by Laura Fannin , Denise O’Shaughnessy January-12-2024 in Commercial & Business, Insurance, Intellectual Property, Technology
On 9 December 2023, the European Parliament and the Council of the European Union reached a provisional agreement on the EU Artificial Intelligence Act (“AI Act”), which will introduce a risk-based legal framework for Artificial Intelligence (“AI”). The AI Act will establish rules to minimise any potential harm associated with the use of AI in the European Union. It will be the world’s first attempt at regulation of AI.
Prohibited, high risk or general
The AI Act will establish obligations for AI depending on its potential risks and level of impact. Some applications are prohibited, for example emotion recognition in the workplace or biometric categorisation systems that use sensitive characteristics. Other applications categorised as high risk (because of their significant potential harm to health, safety, fundamental rights, democracy and the rule of law) must comply with specific obligations, for example, a fundamental rights impact assessment must be completed. There are limited exceptions for law enforcement purposes.
Extraterritorial reach
Similar to the General Data Protection Regulation (“GDPR”) the AI Act has an extraterritorial reach, equally applying to AI providers regardless of their location, if the AI user is based in the EU.
Fines
Fines for breach of the AI Act are significant, ranging from 35 million euro or 7% of global turnover to 7.5 million or 1.5% of turnover. In comparison, fines pursuant to the GDPR range from €20 million or 4% of worldwide turnover.
Next Steps
The agreed text must now be formally adopted by both the European Parliament and Council, this is expected in early 2024. Once agreed, a transition period will commence to facilitate compliance with the Act. The length of the transition period varies depending on the type of AI system, six months for prohibited AI systems, 12 months for specific obligations for higher risk AI systems and 24 months for all other obligations.
Back to Full NewsShare this article:
About the Authors
Laura Fannin
Laura is a partner in the Commercial & Business team at Hayes solicitors. Laura advises clients on a diverse range of corporate and commercial matters and regulatory requirements. She is an experienced adviser on terms and conditions of sale and purchase, IT issues, data protection, product liability, advertising and promotions, intellectual property and a wide range of commercial agreements.
Denise O’Shaughnessy
Denise is an associate solicitor in the Technology and Data Protection team. She advises clients on all data protection and privacy matters, including data sharing agreements, data processing agreements, online terms and conditions, privacy policies, cookies policies and data protection policies. She also advises clients on data subject access requests, data protection impact assessments, e-privacy and direct marketing.