Regulating Artificial Intelligence: The EU AI Act

Artificial intelligence (AI) is everywhere, and its development and use are evolving at a rapid pace. It’s already transforming how we live and work – but with this immense power comes potential risks.

The EU AI Act is the first-ever legal framework for AI worldwide and should come into force in 2026. Here, we explore the EU AI Act, the risks it aims to combat and consider what it could mean for you.

What Is the EU AI Act?

The EU AI Act act is a regulatory framework for AI that aims to mitigate the risks associated with AI and provide clear guidelines for anyone developing, implementing or using AI. It’s part of a wider EU strategy with a Coordinated Plan on AI.

Together, these will “guarantee the safety and fundamental rights of people and businesses when it comes to AI. And strengthen uptake, investment and innovation in AI across the EU.” – European Commission

What Type of AI Risks Does the EU AI Act Aim to Combat?

AI can make and influence decisions. When you ask your smart speaker if you need an umbrella, the risks to you and society are low if AI gets it wrong. The EU AI Act uses this risk-based approach to determine which AI systems need to meet the strictest mandatory obligations. Most AI tools currently used are classed as ‘minimal or no risk’.

If you work in healthcare and use AI to manage medications, AI errors could be fatal. This kind of AI is classed as high risk. AI used in employment could be high risk if you’re using it to sort CVs, for example. If this AI has unseen biases that change the course of someone’s life, this will put their personal rights at risk and reinforce societal inequalities.

These are just a few of the AI risks that the EU AI Act highlights:

Privacy: Personal data should be processed lawfully, fairly, and transparently, with respect to individuals’ rights to privacy and data protection.
Discrimination and bias: AI systems should not discriminate against people based on protected characteristics.
Lack of transparency: AI system functionality and decision-making processes should be transparent.

Other AI risks include unfair competition, misinformation and cyber security. Read more about AI threats.

How Could the EU AI Act Impact You?

If your business is in the EU or you do business with clients or customers from the EU, the act will apply to you. How much of it is strictly mandatory will depend on the risk level of the AI you use.

If you don’t work with the EU, or you only use minimal or no risk AI, the EU AI Act will still provide a comprehensive guide to protecting your business, employees and customers from AI risks.

As data protection and cyber security experts, we’ll help you navigate the EU AI Act and stay compliant. Contact the team to find out more.

Cyber Security Services

PCI DSS

ISO 27001

Cyber Security Consultancy

Cyber Security Support

Pentesting

Data Protection Services

SAR Support

Data Protection Support

Outsourced DPO

Data Protection Consultancy

Information Management Software

GDPR Training

GDPR Audits

GDPR Representative

GDPR Documentation

Information Governance Framework

Information Rights Request

24/7 Support whenever you need it