Artificial intelligence act

In “A Europe Fit for the Digital Age”

PDF version

The uptake of artificial intelligence (AI) systems has a strong potential to bring societal benefits, economic growth and enhance EU innovation and global competitiveness. At the same time, it is commonly acknowledged that the specific characteristics of certain AI systems raise some concerns especially with regard to safety, security and fundamental rights protection. Against this background, the European Commission unveiled a proposal for a new artificial intelligence act (AI Act) in April 2021.

The Commission proposed:

  • to enshrine in EU law a technology-neutral definition of AI systems
  • and to adopt different set of rules tailored on a risk-based approach (prohibited AI systems, high-risk AI systems subject subject to a set of stringent requirements (e.g., 
    management, testing, data training), AI systems presenting limited risk subject to limited transparency requirements and AI systems presenting only low or minimal risk). 

    The Council adopted its common position (‘general approach’) on the AI act in December 2022. The Council’s text, inter alia:

    • narrowed down the definition of AI system.
    • extended to private actors the prohibition on using AI for social scoring.
    • added a horizontal layer on top of the high-risk classification to ensure that AI systems that are not likely to cause serious fundamental rights violations or other significant risks are not captured.
    • added new provisions to account of situations where AI systems can be used for many different purposes (general purpose AI).
    • clarified the scope of the AI act (e.g. explicit exclusion of national security, defense, and military purposes from the scope of the AI act) and provisions relating to law enforcement authorities.
    • added new provisions to increase transparency and allow users' complaints.
    • substantially modified the provisions concerning measures in support of innovation (e.g. AI regulatory sandboxes).

    In Parliament, the discussions were led by the Committee on Internal Market and Consumer Protection (IMCO; rapporteur: Brando Benifei, S&D, Italy) and the Committee on Civil Liberties, Justice and Home Affairs (LIBE; rapporteur:  Dragos Tudorache, Renew, Romania) under a joint committee procedure. Parliament's negotiating position adopted in June 2023, inter alia:

    • amended the definition of AI systems to align it with the definition agreed by the Organisation for Economic Co-operation and Development (OECD).
    • substantially amended the list of AI systems prohibited in the EU.  
    • added the additional requirement that the systems must pose a 'significant risk' to qualify as high-risk and imposed in certain cases to carry out a fundamental rights impact assessment.
    • enshrined in the AI act a layered approach to regulate general-purpose AI systems including foundations AI models including generative AI models (such as Chat GPT) that  generate art, music and other content.
    • established an AI Office, a new EU body to support the harmonised application of the AI act, provide guidance and coordinate joint cross-border investigations.
    • agreed that research activities and the development of free and open-source AI components would be largely exempted from compliance with the AI act rules.

    Trilogue meetings took place in June, July, September, October and December 2023. Following protracted negotiations, the Council presidency and the European Parliament’s negotiators have reached a provisional agreement on the AI act on 9 December 2023. Parliament endorsed the AI act in March 2023 with 523 votes in favour, 46 against and 49 abstentions. The AI act:  

    • enshrines in EU law a definition of AI systems aligned with the revised definition and contains as well a definition of General purpose models (GPAI).
    • applies primarily to providers and deployers putting AI systems and GPAI models into service or placing on the EU market and who have their place of establishment or who are located in the EU, as well as to deployers or providers of AI systems that are established in a third country, when the output produced by their systems is used in the EU.
    • maintains the risk-based approach proposed by the Commission and classifies AI systems into several risk categories, with different degrees of regulation applying. 
    • prohibits a wider range of AI practices as originally proposed by the Commission because of their harmful impact. 
    • identifies a number of use cases in which AI systems are to be considered high risk because they can potentially create an adverse impact on people's health, safety or their fundamental rights. 
    • identifies a number of AI systems posing limited risks because of their lack of transparency (i.e. deep fakes, synthetic content) that will be subject to information and transparency requirements. 
    • allows the use of systems presenting minimal risk for people (e.g. spam filters) compliant with applicable legislation (e.g., GDPR).
    • provides specific rules for general-purpose AI models (GPAI) and for GPAI models with 'high-impact capabilities' that could pose a systemic risk and have a significant impact on the internal market. Exceptions apply to free and open-source GPAI models.
    • asks Member States to set up regulatory sandboxes and allows testing high-risk AI systems in real-world to facilitate the development,  training, testing and validation of innovative AI systems.  
    • The implementation of the AI act will be the responsibility of a number actors both at national level and at EU-level. 
    • The application of the AI act will be staged over two years (starting with the phasing out of the prohibited systems within six months after the act enters into force) and will require the European Commission to issue various implementing, delegated and guidelines. 

    The AI act has been formally adopted by Parliament during its March 2024 plenary session (corrigendum announced in the April 2024 session) before the final Council endorsement. 


    Further reading:

    Author: Tambiama Madiega, Members' Research Service,

    As of 20/04/2024.