The upcoming week signifies the commencement of a new chapter for AI regulations as the inaugural responsibilities of the EU AI Act come into effect.
Although the complete compliance mandates will not be activated until mid-2025, the initial stage of the EU AI Act kicks off on February 2nd and encompasses substantial restrictions on certain AI applications. Enterprises worldwide operating within the EU must now maneuver through a regulatory framework laden with stringent guidelines and considerable risks.
The newly instituted regulations forbid the deployment or application of numerous high-risk AI systems. These consist of applications such as social assessment, emotional recognition, real-time remote biometric identification in public areas, and other circumstances considered unacceptable per the Act.
Firms discovered to be non-compliant with the regulations could incur fines of up to 7% of their global annual revenue, emphasizing the necessity for organizations to grasp and adhere to the limitations.
Initial compliance obstacles
“It’s finally here,” remarks Levent Ergin, Chief Strategist for Climate, Sustainability, and AI at Informatica. “While we’re still approaching this in phases, the extensive preparations made by businesses for the EU AI Act will now encounter their ultimate assessment.”
Ergin underscores that although most compliance obligations will not be enforced until mid-2025, the early prohibitions establish a definitive direction.
“For corporations, the pressure in 2025 is twofold. They must provide concrete ROI from AI expenditures while grappling with issues surrounding data quality and regulatory ambiguity. It’s already the perfect convergence, with 89% of major companies in the EU experiencing contradictory expectations for their generative AI projects. Concurrently, 48% cite technological limitations as a substantial obstacle to advancing AI pilots into execution,” he notes.
Ergin asserts that the cornerstone of compliance and thriving lies in data governance.
“In the absence of strong data infrastructures, organizations risk stagnation, curtailing their capacity to harness AI’s full capabilities. After all, isn’t ensuring robust data governance a fundamental tenet that the EU AI Act is predicated upon?”
To respond effectively, firms must prioritize enhancing their data quality strategies.
“Enhancing data quality and governance is no longer optional; it’s imperative. For compliance and to validate the value of AI, companies need to invest in ensuring that data is accurate, comprehensive, integrated, current, and well-supervised,” asserts Ergin.
“This isn’t merely about satisfying regulatory requirements; it’s about empowering AI to generate genuine business results. As 82% of EU enterprises plan to elevate their GenAI investments in 2025, assuring that their data is AI-capable will be crucial for distinguishing between those who prevail and those who remain stationary.”
EU AI Act transcends borders
The extraterritorial application of the EU AI Act ensures that non-EU entities are certainly not exempt. As Marcus Evans, a partner at Norton Rose Fulbright, clarifies, the Act extends well beyond the EU’s frontiers.
“The AI Act will possess a genuinely global scope,” states Evans. “This is due to the fact that it pertains not only to organizations within the EU utilizing AI or those supplying, importing, or disseminating AI to the EU market but also to AI provision and utilization where the outcomes are implemented within the EU. Therefore, for example, a firm employing AI for recruitment in the EU – even if headquartered elsewhere – would still be encompassed by these new regulations.”
Evans recommends that businesses commence by auditing their AI usage. “At this juncture, companies must first identify where AI is being utilized within their enterprises in order to evaluate whether any use cases might activate the prohibitions. Following this initial inventory, a broader governance framework can then be established to ensure that AI application is assessed, remains within compliance, and aligns with the AI Act.”
As organizations strive to align their AI methodologies with the fresh regulations, additional obstacles persist. Compliance necessitates addressing various legal intricacies such as data protection, intellectual property (IP), and risks of discrimination.
Evans underscores that enhancing AI literacy within organizations is also a vital step.
“Any entities subject to the regulations should also implement measures to ensure their personnel – and anyone else involved in the operation and utilization of their AI systems on their behalf – possess a sufficient level of AI understanding,” he asserts.
“AI literacy will be crucial…”
a crucial part in AI Act adherence, as those engaged in managing and utilizing AI must comprehend the risks they are overseeing.”
Promoting responsible innovation
The EU AI Act is being regarded as a landmark for accountable AI progression. By outlawing detrimental practices and mandating transparency and responsibility, the regulation aims to harmonize innovation with ethical principles.
“This structure is a fundamental stride towards establishing a more accountable and sustainable future for artificial intelligence,” states Beatriz Sanz Sáiz, AI Sector Leader at EY Global.
Sanz Sáiz is of the opinion that the legislation promotes trust while laying the groundwork for revolutionary technological advancement.
“It holds the capability to cultivate greater trust, responsibility, and innovation in AI growth, in addition to fortifying the bases upon which the technology continues to evolve,” Sanz Sáiz claims.
“It is essential that we concentrate on eliminating bias and emphasizing fundamental rights such as fairness, equity, and privacy. Development of responsible AI is a vital phase in the endeavor to further propel innovation.”
What is banned under the EU AI Act?
For compliance assurance, corporations must be unequivocally aware of which actions fall within the EU AI Act’s stringent prohibitions. The existing list of forbidden activities comprises:
Detrimental subliminal, manipulative, and deceptive techniques
Harmful exploitation of susceptibilities
Unacceptable societal scoring
Individual crime risk evaluation and prediction (with some exceptions)
Non-targeted harvesting of internet or CCTV data to develop or enhance facial recognition databases
Emotion recognition in contexts such as workplaces and educational settings (with some exceptions)
Biometric categorization to deduce sensitive categories (with some exceptions)
Real-time remote biometric identification (RBI) in publicly accessible venues for law enforcement objectives (with some exceptions)
The forthcoming guidance from the Commission regarding which “AI systems” fit into these classifications will be crucial for enterprises aiming to ensure adherence and mitigate legal liabilities. Furthermore, firms should prepare for additional clarification and resources at both the national and EU scales, including the impending webinar organized by the AI Office.
A new era for AI regulations
The early execution of the EU AI Act signifies merely the commencement of what is an exceptionally intricate and ambitious regulatory undertaking. As AI increasingly assumes a central role in corporate strategy, organizations must learn to manage new regulations and consistently adapt to forthcoming modifications.
At this stage, companies should prioritize their understanding of the extent of their AI applications, improve data governance, educate employees to enhance AI literacy, and adopt a proactive stance toward compliance. By doing so, they can establish themselves as pioneers in a rapidly transforming AI environment while unlocking the technology’s full capabilities while adhering to ethical and legal benchmarks.
(Photo by Guillaume Périgois)
See also: ChatGPT Gov aims to modernise US government agencies
Interested in gaining further insights on AI and big data from industry experts? Explore AI & Big Data Expo taking place in Amsterdam, California, and London. This extensive event is co-located with other prominent events such as Intelligent Automation Conference, BlockX, Digital Transformation Week, and Cyber Security & Cloud Expo.
Discover additional upcoming enterprise technology events and webinars hosted by TechForge here.
Be the first to comment