An insightful look into 'AI systems with 'unacceptable risk' are now banned in the EU'

AI systems with 'unacceptable risk' are now banned in the EU

The European Union has enacted a groundbreaking AI regulatory framework, the AI Act, which empowers regulators to ban AI systems deemed to pose "unacceptable risk." Effective from February 2, 2025, the Act categorizes AI applications into four risk levels: minimal, limited, high, and unacceptable. Highlighted prohibited uses include AI technologies that manipulate personal decisions, exploit vulnerabilities, predict criminal behavior based on appearance, and infer emotions in educational or work settings. Companies in violation face substantial penalties, emphasizing the EU's commitment to ethical AI deployment. While some tech giants like Google and Amazon have voluntarily begun compliance, others remain outside the initial agreement. Exemptions exist for specific uses like law enforcement with authorization, suggesting a nuanced approach to regulation. As implementation
Contact us see how we can help

EU Enforces Ban on AI Systems with 'Unacceptable Risk'

Introduction

The European Union (EU) has enacted a groundbreaking regulatory measure, prohibiting the use of artificial intelligence (AI) systems identified as presenting an "unacceptable risk." This new regulation is part of the EU's ambitious AI Act, which aims to ensure ethical AI practices within the bloc.

Details of the AI Act

Implementation Timeline

On February 2, 2025, the first compliance deadline for the EU's AI Act came into effect, marking a significant milestone in the bloc's commitment to AI regulation. Initially passed in March 2024 and officially enforced starting August 1, 2024, the Act now requires companies to align with its standards.

Risk Classification System

The AI Act categorizes AI systems into four distinct risk levels: 1. Minimal Risk: Applications such as email spam filters fall here, facing no regulatory scrutiny. 2. Limited Risk: Systems like customer service chatbots are subjected to minimal regulatory checks. 3. High Risk: This includes AI used in healthcare, which will undergo strict regulatory oversight. 4. Unacceptable Risk: Systems in this category face outright prohibition due to potential harms.

Prohibited AI Applications

AI systems deemed 'unacceptable' include: - Social scoring systems that develop risk profiles based on behavior. - AI models that subliminally or deceptively influence decisions. - Technologies exploiting vulnerabilities related to age or socioeconomic status. - Predictive policing systems based on physical appearance. - Biometric inference of personal traits such as sexual orientation. - Real-time biometric collection for law enforcement under routine conditions. - Emotion detection technologies within professional and educational settings. - Facial recognition databases compiled through unsanctioned image collection. Organizations breaching these regulations face severe penalties, including fines up to €35 million or 7% of annual revenue, depending on which is higher.

Industry Responses and Preliminary Measures

Voluntary Compliance

Before the formal enactment of the AI Act, over 100 companies including Amazon, Google, and OpenAI committed to the EU AI Pact—a voluntary initiative aimed at early adoption of the regulation's principles. Notably, companies like Meta and Apple have abstained from this pact but are still expected to comply with the restrictive measures.

Insights from Experts

Rob Sumroy, head of technology at Slaughter and May, emphasized the transitional phase organizations undergo to align with compliance mandates. "By August, enforcement measures will intensify, highlighting the need for clear guidelines and standards."

Exemptions and Future Clarifications

Permissible Use Cases

The AI Act provides specific exemptions for law enforcement, allowing the use of biometric systems in public areas under urgent circumstances, such as locating missing persons or mitigating imminent security threats. These exceptions necessitate authorization from relevant authorities.

Pending Guidelines

The European Commission is poised to release further guidelines to refine AI Act implementations, although these have yet to be published. Additionally, the interaction of the AI Act with existing laws like GDPR and NIS2 presents a complex legal landscape for organizations to navigate. Sumroy stresses the importance of understanding how these frameworks coalesce, urging entities to adapt to the multifaceted regulatory environment.

Conclusion

The EU's AI Act exemplifies a rigorous approach to AI governance, balancing innovation with ethical oversight. As compliance deadlines approach, organizations must remain vigilant in adhering to these regulations to avoid severe financial penalties and contribute to a transparent, responsible AI ecosystem.
Contact us see how we can help