Skip to main content
9 – 17 UHR +49 8031 3508270 LUITPOLDSTR. 9, 83022 ROSENHEIM
DE / EN
AI

AI Act Published: The First Comprehensive AI Regulation Worldwide

Andreas Noerr Andreas Noerr | | 4 min read

On July 12, 2024, the “Artificial Intelligence Act” (short “AI Act”) was published in the Official Journal of the European Union.

What is the AI Act?

The AI Act is an EU regulation that represents the first worldwide attempt to create rules for the use of Artificial Intelligence. As an EU regulation, it applies directly in all member states of the European Union without them having to transpose the AI Act into national law. The regulation bears the number 2024/1689.

What does the AI Act regulate?

The regulations are very complex and are the result of a compromise. Discussions in the legislative process were mainly characterized by finding a balance between regulations that make AI use safer and shape AI use according to our values, while at the same time not slowing down technological development through regulation, but even promoting it.

The goal is

“the use of artificial intelligence systems (AI systems) in the Union in accordance with the values of the Union (…), to promote the uptake of human-centric and trustworthy artificial intelligence (AI) while ensuring a high level of protection of health, safety and fundamental rights enshrined in the Charter of Fundamental Rights of the European Union (‘Charter’), including democracy, the rule of law and environmental protection, to protect against harmful effects of AI systems in the Union while supporting innovation.”

(Recital 1 AI Act)

For this reason, in addition to regulations designed to make AI use safer, the AI Act also contains a separate chapter on promoting innovation (Chapter VI). It provides for the creation of at least one AI regulatory sandbox per member state, which must be operational by August 2, 2026. The AI regulatory sandboxes are intended to provide a controlled environment to promote innovation and facilitate the development, training, testing, and validation of innovative AI systems.

The addressees of the AI Act are providers and deployers of AI systems, importers and distributors, product manufacturers, but also all persons affected by AI use.

The AI Act provides for a so-called risk-based approach, which can be illustrated with the following graphic.

Risk classes of the EU AI Act

A prohibited AI system exists in particular if the AI system has the following characteristics:

  • Manipulative or deceptive techniques
  • Exploitation of vulnerability or need for protection of persons
  • Evaluation of persons
  • Certain types of facial recognition
  • Emotion inference
  • Biometric categorization and identification of persons

Classification as a high-risk AI system occurs in particular when it is to be used as a safety component in certain products, the AI system itself is such a product, or when the AI system falls under the requirements of a specified catalog in Annex III. These AI systems must in particular undergo and maintain a risk management system.

Overall, transparency obligations apply to AI systems, which differ according to the type of AI.

In addition, providers and deployers of AI systems must ensure human AI literacy in the company and guarantee that personnel have a sufficient level of AI literacy (Art. 4 AI Act). This

AI Officer should ensure that ultimately a human always understands what the AI is doing and thus maintains control over its use.

innFactory AI Consulting GmbH offers such training sessions starting in October.

Timeline

After the publication of the AI Act in the Official Journal of the European Union on July 12, 2024, the following timeline applies:

  • August 1, 2024: Entry into force of the AI Act
  • February 2, 2025: Application of Chapter I and Chapter II, particularly:
    • Prohibited AI systems
    • AI Officer
  • August 2, 2025:
    • Establishment of the notification procedure for high-risk AI (Chapter III Section 4)
    • Application of provisions for general-purpose AI models (Chapter V)
    • Application of provisions for establishing governance at EU level in the form of various bodies and at Member State level in the form of a supervisory authority (Chapter VII)
    • Application of fine provisions (Chapter XII) with the exception of fines for providers of general-purpose AI systems (Art. 101)
    • Confidentiality of authorities and bodies provided for under the AI Act (Art. 78)

The rest of the AI Act will then apply from August 2, 2026, with the exception of provisions for classification as high-risk AI (Art. 6(1)), which apply from August 2, 2027.

Andreas Noerr
Written by

Andreas Noerr

Mitgründer, Beirat

Andreas Noerr ist Gründer und Inhaber der Kanzlei Nörr Digitalrecht und Fachanwalt für Informationstechnologierecht. Er absolvierte ein Doppelstudium des deutschen und französischen Rechts an der Universität des Saarlandes und am Centre juridique franco-allemand (CJFA) in Saarbrücken mit dem Schwerpunkt deutsches und internationales Informations- und Medienrecht. Seit 2015 ist er als Rechtsanwalt tätig. Neben seiner anwaltlichen Tätigkeit lehrt er an der Technischen Hochschule Rosenheim E-Commerce-Recht und Recht des digitalen Marketings und ist Zertifizierter Mediator. Als Experte für Themen wie die DSGVO und den EU AI Act ist Andreas Noerr Mitgründer und KI-Berater der innFactory AI Consulting GmbH.

LinkedIn

Related Articles

AI ChatGPT

ChatGPT Prompt Engineering – Get More Out of Your Inputs

25.06.2024
Back to Blog