The European Union passed it’s much anticipated Artificial Intelligence Act (the EU AI Act) and it represents a landmark development in the regulatory landscape for artificial intelligence. As the first comprehensive AI law of its kind, the EU AI Act is poised to become a global benchmark, influencing AI policies not only within the EU but around the world. As such, it’s a regulatory framework that anyone integrating AI into their companies should be familiar with. So let’s talk about the key aspects of the AI Act, its importance, and the path ahead for AI regulation.
Regulatory Topics Covered by the EU AI Act
AI Transparency and Risk Management:
The AI Act introduces essential transparency requirements for developers of large language models, particularly those deemed to pose systemic risks. These developers are encouraged to follow a voluntary code of conduct to collaborate with the commission in mitigating risks, mirroring the approach taken in the EU's Digital Services Act.
High-Risk vs. Low-Risk AI Applications Delineation
The legislation makes a clear point to differentiate between high-risk and low-risk AI applications. High-risk categories, like self-driving vehicles and AI applications that impact healthcare, financial and hiring decisions, will be subject to more stringent regulation. Some of which will be standarized like Conformity Assessments that are administered by third-parties.
Copyright Protection and Energy Transparency
Measures to safeguard copyright holders from generative AI are included, as well as requirements for general-purpose AI systems to disclose their energy consumption.
Biometric Use and Facial Recognition
The Act carefully navigates the regulation of AI in law enforcement, particularly regarding real-time facial recognition and biometric scanning. It strictly limits the use of AI for categorizing people based on sensitive characteristics such as political views, sexual orientation, or race.
Why It's Important To You Now
The EU AI Act is set to have immediate effects, with bans on prohibited AI applications becoming effective in six months, transparency requirements in a year, and the complete set of rules in around two years.
Extraterritorial Reach and Fines
Notably, the EU AI Act has an extraterritorial scope (just like GDPR), affecting companies outside the EU that operate within its borders. Non-compliance can lead to fines up to 35 million euros (about $38 billion) or 7% of global revenue, depending on the violation and the company's size.
Global AI Regulation Benchmark
As a pioneering regulation in AI, the EU AI Act is expected to influence policies globally, setting a new standard for how AI is governed.
AI Regulatory Path Ahead
Formal Approvals Pending
The EU AI Act, while agreed upon in principle, still requires formal ratification by EU member states and the EU Parliament. This process is a critical step towards enacting the legislation.
Fragmented Regulatory Environment
The Act is likely to inspire similar regulations in other parts of the world, including Asia and the United States. States like California are likely to extend existing privacy laws (like CCPA) to encompass AI regulatory topics.
The EU AI Act represents a groundbreaking move in AI regulation, addressing key issues of transparency, risk management, and ethical use of AI technologies. Its implications extend far beyond the borders of the European Union, underscoring the need for companies and stakeholders to pay close attention and adapt to these emerging regulatory standards. As a business leader you need to continue to understand this landscape and get ahead of it by implementing strong AI Governance standards at your own company. For those interested in getting started on effective AI Governance check out our article: 5 AI Governance Actions To Implement Now