The EU’s AI Act: A New Era for Responsible AI Development
Understanding the Risk-Based Approach
Table of Contents
The European Union has officially ushered in a new era of responsible AI development with the implementation of its groundbreaking AI Act. Effective August 1, 2024, this legislation sets a precedent for global AI regulation by adopting a risk-based approach that categorizes AI applications into different tiers based on their potential impact.
This phased implementation means various compliance deadlines will apply to different types of AI builders and functions. While most provisions will be fully enforced by mid-2026, certain restrictions, such as bans on specific high-risk AI uses in law enforcement (like remote biometric surveillance in public spaces), come into effect within just six months.
Categorizing AI Risk: Low, High, and Restricted
The EU’s framework classifies most AI applications as low or no risk, exempting them from the regulation’s scope. However, a subset of potential uses falls under high-risk categories, including biometrics and facial recognition, as well as AI employed in sensitive domains like education and employment. These systems must be registered in an EU database, and their developers must adhere to stringent risk management and quality assurance obligations.
A third category, “restricted risk,” encompasses AI technologies like chatbots or tools capable of generating deepfakes. These require transparency measures to prevent user deception.
General Purpose AIs (GPAIs) Under Scrutiny
The AI Act also addresses the unique challenges posed by General Purpose AIs (GPAIs), such as OpenAI‘s GPT model, which powers ChatGPT. Again, a risk-based approach is taken, with most GPAI developers facing relatively light transparency requirements. However, the most powerful models will be subject to rigorous risk assessment and mitigation measures.
The specifics of GPAI compliance are still being defined, as Codes of Conduct are yet to be finalized. The EU AI Office recently launched a consultation process to gather input on these crucial guidelines, aiming to complete them by April 2025.
Industry Response and Compliance Guidance
Leading AI developers, like OpenAI, are actively engaging with the EU’s regulatory framework. They recognize the importance of aligning their practices with the AI Act’s principles and are working closely with authorities to ensure smooth implementation. OpenAI emphasizes the need for organizations to classify their AI systems, determine their risk level, and understand their compliance obligations under the new legislation.
For those navigating this complex landscape, OpenAI recommends seeking legal counsel to address any uncertainties and ensure full adherence to the EU’s groundbreaking AI Act.