Introduction
The AI Act, which was passed on 21 May 2024, is the world’s first law on the regulation of artificial intelligence. It is expected that many industries will have to deal intensively with this regulation in the future.
It is planned that the AI Regulation will come into effect 20 days after its publication in the Official Journal of the European Union. Publication in the Official Journal of the European Union is scheduled for June/July 2024.
A staggered system of transitional periods will then come into effect. Initially, 6 months after coming into effect, the provisions on prohibited AI systems will apply and their use must be discontinued. 24 months after entry into force, the other provisions of the AI Regulation, such as the transparency obligations for generative AI systems, will apply. One exception is the obligations relating to high-risk AI systems, for which a transitional period of 36 months after entry into force is envisaged.
The purpose of the regulation, as stated in Art. 1 I of the AI Regulation, is to strengthen social trust in AI applications. For this reason, compliance requirements are placed on AI that are proportionate to the respective threat of interference with fundamental rights. With this risk-based approach, the AI Regulation should be able to react flexibly to future technical developments. For affected companies, the main challenges are likely to lie in the formalisation of the certification process and the implementation of the compliance management system.
II. Overview of key content
The definition of artificial intelligence contained in Art. 3 No. 1 AI Regulation, which is decisive for the material scope of application and on the basis of which the respective requirements for the development and use of AI are determined, deserves particular attention.
According to this definition, an AI system is a machine-based system that is designed to operate with varying degrees of autonomy, demonstrates adaptability after deployment and derives explicit or implicit goals from inputs to produce results such as predictions, content, recommendations or decisions that can influence physical or virtual environments.
This broad definition is further specified and limited by the recitals of the AI Regulation.Recital 12, for example, expressly clarifies that an application is not considered AI within the meaning of the standard if it is performed automatically on the basis of rules established by humans. Rather, AI requires independent reasoning: „An essential characteristic of AI is its ability to reason.“
A) Scope of application
Due to the digital nature of AI systems and the possibility of continuous further development during operation, it is sometimes difficult to draw clear boundaries with regard to the applicability of the AI Regulation.
Temporal scope of application
In terms of time, the AI Regulation aims to regulate AI throughout its entire life cycle. This means that the AI Regulation not only sets out requirements for the development of AI, but also provides for numerous obligations after it has been placed on the market, such as monitoring obligations. This is nothing new from the perspective of product liability law. The obligation to monitor the respective product after it has been placed on the market has always been an integral part of product liability law.
Personal scope of application
The personal scope of application includes both the deployer and the provider. According to Art. 3 No. 4 of the AI Regulation, the operator is the natural or legal person, public authority, agency or other body which uses an AI system under its authority, unless the AI system is used in the course of a personal, non-professional activity.
According to Art. 3 No. 3 of the AI Regulation, the provider is the natural or legal person, public authority, agency or other body which develops or has developed an AI-system or an AI-model for general purposes and places it on the market or puts it into service under its own name or trademark, regardless of whether this is done for remuneration or free of charge.
Local scope of application
According to Art. 2 I a) of the AI Regulation, the local scope of application covers providers that place an AI system or a system with a general purpose on the market or put it into operation in the Union. It also covers operators established in the Union. In addition to the establishment principle, the market place principle also applies.
The AI Regulation therefore also addresses providers and operators that are based in a third country but whose AI system operates in the Union. This is intended to prevent companies in third countries from not having to comply with the requirements of the AI Regulation.
(to be continued in Overview AI Regulation Part 2)
