Marlene Schreiber

Access control via facial scanning, age classification in e-commerce, voice recognition in customer service, or emotion analysis in video calls – there are many applications for biometric systems in business practice. Artificial intelligence (AI) makes many of these systems better, faster, and more effective. But the use of AI with biometric data not only raises concerns among data protectionists – against the backdrop of the AI Regulation (AI-VO), many companies are asking themselves: Which biometric applications are prohibited under the AI-VO, which are considered high-risk, and when do "only" transparency obligations apply?

The rapid development of Artificial Intelligence (AI) has far-reaching impacts on all areas of life. The European Union (EU) has recognized that an appropriate legal framework is necessary to ensure the responsible use of AI and aims to be a leader in trustworthiness as well as innovation. For this reason, the AI Act has been enacted. The regulation, which has direct effect in the member states, sets clear rules and standards for dealing with AI models, AI systems, and AI content.

The AI Regulation came into force in August 2024 and its obligations for companies have been gradually coming into force since February 2025 - the scope and intensity of the requirements depend on how high the risk of the specific AI system is and what role the company plays in the AI value chain.

This article provides an overview of the transparency obligations contained in the AI Act. For the most part, these are vaguely formulated and leave a lot of room for interpretation with regard to their concrete interpretation and implementation. More clarity is only likely to be provided by the guidelines to be drawn up by the Commission and the practical guidelines to be prepared by the Office for Artificial Intelligence.

AI is playing an increasingly important role in the competition for technological pioneering roles. Companies are increasingly using AI assistants to automate processes or answer customer enquiries via chatbots, for example. However, the first AI agents are also finding their way into our everyday lives and are designed to take over complex actions and make decisions for us as "personal assistants". These new AI helpers have many advantages - but what risks and legal issues should companies take into consideration?

One less annoying bureaucratic detail: The EU Commission has decided to discontinue the online dispute resolution platform (ODR platform) for consumer disputes on 31 December 2024.

When considering the extent to which companies need to train their employees and whether an AI officer is required in connection with the use of AI, the future reference point will be the Artificial Intelligence Act (commonly referred to as the AI Act). The key provision is Article 4 of the AI Act, which regulates the requirements for companies regarding their „AI literacy.“ Article 4 stipulates that providers and operators of AI systems must take measures to ensure an „adequate level of AI literacy” among their employees and other persons involved in the operation and use of AI systems on their behalf. In addition to technical knowledge, the law also specifies appropriate training to determine the adequate level of literacy.

The AI Act came into force in Augst 2024. The first wave of obligations arising from it are already applicable since the beginning of this February 2025. For companies using or intending to offer AI-based or AI-assisted products, determining whether the AI Act applies to them is crucial.

The development and deployment of artificial intelligence (AI) raises numerous legal questions – particularly regarding liability.