EU AI Act: A Risk-Based Framework for Artificial Intelligence

• The EU AI Act enforces a risk-based approach to AI regulation, with banned, high-risk, medium-risk, and low-risk categories.
• Generative AI systems, termed "general-purpose AI," face transparency and risk mitigation obligations, with stricter rules for models posing systemic risks.

The European Union's AI Act, a landmark risk-based regulation for artificial intelligence, officially came into force on August 1, 2024. Years in the making, this first-of-its-kind rulebook aims to foster trust in AI by addressing risks and setting clear rules for businesses, with compliance deadlines stretching into 2027.

The Act takes a tiered, risk-based approach. Certain uses of AI, such as manipulative techniques or social scoring, are banned, though exceptions exist, including for law enforcement. High-risk applications, such as in healthcare or critical infrastructure, require conformity assessments, data transparency, and human oversight, with public registries tracking government-deployed systems. Medium-risk systems, like chatbots, face transparency requirements, while low-risk uses, including social media content sorting, remain largely unregulated but are encouraged to follow best practices.

Generative AI (GenAI) tools, referred to as "general-purpose AI" (GPAIs), face specific rules under the Act. Transparency measures mandate disclosures on copyrighted training data, while GPAIs deemed to pose systemic risks face stricter obligations, such as risk assessments based on compute power thresholds. Notably, GPAIs still in R&D are exempt from regulation.

The Act’s journey wasn’t without controversy. Critics warned it could hinder European innovation, with companies like France's Mistral and OpenAI lobbying for changes. OpenAI’s Sam Altman suggested pulling out of Europe if regulations proved too restrictive, though the threat was retracted.

Enforcement is split between the EU's AI Office, overseeing GPAIs, and member-state authorities for other AI systems. Penalties range from 1.5% to 7% of global turnover, depending on the violation.

Edited by Harshajit Sarmah