Weekly AI Governance Brief #6 — February 2026

AI Governance Brief Team

4 min read

EU AI Office: Establishment and Formalisation of the GPAI Code Signatory Taskforce

On 12 February 2026, the EU AI Office published both a news article and an updated policy page concerning the Signatory Taskforce of the General-Purpose AI (GPAI) Code of Practice.

The news article reports that signatories to the GPAI Code held their first constitutive meeting on 30 January 2026 and established a “Signatory Taskforce” to facilitate exchanges on implementation of the Code. According to the article, the AI Office presented logistical arrangements and emphasised the importance of public transparency and respect for EU competition law. It states that signatories adopted rules of procedure by consensus and identified potential discussion topics for follow-up meetings.

On the same date, the AI Office updated its policy page describing the taskforce’s objectives and operational framing. The page states that the taskforce is chaired by the AI Office and is intended to facilitate exchanges among signatories implementing the Code. It notes that signatories may provide input on guidance documents, “without prejudice to the AI Office’s required public consultations.”

The policy page also sets out transparency features, including publication of a taskforce vademecum containing a participant list, registration of meetings, and publication of high-level summaries. It notes that certain information may be commercially confidential.

Why this matters

Taken together, the news article and policy page document both the creation and formal structuring of a standing coordination mechanism among voluntary GPAI Code signatories.

The adoption of rules of procedure, the AI Office’s chairing role, and the articulated transparency measures position the taskforce as a structured governance mechanism. The reference to potential input into guidance documents, subject to consultation requirements, links the taskforce to broader AI Act-related implementation processes.

For organisations monitoring the operationalisation of the GPAI Code of Practice, this development provides a documented institutional channel through which coordination and implementation discussions are expected to occur.

European Commission: AI Pact Policy Page Update

On 11 February 2026, the European Commission updated its AI Pact policy page. The page describes the AI Pact as a two-pillar initiative intended to support organisations preparing for the implementation of AI Act measures.

Pillar I is presented as a community exchange mechanism, including webinars organised by the AI Office. Pillar II concerns voluntary company pledges describing planned or ongoing actions aligned with AI Act requirements, including timelines. The updated page states that more than 230 companies have signed the pledges and provides a structured list of signatories.

Why this matters

The update confirms both the initiative’s structure and the reported scale of company participation at the time of publication.

For compliance monitoring, the publicly maintained signatory list provides visibility into voluntary alignment activity linked to AI Act obligations.

European Data Protection Authorities: Legislative Positioning and Forward Planning on AI–GDPR Interplay

EDPB–EDPS Joint Opinion 2/2026 on the Digital Omnibus Proposal

On 11 February 2026, the European Data Protection Board and the European Data Protection Supervisor published Joint Opinion 2/2026 on the Commission’s “Digital Omnibus” proposal. The document states that it was adopted on 10 February 2026.

The Joint Opinion addresses proposed amendments intended to simplify parts of the EU digital legislative framework, including changes affecting the GDPR and related instruments. It contains a dedicated section on artificial intelligence.

In that section, the EDPB and EDPS address the use of “legitimate interest” in the context of AI models and systems. The Opinion also examines a proposed additional exemption concerning incidental and residual processing of special categories of personal data in the context of developing and operating AI systems or models, setting out recommendations regarding safeguards and clarifications. The document further articulates broader positions on proposed GDPR-related simplifications, including objections to narrowing changes to the definition of personal data.

EDPB Work Programme 2026–2027

On 12 February 2026, the EDPB published its Work Programme for 2026–2027, stating that it was adopted on 11 February 2026.

The programme sets out planned guidance outputs and cross-regulatory workstreams. It explicitly lists planned “joint guidelines on the interplay between the AI Act and the GDPR” among its cross-regulatory priorities. It also identifies monitoring and guidance activity on “generative AI – data scraping,” presented as part of the EDPB’s monitoring of new technologies and development of guidance.

Why this matters

The Joint Opinion and Work Programme together document both current legislative engagement and planned interpretative work concerning AI governance under EU data protection law.

The Joint Opinion sets out institutional positions on legislative proposals that directly affect AI development and operation under the GDPR framework. The Work Programme signals planned guidance addressing AI Act–GDPR interaction and generative AI data scraping.

ISO/IEC Standardisation Activity Relevant to AI Governance

ISO/IEC CD TS 22440-1 — Functional Safety and AI Systems

The ISO project page for ISO/IEC CD TS 22440-1 indicates that the committee draft for “Artificial intelligence — Functional safety and AI systems — Part 1: Requirements” was registered on 9 February 2026. The page shows that the committee draft consultation was initiated on 13 February 2026. The work is described as under development and at the committee draft stage.

ISO/IEC DIS 24970 — AI System Logging

The ISO project page for ISO/IEC DIS 24970 lists 11 February 2026 as the “Close of voting” milestone. The abstract describes the draft as specifying common capabilities, requirements, and a supporting information model for logging events in AI systems, designed to be used with a risk management system.

Why this matters

Both milestones reflect procedural advancement within ISO/IEC JTC 1/SC 42 standardisation work relevant to AI system governance.

Functional safety requirements and logging capabilities relate to governance areas, including risk management and traceability. The recorded lifecycle milestones provide verifiable reference points regarding the maturity of these technical documents within the ISO/IEC process.

Sources

EU AI Office news article — First meeting of the Signatory Taskforce of the General-Purpose AI Code of Practice:
https://digital-strategy.ec.europa.eu/en/news/first-meeting-signatory-taskforce-general-purpose-ai-code-practice

EU AI Office policy page — Signatory Taskforce of the General-Purpose AI Code of Practice:
https://digital-strategy.ec.europa.eu/en/policies/signatory-taskforce-gpai-code-practice

European Commission policy page — AI Pact:
https://digital-strategy.ec.europa.eu/en/policies/ai-pact

EDPB–EDPS Joint Opinion 2/2026 — Digital Omnibus proposal (document page):
https://www.edpb.europa.eu/our-work-tools/our-documents/edpbedps-joint-opinion/edpb-edps-joint-opinion-22026-proposal_hr

EDPB–EDPS Joint Opinion 2/2026 — PDF:
https://www.edpb.europa.eu/system/files/2026-02/edpb_edps_jointopinion_202602_digitalomnibus_en.pdf

EDPB Work Programme 2026–2027 (document page):
https://www.edpb.europa.eu/our-work-tools/our-documents/strategy-work-programme/edpb-work-programme-2026-2027_hr

EDPB Work Programme 2026–2027 — PDF:
https://www.edpb.europa.eu/system/files/2026-02/edpb_work-programme_2026-2027_en.pdf

ISO/IEC CD TS 22440-1 — Artificial intelligence — Functional safety and AI systems — Part 1: Requirements:
https://www.iso.org/standard/89535.html

ISO/IEC DIS 24970 — Artificial intelligence — AI system logging:
https://www.iso.org/standard/88723.html

Read more