Yesterday, Wednesday March 13, 2024, the European Parliament formally approved the Artificial Intelligence Act (AI Act), a step that was widely anticipated following prior agreement among member states. This formal ratification of the final text of the AI Act marks a cornerstone in establishing a harmonized regulatory framework for artificial intelligence across the EU.
Key Aspects of the Final AI Act:
The AI Act is a significant step forward in guiding the responsible development and deployment of AI technologies across the European Union, focusing on:
- Ethical AI Principles: The Act emphasizes transparency, accountability, and human oversight to ensure AI technologies are ethically aligned and respect human rights. Entities utilizing AI systems within the EU are expected to implement robust mechanisms to identify, assess, and mitigate biases in their AI applications, through ensuring diverse and representative data sets, transparent algorithmic decision-making, regular audits and other technical measures designated to uphold equality and fairness across all AI-driven processes.
- Data Governance: The Act mandates strong measures to ensure the integrity, quality, and fairness of data used in AI systems. It aims to reduce biases and ensure data sets are accurate and representative.
- Risk-Based Approach: A core feature of the AI Act is its classification system for AI applications based on their risk levels. This method aims for balanced regulation that supports innovation while protecting public interests. Further, the AI Act requires the adoption of comprehensive framework that requires entities to continuously identify and mitigate risks associated with high-risk AI systems throughout their lifecycle.
- Prohibited AI Practices: Certain AI practices that pose unacceptable risks to society are outright banned. This includes manipulative or exploitative applications, indiscriminate surveillance of public areas, and social scoring.
- High-Risk AI Systems: Systems identified as high-risk, such as those in critical infrastructure, healthcare, education, and law enforcement, will face strict requirements.
For more detailed information on these aspects and how they might impact on your operations, please refer to our previous memorandum on the AI Act.
Final Steps and Timeline for Effectiveness
Following its formal approval, the AI Act is currently undergoing a lawyer-linguist check, a crucial step before receiving formal endorsement by the Council. After these steps are completed, the AI Act will be poised for publication in the Official Journal of the European Union, marking a significant milestone in the regulation of artificial intelligence within the EU.
The Act will officially take effect 20 days after its publication in the Official Journal of the European Union, marking the beginning of a new era in AI regulation. While the Act becomes immediately active, its comprehensive provisions will be fully applicable 24 months following its entry into force, with the following exceptions:
- Prohibited AI Practices: Set to be enforced six months after the Act comes into force, addressing immediate concerns over certain AI applications.
- Codes of Practice: expected to be published within nine months post-entry, providing the market with best practices for compliance.
- General-Purpose AI Rules and Governance: Detailed rules and governance structures will be applied twelve months after the Act’s effective date, ensuring proper oversight of AI systems.
- Obligations for High-Risk Systems: The most stringent and important requirements, focusing on high-risk AI systems, will take effect thirty-six months post-entry, allowing sufficient time for organizations to adapt and comply.
The formal approval of the AI Act sets a new standard in AI regulation and responsible governance worldwide. As implementation approaches, we are here to keep you updated and assist in adapting to the regulatory changes. We urge clients involved in AI applications, especially those potentially considered high-risk, to contact us for guidance and support in meeting these new requirements.
APM Technology and Regulation Team.
This document is intended to provide only a general background regarding this matter. It should not be regarded as setting out binding legal advice but rather as a practical overview based on our understanding.