It has been three months since the Artificial Intelligence Act, a groundbreaking regulation by the European Union, came into effect, setting new standards regulating artificial intelligence. This document aims not only to regulate AI development but also to ensure safety and transparency for its users.
This article will explain:
What is the AI Act and What Are Its Main Provisions?
The primary goal of the AI Act is to define AI and control its rapidly evolving development while ensuring user safety. To this end, AI models have been categorized into four risk levels (from low to unacceptable risk). Moreover, the Act imposes obligations on entities involved in the development of AI models, including providers, distributors, importers, and even users.
The regulation outlines a range of AI applications classified as practices of unacceptable risk, which will be prohibited. Among the more commonly recognized practices for organizations included in this category are subliminal techniques, deceptive or manipulative techniques in AI systems, and practices used to infer a person’s emotions in the workplace or educational institutions. Additionally, it prohibits the untargeted scraping of facial images from the internet or television to expand facial recognition databases.
Key Implementation Deadlines for Businesses
According to the implementation timeline of the AI Act, the key date for businesses is February 2, 2025. On this date, the general provisions of the regulation, including those related to prohibited practices, will come into force. Businesses must prepare for this milestone by adopting appropriate standards within their organizations.
The second critical date is August 2, 2025, when provisions concerning the notification of violations and penalty regulations will become effective. This date also marks the enforcement of provisions regarding general-purpose AI models (trained on large datasets and integrable with applications and systems). By this deadline, businesses must implement systems that comply with the established standards to be well-prepared for potential inspections.
Other provisions will take effect gradually, in 2026 and 2027, but understanding their framework and implications for specific organizations in advance is essential.
What Are the Implications of the AI Act for Organizations?
With the AI Act coming into effect, organizations need to verify whether their services or processes involve practices identified in the regulation and assess their associated risks. Particular attention should be paid to practices related to employee monitoring and recruitment processes. Systems deemed high-risk will require additional documentation, audits, and the implementation of safety and data protection mechanisms. Low-risk practices will necessitate transparency and systems to inform users about the application of AI.
How Can Organizations Prepare for the Implementation of the AI Act?
The year 2025 will present challenges for organizations in applying AI, especially due to the need to analyze internal processes. It is advisable to align practices with the regulation’s provisions now to facilitate a smooth transition. Organizations should secure data and implement safety systems for AI solutions, as well as establish guidelines and procedures for employees using AI in their work. Complying with the AI Act will also enable long-term development planning with proper utilization of artificial intelligence.
Author: Jagoda Korzeniowska, Attorney-at-Law
« Back