Understanding the European Union's Artificial Intelligence Act

Table of Contents

1. Introduction
2. What is the Artificial Intelligence Act?
3. Applicability of the AI Act
4. Companies Affected by the Regulation
5. Changes Brought by the AI Act
6. Sanctions for Non-Compliance
7. Regulation of Artificial Intelligence Systems
8. Current Regulatory Framework
9. The Need for the Artificial Intelligence Act
10. Conclusion

Article

Introduction

In this article, we will explore the Artificial Intelligence Act (AI Act) proposed by the European Commission and its implications for companies and organizations. The AI Act aims to establish a legal framework for the development, deployment, and use of AI systems in the European Union. It seeks to ensure transparency, reliability, and safety in the use of AI while respecting fundamental rights.

What is the Artificial Intelligence Act?

The AI Act is a regulation proposed by the European Commission to address the growing impact of artificial intelligence on society. It seeks to protect the rights and interests of individuals interacting with AI systems by setting out specific obligations and security requirements for different categories of AI systems. The regulation intends to strike a balance between promoting innovation and safeguarding fundamental rights.

Applicability of the AI Act

The AI Act is not yet applicable but is expected to come into force on December 6, 2022, after being reviewed and adapted by the European Parliament and the Council of the EU. The Council has already adopted a general approach to expedite the legislative process. Once agreed upon, companies and organizations will have 24 months to ensure their AI systems comply with the requirements of the AI Act.

Companies Affected by the Regulation

The AI Act will apply to AI developers and providers who place AI systems in the European market. Whether established within the EU or outside, these companies and organizations will have to comply with the obligations and regulations outlined in the AI Act. Additionally, users and operators of AI systems, including companies located outside the EU, will also need to adhere to the requirements of the regulation if their AI systems impact European citizens.

Changes Brought by the AI Act

The AI Act categorizes AI systems into three categories based on their level of risk. The regulation prohibits AI systems that pose an unacceptable risk to human safety, such as those using manipulative techniques or exploiting vulnerabilities. It also regulates high-risk AI systems that may impact people's safety or fundamental rights, requiring mandatory requirements and documentation. Moreover, AI systems with specific risks of manipulation, like chatbots and deep fakes, are subject to transparency requirements.

Sanctions for Non-Compliance

The AI Act imposes significant sanctions on companies that fail to comply. National authorities have the power to fine companies up to 30 million Euros or up to 6% of their worldwide annual turnover for placing prohibited AI systems on the European market or non-compliance with quality requirements. Additionally, companies may face fines of up to 10 million Euros or 2% of their worldwide annual turnover for providing incomplete or misleading information. Failure to comply with other requirements or obligations under the AI Act can result in penalties of up to 20 million Euros or 4% of the annual turnover.

Regulation of Artificial Intelligence Systems

Until the AI Act comes into force, the General Data Protection Regulation (GDPR) serves as the primary regulatory framework for AI systems that process personal data. However, the AI Act extends beyond the scope of the GDPR to address specific challenges posed by AI technology. The European Data Protection Board (EDPB) and national data protection agencies have released guidelines to ensure the appropriate and lawful use of AI systems within the framework of the GDPR.

The Need for the Artificial Intelligence Act

The AI Act is necessary to create a comprehensive legal framework that covers the ethical and legal implications of AI systems. While the GDPR provides a foundation for data protection, the AI Act addresses the unique risks and challenges posed by AI systems. It enhances transparency, accountability, and safety in the use of AI, fostering public trust and ensuring the protection of fundamental rights.

Conclusion

The AI Act represents a significant step in regulating artificial intelligence in the European Union. It aims to strike a balance between innovation and protection, ensuring that AI systems are transparent, reliable, and safe. With the regulation expected to come into force in December 2022, companies and organizations must begin preparing to comply with its obligations to avoid significant sanctions and reputational damage.

Highlights

1. The Artificial Intelligence Act (AI Act) proposed by the European Commission aims to establish a legal framework for the development, deployment, and use of AI systems in the European Union.
2. The AI Act categorizes AI systems into three categories based on their level of risk and imposes specific obligations and security requirements accordingly.
3. Companies and organizations placing AI systems in the European market, as well as users and operators of AI systems impacting European citizens, will need to comply with the AI Act's requirements.
4. The AI Act introduces significant sanctions for non-compliance, with fines of up to 30 million Euros or 6% of worldwide annual turnover for placing prohibited AI systems or non-compliance with quality requirements.
5. The AI Act fills the regulatory gaps left by the General Data Protection Regulation (GDPR) and addresses the specific challenges posed by AI technology.
6. The regulation aims to ensure transparency, reliability, and safety in the use of AI, fostering public trust and protecting fundamental rights.

FAQ

Q: Who is affected by the Artificial Intelligence Act? A: The AI Act applies to AI developers, providers, users, and operators of AI systems. It includes both EU and non-EU companies whose AI systems impact European citizens.

Q: What are the sanctions for non-compliance with the AI Act? A: Companies may face fines of up to 30 million Euros or 6% of worldwide annual turnover for placing prohibited AI systems or non-compliance with quality requirements. Providing incomplete or misleading information can result in fines of up to 10 million Euros or 2% of annual turnover.

Q: How does the AI Act regulate AI systems? A: The AI Act categorizes AI systems into three categories based on their risk level. Each category is subject to specific obligations and requirements related to documentation, risk management, transparency, and safety.

Q: How does the AI Act relate to the GDPR? A: The AI Act extends beyond the scope of the General Data Protection Regulation (GDPR) to address the unique challenges posed by AI systems. While the GDPR focuses on data protection, the AI Act covers broader ethical and legal considerations.

Q: When will the AI Act come into force? A: The AI Act is expected to come into force on December 6, 2022, after being reviewed and adapted by the European Parliament and the Council of the EU. Companies will then have 24 months to ensure compliance with the regulation.