Have DeepSeek and Model Distillation Shifted the EU AI Act’s Course?
Dimitrios Kalogeropoulos, PhD
CEO Global Health & Digital Innovation Foundation | UCL GBSH MBA External Board | EU AI Office GPAI CoP | PhD AI Medicine | Chair IEEE European Public Policy Committee, Chair IEEE GenAI Climate-Health Program | Speaker
The AI landscape is evolving rapidly, and regulatory frameworks are scrambling to keep up. With the recent expert consultation initiated by the EU AI Office, the focus has turned to how General-Purpose AI (GPAI) models — particularly open-source and computationally optimised models like DeepSeek and distilled LLMs — should be treated under the EU AI Act and the GPAI Code of Practice (CoP). As the AI Act's obligations for GPAI providers come into force on 2 August 2025, the stakes could not be higher.
At the heart of the debate are several critical questions:
DeepSeek, Distillation, and the Limits of FLOP-Based Regulation
DeepSeek (notably open-source—a characteristic with distinct implications under the GPAI Code of Practice, as discussed below) and model distillation techniques present a substantive challenge to the EU AI Act’s regulatory assumptions. Both the Act and distillation methods aim to reduce computational cost, measured in FLOPs (floating-point operations), without significantly compromising performance. However, as FLOPs remain central to the Act’s risk threshold—particularly the 10²⁵ FLOP benchmark for systemic-risk GPAI models—these emerging methods disrupt the presumed correlation between compute and capability.
Recital 111 of the Act concedes that FLOPs—defined as the cumulative computation performed prior to deployment, including pre-training, synthetic data generation, and fine-tuning—offer only a rough approximation of model capability. Yet this proxy becomes increasingly unreliable as models like DeepSeek, which employ distillation, retain general-purpose functionality and considerable impact while remaining well below FLOP-based thresholds. Although newly proposed guidelines introduce a lower threshold for GPAI models not deemed systemic-risk, the regulation seeks to anticipate downstream effects through provisions covering modified and derivative models—particularly where risk emerges post-modification, such as through distillation. Ultimately, an overreliance on FLOPs risks overlooking models that may be modest in scale but substantial in effect.
Systemic Risk: Beyond FLOPs
The EU AI Act defines systemic risk in qualitative terms—emphasising the potential for negative impacts on public health, safety, fundamental rights, or broader societal dynamics, particularly when such risks propagate downstream. This framing is especially relevant in high-stakes sectors such as healthcare, where the indirect and often unforeseen consequences of embedding large language models (LLMs) can be both profound and far-reaching.
This is precisely why the GPAI Code of Practice (CoP) must evolve beyond static compute thresholds. Instead, it should place greater emphasis on:
Ongoing plenary debates within the GPAI CoP have recognised that fine-tuned models may elude systemic-risk designation due to their narrow domain specificity—eventually requiring less than one-third of the original model’s compute. Yet, as the emergence of DeepSeek-type models suggests, even distilled or fine-tuned systems can retain a surprising degree of general-purpose functionality.
This raises a critical regulatory challenge: how to identify and address models that operate in the grey zone between a general-purpose designation and an AI system classification, yet still carry the societal risks typically associated with GPAI.
A related concern lies in the legal interpretation of “placing on the market”—a threshold that determines whether a developer or deployer is subject to the obligations of the AI Act for GPAI providers. The latest guidelines attempt to clarify this, offering examples such as integrating a model into a conversational agent delivered via a web interface, or distributing the model through a public code library.
Still, edge cases abound. Without a dynamic risk-assessment framework that accounts for capability retention, downstream deployment, and cumulative risk, regulatory gaps will persist—particularly for smaller, faster, more adaptive models that defy conventional thresholds.
Open Source and Safe Derivation: Innovation vs. Oversight
The CoP introduces the concept of “safely derived models”, which assumes that risk is traceable from the GPAI “originator” model through to its derivatives. But what constitutes “safe derivation”? If DeepSeek is based on a foundation model with systemic risk, does distillation strip away those risks or just obfuscate them?
The CoP attempts to support innovation through differentiated obligations — for SMEs, open-source providers, and models without systemic risk. However, distillation collapses the assumptions on which these distinctions rest. A model may be open-source and lightweight, but still capable of wide propagation, high impact, and potential harm.
This is why recent GPAI CoP plenary sessions have seen growing support for extending core obligations—transparency, documentation, and data quality standards—to all signatories, regardless of organisational size or openness of the model. Without this, the regulatory framework remains vulnerable to circumvention via technical obfuscation or scale masking.
In this context, AI Data Transparency Standards (DTS)—including the documentation of training data provenance, quality, and lineage—become critical enablers for the practical implementation and enforcement of the AI Act. They not only support accountability but also ensure that the CoP retains relevance in an environment where high-capability models no longer correlate neatly with compute thresholds or organisational scale.
The Problem of Defining “New” vs. “Version”
The AI Office proposes that a “new” model results from a large pre-training run, distinct from minor enhancements or fine-tuning. But this leaves several grey areas — especially when distillation drastically alters the architecture and performance of a model without initiating a new pre-training cycle.
Under the current draft:
This helps track systemic risk thresholds (e.g., 3 × 10²¹ FLOP for GPAI models; 3 × 10²⁴ FLOP for systemic risk models), but may not reflect real-world capability shifts caused by distillation, pruning, or other efficiency techniques — which can yield smaller models with unexpected behaviour when scaled or deployed in new contexts.
A Regulatory Fork in the Road
There is growing recognition that FLOPs are no longer a reliable proxy for AI risk. As efficiency techniques like distillation and pruning advance, regulatory clarity must instead emerge through:
As the AI ecosystem becomes more modular, adaptive, and compute-efficient, the GPAI Code of Practice must shift its focus from size to impact. This includes acknowledging that small, distilled, or open-source models can carry outsized influence—disrupting industries, reinforcing societal bias, or shaping democratic discourse in ways that are not captured by FLOP thresholds alone.
Conclusion: Toward a More Contextual GPAI Governance
The emergence of DeepSeek and distillation methods is not just a technical shift — it's a regulatory signal. The EU AI Act, in tandem with the GPAI CoP, must adapt to a post-FLOP paradigm where capability, risk, and impact are not bound by size or training cost. While the AI Act sets the legislative architecture, it is the CoP that will determine whether the governance mechanisms are fit for purpose in a world of leaner, faster, and more widely deployed AI.
In this sense, GPAI governance must move upstream — to the data, to the derivation paths, and to the societal contexts in which these models operate. The future of the AI Act will hinge less on how much data a model consumes, and more on how responsibly and transparently it was built — and for whom.