What’s the Latest on the AI Act?
Members of the European Parliament (MEPs) and the Council have recently reached a provisional deal on the updated Artificial Intelligence Act. This regulation seeks to strike a delicate balance between ensuring AI safety, protecting fundamental rights, and promoting innovation across Europe.
The provisions of the AI Act outline a comprehensive framework that addresses the potential risks associated with high-impact AI systems while empowering businesses, particularly small and medium-sized enterprises (SMEs), to thrive.
What’s Included in the AI Act?
One of the key highlights of the AI Act is the prohibition of certain AI applications that are deemed to be detrimental to citizens' rights and democracy. The regulation outlaws the use of biometric categorisation systems based on sensitive characteristics such as political beliefs, religion, sexual orientation, and race.
Additionally, untargeted scraping of facial images from the internet or CCTV footage for facial recognition databases, emotion recognition in workplaces and educational institutions, and social scoring based on personal characteristics are all explicitly banned. The Act also prohibits AI systems designed to manipulate human behaviour to circumvent free will and those exploiting vulnerabilities based on age, disability, or socio-economic status.
While stringent measures have been put in place to regulate the use of AI in law enforcement, negotiators have agreed on exemptions with specific safeguards. Biometric identification systems (RBI) used in publicly accessible spaces for law enforcement purposes must obtain prior judicial authorisation. The use of "post-remote" RBI is restricted to targeted searches for individuals convicted or suspected of serious crimes, while "real-time" RBI is limited to specific scenarios, such as searching for victims of abduction, preventing terrorist threats, or localising individuals suspected of specific crimes.
Risk-based approach breakdown
The AI Act addresses diverse risk levels associated with different AI applications. The Act aims to promote responsible AI practices while allowing for innovation and growth in the sector. It categorises AI into three risk levels, unacceptable risk, high risk, and limited risk.
Unacceptable Risk
AI systems posing an "unacceptable risk" face outright bans. Examples include cognitive behavioural manipulation, dangerous voice-activated toys, social scoring, and biometric identification for individuals, except for limited law enforcement exceptions.
High Risk
AI systems negatively impacting safety or fundamental rights are categorised as "high risk."
Divided into two groups, including AI in products falling under product safety legislation and AI in specific areas requiring registration in an EU database.
High-risk AI systems undergo thorough assessments before entering the market and are continuously assessed throughout their lifecycle.
General Purpose and Generative AI
Generative AI, like ChatGPT, falls under general-purpose AI and is subject to transparency requirements. This includes disclosing AI-generated content, preventing illegal content generation, and publishing summaries of copyrighted data used for training. High-impact general-purpose AI models, like GPT-4, face stringent evaluations and serious incidents must be reported to the European Commission.
Limited Risk
AI systems classified as "limited risk" must comply with minimal transparency requirements, especially those generating or manipulating image, audio, or video content, like deepfakes.
What Are the AI Act Updates?
The AI Act places clear obligations on AI systems classified as high-risk, taking into account their potential harm to health, safety, fundamental rights, the environment, democracy, and the rule of law.
This includes a mandatory fundamental rights impact assessment, applicable not only to the development of AI systems but also to the insurance and banking sectors. Citizens are granted the right to launch complaints about high-risk AI systems and receive explanations regarding decisions that impact their rights.
General Artificial Intelligence Systems
Acknowledging the diverse capabilities of AI systems and their rapid expansion, the AI Act introduces transparency requirements for general-purpose AI (GPAI) systems. These include technical documentation, compliance with EU copyright law, and detailed summaries about the content used for training. For high-impact GPAI models with systemic risk, additional stringent obligations such as model evaluations, risk assessments, adversarial testing, reporting on incidents, ensuring cybersecurity, and reporting on energy efficiency have been implemented.
Support Innovation and SMEs
Recognising the importance of fostering innovation and ensuring that SMEs can thrive in the AI sector, the AI Act promotes the establishment of regulatory sandboxes and real-world testing by national authorities. These initiatives aim to allow businesses, especially SMEs, to develop and train innovative AI solutions before introducing them to the market.
Entry into Force
To enforce compliance, the AI Act introduces substantial fines for non-compliance, ranging from 35 million euros or 7% of global turnover to 7.5 million euros or 1.5% of turnover, depending on the infringement and the size of the company.
This framework serves as a crucial guide for businesses, researchers, and developers navigating the complex terrain of AI development and deployment. With its focus on striking a balance between regulation and innovation, the AI Act positions Europe as a leader in shaping the future of artificial intelligence.
How Can Gerrish Legal Help?
Gerrish Legal is a dynamic digital law firm. We pride ourselves on giving high-quality and expert legal advice to our valued clients. We specialise in many aspects of digital law such as GDPR, data privacy, digital and technology law, commercial law, and intellectual property.
We give companies the support they need to successfully and confidently run their businesses whilst complying with legal regulations without the burdens of keeping up with ever-changing digital requirements.
We are here to help you, get in contact with us today for more information.