The European Union has officially approved the AI Act, marking a significant milestone in the regulation of artificial intelligence.
The legislation, which is the first of its kind globally, aims to ensure safety, protect fundamental rights, and boost innovation within the AI sector. The Act will come into force in mid-2024, with a phased implementation over two years.
Key Takeaways
- The AI Act is the world's first comprehensive, legally binding framework for AI regulation.
- It will become law by mid-2024, followed by a two-year phased implementation period.
- The Act applies to both single-purpose and General Purpose AI (GPAI) systems.
- High-risk AI systems will face strict requirements, while some AI applications will be banned entirely.
- The Act has extraterritorial implications, affecting organisations outside the EU that market or deploy AI systems within the EU.
- Significant fines for non-compliance, up to €35 million or 7% of global turnover.
Overview of the AI Act
The AI Act, formally adopted by the EU Council on 21st May 2024, represents a landmark in AI regulation. It is the first comprehensive and legally binding cross-sector framework for AI, including GPAI, from a major global economy. The Act sets out a risk-based, prescriptive approach focusing on the potential risks arising from specific models and applications.
Timeline and Implementation
- June/July 2024: Expected publication in the EU Official Journal.
- Mid-2026: Full enforcement of the Act's provisions.
- Six months after entry into force: Bans on prohibited AI systems apply.
- 12 months after entry into force: Requirements for GPAI systems and models apply.
Definition and Scope
The AI Act defines an AI system as a machine-based system designed to operate with varying levels of autonomy and that may exhibit adaptiveness after deployment. The Act differentiates between single-purpose AI systems and GPAI systems, with the latter often integrated into downstream AI systems.
Risk-Based Classification
The AI Act classifies AI systems based on their potential risk to individuals’ fundamental rights, health, or safety, as well as to society as a whole. The classifications are:
- Unacceptable Risk: AI systems posing unacceptable risks will be banned.
- High Risk: AI systems in critical areas like healthcare, education, and employment will face strict requirements.
- Limited Risk: Systems like chatbots will have lighter transparency obligations.
- Minimal Risk: No restrictions, but voluntary codes of conduct may apply.
Obligations for High-Risk Systems
High-risk AI systems must adhere to stringent standards, including:
- Risk-mitigation systems
- High-quality data sets
- Logging of activity
- Detailed documentation
- Clear user information
- Human oversight
- Robustness, accuracy, and cybersecurity
Extraterritorial Impact
The AI Act will affect organisations outside the EU if they market or deploy AI systems within the EU. This extraterritorial impact is similar to the GDPR, making the Act a potential global benchmark for AI regulation.
Fines and Penalties
Non-compliance with the AI Act can result in significant fines:
- Up to €35 million or 7% of global turnover for the most severe infringements.
- Up to €16.2 million or 3% of global turnover for high-risk AI systems.
Support for Innovation and SMEs
The Act includes measures to support innovation, particularly for SMEs and start-ups. Regulatory sandboxes will be established to allow real-world testing and development of innovative AI before market placement.
Conclusion
The AI Act sets a new standard for AI regulation, balancing safety and innovation. Organisations must now prepare for compliance, conducting gap analyses and adjusting their AI strategies accordingly. The Act's global reach and stringent requirements will likely influence AI regulations worldwide, much like the GDPR did for data protection.
Sources
- The EU AI Act: the finish line is in sight | Deloitte UK, Deloitte.
- Artificial Intelligence Act: MEPs adopt landmark law | News | European Parliament, European Parliament.
- The European Parliament Adopts the AI Act | WilmerHale, WilmerHale.
- Europe sets benchmark for rest of the world with landmark AI laws | Reuters, Reuters.
- EU AI Act Sets Precedent with $37M Fines for Non-Compliance, Northeastern Global News.
