Reaching Agreement on the European Union’s AI Act

On December 9, 2023, the European Parliament and Council reached a provisional agreement on the European Union's Artificial Intelligence Act (EU AI Act), a comprehensive legal framework for AI. The Act aims to ensure that AI in Europe is safe, respects fundamental rights and democracy, and fosters an environment where businesses can innovate and expand. The legislation establishes obligations for AI systems based on their potential risks and impacts. It represents a significant step in regulating AI technologies.

Key provisions:

  • Banned Applications: The Act prohibits certain applications of AI that pose a threat to citizens’ rights and democracy. These include biometric categorization systems using sensitive characteristics (like political or sexual orientation), untargeted scraping of facial images for recognition databases, emotion recognition in the workplace, social scoring, AI systems that manipulate human behavior, and AI used to exploit vulnerable people​​.

  • Law Enforcement Exemptions: There are narrow exceptions for the use of biometric identification systems in law enforcement, subject to prior judicial authorization and for specific crimes. Real-time and post-remote biometric identification systems are strictly regulated, with conditions on their use​​.

  • High-Risk Systems: AI systems classified as high-risk have clear obligations, including a mandatory fundamental rights impact assessment. This applies also to the insurance and banking sectors. AI systems used in elections are also classified as high-risk, and citizens have the right to launch complaints about these systems​​.

  • General Artificial Intelligence Systems: General-purpose AI systems must adhere to transparency requirements, including technical documentation, EU copyright law compliance, and detailed summaries of training content. High-impact models with systemic risk must conduct model evaluations, assess and mitigate systemic risks, and ensure cybersecurity​​.

  • Innovation and SMEs Support: The Act encourages innovation and helps small and medium-sized businesses (SMBs) by promoting regulatory sandboxes and real-world testing for AI development​​.

  • Sanctions: Non-compliance with the rules can lead to fines ranging from 35 million euros or 7% of global revenue to 7.5 million euros or 1.5% of global revenue, depending on the infringement and size of the company​​​​.

  • Applicability and Scope: The Act applies to providers and deployers of AI systems used in or affecting the EU, irrespective of their location. It uses the OECD's definition of AI systems and excludes those used exclusively for military, research and innovation purposes, or non-professional personal use​​.

  • Risk Levels and Requirements: AI systems are categorized based on risk, with different obligations for each category. Low-risk systems like chatbots are subject to light-touch transparency obligations, while high-risk systems in sensitive areas like welfare or transport require more stringent assessments. AI uses posing unacceptable risks are prohibited​​​​.

  • Implementation Timeline: The Act is expected to come into effect in 2026, two years after its entry into force, with some provisions being implemented later​​.

This Act represents a significant step in the global discourse on AI governance, setting a precedent for AI legislation worldwide.

Michael Fauscette

Michael is an experienced high-tech leader, board chairman, software industry analyst and podcast host. He is a thought leader and published author on emerging trends in business software, artificial intelligence (AI), generative AI, digital first and customer experience strategies and technology. As a senior market researcher and leader Michael has deep experience in business software market research, starting new tech businesses and go-to-market models in large and small software companies.

Currently Michael is the Founder, CEO and Chief Analyst at Arion Research, a global cloud advisory firm; and an advisor to G2, Board Chairman at LocatorX and board member and fractional chief strategy officer for SpotLogic. Formerly the chief research officer at G2, he was responsible for helping software and services buyers use the crowdsourced insights, data, and community in the G2 marketplace. Prior to joining G2, Mr. Fauscette led IDC’s worldwide enterprise software application research group for almost ten years. He also held executive roles with seven software vendors including Autodesk, Inc. and PeopleSoft, Inc. and five technology startups.

Follow me @ www.twitter.com/mfauscette

www.linkedin.com/mfauscette

https://arionresearch.com
Previous
Previous

Understanding Semantic Search

Next
Next

Understanding the Vector Database