Wednesday, December 25, 2024

Prepare your audits: EU Commission approves first-of-its-kind AI Act

Must read

The EU Council has given final approval to the bloc’s landmark AI Act, setting the stage for enactment of a benchmark first-of-its-kind AI law across Europe. 

The EC describes the AI Act as taking a “risk-based approach” to AI regulation, meaning that the greater the risk an AI product could harm society, the more regulations it’ll have to follow in order to do business in the EU. At the same time, the EC said it hopes the AI Act will open the door to investment in the right kinds of AI – safe, transparent ones. 

For that reason, “high-risk” AI systems (those that are used in critical sectors, as well as in law enforcement, for identification and other purposes) will have to submit to regular audits, pass a fundamental rights impact assessment, and register in a central database of high-risk AI systems.

“With the AI act, Europe emphasizes the importance of trust, transparency and accountability when dealing with new technologies while at the same time ensuring this fast-changing technology can flourish and boost European innovation,” said Belgian secretary of state for digitization, Mathieu Michel. 

Along with classifying and regulating various types of AI and the companies that make them, the AI Act also declares several types of AI verboten in the bloc. 

“Cognitive behavioural manipulation and social scoring will be banned from the EU because their risk is deemed unacceptable,” the Commission said. “The law also prohibits the use of AI for predictive policing based on profiling and systems that use biometric data to categorise people according to specific categories such as race, religion, or sexual orientation.”

Future potential AGIs are included in the rule as well, and the act provides exemptions for systems used for military/defense and research purposes. 

The Act also calls for several new offices to be set up to handle administration of the new law. AI Offices at the Commission and parliamentary level will be created, as will a panel of experts and a stakeholders advisory forum. Fines for noncompliance are in the mix as well, and will be “set as a percentage” of global annual turnover or a predetermined amount, whichever is greater. 

Passed by the European Parliament in December, the AI Act hasn’t been without its critics, who’ve said it appeared written with Big Tech in mind. That said, it’s on the books now, will go into force in two years, and is likely to have quite a reach. 

“Companies outside the EU who use EU customer data in their AI platforms will need to comply,” lawyer Patrick van Eecke told Reuters of the passing of the Act. “Other countries and regions are likely to use the AI Act as a blueprint, just as they did with the GDPR.” ®

Latest article