AI Act - What needs to be done in the coming months

As one of the global pioneers in the regulation of artificial intelligence, the AI Act came into force on 01 August 2024.

All news

As one of the global pioneers in the regulation of artificial intelligence, the AI Act came into force on 01 August 2024. However, the new rules are not immediately applicable from this date, but will become effective for the respective AI systems and AI applications in stages over the next 36 months according to their risk-based classification. The risk-based classification of AI systems and the associated obligations arising for the players concerned were already discussed in our KWR expert blog following political agreement on the matter in December 2023.

What does the entry into force on 01 August 2024 mean for the players which the AI Act applies to and what action is now required for companies and those in charge?

The updated rules:

After the first publications on the content of the AI Act had come out, some formal and fewer substantive changes were made:

  • Among other things, an element of relief was added with the extensive exemption of open source AI systems from the AI Act.
  • For a definition as (prohibited) subliminal influence, however, it is sufficient for damage to be reasonably probable. It is not necessary for damage to actually occur.
  • The scope of application of high-risk AI obligations has also been clarified in Annex III of the AI Act. For example, the use of AI in education for access or admission to education and the automated assessment of learning outcomes at all levels of education is now being considered high-risk AI.  

Entry into force and application of the AI Act:

  • 02/02/2025 (6 months after entry into force): On the one hand, practices classified as "prohibited" per se may no longer be used. On the other hand, providers and operators of AI systems must take measures to ensure that their staff and other persons involved in the operation and use of AI systems on their behalf have sufficient AI skills and know-how ("AI Literacy", Article 4 AI Act).
  • 02/08/2025 (12 months after entry into force): Firstly, the regulations on general purpose AI systems will apply from this date. Furthermore, the Member States must designate a notifying authority that sets up the conformity assessment bodies and is responsible for the procedures required for the assessment, designation, notification and monitoring of AI systems. The Commission and the Member States must also designate or establish the authorities and institutions provided for in the AI Act. The penalty provisions of the AI Act will also apply from this date.
  • 02/08/2026 (24 months after entry into force): From this date, all obligations under the AI Act will apply to low and minimal risk AI systems. They will also apply to high-risk AI systems; however, only the requirements listed in Annex III, but not those listed in Annex I, need to be met by the latter.
  • 02/08/2027 (36 months after entry into force): From this date, all requirements for high-risk AI systems contained in Annex I of the AI Act will also apply.

To do’s in pratical use

Not least because of the severe penalties which may be imposed in the event of a contravention, action is now required in the practical use of AI:

  • Firstly, enterprises should identify which AI systems or AI applications they are using or even developing in their own company and assign them to the respective category.  This serves to identify prohibited AI practices which must no longer be used after 02 February 2025.
  • Providers and operators of AI systems must also train their staff and data subjects accordingly as per 02 February 2025 ("AI Literacy").  Staff must therefore be made aware of the problems associated with the use of AI systems. To this end, it is advisable to create and implement guidelines which should be adapted and optimised to the relevant processes.
  • Enterprises should also familiarise themselves with the terms of use of the AI systems or AI applications they use and check for restrictions on the use of AI output. Particular attention should be paid to copyright restrictions (KWR reported).  If the AI output used makes too little of an original creative contribution, this may prevent it from being protected by copyright. Subsequent human processing of the AI output, on the other hand, could result in copyright protection. Here too, best practicesand processes should be implemented in the enterprise.
  • The protection of "secret" information and the protection of personal data also play a special role here. Such information and data should never be made available to AI.

The result is as follows:

It is advisable to start planning the implementation of the AI Act, the associated risk management and staff training now. The KWR New Technologies & Digitalisation Teamwill be happy to advise and support you in the implementation of the new AI rules!

Your contact

This website uses cookies

For offering you the best experience possible we use various types of cookies. Please select the types of cookies you would like to allow and then click on "Agree". By clicking on „Agree to all“, you agree to the use of all cookies. You can withdraw your consent at any time by changing your browser settings, with future effect. For more information about the cookies we use click here: cookie policy. Further information about data protection can be found here: data protection.

Imprint

Operational and
functional cookies
Statistic cookies


Further information