The AI Act is a sweeping set of rules for tech companies operating in the EU that bans certain uses of AI tools and imposes transparency requirements on developers. The law was officially passed in March after two years of back-and-forth and includes several phases of compliance that will happen in waves.
Now that the full text has been publishedofficially starts the countdown of compliance deadlines that companies must meet. The AI Act will go into effect in 20 days, on August 1, and future deadlines will be tied to that date.
Recent law prohibits certain uses of artificial intelligenceand these bans are part of the first term. The AI Act bans applications that “endanger the rights of citizens,” such as biometric categorization to infer information such as sexual orientation or religion, or untargeted scraping of faces from the Internet or security camera footage. Systems that attempt to read emotions are banned in the workplace and schools, as are social scoring systems. In some cases, the operate of predictive police tools is also banned. These applications are considered to pose “unacceptable risks,” and tech companies will have until February 2, 2025, to comply.
Nine months after the law takes effect, on May 2, 2025, developers will have codes of conduct, a set of rules that outline what compliance looks like: benchmarks they must meet; key performance indicators; specific transparency requirements; and more. Three months after that—in August 2025—“industry-wide AI systems” like chatbots must comply with copyright law and meet transparency requirements, such as sharing summaries of the data used to train the systems.
By August 2026, the AI Act will apply to companies operating in the EU. Developers of certain “high-risk” AI systems will have up to 36 months (until August 2027) to comply with the rules on issues such as risk assessment and human oversight. This level of risk includes applications integrated with infrastructure, employment, necessary services such as banking and healthcare, and the justice system.
Failure to comply will result in penalties for the offending company, either a percentage of total revenue or a fixed amount. Violating prohibited systems carries the highest penalty: €35 million (about $38 million), or 7% of global annual revenue.
