Data Privacy

2 Min

EU AI Act: Parliament passes landmark legislation

Ander Lozano Zurita
Ander Lozano Zurita

Privacy Consultant

Members of the European Parliament (MEPs) have approved the EU Artificial Intelligence Act (EU AI Act). The landmark legislation represents a significant milestone in regulating AI technologies and is the world’s first ever comprehensive AI law. Here’s an overview of what happened and what it could mean for your organisation. 

In this blog post, we'll cover:

Brief overview of the EU AI Act 

The EU AI Act, agreed in negotiations with member states in December 2023, received MEP’s endorsement on March 13, 2024 with 523 votes in favour, 46 against and 49 abstentions.  

Overall, the law aims to balance the need for innovation with the need to safeguard individual rights and values. Its implementation and enforcement will shape the future landscape of AI development and usage in the EU and is likely to influence global regulatory frameworks, too.

 

What does the EU AI Act cover?

The AI Act will have the power to ban certain AI applications that legislators consider likely to threaten people’s rights, including social scoring and predictive policing.

It will also categorise AI systems into low, high and critical risk categories. The higher the risk, the higher the need for oversight. The regulation also emphasises the need for transparency – particularly regarding compliance with EU copyright law and model evaluation.  

It has teeth, too. Violations can result in hefty fines of up to €35 million or 7% of annual turnover. 

Learn more about the details and history of the EU AI Act.

 

What does the EU AI Act mean for my business? 

If your organisation uses high-risk AI system, you can expect the need to prepare for full risk assessments, additional transparency reports and more human oversight. And it means you’ll need to think about technical documentation that outlines how you use AI in your business. 

Learn more about the AI act in our upcoming webinar 

Join our experts to discuss the EU AI Act and its implications. We’ll cover:

  • Key requirements of the AI Act  
  • Expected implementation timeline
  • Potential implications for GDPR and existing privacy regulations
  • Proactive steps you can take starting today to prepare your systems and procedures for compliance

Register for free right here.  

 

Timeline and next steps

The EU AI Act will now go through a final legal check and is expected to be finally adopted before the end of the legislature. Upon formal endorsement by the Council, the EU AI Act will come into effect 20 days after its publication in the official Journal, and it will be fully applicabile 24 months after that. 

Exceptions to the general application include:

  • Bans on prohibited practices will apply six months after the entry into force date  
  • Codes of practice will apply nine months after entry into force
  • General-purpose AI rules including governance will apply 12 months after entry into force
  • Obligations for high-risk systems will apply 36 months after entry into force  

 

Stay informed and prepare your company for compliance

The EU AI Act is nearly here! By proactively preparing your systems and procedures for compliance, you're not just avoiding legal hurdles and hefty fines – you're becoming a part of a responsible AI movement that upholds fundamental rights and champions innovation. 

Reach out to us if you could use advice on ensuring compliance in your organisation. 

 

 
Originally published updated
Tags Data Privacy

About the author

Ander Lozano Zurita Ander Lozano Zurita
Ander Lozano Zurita

Privacy Consultant

Ander Lozano Zurita is a legal expert with a focus on data privacy (EU and UK GDPR). As a Privacy Consultant at DataGuard, he is leveraging his knowledge and experience working with international companies to support mainly corporate customers and drive DataGuard’s expansion into the UK. As a lawyer, he specialised in business law and legal tech, and over the years he has gained practical experience dealing with cross-border data transfers and different privacy laws around the world. During his studies at the Instituto Tecnológico Autónomo de México and the IE University in Madrid, Spain, he was able to expand his knowledge and understanding of the GDPR. After that, he worked for three years in different international law firms where he advised customers of all sizes.

Explore more articles

Don’t miss these topics:

Related Articles

Enterprise data security solutions
Information security

6 Min

Enterprise data security solutions

Discover the essence of enterprise data security: hardware and software solutions, GDPR compliance, and robust protection against evolving cyber threats.

Read more
Components of data security
Information security

6 Min

Components of data security

Secure your data with encryption, access controls & compliance. Learn about GDPR, HIPAA & more. Prioritize data protection now!

Read more
What is data management in cyber security?
Information security

5 Min

What is data management in cyber security?

Unlock the power of data management in cybersecurity. Explore best practices, tools, and types, including Master Data Management (MDM).

