|
Brussels, |
|
DIGITAL EUROPE
AIA - Artificial Intelligence Act
It shall apply from 2 August 2026.
However:
(a) Chapters I and II shall apply from 2 February 2025;
(b) Chapter III Section 4, Chapter V, Chapter VII and Chapter XII and Article 78 shall apply from 2 August 2025, with the exception of Article 101;
(c) Article 6(1) and the corresponding obligations in this Regulation shall apply from 2 August 2027.
However:
(a) Chapters I and II shall apply from 2 February 2025;
(b) Chapter III Section 4, Chapter V, Chapter VII and Chapter XII and Article 78 shall apply from 2 August 2025, with the exception of Article 101;
(c) Article 6(1) and the corresponding obligations in this Regulation shall apply from 2 August 2027.
The AI Act is a risk-based regulation. In practice, it sorts AI into four broad buckets: prohibited uses, high-risk systems, limited-risk systems with transparency duties, and minimal-risk systems that are largely left unregulated. Most compliance obligations fall on providers of high-risk AI, while deployers also have duties in some cases. The page also highlights a separate regime for general-purpose AI (GPAI) models.
Prohibited AI practicesThe AI Act bans a set of AI uses considered unacceptable, including certain manipulative or deceptive systems, exploitation of vulnerabilities, social scoring, some biometric categorisation uses, untargeted scraping of facial images for recognition databases, certain emotion-recognition uses in workplaces or schools, and tightly restricts real-time remote biometric identification by law enforcement in public spaces. The official legal basis is Article 5 of this Regulation.
Prohibited AI practicesHigh-risk AI systemsA large part of the Act regulates high-risk AI systems. These include systems that are safety components of products already regulated under EU sectoral law, and systems used in sensitive fields listed in Annex III, such as biometrics, critical infrastructure, education, employment, essential public and private services, law enforcement, migration and border management, and administration of justice or democratic processes. The main legal entry points are Article 6, Annex I and Annex III.
|
Click to read
|
Main obligations for providers of high-risk AI
Providers of high-risk AI must implement a risk-management system, ensure data governance and data quality, prepare technical documentation, enable logging/record-keeping, provide instructions for use, support human oversight, and ensure appropriate accuracy, robustness, and cybersecurity, backed by a quality-management system. These duties are set out mainly in Articles 8–17 of the Regulation.
Obligations for deployers and transparency duties
The page notes that deployers of high-risk AI also have obligations, although fewer than providers. For lower-risk scenarios, the Act imposes transparency obligations, especially where people must be informed that they are interacting with AI or that content has been generated or manipulated by AI. The official basis is in Chapter IV and the relevant transparency provisions in Article 50.
General-purpose AI (GPAI) models
The Act creates a dedicated regime for general-purpose AI models. In general, GPAI providers must prepare technical documentation, provide information for downstream integrators, comply with EU copyright-related obligations, and publish a summary of the training-data content. Open-weight / free-and-open models have a lighter regime unless they present systemic risk. These rules are mainly in Chapter V, especially Articles 51–56.
GPAI models with systemic risk
For GPAI models considered to pose systemic risk, the Act adds stricter obligations such as model evaluation, adversarial testing, risk mitigation, serious-incident reporting, and cybersecurity protections. The page also notes that the Commission can determine that a model has systemic-risk characteristics. The official legal text is in Article 55 and related provisions in Chapter V.
Governance and enforcement
Implementation is supported by the European AI Office, which plays a central role especially for GPAI oversight and broader coordination of AI Act enforcement. The Commission’s official overview is here: European AI Office and AI Act framework.
Timeline
The Commission stated that the AI Act entered into force on 1 August 2024 and applies in phases, with some provisions already applicable and full implementation continuing through 2 August 2027.
