AI Act: EU regulations for AI applications adopted

The European Union's AI Act is intended to legally regulate the use of artificial intelligence in applications. After lengthy negotiations, the EU member states and negotiators from the European Parliament have reached an agreement. The aim is to retain opportunities for innovation, while everything should be regulated.

The AI Act as the world's first AI law

It's not surprising: where new developments are created, laws are also created. This is also the case with artificial intelligence. After the release of OpenAI's AI chatbot ChatGPT last year triggered a veritable hype around artificial intelligence, hardly a day goes by without new announcements or plans in the field of AI applications and the further development of generative AI.

The first AI law has been in the pipeline for some time and there have already been numerous discussions and proposals. An agreement has now been reached, almost a year after the publication of ChatGPT. AI has already existed in this form for many years. It has therefore taken a relatively long time for the first AI law to be passed in the form of the AI Act.

According to EU Internal Market Commissioner Thierry Breton, the AI Act is a historic step. He wrote on X (formerly Twitter): "The EU is the first continent to set clear rules for the use of AI. The AI Act is more than just a set of rules - it's a launch pad for start-ups and researchers in the EU to lead the global race for AI."

High-risk applications in the AI Act

An important point in the negotiations was copyright. As generative AI is trained with content that may be protected by copyright, but an AI cannot output any sources as its output is made up of all sources, no clear regulation is possible in this area. Instead, it was agreed that it must be ensured that no copyrights are infringed during AI development. One idea is that developers of large AI base models must disclose the training data in order to ensure access to the sources.

The focus was particularly on "high-risk applications". Which applications are considered "high-risk" is not precisely defined. However, the Commission will present a list of corresponding applications.

There are special regulations for these high-risk AI models:

• Tests with generic attacks are mandatory
• Serious incidents must be reported to the Commission

The criteria for classifying risky AI will be developed by the European AI Agency on the basis of scientific assessments.

Many decision-makers and members of the EU are somewhat hopeful that the AI Act will serve as a blueprint for further draft legislation in other countries and on other continents. They are thinking primarily of those for whom the regulations in the USA are too lenient and the requirements in China too strict. The AI Act should serve as a good middle ground. We will see whether it will set a precedent.

The AI Act and its impact on existing applications

The AI Act could also have an impact on existing applications. Nowadays, hardly any program can do without AI. Even project and service management systems such as ITIL® make use of AI.

In our seminars with the Information Technology Infrastructure Library, however, you will learn about many more possible applications of the system that make little or no use of AI. Learn the basics in our two-day ITIL®4 Foundation compact course and familiarize yourself with the most important functions of IT service management. If you don't want to lose touch, you can attend our three-day ITIL® 4 HighVelocity IT training course and master processes in fast-moving day-to-day business with flying colors.