EU law in the making for Artificial intelligence


Artificial intelligence (AI) has become part of our everyday lives in recent years. Innovative programming options, software systems and robots simplify human life and make many work processes more efficient. The areas of application now include translations, search engines, autonomous driving, smart homes and even medical diagnostics.

AI-based programmes simulate human intelligence, combine new deep learning and data processing capabilities, and perform complex tasks virtually without human control or supervision. Because there are huge amounts of data to be processed, these systems rely on algorithms, so AI decision-making is often opaque. This also makes it much more difficult to predict the behaviour of an AI-equipped product and understand the possible causes of damage. In addition, AI products are inherently much more vulnerable to cyber threats.

Consequently, on 21 April 2021, the EU introduced its proposal for the Artificial Intelligence Regulation “EU AI Regulation”. Under the proposal, which will be directly applicable in EU Member States and will also have extra-territorial reach, developers and users as well as importers of AI systems shall be subject to major new obligations. The proposal also sets dissuasive fines of up to EUR 30 million for companies that breach the EU AI Regulation, or up to 6% of their global annual turnover in the previous financial year. The proposal is based on a risk assessment approach following the concept of “the higher the risk, the stricter the rule”, divides AI systems into four categories:

  • Unacceptable risks: Those AI-systems will be banned (e. g. a clear threat to the safety, livelihoods and rights of people, etc.)

  • High risks: Only will be allowed if AI complies with certain mandatory requirements (e.g., data management, documentation and record-keeping, transparency and provision of information to users)

  • Low risks: Will only be subject to specific transparency obligations (e. g. citizens must know that a machine is interacting with them on the other side)

  • Minimum risk: No specific obligations shall apply.

The process within the EU regarding the final wording of the said draft regulation is not finished, so it has not yet been adopted. Moreover, in September 2022, the EU introduced a new AI Liability Directive, with the purpose to improve the functioning of the internal market by laying down non-contractual civil liability for damage caused by the involvement of AI systems. As the EU member states are waiting for the adoption of comprehensive rules concerning AI for the whole EU, they have not yet adopted any specific binding regulations for AI. However, in this regard, the Slovak Republic has already adopted Slovakia’s Digital Transformation Strategy 2030 accordingly and the follow-up Digital Transformation Action Plan for 2019-2022.

From the perspective of the Austrian political AI strategy, the Federal Ministry for Climate Protection, Environment, Energy, Mobility, Innovation and Technology has published the Artificial Intelligence Mission Austria 2030 plus Annex based on the EU Coordinated Action Plan on AI.