Hello to the IA Regulation!

Hello to the IA Regulation!

The IA Regulation was published in the Official Journal of the European Union on July 12, 2024, so it is a good time to report in this post, its entry into force, as well as its scope of application.

Regulation (EU) 2024/1689, laying down harmonized rules on Artificial Intelligence (AI Regulation), is now a reality for the European Union (EU) and for those providers offering their AI services in the EU.

As we already know, this Regulation regulates the different uses of Artificial Intelligence (AI), establishing the limits regarding the risks that may arise from the use of this technology.

The Regulation divides between high-risk AI systems and prohibited practices.

Risk classification

Minimal risk

AI systems that can be developed and used subject to existing legal conditions. It is understood that AI systems to be used in Europe will be in this category.

High risk

AI systems that may have an adverse impact on the safety of individuals or their fundamental rights (e.g., personnel selection and labor relations management).

Unacceptable risk

A very limited set of particularly harmful uses of AI that contravene established EU values as they violate fundamental rights and will be prohibited.

Prohibited actions

As a consequence of the risk posed by the use of AI to our rights and freedoms, it was agreed to prohibit the following:

Sensitive Data

Categorization systems that use sensitive characteristics (e.g., political, religious, philosophical beliefs, sexual orientation, race);

Biometric data

Non-targeted extraction of facial images from the Internet or CCTV images to create facial recognition databases;

Neurodata in specific environments

Recognition of emotions in the workplace and in educational institutions;

Social Scoring

To evaluate or classify individuals or groups, based on social behavior or personal characteristics;

Manipulating human behavior

AI systems that manipulate human behavior to circumvent free will;

Exploiting personal vulnerabilities

Exploitation of people’s vulnerabilities (due to their age, disability, social or economic situation) in a way that distorts their behavior and is likely to cause harm to them or others.

Subliminal techniques

Those who deploy subliminal techniques with the objective of distorting a person’s behavior in a way that may cause physical or psychological harm to that person or others.

Other highlights of the IA Regulation are as follows:

Biometric identification systems

These systems may be implemented in public access areas for police purposes, subject to prior judicial authorization and for strictly defined crime lists, and may be used in two ways:

Post-remote

It would be used strictly in the targeted search for a person convicted of or suspected of having committed a serious crime.

In real time

It would comply with strict conditions and its use would be limited in time and location, for the purposes of:

a.- targeted searches for victims (kidnapping, trafficking, sexual exploitation)

b.- prevention of a specific and present terrorist threat,

High-risk treatment

High-risk data will be those that could potentially cause significant harm to health, safety, fundamental rights, the environment, democracy and the rule of law. In these cases, a Data Protection Impact Assessment(DPA) will be mandatory.

Transparency in all actions

Just as the General Data Protection Regulation(GDPR) implemented the principle of proactive responsibility, the Artificial Intelligence Regulation must generate the necessary technical and regulatory documentation to demonstrate compliance with the provisions of the law.

Support for SMEs

National authorities will support small and medium-sized businesses to develop and train innovative AI, prior to commercialization.

Sanctions

Failure to comply with the AI Regulation will result in fines of up to €35 million or 7% of global turnover, whichever is greater.

Entry into force and application of the IA Regulation

The Artificial Intelligence Regulation entered into force 20 days after its publication in the Official Journal of the European Union, i.e. on August 1, and will be applicable on August 2, 2024.

Article 113 of the Regulation establishes the vacatio legis of the regulation, which will be applied in parts, in different years, being fully enforceable in August 2026.

The application of the contents of the Artificial Intelligence Regulation shall be as follows:

February 2, 2025

Chapters I and II will be mandatory for this date.

Chapter III, Section 4, Chapter V, Chapter VII and Chapter XII and Article 78 shall be applicable as of August 2, 2025, with the exception of Article 101.

August 2, 2027

By this date, Article 6(1) will apply and the corresponding obligations of the Regulation will be applicable as of August 2, 2027.

Request an analysis of your AI prior to use

If you have implemented or are planning to implement an AI in your business, request a prior analysis to verify that it complies with European and Spanish data protection regulations.

Contact us by email: info@businessadapter.es, you can also call 96 131 88 04, or leave your message in this form:

[su_button url=”https://businessadapter.es/contacto” target=”blank” background=”#f6f903″ color=”#181818″ size=”7″ center=”yes” icon_color=”#000000″]Contact us, we will be pleased to help you.[/su_button]

Contact us, we will be pleased to help you.
error: Content is protected !!