What's Inside:
EU AI Act Timeline
When was the EU AI Act implemented? The EU AI Act entered into force on August 1, 2024, with its provisions being implemented gradually over the coming years. If you belong to one of the following categories: providers, importers, distributors or deployers, it's crucial to review the major timeline of the EU AI Act from 2025 to 2030 to understand specific obligations for your role, illustrated in detail below!
EU AI Act Timeline: 2025
- February 2, 2025: AI systems that present unacceptable risk under the AI Act are banned, with AI Literacy Obligations applying to providers and deployers, as outlined in EU AI Act Article 113.
- August 2, 2025: Obligations for general-purpose AI models take into effect for providers, as outlined in EU AI Act Article 113.
- Unacceptable risk AI systems and practices, as defined in EU AI Act Article 6(1) and Annex III, include manipulative and subliminal AI, exploitation of vulnerabilities, social scoring AI, biometric categorization, predictive criminal profiling, facial recognition database expansion, emotion recognition in workplace and education, and real-time remote biometric identification in public spaces.
- AI literacy is the knowledge and understanding that allow providers, deployers and affected persons to make an informed deployment of AI systems, as well as to gain awareness about the opportunities and risks of AI and possible harm it can cause, as defined in EU AI Act Article 3 (56). → Providers and deployers of AI systems shall take measures to ensure, to their best extent, a sufficient level of AI literacy of their staff and other persons dealing with the operation and use of AI systems on their behalf, as outlined in EU AI Act Article 4.
- General-purpose AI models refer to AI models that display significant generality and are capable of competently performing a wide range of distinct tasks, as defined in EU AI Act Article 3 (63).
EU AI Act Timeline: 2026
- August 2, 2026: The main body of the regulation will take effect, applying to providers, importers, distributors, and deployers, except for certain provisions related to high-risk AI systems, as outlined in EU AI Act Article 113.
- High-risk AI systems: AI systems that pose a significant risk of harm to the fundamental rights of natural persons, as defined in EU AI Act Article 6 (1).
EU AI Act Timeline: 2027
August 2, 2027: Obligations imposed on high-risk AI systems will apply to providers, as outlined in EU AI Act Article 113.
EU AI Act Timeline: 2030
End of 2030: The obligation to bring AI systems in large-scale IT systems for Freedom, Security, and Justice into compliance applies to operators, as outlined in EU AI Act Article 111 & Annex X.
Roles Under the EU AI Act
- Provider: A natural or legal person, public authority, agency or other body that develops an AI system or a general-purpose AI model or places an AI system on the market or puts into service in EU/EEA, as defined in EU AI Act Article 3 (3).
- Importer: A natural or legal person that is located or established in the EU that places an AI system on the EU market, as defined in EU AI Act Article 3 (6).
- Distributor: A natural or legal person in the supply chain other than provider or importer that makes an AI system available on the Union market, as part of the supply chain, as defined in EU AI Act Article 3 (7).
- Deployer: A natural or legal person, public authority, agency, or other body that uses an AI system under its authority, as defined in EU AI Act Article 3 (4).
- Operator: A provider, product manufacturer, deployer, authorized representative, importer or distributor, as defined in EU AI Act Article 3 (8).
3 Steps to Follow
Then where should you start to ensure compliance with the upcoming regulations? Here are 3 simple steps for you to follow:
1. Determine if you are working with an ‘AI system’ as defined by the EU AI Act Article 3 (1):
‘AI system’ means a machine-based system that is designed to operate with varying levels of autonomy and that may exhibit adaptiveness after deployment, and that, for explicit or implicit objectives, infers, from the input it receives, how to generate outputs such as predictions, content, recommendations, or decisions that can influence physical or virtual environments.
2. Identify which entity you belong to: Importer, deployer, distributor, or provider.
3. Review the specific regulations of the EU AI Act that apply to your entity and ensure compliance with the corresponding obligations.
Now you have a clear understanding of the EU AI Act timeline by roles and key steps! To get a visual one-pager below that sums it all up, join as a member!
DISCLAIMER: This article is for informational purposes only. This blog article is not intended to, and does not, provide legal advice or a legal opinion.
