IA
The AI Act is the very first legal framework addressing the risks of AI and enabling Europe to play a leading role on the global stage.
Reading time:
7 min
The AI Act is the very first legal framework addressing the risks of AI and enabling Europe to play a leading role on the global stage.
The AI Act (Regulation (EU) 2024/1689 laying down harmonised rules on artificial intelligence) is the very first comprehensive legal framework on AI worldwide. The aim of these rules is to foster trustworthy AI in Europe.
The AI Act sets out a clear set of risk-based rules for AI developers and deployers regarding specific uses of AI.
Should you need a digital law attorney, you can read our dedicated page.
The AI Act ensures that members of the European Union can trust what AI has to offer. While most AI systems pose limited or no risk and can help address many societal challenges, certain AI systems create risks that we must address in order to avoid undesirable outcomes.
Although existing legislation provides some protection, it is insufficient to address the specific challenges that AI systems may pose.
The AI Act defines four levels of risk for AI systems:
Since 2 February 2025, under Article 5 of the AI ACT, all AI systems considered a clear threat to the safety, livelihoods and rights of individuals are prohibited.
Let's discuss your needs for 15 minutes!
The AI Act prohibits eight practices, namely:
AI use cases that may pose serious risks to health, safety or fundamental rights are classified as high risk.
These high-risk use cases include:
High-risk AI systems are subject to strict obligations before they can be placed on the market:
I want reliable legal documents!
These are the risks associated with the need for transparency regarding the use of AI. The AI Act introduces specific information obligations to ensure that humans are informed when necessary to preserve trust. For example, when using AI systems such as chatbots, humans must be made aware that they are interacting with a machine so that they can make an informed decision.
In addition, providers of generative AI must ensure that AI-generated content is identifiable. Certain AI-generated content must be clearly and visibly labelled, in particular deep fakes and text published for the purpose of informing the public on matters of public interest.
The AI Act does not introduce rules for AI deemed to present minimal or no risk. The vast majority of AI systems currently used in the EU fall into this category. These include applications such as AI-based video games or spam filters.
HOW DOES THIS WORK IN PRACTICE FOR PROVIDERS OF HIGH-RISK AI SYSTEMS?
Once an AI system is on the market, authorities are responsible for market surveillance, deployers ensure human oversight and monitoring, and providers have a post-market monitoring system in place. Providers and deployers also report serious incidents and malfunctions.
General-purpose AI models can perform a wide range of tasks and are becoming the basis for many AI systems in the EU. Some of these models could carry systemic risks if they are highly capable or widely used. In order to ensure safe and trustworthy AI, the AI Act establishes rules for the providers of these models.
These rules cover, in particular, transparency and copyright. For models that may pose systemic risks, providers must assess and mitigate those risks.
The AI Act rules on general-purpose AI will enter into force in August 2025. The European AI Office has undertaken the development of a code of practice to detail these rules. This code is expected to be a central tool enabling providers to demonstrate compliance with the AI Act and to incorporate the latest practices.
The European AI Office, established in February 2024 within the Commission, oversees the enforcement and implementation of the AI Act in the EU Member States. It will also be responsible for overseeing the most powerful AI models, known as general-purpose AI models. The EU Member States oversee the rules applicable to AI systems and must designate supervisory authorities by 2 August 2025.
The governance of the AI Act will be ensured by three advisory bodies, namely
This multi-stakeholder governance will ensure a balanced approach to the implementation of the AI Act.
The AI Act entered into force on 1 August 2024 and will be fully applicable two years later, on 2 August 2026, with a few exceptions:
https://artificialintelligenceact.eu/fr
https://digital-strategy.ec.europa.eu/fr/policies/regulatory-framework-ai
To learn more
The AI Act (Regulation (EU) 2024/1689) is the first comprehensive legal framework on artificial intelligence worldwide. It establishes harmonised, risk-based rules for AI developers and deployers, in order to foster trustworthy artificial intelligence in Europe while regulating the most sensitive uses.
The AI Act is based on a risk-based approach, with four levels: unacceptable risk (prohibited practices), high risk (strictly regulated uses), limited risk (transparency obligations) and minimal risk (unrestricted). The more risks an AI system poses to rights and safety, the stricter the obligations.
Since 2 February 2025, Article 5 prohibits eight practices, including harmful AI-based manipulation, the exploitation of vulnerabilities, social scoring, the assessment of individual criminal risk, the untargeted scraping of facial images, emotion recognition at work and at school, and certain biometric categorisations and identifications.
These are systems likely to pose serious risks to health, safety or fundamental rights: safety components of critical infrastructure, AI in education, recruitment, access to essential services such as credit, or biometric identification. These uses are permitted but subject to strict obligations.
The AI Act takes effect in stages. The prohibitions under Article 5 have applied since 2 February 2025. Other obligations, in particular for high-risk systems and general-purpose AI models, are phased in over the following months and years. Companies must anticipate these successive deadlines.
High-risk systems must meet strict requirements: risk management, data quality, technical documentation, transparency, human oversight, robustness and cybersecurity. Providers must carry out a conformity assessment before placing the system on the market. These obligations aim to ensure a safe and controlled use.
Yes. For limited-risk systems, the AI Act imposes transparency obligations: informing users that they are interacting with an AI, and flagging AI-generated content. Generative AI is particularly concerned. These obligations aim to prevent deception and to enable an informed use of these technologies.
Preparation involves taking an inventory of the AI systems used or developed, classifying them by risk level, analysing the applicable obligations and achieving compliance (documentation, transparency, oversight). Anticipating these deadlines avoids being caught out by the timeline. Legal support helps to qualify uses and to structure compliance.
Still have questions?
Our team is available!
Have a question?

Ressources
Aller plus loin