Could biological AI slip through the regulatory gap?

On 2 August 2025, the EU AI Act’s new obligations for general-purpose AI models officially came into force, accompanied by guidelines from the European Commission. But here’s the catch: as Melissa Hopkins’ article for Tech Policy explains, while the Act explicitly emphasises biosecurity, the guidelines primarily focus on language and multimodal generators, potentially leaving biological AI models (BAIMs) in a regulatory blind spot.

BAIMs aren’t just another trend. They have the potential to supercharge bio-risk by designing novel pathogens, predicting viral evolution, and optimising transmissibility. These capabilities are flagged as systemic risks in the AI Code of Practice, which was developed by the European Commission by 13 independent experts, with input from over 1,000 stakeholders.  Yet, the European Commission guidelines stop short of explicitly covering the models most capable of driving severe biological threats. This ambiguity creates a loophole: BAIMs controllers could reasonably assume their systems fall outside the Act’s remit, sidestepping critical safeguards.

Commentary: Closing the gap between the Act’s biosecurity intent and its practical implementation is no longer optional – it’s essential. Publishing further guidance to confirm that BAIMs fall within the scope of the Act is the most logical step. As BAIMs move toward commercialisation, addressing this risk should be treated as yes make a punchy linkedin post introducing this a biosecurity imperative. 

Tech Policy’s article is available to read here: Biological AI Is Slipping Through Europe’s AI Law — For Now | TechPolicy.Press.