Top 10 operational impacts of the EU AI Act

This article series serves as a walkthrough of the most important components of the EU AI Act.


Last updated: October 2024


Contributors:


On 12 July 2024, the final text of the EU AI Act was published in the Official Journal of the European Union. The next step for the AI Act is its entry into force 20 days after publication, with many provisions being phased in and implemented over the coming months.

First proposed in April 2021, the AI Act underwent marathon negotiations, which concluded in a political agreement in December 2023. The final text combines a human-centric approach with a product-safety approach and is designed to establish a harmonized framework for AI regulation across the EU. The AI Act is a world first, setting a global precedent for AI regulation through its risk-based approach.

The act will be hugely important and consequential to the governance of AI in the EU and worldwide. The IAPP has launched a ten-part series on the EU AI Act's top operational impacts. Jointly written by leading European legal experts, the series will walk through the AI Act's most important features and requirements, translating its provisions into actionable terms.

The articles in this series will focus on the scope, subject matter, definitions and key actors; understanding and assessing risk; requirements for high-risk AI systems; requirements for general-purpose AI models; AI assurance, testing, evaluation and oversight; regulatory governance; post-market monitoring, information sharing and enforcement; regulatory implementation and application alongside broader EU digital regulation; and leveraging EU General Data Protection Regulation compliance.

The published text of the EU AI Act is only the beginning. After it enters into force, the act will undergo a phased approach to implementation, including further rulemaking and enforcement. Moreover, it will not come into force in a vacuum. While the AI Act is a first for EU regulation specifically targeted at the risks associated with certain AI systems, the EU has a growing digital regulatory framework with many intersections to how AI systems are governed, including via the GDPR, NIS2 Directive, Digital Services Act and Digital Markets Act. On a global level, the AI Act comes as an important addition to an increasingly dynamic regulatory ecosystem.

The IAPP Resource Center hosts a topic page dedicated to the latest developments on the EU AI Act. Additionally, the IAPP has a topic page for AI that is regularly updated with the latest news and resources.

Top 10 operational impacts of the EU AI Act

Published

Coming Soon

  • Part 10: Leveraging GDPR compliance