Article
AI & Machine Learning

How The EU AI Act is Shaping the Future of AI Regulation

By Kitty Wheeler
February 18, 2025
undefined mins
Share this article
Prioritise Us on Google
Share this article
Prioritise Us on Google
The AI Act is shaping the digital future
The EU’s AI Act, as the first legal framework for AI, introduces a risk-based approach to regulation, addressing concerns about privacy, safety and human r

In recent years, the rapid advancement of AI technologies has outpaced regulatory frameworks, raising concerns about potential risks to privacy, safety and human rights.

As a result, the world's first legal framework for AI was created last year.

The EU AI Act introduces a risk-based approach to regulation, categorising AI systems based on their potential impact on society and individuals, setting a precedent that is likely to influence AI governance worldwide.

Aiming to foster innovation while safeguarding fundamental rights and ensuring the trustworthiness of AI systems deployed within the EU, we take a look at the ins and outs of this act and what it means for the global AI industry.

What are the broader impacts of the AI Act?

As AI continues to permeate various sectors of the economy and society, from healthcare and finance to education and law enforcement, the EU AI Act sets out to create a balanced regulatory environment.

The AI Act will be fully applicable on 2 August 2026, with some exceptions:
  • Prohibitions and AI literacy obligations entered into application from 2 February 2025
  • Governance rules and obligations for general-purpose AI models become applicable on 2 August 2025
  • Rules for high-risk AI systems embedded into regulated products have an extended transition period until 2 August 2027

It’s designed to harness the benefits of AI while mitigating its potential risks, a challenge that has become increasingly pressing in the face of rapid technological advancements.

Therefore, this framework aims to provide clarity for AI developers and deployers while offering robust protections for EU citizens.

Whilst the act aims to bring trustworthiness to AI implications, it’s also part of a broader EU strategy to position Europe as a leader in responsible AI development.

Furthermore, it complements other initiatives, such as the AI Innovation Package and the Coordinated Plan on AI, which collectively aim to strengthen AI uptake, investment and innovation across the EU while ensuring ethical and human-centric AI development.

EU AI Act introduces risk-based approach to regulation

The AI Act adopts a tiered, risk-based approach to regulation, categorising AI systems into four levels of risk: 

  • Unacceptable
  • High
  • Transparency
  • Minimal or no risk

Each category is subject to different levels of scrutiny and regulation.

“The big question is: should research and development in AI be regulated?”

Yann LeCun, Chief Scientist at Meta AI

For example, systems deemed to pose unacceptable risks, such as social scoring and manipulative AI, are prohibited outright.
The Act bans further eight specific practices, namely:

  • Harmful AI-based manipulation and deception
  • Harmful AI-based exploitation of vulnerabilities
  • Social scoring
  • Individual criminal offence risk assessment or prediction
  • Untargeted scraping of the internet or CCTV material to create or expand facial recognition databases
  • Emotion recognition in workplaces and education institutions
  • Biometric categorisation to deduce certain protected characteristics
  • Real-time remote biometric identification for law enforcement purposes in publicly accessible spaces

This means that high-risk AI systems – including those used in critical infrastructure, education and law enforcement – face strict obligations before market entry, including AI safety components in transport, AI solutions used in educational institutions and AI tools for employment and worker management.

The EU Commission says: "The AI Act ensures that Europeans can trust what AI has to offer.

Youtube Placeholder

“While most AI systems pose limited to no risk and can contribute to solving many societal challenges, certain AI systems create risks that we must address to avoid undesirable outcomes.”

Obligations for providers of high-risk AI systems

Providers of high-risk AI systems must comply with a range of obligations.

These include implementing adequate risk assessment and mitigation systems, ensuring high-quality datasets to minimise discriminatory outcomes and maintaining detailed documentation for compliance assessment.

High-risk AI systems are subject to strict obligations before they can be put on the market, including:

  • Adequate risk assessment and mitigation systems
  • High-quality datasets to minimise risks of discriminatory outcomes
  • Logging of activity to ensure traceability of results
  • Detailed documentation for authorities to assess compliance
  • Clear information to the deployer
  • Appropriate human oversight measures
  • High level of robustness, cybersecurity and accuracy
Yann LeCun, Chief Scientist at Meta AI

Tech leaders have voiced mixed approaches to the act and its obligations for companies, including Chief Scientist at Meta AI, Yann LeCun, who tells CNN: “There are clauses in the EU AI act and various other places that do regulate research and development. I don’t think it’s a good idea.

“But today, trying to figure out how to make future super-intelligent AI systems safe is like asking in 1925 ‘how do we make jet transport safe?’ And jet transport was not invented yet.”

Transparency requirements for limited risk AI systems

The AI Act also addresses transparency risks associated with certain AI systems.

For instance, when using AI systems such as chatbots, humans should be made aware that they are interacting with a machine so they can make an informed decision.

Furthermore, providers of Gen AI must ensure that AI-generated content is identifiable, with clear labelling required for deepfakes and text published to inform the public on matters of public interest.

Werner Vogels, Amazon’s CTO

Amazon’s Chief Technology Officer, Werner Vogels, voices concerns that such AI regulation could stifle innovation in some areas: “There’s a whole range of areas where I think the risks are minimal and we should let innovation run there.”

“Let’s make sure that the regulatory requirements that we put in place, companies — not just the largest company but every company in Europe — can actually implement,” he adds.

“We need to make sure that innovation continues to happen and that the innovation doesn’t just come outside Europe.”

General-purpose AI models face new regulations

The AI Act also introduces rules for providers of general-purpose AI models, which are becoming the basis for many AI systems in the EU.

These rules, set to become effective in August 2025, include transparency and copyright-related requirements.

For models that may carry systemic risks, providers will be required to assess and mitigate these risks.

The European AI Office is facilitating the development of a Code of Practice to detail these rules, which will serve as a key tool for providers to demonstrate compliance with the AI Act.

“The big question” about the new law, Yann summarises, is “should research and development in AI be regulated?”

Explore the latest edition of Technology Magazine and be part of the conversation at our global conference series, Tech & AI LIVE.

Discover all our upcoming events and secure your tickets today.

Technology Magazine is a BizClik brand

Tags

Werner VogelsAmazonYann LeCunMetaAIEUAIACTAIRegulation