Read more
What is data security management?
Information security

7 Min

What is data security management?

Learn about Data Security Management: Strategies, technologies, and processes to safeguard data from unauthorized access, breaches, and cyber threats.

Read more
American Privacy Rights Act (APRA): What it could mean for EU businesses and regulators
Information security

3 Min

American Privacy Rights Act (APRA): What it could mean for EU businesses and regulators

The US congress has released a draft of proposed new U.S. privacy laws. Here’s what the American Privacy Rights Act (APRA) could mean for your business.

Read more
What is data protection and why is it important?
Information security

6 Min

What is data protection and why is it important?

Discover the role of data privacy, effective management, and breach prevention. Ensure GDPR and CCPA compliance. Safeguard sensitive information.

Read more

Contact Sales

See what DataGuard can do for you.

Find out how our Privacy, InfoSec and Compliance solutions can help you boost trust, reduce risks and drive revenue.

  • 100% success in ISO 27001 audits to date 
  • 40% total cost of ownership (TCO) reduction
  • A scalable easy-to-use web-based platform
  • Actionable business advice from in-house experts

Trusted by customers

Canon Logo Contact Hyatt Logo Contact Holiday Inn Logo Contact Unicef Logo Contact Veganz Logo Contact Burger King Logo Contact First Group Logo Contact TOCA Social Logo Contact Arri Logo Contact K Line Logo Contact

Get to know DataGuard

Simplify compliance

  • External data protection officer
  • Audit of your privacy status-quo
  • Ongoing GDPR support from a industry experts
  • Automate repetitive privacy tasks
  • Priority support during breaches and emergencies
  • Get a defensible GDPR position - fast!

Trusted by customers

Canon Logo Contact Hyatt Logo Contact Holiday Inn Logo Contact Unicef Logo Contact Veganz Logo Contact Burger King Logo Contact First Group Logo Contact TOCA Social Logo Contact Arri Logo Contact K Line Logo Contact

Get to know DataGuard

Simplify compliance

  • Continuous support on your journey towards the certifications on ISO 27001 and TISAX®️, as well as NIS2 Compliance.
  • Benefit from 1:1 consulting
  • Set up an easy-to-use ISMS with our Info-Sec platform
  • Automatically generate mandatory policies
Certified-Icon

100% success in ISO 27001 audits to date

 

 

TISAX® is a registered trademark of the ENX Association. DataGuard is not affiliated with the ENX Association. We provide consultation and support for the assessment on TISAX® only. The ENX Association does not take any responsibility for any content shown on DataGuard's website.

Trusted by customers

Canon Logo Contact Hyatt Logo Contact Holiday Inn Logo Contact Unicef Logo Contact Veganz Logo Contact Burger King Logo Contact First Group Logo Contact TOCA Social Logo Contact Arri Logo Contact K Line Logo Contact

Get to know DataGuard

Simplify compliance

  • Transparent consent collection
  • Comply with GDPR, CCPA, LGPD, ePrivacy, and more
  • Consolidate consents across multiple touchpoints
  • Support from privacy experts
  • Integrates with your marketing tools and CRM

Trusted by customers

Canon Logo Contact Hyatt Logo Contact Holiday Inn Logo Contact Unicef Logo Contact Veganz Logo Contact Burger King Logo Contact First Group Logo Contact TOCA Social Logo Contact Arri Logo Contact K Line Logo Contact

Get to know DataGuard

Simplify compliance

  • Proactive support
  • Create essential documents and policies
  • Staff compliance training
  • Advice from industry experts

Trusted by customers

Canon Logo Contact Hyatt Logo Contact Holiday Inn Logo Contact Unicef Logo Contact Veganz Logo Contact Burger King Logo Contact First Group Logo Contact TOCA Social Logo Contact Arri Logo Contact K Line Logo Contact

Get to know DataGuard

Simplify compliance

  • Comply with the EU Whistleblowing Directive
  • Centralised digital whistleblowing system
  • Fast implementation
  • Guidance from compliance experts
  • Transparent reporting

Trusted by customers

Canon Logo Contact Hyatt Logo Contact Holiday Inn Logo Contact Unicef Logo Contact Veganz Logo Contact Burger King Logo Contact First Group Logo Contact TOCA Social Logo Contact Arri Logo Contact K Line Logo Contact

Let's talk