EU regulators pass the planet’s first sweeping AI regulations

The European Parliament has approved groundbreaking legislation aimed at regulating artificial intelligence (AI) after nearly three years of deliberation since the initial proposal. The AI Act, which received 523 votes in favor and 46 against with 49 abstentions, aims to safeguard fundamental rights and foster innovation while positioning Europe as a leader in AI development.

The regulations, which are yet to become law pending formal enforcement by the European Council, target high-risk AI applications by defining obligations based on potential risks and impact. Provisions will come into effect gradually, with bans on specific practices, such as biometric categorization systems and untargeted scraping of images, taking effect sooner.

Certain applications, including social scoring and emotion recognition in certain settings, will be prohibited. The legislation also outlines conditions for high-risk AI uses in law enforcement and healthcare sectors, requiring transparency, non-discrimination, and adherence to privacy rules. Developers must ensure that AI systems are explainable to users.

Furthermore, the law addresses generative AI and manipulated media, necessitating clear labeling of AI-generated content like deepfakes and compliance with copyright laws. Providers utilizing powerful AI models face requirements to assess risks, report incidents, disclose energy consumption details, meet cybersecurity standards, and conduct state-of-the-art tests and evaluations.

Penalties for breaching the AI Act could be substantial, reaching up to €35 million ($51.6 million) or seven percent of global annual profits for offending companies. The legislation’s reach extends to AI models operating within the EU, potentially impacting US-based providers operating in Europe.

To monitor compliance, individual EU member states will establish AI watchdogs, while the European Commission will institute an AI Office tasked with evaluating models and mitigating risks associated with general-purpose AI. Providers of models deemed to have systemic risks will collaborate with the office to formulate codes of conduct.

While the AI Act aims to strike a balance between regulating AI and fostering innovation, its implications are significant for companies operating in Europe, requiring adherence to stringent rules governing AI development, usage, and accountability.