Skip to content

The rapid development of Artificial Intelligence (AI) has far-reaching impacts on all areas of life. The European Union (EU) has recognized that an appropriate legal framework is necessary to ensure the responsible use of AI and aims to be a leader in trustworthiness as well as innovation. For this reason, the AI Act has been enacted. The regulation, which has direct effect in the member states, sets clear rules and standards for dealing with AI models, AI systems, and AI content.

Objectives and Contents of the AI Act

The regulation pursues several objectives, in particular:

  • It aims to protect the fundamental rights and freedoms of citizens to ensure that AI models and AI systems respect the dignity, privacy, and other fundamental rights of individuals. It should ensure that AI does not act in a discriminatory, manipulative, or otherwise harmful manner.
  • It aims to strengthen citizens’ trust in AI models and AI systems. To this end, transparency, accountability, and understandability should be promoted. This means that AI systems should be understandable and explainable.
  • It aims to promote innovation and the competitiveness of the European economy. By creating a uniform legal framework for the use of AI in the EU, companies should be encouraged to develop and use AI technologies.

The AI Act differentiates in terms of requirements between various obligations and risk classes. In particular, the focus is on high-risk AI systems. High-risk AI systems are those that pose significant risks to the health and safety or the fundamental rights of individuals. Examples of such systems include medical diagnostic systems, autonomous driving, or systems in the field of public safety. For such high-risk AI systems, the AI Act provides stricter regulations. Companies that develop or use such systems must conduct a comprehensive risk assessment that considers potential impacts on the safety, health, privacy, and fundamental rights of individuals. In addition, documentation requirements and compliance with certain technical standards are provided to ensure that these systems meet legal requirements.

The Legislative Process: The AI-Act is Here!

The European Commission presented a first draft of the AI Act in April 2021, thus initiating the legislative process. Shortly thereafter, the Council of the EU and the European Parliament began to adapt the proposal. The Council of the EU published its position in December 2022, and the Parliament reached a position through the lead committees (IMCO and LIBE) in June 2023. The proposal was discussed by various interest groups such as the ECB, the Economic and Data Protection Committees to consider different perspectives and concerns.

At the beginning of this year, Parliament and the Council were in the so-called trilogue, where representatives of the two bodies, mediated by the Commission, work out a joint legislative proposal, which then still needs to be adopted by Parliament and the Council and published in the Official Journal. It then applies bindingly throughout the EU from the specified date. Ratification by national parliaments is not necessary.

After lengthy negotiations, the AI Act was approved by the EU Parliament on March 13, 2024.

On July 12, 2024, the AI Act was finally published in the Official Journal of the EU (you can find the text here).

Next Steps: Entry into Force and Application of the AI Act

According to Article 113, the AI Act enters into force 20 days after its publication in the Official Journal, i.e., on August 1, 2024, and will come into effect in phases.

Here is a brief overview of the relevant dates for you:

  • On February 2, 2025 (Art. 113 lit. a AI Act), the general regulations must be implemented, and prohibited practices must be stopped because from then on Chapters I and II of the AI Act apply.
  • On August 2, 2025 (Art. 113 lit. b AI Act), among other things, the the application of regulations to AI systems with general-purpose use (General Purpose Artificial Intelligence) and the application and implementation of the sanction mechanism provided for in the AI Act begins.
  • On August 2, 2026 (Art. 113 AI Act), the general application of the regulation begins.
  • On August 2, 2027 (Art. 113 lit. c AI Act), the application of the implementation obligation of the harmonization provisions from Annex I begins, which in combination with other EU directives will create new high-risk application groups.

We therefore advise our clients to familiarize themselves with the AI Act now and to identify any need for action. The regulation will have significant impacts on the design of digital business models, contract design (e.g., for SaaS services with AI elements), and information obligations.