June 6th, 2022
EU AI Act Primer
- The European Commission introduced the Act to establish a regulatory framework within the Union for the development of AI.
- The purpose of the Act is to create an ‘ecosystem of trust’ that manages AI risk and prioritizes human rights in the development and deployment of AI.
Duties on enterprises
- All AI deployment is subject to transparency obligations to declare to users that they are interacting with an AI and allow users to opt-out.
- High-risk AI deployment is subject to risk-management obligations to:
- Establish risk-management systems through the AI system’s lifecycle;
- Validate, test, and train data to ensure their quality;
- Provide detailed documentation for third-party assessment;
- Declare accuracy, robustness and security strategies for the mitigation of systemic failure;
- Ensure appropriate human oversight of AI systems.
What are high-risk AI systems?
- Systems are high-risk when they threaten the enjoyment of individuals’ basic rights and interests.
- The AI Act only lists a number of use-cases as high-risk:
- Biometric identification
- Management of critical infrastructure
- Educational assessment and access
- Employment decisions
- Access to essential services (private and public)
- Law enforcement
- Migration and border control
- The Act empowers the Commission to extend this list. Additions are likely to focus on AI affecting the civil rights of individuals.
Who’s in scope?
- Any company using AI systems that are on the market or produce outputs used on the market in the EU.
- This scope includes US-based enterprises with operations affecting EU citizens.
What’s the risk?
- Noncompliant enterprises face administrative fines from 4 to 6% of global revenue, and from EUR 20 to 30 million.
- Access to the European market is critical for enterprises in the digital economy.
- As with GDPR, European standards are likely to be adopted across a broad range of jurisdictions, which means that compliance with the EU AI Act is likely to be of wider importance.
AI Act compliance with Holistic AI
- HolisticAI’s research team has published and consulted widely on the EU AI Act and is firmly embedded in the European regulatory ecosystem.
- Although there are other services offering governance support for EU compliance, HolisticAIhas the unique capacity to evaluate companies’ technical and governance systems for compliance with the incoming legislation.
- HolisticAI’s is at the forefront of risk-mitigation innovation, allowing companies to manage risk sufficiently for compliance whilst optimizing their technical capacities.
- HolisticAI’s subscription package for on-going monitoring and support offers companies a cost-effective solution to life-cycle management of AI.