The European Parliament achieved a key milestone by adopting the landmark Artificial Intelligence Act, paving the way for the European Union's first complete legal framework for artificial intelligence (AI). This pioneering law seeks to achieve a compromise between the AI industry's need for innovation and the imperatives of upholding fundamental rights and guaranteeing the security and reliability of AI systems. The EU's determination to lead the world in ethical AI governance is reflected in the EU AI Act which upholds citizens' rights and interests while promoting a strong technological environment.
Ensuring Safety and Protecting Rights
The primary objective of the EU AI Act is to establish a regulatory environment that ensures AI systems deployed within the EU are safe, transparent, and respect fundamental rights. This is achieved through a risk-based approach that categorises AI systems into different risk levels, each with corresponding regulatory requirements. High-risk AI systems, which pose significant risks to health, safety, or fundamental rights, are subject to stringent regulations, including rigorous testing, documentation, and human oversight.
The EU AI Act mandates that AI systems must be designed and developed in a manner that upholds fundamental rights, such as privacy, non-discrimination, and data protection. This emphasis on fundamental rights reflects the EU's commitment to creating a human-centric AI landscape, where technology serves the needs and values of society. By prioritizing the safety and rights of individuals, the legislation aims to build public trust in AI technologies, which is crucial for their widespread adoption and acceptance.
Boosting Innovation and Competitiveness
The EU AI Act aims to encourage innovation and competitiveness in the AI industry even as it places stringent limitations on high-risk AI systems. The law contains provisions intended to aid in the creation and application of AI technology, especially for startups and small and medium-sized businesses (SMEs). The intention is to foster innovation by lowering administrative burdens and offering clear legislative rules, which will promote the development of a thriving AI ecosystem in Europe.
Focusing on encouraging cooperation between the public and private sectors is one of the main features of the EU AI Act. To guarantee that AI technologies are created in accordance with societal needs and values, the act promotes collaboration and partnerships between researchers, developers, and regulatory organisations.
By adopting a risk-based approach to regulation, it recognises that not all AI systems pose the same level of risk. The legislation classifies AI systems into three main categories: unacceptable risk, high risk, and limited risk. This tiered approach allows the EU to tailor its regulatory framework to the specific risks associated with different AI applications, ensuring that regulations are proportionate and effective.
Transparency and Accountability
Transparency and accountability are key to the EU AI Act's principles. The law requires AI systems to be open about how they operate and make decisions, especially those that are deemed high-risk. This entails giving consumers information that is easy to comprehend regarding the operation of AI systems, the data they use, and the reasoning behind their choices.
The statute mandates that high-risk AI systems be created in a way that permits efficient human intervention, underscoring the significance of human control. This guarantees that people maintain control and have the ability to step in when needed to stop damage or fix mistakes, and to ensure that AI technologies are used responsibly and ethically by increasing accountability and transparency.
EU Leadership in AI Governance
The adoption of the EU AI Act establishes the EU as a global leader in AI governance, laying the groundwork for other governments and regions to follow. The EU wants to ensure that AI technologies are used responsibly and ethically, making a positive impact on society, by creating a thorough legal framework.
The EU's commitment to advancing global collaboration in AI governance is also reflected in the legal framework. The law has measures for working together with foreign partners, including exchanging best practices and creating international standards. The EU aims to provide a harmonised legal framework that protects fundamental rights, ensures the safe use of AI technologies, and promotes innovation through international cooperation.
EU AI Act Next steps
The regulation will enter into force 20 days after its publication in the official journal and be directly applicable to 27 Member States, including Malta, on 2nd August 2026, except for bans on prohibited practises, which will apply 6 months after the entry into force date; codes of practise (9 months after entry into force); general-purpose AI rules including governance (12 months after entry into force); and obligations for high-risk systems (36 months).
Businesses will have to ensure alignment with the following:
- Inventory all AI systems that you have (or will have) developed or deployed, and establish if any of them are subject to the EU AI Act.
- In order to ascertain the risk categorization of the in-scope AI systems and the relevant compliance requirements, evaluate and classify the systems.
- Acknowledge your company's place in pertinent AI value chains, the related compliance requirements, and the means by which these requirements will be fulfilled. All functions accountable for the AI systems along the value chain must incorporate compliance throughout the systems' lifecycle.
- Understand the additional risks (such as interacting with other EU or non-EU rules, such as those pertaining to data privacy) and opportunities (such as providing access to AI Act sandboxes for innovators, small and medium-sized businesses, and others) that the AI Act presents to the strategy and operations of your organisation.
- Develop and implement a plan to guarantee that, upon the Act's implementation, the proper risk and control systems, quality management, documentation, accountability and governance frameworks, and monitoring are in place.
The purpose of this article is to provide a general overview of the subject matter. Should you require additional information please refer to Regulation (EU) 2024/1689 of the European Parliament and of the Council of 13 June 2024.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.