European Commission guidelines on practices prohibited by the AI Regulation
The European Union’s Artificial Intelligence (AI) Regulation marks a milestone in the regulation of this emerging technology, seeking to balance innovation with the protection of fundamental rights and European values.
A crucial aspect of this regulation is the identification and prohibition of AI practices considered high-risk and unacceptable. To clarify the interpretation and application of these prohibitions, the European Commission has issued specific guidelines.
These guidelines seek to promote consistent and effective application of the AI Regulation by facilitating compliance with the obligations by developers and users of AI systems.
AI law prohibitions
The AI Regulation prohibits a number of AI practices that are considered unacceptable due to their potential to infringe fundamental rights and EU values, including:
- The use of facial recognition systems and other biometric technologies for real-time mass surveillance in areas accessible to the public is prohibited. They are only allowed in specific and justified cases, such as the search for victims of crime or the prevention of imminent terrorist threats, always under judicial authorization.
- Systems that classify people based on sensitive biometric data, such as race, ethnicity, political opinions, religious beliefs or sexual orientation, are prohibited.
- The use of AI systems to evaluate or classify individuals based on their social behavior, which could lead to discrimination or exclusion, is prohibited.
- AI systems that take advantage of people’s age, disability or other vulnerabilities to manipulate their behavior or make harmful decisions are prohibited.
- The use of AI systems to infer a person’s emotions in the workplace or in educational institutions is prohibited, as this may violate privacy and dignity.
Impact of the guidelines on companies
The impact of the European Commission’s guidelines on the AI Regulation (Regulation (EU) 2024/85) on companies is considerable and covers multiple areas.
- First, companies developing, implementing or using AI systems must ensure compliance with the prohibitions and requirements set out in the AI Regulation. This involves a thorough assessment of their AI systems to identify and mitigate potential risks. The European Commission’s guidelines clarify these obligations, making it easier for companies to comply.
- Second, companies may need to restructure their internal processes to ensure that AI systems are developed and used in an ethical and legal manner. This may require the implementation of internal policies, employee training, and the creation of appropriate oversight mechanisms.
- Third, compliance with the AI Regulation may generate additional costs for companies, especially in terms of risk assessment, adapting existing systems and hiring AI and compliance experts.
- Fourth, companies that take a proactive approach toward AI Regulation compliance could gain a competitive advantage by demonstrating their commitment to ethics and accountability in the use of AI. This can enhance their reputation and build trust among customers and business partners.
- Finally, the AI Regulation and its guidelines seek to encourage responsible innovation in the field of AI. Companies that develop AI systems that comply with ethical and legal requirements could gain access to new market opportunities and strengthen their position in the industry.
Penalties for non-compliance with the IA Regulation
Penalties for non-compliance with the IA Regulation under Regulation (EU) 2024/85 vary depending on the infringement. Fines can be up to 30 million euros or, if the offender is a company, up to 6% of its total worldwide turnover for the preceding financial year, whichever is higher.
For offenses related to the provision of incorrect, incomplete or misleading information to the competent authorities, fines can be up to EUR 5 million or 1% of total worldwide turnover. Smaller fines are also established for other breaches.
