Client Alert: Navigating the EU Artificial Intelligence Act

Client Alert: Navigating the EU Artificial Intelligence Act

Brian Winterfeldt,Terri Doud

Key Insights for Businesses

On August 1, 2024, the European Union’s Artificial Intelligence Act (AI Act) officially came into force, setting a new standard for AI regulation within the EU. Designed to balance innovation and societal protection, this landmark legislation introduces a phased regulatory framework that businesses must understand and prepare for.

What is the EU AI Act?

The EU AI Act establishes comprehensive rules for the development, deployment, and use of AI systems across all sectors in the EU. By categorizing AI systems based on risk levels, the Act aims to mitigate potential harms while encouraging responsible innovation.

When Will the AI Act Take Effect?

The implementation of the AI Act will occur in phases:

• February 2, 2025: Prohibitions on specific AI applications and mandatory AI literacy initiatives take effect.
• August 2, 2025: Regulations for new General-Purpose AI (GPAI) models commence.
• August 2, 2026: High-risk AI systems must comply with most rules, with stricter requirements for health-related systems by August 2, 2027.

Who Must Comply with the AI Act?

The Act applies to all participants in the AI value chain, including:

• Providers
• Deployers
• Importers
• Distributors

It also impacts non-EU companies whose AI systems are available in the EU, requiring them to appoint an EU-based representative.

Key Provisions of the EU AI Act

1. Risk-Based Obligations

The AI Act introduces obligations tailored to risk levels:

• Prohibited Systems: High-risk applications like social scoring and mass biometric identification in public spaces are banned (with limited exceptions).
• High-Risk Systems: Subject to stringent compliance measures, including risk management frameworks and transparency obligations.
• Lower-Risk Systems: Must meet transparency standards but face fewer requirements.

2. Requirements for High-Risk AI Systems

AI systems classified as high-risk (e.g., used in law enforcement or critical infrastructure) must:

• Implement risk management frameworks.
• Maintain detailed technical documentation.
• Ensure human oversight.
• Undergo regular conformity assessments.

3. GPAI Model Provider Obligations

Providers of General-Purpose AI (GPAI) models are required to:

• Maintain and share up-to-date technical documentation.
• Implement compliance policies aligned with EU copyright laws.
• Publish summaries of training data for transparency.

4. Prohibited AI Systems

The Act bans AI systems that:

• Manipulate individuals through subliminal techniques.
• Engage in social scoring or discriminatory practices.
• Perform mass biometric identification in public spaces (except under defined conditions).

5. Contractual Updates

Businesses must review and amend contracts to clearly define responsibilities within the AI value chain, ensuring compliance with the Act.

Enforcement & Compliance

EU regulators will oversee adherence to the AI Act through investigations and penalties for violations. To prepare:

• Assess current AI practices.
• Establish robust risk management systems.
• Enhance transparency in AI development and use.

Why Compliance Matters

The AI Act underscores the EU’s commitment to safeguarding society while fostering innovation. For businesses, compliance ensures not only regulatory adherence but also builds trust with stakeholders and end-users.

Preparing for the Future

As the AI Act’s provisions roll out, businesses must adapt proactively:

1. Understand Obligations: Identify risk levels and compliance requirements for AI systems.
2. Update Contracts: Align legal agreements with Act provisions.
3. Engage Stakeholders: Foster collaboration across the AI value chain.

Final Thoughts

The EU Artificial Intelligence Act marks a pivotal shift in AI governance, offering a roadmap for responsible innovation. Businesses are encouraged to reflect on its implications and take early action to align their operations with this transformative legislation.

For further details or guidance, please don’t hesitate to reach out.

Disclaimer

This alert provides general information and is not intended as legal advice. For specific concerns, seek tailored legal counsel.

‍