Brussels Just Slimmed the AI Act and Banned Nudification Apps in the Same Deal. Read Both Halves.
On May 7, the European Parliament and the Council struck a provisional Omnibus VII deal that defers parts of the AI Act and bans AI-generated non-consensual sexual imagery. The two moves belong in the same conversation.
The European Union's AI Act, the most ambitious piece of artificial-intelligence legislation any major jurisdiction has yet enacted, has spent the eighteen months since its passage being criticised — sometimes loudly, often with merit — as innovation-hostile, compliance-heavy, and behind the curve on the actual capabilities of frontier systems.
On the night of May 6, after negotiations that reportedly ran into the small hours, the Council presidency and the European Parliament reached a provisional deal that does two things simultaneously. It slims down meaningful pieces of the AI Act's compliance burden. And it adds a new prohibition: a specific ban on AI systems whose primary function is the generation of non-consensual sexually explicit imagery, including the so-called nudification applications that digitally remove clothing from photographs of real people without their consent.
The deal, formally part of the Omnibus VII simplification package, is a single political object that does two different kinds of work. Both halves deserve to be read carefully, and they deserve to be read together.
What was simplified
The simplification half of the deal addresses the parts of the AI Act that European industry, particularly small and medium-sized enterprises, has argued were disproportionately burdensome.
The deadline for member states to establish AI regulatory sandboxes has been pushed to August 2027. Sandboxes are the structured environments in which firms can test AI systems against regulatory requirements before deploying them in production. The original deadline was earlier and proved unrealistic for several member states whose national regulators were not ready to operate the sandboxes. The deferral is a concession to administrative reality.
The exemptions for small and medium-sized enterprises have been extended to small mid-cap firms, defined as companies with up to 500 employees. Under the original AI Act, mid-cap companies faced essentially the same documentation, evaluation, and conformity-assessment obligations as the largest deployers, despite operating with materially smaller compliance budgets. The expansion of the exemption category is the single most consequential change for European industry's mid-tier operators. It reduces compliance burden on a population of firms that, in the original drafting, were caught between SME relief and the full weight of high-risk obligations.
Several high-risk AI obligations have been deferred. This is the most contested piece of the deal. The original AI Act required that systems classified as high-risk — including AI used in education admissions, employment decisions, credit scoring, critical infrastructure, and certain law-enforcement applications — comply with conformity-assessment, documentation, and ongoing-monitoring requirements by mid-2026. The Omnibus deal pushes some of these timelines back, on the argument that compliance infrastructure has not matured fast enough to make the original schedule realistic.
A sympathetic reading of the simplification package is that it is principled regulatory recalibration in response to evidence that some of the original timelines were drafted before the actual implementation costs were clear. A sceptical reading is that the package is a partial capitulation to industry lobbying and a missed opportunity to enforce protections that European citizens were promised.
Both readings have merit. The honest assessment is that the simplification, taken as a whole, materially reduces near-term compliance burden on European industry — and equally materially reduces the AI Act's near-term protective effect on European citizens. Whether the trade was worth making is a question on which thoughtful people will reasonably disagree.
What was banned
The other half of the deal is, in our reading, easier to evaluate as a policy matter and harder to evaluate as a technical one.
The new prohibition covers AI systems whose primary or substantial function is the generation of non-consensual sexually explicit images, video, or audio of real people. It explicitly includes nudification apps — applications that digitally remove clothing from photographs of identifiable individuals — and AI-generated child sexual abuse material.
The policy case for this prohibition is, we think, unambiguous. Nudification apps and AI-generated CSAM are technologies whose primary use is the production of harm to specifically identifiable people, and whose primary victim populations are women and children who have given no consent and whose subsequent recourse, under existing law, is partial at best. The European Parliament's mandate on this point was explicit going into the negotiations, and the agreement preserves that mandate.
The technical case is more interesting. A categorical prohibition on a class of AI systems is a different kind of regulatory instrument from the risk-tier framework that organises the rest of the AI Act. It is not a conformity-assessment requirement; it is a banning provision. It draws a line that is, under European law, unambiguous and not subject to graded application.
