Impact of the EU AI Act on Businesses
The European Union’s AI Act is already having a wide-reaching impact on businesses both inside and outside the economic bloc. Among the impacts are adding additional layers of complexity, adaptation challenges, and compliance costs.
However, there are also some silver linings. The EU has demonstrated stringent cross-border enforcement when it comes to foreign AI firms operating in its market, including banning apps and launching investigations over privacy. These enforcement actions demonstrate that the EU is worried about opaque data training, which could lead to stricter international data transfer rules.
The AI Act’s implications are largest for smaller European AI developers, partly because large tech companies already have strict controls for their AI products. However, the regulation will also create opportunities for companies specializing in trustworthy AI, explainability, and AI security. Large European companies could benefit from compliant and regulatory-driven AI solutions.
There is still much uncertainty regarding how the world’s most comprehensive AI regulation will be applied and enforced. The impact will depend on enforcement across EU member states, which may not end up being equal. The AI Act will likely be debated as part of trade negotiations with the U.S., further complicating its implementation.
EU Considering Simplification of the AI Act
While the business sector is debating the potential effects of the AI Act, European bureaucrats are already pitching to simplify the regulation based on input from the industry. The EU wants AI to become the “model of innovation” and an instrument to help “every company,” according to Roberto Viola, director of the European Commission’s digital department.
“We are very determined to simplify – when necessary – rules,” says Viola. “We have listened carefully about the potential risk that there’s another burden on companies, especially in terms of reporting obligations, in terms of how it could be complicated to comply with one or the other provision of the AI Act.”
One of the areas that may be simplified is the reporting obligation. According to the rulebook, AI system providers and users must inform any person exposed to it unless it is obvious from context. EU member states are expected to start consultations on simplifying the act soon.
Viola also highlighted the importance of standards for the EU’s approach to AI, including those that measure, evaluate, or carry out third-party conformity assessments. However, technical standards still have a long way before being officially recognized.
AI Testing in the UK: A Hands-Off Approach
In the neighboring UK, the government is taking a more hands-off approach to regulating AI. The UK AI Security Institute (UK AISI), the government agency tasked with AI safety, states that AI risk evaluations are an “emerging science” and not sufficiently mature to issue safety certificates.
According to Oliver Ilott, the institute’s director, “The evaluations that we’re running don’t cover every risk, and the evaluations are an emerging science. We think it’s not sufficiently mature that you could issue a safety certificate.”
Currently, there is no regulation in the UK requiring AI model developers to test their pre-deployment models through bodies such as the UK AISI. The institute also doesn’t provide a safety certificate upon completion.
Since the institute cannot force testing, cooperation from developers is based on their desire to discover problems in the technology they made. Mature standards for current AI applications should not be expected because developers are focusing their efforts on creating even more disruptive technologies.
Conclusion
The EU AI Act represents a significant step in the regulation of artificial intelligence, with implications that extend far beyond European borders. As businesses adapt to these new regulations, the potential for simplification could ease the burden on companies while fostering innovation in AI technologies.
