably the already-existing offences and regulations don't?
Yeah, that would have been nice, and yet when the Parliament et al were considering these things, they left out deepfakes and NCII as prohibited category. Not because they didn’t know it was a thing (Article 50 of the EU AI Act requires deployers and users to identify deepfake content, as does the DSA, though neither speak to NCII), but because they didn’t think it was that big of a deal. This is true across most jurisdictions. https://ondato.com/blog/deepfake-laws/
Very few laws exist prohibiting these situations, and there’s even less enforcement, because the target victims (women and girls) aren’t priorities for lawmakers and tech companies don’t want the admittedly complex technical challenge of having to develop software with guardrails. Plus, the EU is terrified they’ll face US ire for infringing on the free speech rights of the guys who create this shit.
The only reason they care now is that Grok was so ‘anti-woke’ that it allowed dudes to generate actual CSAM and spread it around and Elon made jokes about it. It was a poke-the-bear situation.
The 35% on pre-August is the number that matters. Worth flagging though: the Omnibus delay doesn’t cover new systems placed on market after August 2026.
Transparency obligations still bite. I’ve been building the cryptographic provenance layer for exactly this gap.
Would love to compare notes.
Oh, very true! New systems won’t be delayed, and it’s going to be an interesting to watch how things play out. If the EU does push things back, they’ll have a natural experiment: Major model providers might decide to withhold newer models/substantial changes and ride with the existing models in the EU market, while they develop and release everywhere else. New incumbents might just avoid the EU entirely.
I'm pretty sure the timeline delay will get through in, er, time.
Actually, the biggest thing is concerned about is moving Annex I Section A to Section B. This threatens the entire regulatory framework as well as standardisation efforts.
So now I'm curious: how exactly would it do that?
That very specific 78% in the headline meant I had to read this 😂 I love the data driven approach. I think you are right with your predictions. Although, the longer the Omnibus process takes, the bigger the chance / risks that more changes are included (particularly if prolonged Middle East conflict threatens economic outlook).
100% — I think something will happen b/c there’s too much momentum. BTW, FeedForward adjusted its predictions to 93% after the trilogue discussion, citing the following points for increasing/decreasing likelihood.
The decreasing likelihood figures (which I’m including here for transparency) show that the AI prediction engine isn’t perfect: It got tripped up on the unrelated CSAM bills bandied about at the plenary. I added links to some of the sections (I don’t have links built-in directly to the forecasts — working on it).
Key Factors
Increasing likelihood:
Parliament approval secured at committee level: Parliament committees voted 101-9 in favor of the AI Omnibus amendments, representing overwhelming support (92% approval) for the core deadline postponement provisions (https://artificialintelligenceact.substack.com/p/the-eu-ai-act-newsletter-98-parliament)
Plenary vote: The parliament’s plenary voted today in favor of proposals to finalize the AI Omnibus. MEPs also voted in favor of the proposals by 569 votes. (https://www.pinsentmasons.com/out-law/news/eu-ai-simplification-package-reaches-critical-milestone)
Expert timeline assessment: Article by Laura Caroli explicitly states "~95% likelihood of meeting timeline given limited divergence between Parliament and Council positions," providing independent technical analysis that passage before August 2, 2026 is highly probable (https://lauracaroli.substack.com/p/ai-omnibus-where-are-we-and-where)
Active trilogue negotiations: Parliament and Council are now in trilogue negotiations, meaning the legislative process has advanced beyond initial positions to active inter-institutional bargaining—a critical procedural milestone
Limited substantive disagreement: Main debate is over technical details like grace period length (Parliament wants 3 months to November 2026 vs Council's 6 months to February 2027 for Article 50 transparency requirements), not fundamental opposition
Political momentum maintained: Despite civil society opposition (https://www.techpolicy.press/europe-is-looking-to-water-down-ai-protections-it-should-reinforce-them/) and data protection authority resistance, the core amendments are advancing through the legislative process on schedule
Decreasing likelihood:
Parliament rejected CSAM scanning extension: Politico reports Parliament voted 311-228 to block extension of temporary CSAM scanning law, demonstrating willingness to resist Commission and industry pressure on privacy-sensitive issues, though this concerns different legislation. https://www.politico.eu/article/european-parliament-rejects-child-sexual-abuse-bill-blocking-tech-firms-scanning-meta-google/?utm_source=RSS_Feed&utm_medium=RSS&utm_campaign=RSS_Syndication
Institutional resistance patterns: Another Politico article mentions the CSAM debate as evidence of institutional resistance. https://www.politico.eu/article/eu-commissioners-blast-parliament-over-delays-to-online-child-abuse-crackdown/?utm_source=RSS_Feed&utm_medium=RSS&utm_campaign=RSS_Syndication
US pressure on EU tech regulation: US Ambassador Puzder seeking to renegotiate EU digital regulations, creating broader political context that could theoretically complicate EU legislative priorities. https://www.politico.eu/article/lets-talk-about-your-tech-rules-us-donald-trump-envoy-andrew-puzder-tells-eu/?utm_source=RSS_Feed&utm_medium=RSS&utm_campaign=RSS_Syndication
Would love to hear your thoughts!
This all sounds right to me, but I am quite honestly not connected enough to the Brussels legislative machine to make any precise predictions. Having said that, on the AI Act piece, it just seems odd to me to limit reforms to the current rearranging of the deckchairs rather than making sure the law is future-proof and broad enough to address all existing and upcoming AI risks (on the other side of the pond, there is a lot of focus on AI chatbot / companion harms with 100+ bills). The EU almost missed addressing gen AI. But I don't it learned from that near-miss (why would you need to include separate gen AI articles last minute if your AI law is future-proof ...).
And for something I wrote that is less walled see here https://adamleonsmith.substack.com/p/dg-sante-proposal-threatens-to-undermine?utm_source=share&utm_medium=android&r=5t4jd8
But I wrote that when it was just medical, now it is everything in Annex I
https://background.tagesspiegel.de/digitalisierung-und-ki/briefing/alle-arbeit-umsonst
re: your footnote #3, i'd have hoped that CSAM and non-consensual creation/distribution of people's porn would already attract both criminal offense and 4% of global revenue fines
is this a jurisdiction fight, and the AI act will tighten it so that the Irish entity gets rekt? why would that work where presumably the already-existing offences and regulations don't?
Yeah, that would have been nice, and yet when the Parliament et al were considering these things, they left out deepfakes and NCII as prohibited category. Not because they didn’t know it was a thing (Article 50 of the EU AI Act requires deployers and users to identify deepfake content, as does the DSA, though neither speak to NCII), but because they didn’t think it was that big of a deal. This is true across most jurisdictions. https://ondato.com/blog/deepfake-laws/
Very few laws exist prohibiting these situations, and there’s even less enforcement, because the target victims (women and girls) aren’t priorities for lawmakers and tech companies don’t want the admittedly complex technical challenge of having to develop software with guardrails. Plus, the EU is terrified they’ll face US ire for infringing on the free speech rights of the guys who create this shit.
The only reason they care now is that Grok was so ‘anti-woke’ that it allowed dudes to generate actual CSAM and spread it around and Elon made jokes about it. It was a poke-the-bear situation.
https://www.euractiv.com/news/not-everyones-on-board-with-cutting-industrial-ai-rules/
https://www.linkedin.com/posts/tic-council_preserving-the-integrity-of-the-ai-act-activity-7437135849982640128-uZPk?utm_source=share&utm_medium=member_android&rcm=ACoAAAAhEiEBjPlcZP5-d24AFli9rTaQE5J0r9M