Technology

EU Hits Pause on AI Act, Pushing Back Key Deadlines

The EU just gave companies more time to comply with its sweeping AI Act, pushing back deadlines for high-risk systems. But for AI-generated deepfake porn? The clock is now ticking much faster.

AI Tech Dialogue Editorial TeamAI Tech Dialogue Editorial Team5 min read
An illustration of the EU AI Act deadlines being adjusted, showing a blueprint of the EU flag with a glowing AI neural network at its center.
An illustration of the EU AI Act deadlines being adjusted, showing a blueprint of the EU flag with a glowing AI neural network at its center. — Illustration: AI Tech Dialogue.

The clock just got reset on the world’s most ambitious AI rulebook. On June 29, the Council of the European Union gave its final nod to a package of amendments for the EU AI Act. The big news? Pushed-back deadlines for companies deploying high-risk systems. It’s a move that grants businesses some badly needed breathing room—but also tightens the screws on some of generative AI’s worst abuses.

Don’t mistake this for Brussels losing its nerve. It’s not.

This recalibration of the landmark EU AI Act deadlines is a cold, hard dose of pragmatism. The original timeline was always a stretch, and this adjustment—part of a larger 'Digital Omnibus' package—is about getting the technical standards and infrastructure right before the hammer comes down.

So, What’s the New Timeline?

The core of the change targets systems classified as 'high-risk.' Think AI used in critical infrastructure, hiring, credit scoring, and law enforcement. The new timeline is staggered:

  • December 2, 2027: This is the new compliance date for standalone high-risk AI systems. The original deadline was August 2, 2026, which makes this a 16-month extension.
  • August 2, 2028: High-risk AI systems that are embedded as safety components within other products, like medical devices or machinery, now have until this date to comply.

This is a massive relief for businesses, especially the smaller ones, that were scrambling to overhaul their tech and governance to meet the Act's tough demands. The whole point of the extension is to allow time for harmonized standards to actually be developed across the bloc. Without those, conformity is impossible. It’s a complex mess, and Brussels is clearly saying it would rather get this right than get it fast.

No More Delays for Abusive AI

But while regulators gave ground on one front, they came down hard on another. The amendments introduce a blunt new prohibition aimed squarely at the flood of malicious deepfakes. Now, the updated AI Act explicitly bans AI systems that churn out non-consensual intimate imagery or child sexual abuse material (CSAM). Yes, that means the so-called 'nudifier' apps are directly in the crosshairs.

And here's the catch. The deadline for this ban is December 2, 2026. That’s much sooner than the high-risk extensions. The accelerated schedule shows just how urgently European lawmakers want to crush what one observer called a 'systemic harm being industrialised by AI'. The ban targets everyone in the chain—from the providers who put these systems on the market without proper safeguards to the users who deploy them.

This is part of a much bigger conversation. The world is waking up to the weaponization of generative AI. Creating convincing fakes is terrifyingly easy now, and our laws haven't kept up. It’s a central fight in the debate over open versus closed AI development.

Why This Delay Matters Everywhere

The EU AI Act is the benchmark. The global standard. It creates the 'Brussels effect'—where what Europe decides, the world adopts. So a delay in Europe has ripple effects everywhere. It gives international firms more time to get their act together before entering the world's largest single market. But it also cements the EU's position as the planet's top AI cop.

Let's be clear: this wasn't a random decision. Industry groups have been sounding the alarm for months, arguing the original timeline was impossible without clear supporting rules. These changes also clean up some regulatory mess, making sure that machinery with AI inside won't get hit with redundant requirements from both the AI Act and other safety laws.

The EU's path stands in stark contrast to others. While the US government wrangles voluntary commitments from major AI labs, Europe is building a legally binding, risk-based fortress. The core rules of the AI Act haven't changed one bit. This is about the calendar, not the mission. And with a recent UN report warning about the profound risks of unchecked AI, Europe's all-in approach is its definitive answer.

The message from Brussels couldn't be clearer. The world’s toughest AI regulation is still coming. The deadlines shifted. The destination didn't. For any company touching AI in Europe, the roadmap is now more realistic, but it leads to the exact same place.

#eu ai act#ai regulation#artificial intelligence#tech policy#high-risk ai

Frequently asked questions

What are the new compliance deadlines for the EU AI Act?
The Council of the European Union has set new deadlines. Standalone high-risk AI systems must comply by December 2, 2027, an extension of 16 months. High-risk AI systems embedded as safety components in other products have a new deadline of August 2, 2028.
Did the EU AI Act add any new bans?
Yes, the latest amendments introduce an explicit prohibition on AI systems designed to generate non-consensual intimate imagery or child sexual abuse material (CSAM). This includes so-called 'nudifier' applications. The compliance deadline for this specific ban is December 2, 2026.
Why did the EU delay the AI Act deadlines?
The EU postponed the deadlines to provide businesses with more time to navigate the complex compliance requirements. The delay acknowledges the need for the development of harmonized technical standards and supporting infrastructure, ensuring a more practical and effective implementation of the world's most comprehensive AI law.
Do these EU AI Act changes affect companies outside of Europe?
Absolutely. The EU AI Act applies to any company that places an AI system on the EU market or provides an AI service to users within the EU, regardless of where the company is based. This 'extraterritorial' scope means businesses in the US, Asia, and elsewhere must adhere to these rules and timelines to access the European market.

Sources & further reading

More in this section