lecture 4

Question 1

AI Act: Regulatory Context

Answer 1

• GDPR and law enforrcment directive
• data act, european health data space, data governance act
• digital markets act, digital services act, e-commerce directive
• AI liability directive
• product liability directive
• machinery regulation, general product safety regulation, market surveillance regulation, medical device regulation

Question 2

Outline: AI ACT

Answer 2

a) Legislative competence
b) EU approach to AI & legislative process
c) Aims & regulatory approach
d) Content
e) Definitions
f) Scope of application
g) Risk categories

Question 3

AI Act
a) Legislative Competence

Answer 3

• States: omni competent
  (Austria: allocation of competences/Art 10-15 Federal Constitutional Act)
• EU: principle of conferral of powers
  (EU treaties)
• Community of states (international law)
  (e.g. UNESCO Recommendation on the Ethics of AI)
• Market regulation (standards and norms)

Question 4

According to which articles in the TFEU is the EU
competent to regulate AI?

Answer 4

• AI Act – legislative competences
  ◦ Art 16 TFEU
  ◦ Art 114 TFEU

Question 5

AI Act
b) EU Approach to AI & Legislative Process

Answer 5

• 2018: AI expert group and European AI Alliance
• 2019: First European AI Alliance Assembly
• 2020: White Paper on AI
• 2021: AI Package (Communication on Fostering a European Approach to
  Artificial Intelligence, Coordinated Plan on Artificial Intelligence 2021
  Review, Proposal), 1st Presidency compromise text
• 2022: 2nd Presidency compromise text, General approach of the Council
  of the European Union
• 2023: Amendments adopted by the European Parliament (14th June)
• 2024: Approval in Council and Decision by Parliament; Publication in the
  Official Journal (12th July)

Question 6

AI Act
c) Aims & Regulatory Approach

Answer 6

1) Improve the functioning of the internal market
2) Protection of health, safety, fundamental rights, democracy, rule of
law, environment
3) Support innovation

Question 7

AI Act: Scope

Answer 7

Placing on the market
◦ Putting into service
◦ Use
–> EU

• Scientific Research & Development
• Military & Defence, National Security
• Non-professional activities
  → Outside of the scope of the AI Act

Question 8

AI Act: General Approach
Risk-Based Regulatory Model

Answer 8

like pyramid

on top:
inacceptable risks (eg: subliminal techniques, social scoring, emotional detection; FORBIDDEN)

–> high risks (certain products, area specific systems; QUALITY STANDARDS, eg risk managment)/ OBLIGATIONS FOR PROVIDERS, DEPLOYERS (eg certification)

–> limited risks (eg chatbots; INFORMATION AND TRANSPARENCY OBLIGATIONS)

–> minimal risks (eg AI based billing procedure; NO OBLIGATIONS)

Question 9

AI Act
d) Content

Answer 9

• 180 recitals
• 113 articles
• XIII annexes
• XIII chapters

Question 10

What are recitals?

Answer 10

• Recitals are used to interpret EU law
• If the text is not clear, the CJEU will interpret a law to give effect to the aim of the regulation, taking into
  account its context and general objectives

Question 11

Chapter I – General Provisions
Art 1 AI Act → Subject matter

Answer 11

• Harmonised rules for marketing, putting into service and use of AI systems
• Prohibition of certain AI practises
• Specific requirements for high-risk AI systems and obligations for operators
• Harmonised transparency rules for certain AI systems
• Harmonised rules for general-purpose AI models
• Market monitoring, market surveillance & enforcement
• Measures in support of innovation

Question 12

Chapter I – General Provisions
Art 2 AI Act → Scope of application (e.g.)

Answer 12

• Providers placing on the market/putting into service in the EU
• Deployers within the EU
• Providers and deployers in third countries, where output is used within the EU
• No application: military and national security purpose AI & scientific research and development & non-professional activities

Question 13

Chapter I – General Provisions
Art 3 AI Act → Definitions (e.g.)

Answer 13

• AI system
• Provider
• Deployer

Question 14

Chapter I – General Provisions
Art 4 AI Act → AI literacy

Answer 14

‘Providers and deployers of AI systems shall take measures to ensure, to their best extent, a sufficient level of AI literacy of their
staff and other persons dealing with the operation and use of AI systems on their behalf, taking into account their technical
knowledge, experience, education and training and the context the AI systems are to be used in, and considering the persons
or groups of persons on whom the AI systems are to be used

Question 15

Chapter II – Prohibited AI Practices
Art 5 AI Act

Answer 15

• AI systems that deploy subliminal techniques
• Criminal risk prediction
• Social scoring AI systems
• Biometrics
• …

Question 16

Chapter III – High-Risk AI Systems
Art 6-49 AI Act

Answer 16

• Classification of high-risk AI systems
• Requirements
• Obligations of providers and deployers of high-risk AI systems and other parties
• Notifying authorities and notified bodies
• Standards, conformity assessment, certificates, registration

Question 17

Chapters IV-V

Answer 17

Chapter IV → Transparency obligations for providers and deployers of certain AI systems
* Art 50

Chapter V → General Purpose AI Models
* Art 51-56

Chapter VI → Measures in support of innovation
* Art 57-63 → regulatory sandboxes, testing in real world conditions

Question 18

Chapters VII-IX

Answer 18

Chapter VII → Governance
* Art 64-70 → AI Office, European Artificial Intelligence Board, Advisory forum,
Scientific panel of independent experts, national competent authorities

Chapter VIII → EU database for High-risk AI systems
* Art 71

Chapter IX → Post-market monitoring, information sharing, market surveillance
* Art 72-94

Question 19

Chapters X-XIII

Answer 19

Chapter X → Codes of conduct and guidelines
Chapter XI → Delegation of power and committee procedure
Chapter XII → Penalties
Chapter XIII → Final provisions