Privacy Partnership

Based in the UK - do you still need to worry about the AI Act?

On 2 February 2025, the first rules under the EU AI Act entered into force. These included AI system definitions, literacy initiatives and the provision of a very limited list of prohibited AI uses posing unacceptable risks.

The AI Act defines an AI System as “ a machine-based system that is designed to operate with varying levels of autonomy and that may exhibit adaptiveness after deployment, and that, for explicit or implicit objectives, infers, from the input it receives, how to generate outputs such as predictions, content, recommendations, or decisions that can influence physical or virtual environments”.

The EU AI Act is broad in scope, and will apply to anyone developing AI for deployment into the EU. In scope organisations must assess their obligations and ensure compliance, particularly considering the severe penalties for breaching the law. · Organisations should assess whether their AI systems fall within the AI Act’s definition, and engage with the guidelines produced to help clarify the meaning. · Developers of AI should look to identify whether their model falls under the definitions of unacceptable risk category and keep up to date with the Commission's guidelines to prevent breaches of the AI Act.

Learn more in our newsletter

The AI Act imposes obligations on providers and developers of AI systems to “Take measures to ensure, to their best extent, a sufficient level of AI literacy of their staff and other persons dealing with the operation and use of AI systems on their behalf, taking into account their technical knowledge, experience, education and training and the context the AI systems are to be used in, and considering the persons or groups of persons on whom the AI systems are to be used.”

It is also important for organisations to understand what role they play, such as whether they are a deployer or provider following the need to identify the applicable requirements established within the Act.

Still struggling? Privacy Partnership Consultants can help organisations put AI literacy into practice and conduct AI assessments. We can offer you support in providing AI literacy training to your teams and staff, enabling you to build a strong AI literacy programme tailored to your specific industry, experience, and resources.

Find out how we can help

Data Protection Officers

DPO Services wherever you do business

Outsourced or Fractional Data Protection Officers help you fulfil your legal requirements at a fraction of the cost of a full-time employee and allow you to avoid internal conflicts of interest. We provide DPO services worldwide to some of the World's best known companies with expertise in every sector.

An Privacy Partnership DPO can act as your official regulatory point of contact for compliance with UK, European or Global Data Privacy Laws and helps you deliver on some of your key obligations under the EU GDPR , UK General Data Protection Regulation and Data Protection Act 2018 and similar legislation worldwide.

Learn more

EU AI Act Comes (Partially) into force

EU AI Act Comes (Partially) into force

Based in the UK - do you still need to worry about the AI Act?

Data Protection Officers

DPO Services wherever you do business

EU AI Act Comes (Partially) into force

EU AI Act Comes (Partially) into force

Based in the UK - do you still need to worry about the AI Act?

Data Protection Officers

DPO Services wherever you do business

Cookies

Necessary cookies

Analytics cookies