Published on March 21, 2024, 1:31 am

The AI Act is now final: it’s crucial for CIOs to educate themselves on the prohibited or limited uses of AI systems and establish governance that spans the value chain (starting with suppliers) and all business departments. The focus is on training: appropriate data usage is key to ensuring AI compliance.

Recently, the European Parliament approved the AI Act, marking a significant step in regulating artificial intelligence within the European Union. This legislation aims to mitigate risks associated with certain AI systems that could impact fundamental rights, democracy, rule of law, environmental sustainability, while positioning the EU as a leading authority in AI innovation for humanity’s benefit.

CIOs are reminded that GDPR, the General Data Protection Regulation, remains a fundamental reference point for AI systems concerning data used for training. Compliance with EU copyright laws during training phases is also emphasized to ensure legal operation.

With the implementation of the AI Act, clear governance criteria similar to those applied in other European regulations such as the Data Act and GDPR must be enacted. This includes pressing for accelerated compliance if necessary.

The AI Act prohibits specific AI applications that threaten citizens’ rights, such as biometric categorization systems based on sensitive features and indiscriminate extraction of facial images from the Internet or closed-circuit camera recordings for facial recognition databases. Emotional recognition systems at workplaces and schools, social credit systems, and manipulative human behavior programs are also prohibited unless within certain boundaries like law enforcement exceptions.

Moreover, obligations are set for other high-risk AI systems relating to public and private basic services (e.g., healthcare and banks), border management, justice impact, and democratic processes safeguarding against risks through risk assessments, record-keeping, transparency, accuracy maintenance, and human oversight.


– High-risk AI systems necessitate compliance certifications involving conformity declarations registration within an EU database.
– Systems classified as low-risk involve interaction without unacceptable or high-risk elements like artistic deepfakes or chatbots.
– Synthetic data use is advised as it may result in anonymity but requires careful oversight due to biases or distortions inherent in any dataset.
– Training model updates are vital due to evolving information dynamics where today’s correctness might not hold tomorrow.

In conclusion,
The article delves into essential aspects of the recent developments regarding Generative AI (Artificial Intelligence) regulation under the newly implemented AI Act within Europe. It emphasizes strict guidelines and compliance measures necessary for various stakeholders involved with AI implementation.


Comments are closed.