Saihub.info
EU AI Act
Updated May 14, 2024
The proposed European Union Artificial Intelligence Act is the world's most prominent AI legislation. At present, the final text of the AI Act has not been agreed. This page summarizes key expected provisions of the AI Act, and will be updated as the legislation advances.
Legislative Process
Key steps so far in adoption of the EU AI Act have been:
February 2024 -- The Committee of Permanent Representatives (acting for the EU Council) endorsed a proposed final draft of the AI Act. The European Parliament committees on Internal Market Consumer Protection (IMCO) and Civil Liberties, Justice and Home Affairs (LIBE) then endorsed the proposed text, and the European Parliament published an updated version of the AI Act.
March 2024 -- The European Parliament gave final approval to the AI Act on March 13, 2024.
April 2024 -- The European Parliament released a final, corrected version of the AI Act, addressing minor drafting errors.
The Act would will now receive final approval from the EU Council and enter into force. Once adopted, the AI Act will fully take effect two years later (i.e. in 2026), with some obligations applying earlier or later (see European Commission Q&As for details). The International Association of Privacy Professionals has prepared a useful infographic on the timeline for entry into force of the AI Act.
Brief summaries of some key provisions of the AI Act are below. More detailed summaries are available from various sources including:
Regulatory Framework for AI Systems
The EU AI Act will regulate AI "systems" (i.e. software applications), using a definition of "artificial intelligence" that is based upon the one adopted by the OECD. AI systems are divided into the following categories (subject to some general exceptions, e.g. for military/defense systems):
Regulation of "General Purpose AI Models"
The AI Act defines "general purpose AI [GPAI] model" to be one that "displays significant generality and is capable to competently perform a wide range of distinct tasks", with certain exceptions. GPAI models will be subject to obligations regarding (a) technical documentation and information, (b) copyright policies and (c) summaries of training data, except that obligations (b) and (c) do not apply to GPAI models that are made public (including model weights). (AI Act, Arts. 3(44b) & 52c)
GPAI models posing "systemic risk" subject to stricter obligations. Models posing "systemic risk" are those that (a) have "high impact" based upon technical evaluations, (b) are so designated by the European Commission or (c) are trained using computing power greater than 1025 floating point operations. (AI Act, Art. 52a) In addition to the general obligations for GPAI models, "systemic risk" models will be subject to obligations regarding (1) model evaluation and testing, (2) risk management, (3) incident reporting and (4) cybersecurity. (AI Act, Art. 52d)
Open Source AI Models
The AI Act applies reduced obligations to open source AI models (1) for which model weights and information on model architecture and training are made publicly available and (2) that are not monetized.
Institutions and Implementation
The AI Act establishes new institutions:
Each EU member state must appoint one or more national authorities with responsibility for implementation of the AI Act and associated market surveillance.
The European Commission's AI Pact initiative works with organisations to plan for AI Act implementation, including Pillar I (working with the AI Pact network) and Pillar II (facilitating voluntary pledges of compliance).