# EU AI Act The EU AI Act is the world's first comprehensive legal framework for artificial intelligence, adopted by the European Parliament in March 2024. It takes a risk-based approach: the higher the risk an AI system poses, the stricter the requirements. ## Risk categories - **Unacceptable risk** (banned): social scoring by governments, real-time biometric surveillance in public spaces (with narrow exceptions), manipulation of vulnerable groups, emotion recognition in workplaces and schools - **High risk** (heavy regulation): AI in critical infrastructure, education, employment, law enforcement, border control, justice. Requires conformity assessments, risk management systems, data governance, transparency, human oversight, and documentation - **Limited risk** (transparency obligations): chatbots, deepfakes, and AI-generated content must disclose their AI nature - **Minimal risk** (no restrictions): spam filters, AI in video games, most consumer applications ## General-purpose AI models Foundation models and general-purpose AI (like [[Large Language Models (LLMs)]]) have specific obligations: technical documentation, transparency about training data, copyright compliance, and publishing training compute usage. Models with "systemic risk" (trained with >10^25 FLOPs) face additional requirements including adversarial testing, incident reporting, and cybersecurity measures. ## Timeline Enforcement is phased: banned practices from February 2025, high-risk obligations from August 2026, with full enforcement by August 2027. Non-compliance penalties can reach 7% of global annual turnover. ## References - https://artificialintelligenceact.eu/ ## Related - [[AI Safety]] - [[Responsible AI]] - [[AI Guardrails]] - [[Large Language Models (LLMs)]] - [[Generative AI Risks]] - [[Ethics]]