AI Act Enforced: What Changes Can We Expect?
As of February 2, 2025, the AI Act—the world’s first legislative framework for regulating AI—has begun to be incrementally implemented across Europe. This initial phase prohibits certain high-risk uses, such as emotion recognition in workplaces. Companies must now prepare for upcoming milestones, which will introduce stricter requirements based on the risk level of AI systems.
A Trailblazing Text or a Futile Effort?
Passed in May 2024 after intense negotiations among member states, the AI Act is designed to regulate the development, marketing, and usage of artificial intelligence systems according to their risk level. The Act has established four categories, each corresponding to different security levels.
The Four AI Classifications:
- Prohibited AI: Practices considered dangerous, like mass cognitive manipulation or social scoring by AI.
- High-risk AI: Systems that directly impact safety or fundamental rights (e.g., facial recognition, AI in hiring, healthcare, education).
- Limited-risk AI: Transparency requirements for certain applications (e.g., deepfakes, chatbots).
- Minimal-risk AI: Free use, no restrictions (e.g., photo filters, content recommendations).
Until now, the AI Act was in place but not fully enforceable. Since February 2, 2025, certain prohibitions have taken effect, such as the end of emotion recognition in workplaces and schools, the ban on widespread biometric surveillance systems, and the elimination of Chinese-style social scoring systems. Additional requirements will gradually come into effect, especially for businesses developing or using high-risk AI.
Businesses operating in Europe must therefore prepare for the upcoming deadlines of the AI Act. By 2026, they will need to comply with strict standards including mandatory certification for high-risk AI, regular audits, enhanced algorithm oversight, and increased transparency concerning data and automated decisions.
What is the European AI Law?
The AI Law is a European regulation on artificial intelligence (AI). It’s the first comprehensive AI regulation established by a major regulatory body. The law categorizes AI applications into three risk categories:
- Unacceptable risks: Applications and systems posing unacceptable risks, such as government-managed social scoring systems like those used in China, are prohibited.
- High-risk applications: Applications, like an employment application scanning tool that ranks candidates, are subject to specific legal requirements.
- Non-prohibited applications: Applications that are not explicitly prohibited or listed as high-risk are largely unregulated.
A Regulation That Divides Opinion
While the AI Act is praised as a significant advancement in digital ethics, it also raises concerns and criticism. Companies—particularly in key sectors like tech, finance, and healthcare—must revise their strategies now to comply with the new regulations.
Some worry that an overly rigid framework may hinder innovation and Europe’s competitiveness against the United States and China, especially as Europe is already lagging behind them. Others argue that such regulation is essential to prevent misuse and ensure the ethical development of AI.
With this initial phase of implementation, Europe is asserting its ambition to become a global leader in AI regulation. But will it fulfill this lofty goal? The coming years will be crucial in assessing the real impact of the AI Act and its influence on technological innovation in Europe. For businesses, there really isn’t much choice; they must adapt now to this new regulatory framework.
