The European Commission published a draft guidance document on Friday May 22 narrowing the AI Act's Annex III high-risk scope across critical infrastructure, law enforcement, and judicial use while broadening it across employment, insurance, and education. [1] The text is open for stakeholder feedback through June 23. Yesterday's paper framed the Annex III deferral as a sixteen-month gift to industry that ran alongside the FTC's TAKE IT DOWN enforcement letters; Saturday's frame is that the same week added a draft that rewrites which AI applications even count as high-risk before the new deadline arrives in December 2027.

The narrowing is what the procurement-counsel headlines will read first. The draft restricts the critical-infrastructure category to systems that "directly control" essential network operations — power grid stability, water-treatment chemistry, air-traffic-control decision-loops — and excludes the upstream optimisation and predictive-maintenance tools that vendors had been pre-classifying as in-scope. [2] The law-enforcement category is similarly tightened: only systems used in "individual risk assessment" of natural persons in the criminal-justice chain remain inside Annex III; bulk-pattern tools used by police intelligence units fall outside. The judicial category is narrowed to systems that produce reasoning or rulings used by a court to resolve a case, excluding analytical and clerical tools used by judicial staff. [1]

The broadening is what the human-resources counsel will read first. The employment category — already the most contentious in the original 2024 text — is widened to cover any AI used in workforce planning, talent-pipeline analysis, and performance review, not only hiring and promotion. [1] Insurance acquires a new sub-category for underwriting and pricing decisions that affect access to financial products. Education adds AI used in admissions, in-course assessment, and credentialing as separate triggers, each subject to the full Annex III obligations: a conformity assessment, a fundamental-rights impact assessment, a quality-management system, technical documentation, human-oversight design, registration in the EU database, and post-market monitoring. [3]

The Modulos AI shop, which has been tracking the draft since its preliminary release earlier in May, named the rotation in plain language: "Critical infrastructure, law enforcement and judicial scope are narrowed; employment, insurance and education are broadened." [2] The Commission's own framing in the document and accompanying press release uses the word "simplification" — a description that fits the narrowing half and does not fit the broadening half.

Two political readings are available. The first reads the rotation as the AI Act's authors recognising that the law-enforcement and critical-infrastructure categories were creating litigation exposure for member-state ministries and central agencies that the Commission, on reflection, did not want to defend in court. The second reads it as a quieter accommodation of the European tech-and-services lobby, which spent the 2025 consultation period describing the Annex III obligations on infrastructure and police use as "Brussels overreach" — and which has long preferred to push regulatory weight onto the private sector's HR, insurance, and education-tech buyers, who carry less institutional weight in the trilogue rooms than national interior ministries.

The effect on enterprise compliance is the immediate consequence. A multinational that had spent 18 months building Annex III readiness for a workforce-analytics product gets sixteen extra months on the calendar (the deferral) and an expanded definitional perimeter on the scope (the draft guidance). The same multinational, if it builds tools for police or critical-infrastructure customers, gets a narrower perimeter and the same sixteen extra months. The two regulatory directions converge on a single weekend's reverse-mapping exercise for the in-house counsel and procurement teams of every enterprise that touches AI in Europe — which is now most of them.

The trans-Atlantic geometry is sharper than the European narrative captures. The same week Brussels narrowed and broadened, the Federal Trade Commission began enforcing the TAKE IT DOWN Act with statutory civil penalties of $53,088 per violation against the eight platforms it named — Meta, Google, X, Microsoft, Apple, Reddit, Snapchat, and TikTok. The paper carried that compound Friday; Saturday's draft guidance is the second document in the same week-long frame: narrowed scope abroad, broadened enforcement at home. The American regime is centring on platform liability and content-moderation duty; the European regime is centring on enterprise high-risk classification and procedural compliance. Each set of obligations now runs on a different clock for different sets of obligated parties.

The June 23 feedback window will produce the next document. Industry associations will likely submit comments asking for the narrowing to be preserved and the broadening to be softened; civil-society groups will likely submit comments asking for the law-enforcement and judicial narrowing to be reversed and the employment broadening to be strengthened. The Commission will produce a final document late in the year — well in advance of the 2 December 2027 application date the deferral instrument set last week. Until then, what the enterprises actually build under the Annex III banner will be shaped by the draft, not by the final.

Brussels narrowed where the state buys, and widened where the citizen is bought from.

-- ANNA WEBER, Berlin