The European Union (EU) has implemented the EU AI Act, set to be the world’s first comprehensive regulation governing artificial intelligence (AI) systems based on their inherent risks
The Act, which officially came into force on August 1st, 2024, marks a significant step towards managing the increasingly pervasive impact of AI technologies across various sectors.
Understanding the EU AI Act
The EU AI Act categorises AI applications into three distinct risk levels to tailor regulatory measures accordingly. Firstly, applications considered to pose an unacceptable risk, such as those resembling China’s government-operated social scoring systems, are banned.
Secondly, high-risk AI applications, such as automated CV-screening tools used in hiring processes, are subjected to stringent legal requirements. AI applications not categorised as high-risk or banned are subject to lighter-touch regulation, allowing for innovation while ensuring compliance with fundamental rights and safety standards.
Implications for businesses and consumers
AI-enabled businesses must now navigate a compliance landscape that demands transparency, accountability, and risk management. For example, companies developing or deploying General Purpose AI (GPAI) models, particularly those surpassing certain computational thresholds, are obligated to adhere to specific guidelines. These include providing comprehensive technical documentation, disclosing training data summaries, and implementing robust cybersecurity measures.
Roadmap and implementation
The implementation of the EU AI Act unfolds in phases, affording companies a period of adaptation. Initial compliance deadlines range from three to six months, depending on the complexity of AI integration within each organisation. Over the next three years, further regulatory requirements will be phased in, aligning with the gradual development of harmonised European standards aimed at operationalising the Act’s provisions.
Global impact and future prospects
Similar to the EU’s landmark General Data Protection Regulation (GDPR), the EU AI Act is poised to set a global standard for AI governance. Already, international jurisdictions, including Brazil, have begun mirroring aspects of the EU’s regulatory approach. This alignment reflects a growing consensus on the necessity of ethical AI frameworks to mitigate potential harms and promote responsible innovation worldwide.
Conclusion
As AI continues to permeate various facets of daily life, from personalised advertising to healthcare diagnostics, the EU AI Act stands as a pivotal safeguard against misuse and ensures that AI technologies serve the public interest. By setting clear boundaries and fostering a culture of compliance and accountability, the EU aims to harness the transformative potential of AI while safeguarding fundamental rights and societal values.