June 29, 2023

Europe's AI Act: Key Takeaways

Introducing our second blog post on the EU AI Act, which expands upon the insights shared in our previous article. If you haven’t read our earlier post, we recommend exploring it for a comprehensive understanding of the Act’s impact on the future of AI.

With the adoption of the AI Act by the European Parliament this month, the EU took a major step forward in terms of tech policy. This landmark decision, which saw 499 votes in favor, 28 against, and 93 abstentions, positions Europe as a global leader in AI regulation.

The Parliament’s position on the AI Act highlights several key aspects.

Firstly, there is a push for a complete ban on AI for biometric surveillance, emotion recognition, and predictive policing.

Secondly, generative AI systems like ChatGPT will be required to disclose that the content they produce is AI-generated.

Lastly, AI systems used to influence voters in elections will be considered high-risk.

However, while the EU AI Act has taken one step closer towards enforcement, it’s important to note that immediate clarity cannot be expected.

This is because the draft rules will now need to be negotiated with the Council of the European Union and the European Commission, the executive branch of the EU.

Hence, the final legislation will be a compromise between the differing drafts from the three institutions - the European Commission, Council, and Parliament — also called the “trilogue.” Officials are aiming to achieve a final agreement by year-end.

A Recap of the Eu AI Act’s Risk-Based Approach

As we previously discussed in one of our articles, the EU AI Act adopts a risk-based approach, similar to the EU’s Digital Services Act. This approach imposes restrictions based on the perceived level of risk associated with an AI application.

The Regulation introduces a four-tier system based on risk levels: unacceptable risk, high risk, limited risk, and minimal risk. High-risk systems will have specific requirements for providers, including risk management, transparency, and human oversight.

The Act also has the potential to ban certain AI applications entirely if the risk is deemed “unacceptable.”

Key Implications of the Act

Prohibition of Emotion-Recognition AI: The draft text from the European Parliament bans the use of AI for emotion recognition in settings such as law enforcement, schools, and workplaces.

Restrictions on Real-Time Biometrics and Predictive Policing: The proposal to ban real-time biometrics and predictive policing in public places is expected to be a topic of contention and might require careful legislative negotiation.

Social Scoring Prohibition: The draft rules propose a prohibition on social scoring by public agencies, a practice commonly associated with autocratic governments.

Regulation of Generative AI: The draft offers the first proposals for regulating generative AI, including a ban on the use of copyrighted material in the training sets of large language models.

Greater Scrutiny of Social Media Recommendation Algorithms: The new draft categorizes recommender systems as “high risk,” subjecting them to closer inspection.

Compliance Mechanism & Penalties

In order to enforce the law, Member States will be required to establish notifying authorities and conformity assessment bodies for high-risk AI systems. Softly regulated AI will have transparency obligations for certain interactions with individuals.

Non-compliance sanctions will be similar to those under GDPR, with penalties based on a company’s worldwide annual turnover.

It’s also important to note that, while the regulation itself does not provide a specific right to compensation, violations can potentially lead to civil claims under Member State law.


Enforcement of the AI Act will primarily be the responsibility of national competent authorities in each Member State. However, the Parliament’s AI Act introduces a significant shift in the approach to market surveillance compared to the European Commission and the Council.

Specifically, the Parliament’s proposal mandates the establishment of a single national surveillance authority (NSA) in each member state. This deviates from the Council and Commission versions of the AI Act, which would allow member states to create multiple market surveillance authorities (MSAs) according to their preference.

All three AI Act proposals recognize the need for existing agencies to serve as MSAs in certain areas, such as AI in financial services, AI in consumer products, and AI in law enforcement. The Council and Commission proposals even allow for the expansion of this approach. However, the Parliament’s proposal restricts the creation of additional MSAs, requiring member states to establish only one NSA for enforcing the AI Act, with a few selected exceptions like finance and law enforcement.

This difference in approach between the three institutions will be a point of discussion during the trilogue process.

Advantages of a Single NSA Approach:

Talent and expertise: A single NSA allows for better talent recruitment and internal expertise, enhancing the enforcement of the AI Act compared to multiple distributed MSAs.

Streamlined coordination: Centralization simplifies coordination between member states, with one agency per state and a voting seat on the AI Office board for all NSAs. This eliminates the need for numerous coordination councils.

Disadvantages of a Single NSA Approach:

Fragmented oversight: Having a separate NSA from existing regulators means algorithms used in areas like hiring, workplace management, and education would be governed by different authorities than human actions in the same areas, leading to fragmented oversight.

Interpretation and implementation challenges: AI Act interpretation and implementation may suffer in some areas due to the separation of AI experts and subject matter experts in separate agencies.

Prioritizing Discussions

Given the significant impact of government oversight on the AI Act, the choice between a single NSA or multiple MSAs should be prioritized in trilogue discussions to strike a balance between centralized expertise and streamlined coordination, while addressing potential fragmentation and interpretation concerns.

Europe’s AI Act: Guiding the Future of AI Regulation

Europe’s AI Act represents a significant development in AI regulation and sets the stage for comprehensive rules governing AI applications. The risk-based approach, compliance mechanism, and enforcement provisions outlined in the Act will shape the future of AI in Europe.

While the negotiation process and implementation may take time, this landmark legislation demonstrates Europe’s commitment to addressing the ethical and societal challenges posed by AI.

Lumenova AI - Your Trusted Guide in the EU AI Act Journey

Compliance with the EU AI Act is vital for your organization’s prosperity, and we understand its significance. Lumenova AI simplifies and streamlines your compliance journey, so your organization can adhere to the EU AI Act’s requirements.

Get in touch with us at sales@lumenova.ai or via contact form, and experience the seamless integration of Lumenova AI with your existing ML stack.

Make your AI ethical, transparent, and compliant - with Lumenova AI

Book your demo