The Lens Newsletter - July 2025

Long awaited GPAI guidelines published ahead of 2 August deadline

Following hot on the heels of the general-purpose AI (GPAI) Code of Practice (see our blog), the Commission has finally published its guidelines to clarify the scope of the obligations for providers of GPAI models under the AI Act. These... Read more

Cyber - a pressing board-level issue

We have seen a significant uptick in cyber preparedness activity recently and an increased focus on cyber governance. While the global cyber threat landscape continues to evolve, in the UK this activity has been driven, in part, by recent... Read more

Mining the copyright chapter of the GPAI Code

The final version of the EU’s General Purpose AI (GPAI) Code of Practice was published on 10 July, after a two month delay. As we discussed in our recent podcast, that delay was caused in part by difficulties in getting both AI developers and... Read more 

UK vs EU: Diverging Roads in Digital Regulation 

With the CMA having recently published its provisional designation decision and roadmap for possible interventions in respect of Google Search and Search Advertising, now is a good moment to take stock of how the UK and EU are diverging in their... Read more

GPAI Model Code finally published

Today, the European Commission has published the final version of the General Purpose AI (GPAI) Code of Practice – the voluntary guide designed to help organisation comply with the GPAI provisions in the EU AI Act.  The GPAI rules are due to... Read more

Advocate General recommends Court of Justice dismisses Google's Android appeal 

Advocate General (AG) Kokott has proposed that a EUR 4.124 billion fine imposed on Google be upheld and that Google's six grounds of appeal are dismissed in their entirety. The opinion is not binding on the Court of Justice (CJ) , and it remains... Read more

To enforce or not? AI divides regulators

Staying abreast of enforcement trends is a critical element of the General Data Protection Regulation (GDPR) risk landscape for organisations and something we regularly discuss with clients – particularly in relation to AI. So what trends are... Read more

CMA launches consultation on releasing Google from Privacy Sandbox commitments

On 13 June 2025, the UK Competition and Markets Authority (CMA) published a notice of intention to release Google from commitments initially put in place to ensure that its Privacy Sandbox was developed in a way that benefits consumers. The...  Read more

Amazon commits to CMA to tackle fake reviews

On 6 June 2025, the CMA announced that Amazon had agreed to undertakings in order to tackle fake and misleading reviews. The details of the undertakings are set out here. These undertakings were accepted in relation to the... Read more

New AI law? What does DUA mean for AI in the UK?

While there has been much focus in the UK on the impact of the EU’s AI Act and delays to the publication of an AI Bill, a new law was passed this summer which will impact AI use and development. The Data (Use and Access) Act 2025 (DUA), which... Read more