Summary of Article 49
- Responsibilities of Providers and Authorised Representatives: Providers and authorised representatives must register themselves and their high-risk AI systems in the EU database, or at the national level for systems listed in point 2 of Annex III, before placing them on the market or putting them into service.
- Responsibilities of Deployers: Deployers that are public authorities or Union institutions must register themselves, select the system, and register its use in the EU database before putting high-risk AI systems into service.
- Responsibilities for Sensitive Systems: For high-risk AI systems related to law enforcement, migration, asylum, and border control, registration must occur in a secure, non-public section of the EU database, accessible only to the Commission and designated national authorities.
Responsibilities of Providers and Authorised Representatives
1. Before placing on the market or putting into service a high-risk AI system listed in Annex III, with the exception of high-risk AI systems referred to in point 2 of Annex III, the provider or, where applicable, the authorised representative shall register themselves and their system in the EU database referred to in Article 71.
2. Before placing on the market or putting into service an AI system for which the provider has concluded that it is not high-risk according to Article 6(3), that provider or, where applicable, the authorised representative shall register themselves and that system in the EU database referred to in Article 71.
5. High-risk AI systems referred to in point 2 of Annex III shall be registered at national level.
Responsibilities of Deployers
3. Before putting into service or using a high-risk AI system listed in Annex III, with the exception of high-risk AI systems listed in point 2 of Annex III, deployers that are public authorities, Union institutions, bodies, offices or agencies or persons acting on their behalf shall register themselves, select the system and register its use in the EU database referred to in Article 71.
Responsibilities for Sensitive Systems
4. For high-risk AI systems referred to in points 1, 6 and 7 of Annex III, in the areas of law enforcement, migration, asylum and border control management, the registration referred to in paragraphs 1, 2 and 3 of this Article shall be in a secure non-public section of the EU database referred to in Article 71 and shall include only the following information, as applicable, referred to in:
(a) section A, points 1 to 10, of Annex VIII, with the exception of points 6, 8 and 9;
(b) Section B, points 1 to 5, and points 8 and 9 of Annex VIII;
(c) section C, points 1 to 3, of Annex VIII;
(d) points 1, 2, 3 and 5, of Annex IX. Only the Commission and national authorities referred to in Article 74(8) shall have access to the respective restricted sections of the EU database listed in the first subparagraph of this paragraph.
