The European Union redefines the balance between innovation and regulation in artificial intelligence

The agreement reached recently between the European Parliament and the Council of the European Union to simplify certain provisions of the Artificial Intelligence Regulation (AI Act) represents one of the most significant regulatory adjustments since this legal framework came into force in August 2024. Beyond being a mere administrative simplification, the initiative reflects a strategic shift in how Europe seeks to position itself in the face of growing global technological competition, particularly from the United States and China. In this sense, the agreement demonstrates an evolution in European discourse: from a predominantly precautionary regulatory approach toward a more pragmatic model focused on technological competitiveness.

WHAT CHANGES WITH THIS AGREEMENT?

A. Compliance deadlines.

The implementation schedule was modified for AI systems considered high risk (those used in critical infrastructure, education, human resources or justice).

Obligations applicable to sensitive sectors such as biometrics, critical infrastructure, education, employment, migration and border control will begin to be implemented from December 2027, while systems integrated into physical products, such as toys or elevators, will be subject to the new rules until August 2028.

From a regulatory perspective, the agreement confirms an increasingly visible trend in the European Union: the need to reconcile technological oversight with economic viability. The AI ​​Act was originally conceived as a robust risk mitigation tool, but its implementation raised concerns about potential adverse effects on innovation and compliance costs, particularly for startups and mid-sized companies. In response, the new agreement extends certain regulatory benefits previously reserved for small and medium-sized enterprises to mid-cap companies, in addition to strengthening mechanisms such as thesandboxes regulatory” (controlled spaces for experimentation where companies can develop and test AI systems with direct supervision, under flexible compliance schemes) for testing in real-world conditions.

B. Prohibition of generating explicit content without consent.

Regulatory simplification and extended deadlines do not imply a complete relaxation of regulations. In fact, the agreement seeks to introduce an explicit prohibition on AI systems capable of generating sexually explicit and intimate content without consent. The specific inclusion of this prohibition is particularly significant for two reasons. First, because it formally acknowledges the exponential growth of generative technologies used to produce non-consensual images. Second, because it reflects the growing concern regarding the impact of these tools on privacy and human dignity, especially for women and minors.

This point also reveals a distinctive feature of the European model of digital governance: risk-based regulation remains deeply linked to the protection of fundamental rights, particularly the right to the protection of personal data enshrined in Article 8 of the Charter of Fundamental Rights of the European Union. The AI ​​Act does not operate in isolation, but rather in close coordination with the General Data Protection Regulation (GDPR), establishing a complementary regulatory framework where the obligations of transparency, data minimization, and risk assessment reinforce each other. The European Union continues to position the protection of individuals as a structural pillar of its digital regulatory architecture.

C. Regulatory harmonization in Europe.

The agreement also aims to clarify the interaction between the AI ​​Act and other European sectoral regulations, such as the Machinery Regulation. This regulatory harmonization seeks to avoid regulatory duplication and reduce legal uncertainty for manufacturers and developers, which could lead to more efficient compliance processes and a reduction in administrative burdens for businesses.

WHAT STAYS THE SAME?

The AI ​​Act is not being shelved. The regulation still requires critical obligations that remain in effect and whose non-compliance can result in fines of up to €35 million or 7% of annual turnover (depending on the type of infringement), including:

1. Mandatory staff training in the field of AI, by August 2026.
2. Prohibited systemsSubliminal manipulation, social scoring, and emotion recognition using AI systems remain prohibited under the established timeframes.

The underlying message of agreements like this is clear: Europe seeks to prevent its own regulatory ecosystem from becoming a competitive disadvantage compared to other jurisdictions, without dismantling safeguards aimed at protecting fundamental rights.

It is important to monitor these types of regulatory updates, given that the European Union has consolidated its position as a global leader in digital governance. Its regulatory frameworks tend to be replicated worldwide, so adjustments to the AI ​​Act will not only impact companies with operations in Europe, but could also set the standard for future regulatory reforms in Latin America, including Mexico.

References: European Commission, EU agrees to simplify AI rules to boost innovation and ban 'nudification' apps to protect citizens, Directorate-General for Communications Networks, Content and Technology, 7 May 2026, available at: https://digital-strategy.ec.europa.eu/en/news/eu-agrees-simplify-ai-rules-boost-innovation-and-ban-nudification-apps-protect-citizens (Last accessed: May 13, 2026).