EU AI Act Summary

Summary of the EU AI Act

When was it published?

The EU AI Act was published in the EU’s official journal on the 12th of July 2024. It officially came into force in August 2024. 

What are the key points?

The EU AI Act is the first comprehensive legal framework on Artificial Intelligence(AI) This Act acted as a catalyst for innovation, as it ensures AI is used safely and transparently across all member states. 

  • The Act takes a risk-based approach. The EU Act implements a category based system which assigns each AI model to a risk of either Low Risk, High Risk or Unacceptable Risk. Each category has its own set of regulations. 
  • Regulation of Foundation and General Purpose Ai Models. 
  • Bans on Specific Uses of AI 
  • Strict requirements for High Risk AI systems 
  • Transparency Obligations- Users must be informed that they are interacting with AI. 
  • Establishment of oversight mechanisms- Creation of EU AI Board to oversee implementation. Member states will designate national supervisory authorities to ensure compliance.
  • Innovation Safeguards- Regulatory Sandboxes. Provide controlled environments to test AI systems. 
  • Penalties for non-compliance- Fines of up to €30 million or 6% of global annual turnover, whichever is higher, for the most serious violations. Low fines for less serious breaches, such as failing to meet transparency requirements.

Risk Categories

The EU AI Act, operates on a risk-based approach. This approach divides AI systems into a risk category depending on its safety and transparency to the public. There are 4 risk categories outlined in the EU AI Act: 

1. Minimal/ No Risk- This is where most systems fall. These systems are not regulated under the EU AI Act, yet must still comply with existing legislation. For example; AI applications in games. 

2. Limited Risk- Systems that require transparency obligations, but are not considered High Risk. Example; those interacting directly with humans (Chatbots) 

3. High Risk – Systems that significantly impact fundamental rights, safety or critical rights of individuals or society. Examples include; healthcare, law enforcement, education. These systems will be subject to strict regulations. ( Conformity Assessment, Risk Management, Human Oversight) 

4. Unacceptable Risk- Systems considered a threat to public safety. Examples include; Social scoring, exploitation of vulnerabilities

Timeline

EU AI Act Entry into Force- 2o days post publication in the EU official journal, the Act will officially become EU Law. 

Transitional Period (2024-2026) Implementation Phase- Grace period is provided to allow states to prepare for compliance. The following will apply during this period: 

  • Establishment of national supervisory authorities in each member state.
  • Creation of AI regulatory sandboxes to help businesses comply with the Act while fostering innovation.
  • Development of technical standards by the European Commission and European Standardization Organizations (ESOs)

Late 2025/2026- Full Applicability- Following this grace period, the EU AI Act will be fully applicable across all member states.