BRUSSELS - The Business Software Alliance (BSA) warns that the European Commission’s draft guidelines for general-purpose AI (GPAI) models create uncertainty, not clarity, for enterprise software providers. The warning comes in BSA’s response to the Commission’s public consultation, ahead of the AI Act’s enforcement this August.

In the submission, BSA raises concerns that the guidelines’ reliance on a rigid, compute-based threshold (the so-called “training compute”) creates legal uncertainty and risks misidentifying which companies are covered by the law. The EU AI Office itself acknowledges that this approach would need “to be updated (...) in the future to reflect evolving technological developments” and, therefore, requires constant revision. BSA argues that this shifting, and thus uncertain threshold, would make it difficult for companies, especially small and medium-sized enterprises, to plan investments and technical decisions related to AI model training.

“While we understand the need for clarity, such a quantitative approach represents, in essence, an arbitrary threshold – both for the initial classification as a GPAI model and for determining whether or when GPAI model provider obligations apply,” says Hadrien Valembois, Director, Policy – EMEA at BSA.

BSA urges the Commission to consider an alternative, qualitative threshold, such as one focused on the core capabilities of the model to pose the significant risk covered by the Act, to determine whether it is a GPAI model. Similarly, downstream modifiers should only be classified as providers if their changes significantly increase those same core capabilities and risks.

“This is about proportionate obligations,” added Valembois. “If a company adjusts a model to perform a narrow function, like filtering emails, it should not trigger the same legal duties as someone developing a large-scale model with broad, public-facing capabilities. The law should reflect that difference.”

This latest response on GPAI guidelines follows BSA’s earlier input on the Commission’s draft template for training data disclosures in January, where it called for a more general approach and to ensure the protection of trade secrets. In March, BSA also raised detailed concerns about the draft GPAI Code of Practice, challenging obligations that go beyond the AI Act and seeking more flexibility for companies to implement it.