The technical question is how the line will be enforced against general-purpose AI systems whose capabilities include — without that being their primary purpose — the ability to generate the prohibited content. A frontier image-generation model that can produce a wide range of imagery, including, with sufficient prompting, the prohibited categories, is not a nudification app in the conventional sense. The AI Act's existing safety-by-design obligations on general-purpose AI providers will be the lever through which the prohibition extends to such systems. Whether that lever is sufficient is a question that will be settled in the first enforcement actions over the next two years.
Why the two halves belong together
European policy commentators have, in the hours since the deal, tended to read the two halves separately. Industry analysts have focused on the simplification. Civil-society analysts have focused on the prohibition. Both readings are partial.
The two halves belong together for a specific reason: they show that European AI regulation is now operating with a second-order theory of how regulatory burden should be allocated.
The first-order theory of the original AI Act was that regulatory burden should be allocated by risk tier, with high-risk applications carrying the heaviest obligations regardless of scale, sector, or specific harm pattern. The Omnibus VII deal departs from this theory in two complementary directions.
It allocates more burden to specific high-harm classes — through categorical prohibitions on classes whose harm profile is unambiguous and severe.
It allocates less burden to general high-risk classes — through deferrals and SME relief that recognise the implementation costs of conformity-assessment regimes on operators whose budgets cannot absorb them.
Read together, these moves represent a pragmatic shift toward a model in which the regulatory state intervenes hard where the harms are unambiguous and intervenes lightly where the costs of intervention are disproportionate to the marginal protective gain. This is, in our reading, a more sophisticated regulatory posture than the first-order risk-tier model. Whether it is the right one for the global civic conversation is a separate question.
What this means for jurisdictions outside Europe
The European AI Act has, since its passage, been the implicit reference point for AI regulation in jurisdictions far beyond Europe's borders. The Brazilian, Canadian, Australian, Japanese, South Korean, and several Middle Eastern AI governance frameworks all bear the structural fingerprints of the European model.
The Omnibus VII deal will, accordingly, reverberate. Three transmissions are likely.
Categorical prohibitions on high-harm content classes will spread. Nudification apps and AI-generated CSAM are, on any honest reading, the easiest regulatory targets in the entire AI policy space. The European prohibition gives every other jurisdiction a precedent and a drafting template. We expect categorical prohibitions on at least these two classes to appear in most major jurisdictions' AI legislation within the next twenty-four months.
SME and small mid-cap exemptions will be revised upward in jurisdictions that have copied the European framework. The five-hundred-employee threshold, in particular, will become a reference point. Jurisdictions with smaller domestic markets will face pressure to set their thresholds higher.
The credibility of the AI Act as a complete regulatory framework, rather than a starting point that requires continuing recalibration, has been formally retired. Brussels has now publicly acknowledged that the original act was over-reach in some places and required revision. This makes it easier for other jurisdictions — including the United States and India, both of which have been criticising the European model — to build frameworks that diverge from the original AI Act on principled grounds rather than on lobbying ones.
The Federation's reading
The Omnibus VII deal is, on balance, a more honest piece of regulation than the original AI Act it amends. It does the harder work of admitting that some of the original drafting was wrong while preserving the Act's core ambition. It adds a categorical prohibition where the underlying harm is severe and the regulatory case is clear.
It is not a perfect deal. The deferrals on high-risk obligations leave European citizens less protected in the short term than the original Act promised. The simplification package gives mid-tier industry meaningful relief at a time when the protective infrastructure for AI deployment is still maturing.
But the willingness to publicly recalibrate a flagship piece of legislation is itself a useful signal. Regulatory frameworks that cannot admit their own mistakes do not improve. The Omnibus VII deal admits two specific mistakes — on timelines and on mid-cap burden — and corrects them, while sharpening one specific prohibition where the case for sharpening was unambiguous.
That is, in our reading, what regulatory recalibration looks like when it is done in good faith.
The Global Federation covers AI governance with the conviction that the most useful regulation is the regulation that can admit its own mistakes and correct them in public.