EU AI Act: How CIOs Can Prepare

The EU’s AI Act will become the world’s most comprehensive regulatory framework for AI. Businesses doing business in the EU will need to comply or face massive penalties.


March 25, 2024

2 Min Read
EU AI Act: How CIOs Can Prepare

The European Union has passed its sweeping AI Act, which will establish tough guidelines and penalties for businesses using artificial intelligence.

The EU will roll out the new regulations in phases between 2024 and 2027 targeting “high-risk” AI applications. Companies running afoul of the new rules could face fines of up to 7% of global turnover, or $38 million, whichever is higher.

The vote passed with 523 votes in favor, 46 against, and 49 votes not cast. The law will enter into force in May after approval from the European Council and after last-minute legal language checks. The AI Act, penned in 2021, categorizes AI risks from “unacceptable” – a designation that would earn a ban – to “high,” “medium,” and “low” hazards.

Europe is NOW a global standard-setter in AI,” Thierry Breton, the European Commissioner for Internal Market said on X, (formerly twitter).

The Commission’s Civil Liberties Committee member Dragos Tudorach lauded the AI Act’s passage, but said the work is just beginning. “The EU has delivered. We have linked the concept of artificial intelligence to the fundamental values that form the basis of our societies,” he said in a statement. “AI will push us to rethink the social contract at the heart of our democracies, our education models, labor markets, and the way we conduct warfare.

Related:EU AI Act: Welcome To The Dawn Of A New AI Era

What Businesses Can Expect

Much like the EU’s general data protection regulation (GDPR) set the standard for the way businesses collect and protect data, the AI Act is expected to have sweeping, worldwide impact on businesses. Many worldwide companies tailor their data practices to comply with GDPR as a foundational governance framework.

“This law is the most definitive stab at governing this AI monster,” Nitish Mittal, partner with IT research firm Everest Group, tells InformationWeek in an interview. He says as influential as GDPR has been for worldwide businesses, the AI Act’s influence could be more profound. “I believe this is going to have a ‘halo effect’ for other regions. GDPR deals with a very specific point around data privacy. But AI is such a big, broad existential issue for our society and businesses right now … every country is trying to see what they can do to get inspired by this law in some shape or form.”

Jonathan Dambrot, CEO of AI security and trust firm Cranium, says the regulations give businesses a needed framework as they race to adopt new AI tools. “When we look at AI, there’s still a lot of confusion,” he says. “You have CEOs sing that the risk of not using AI is higher than the risk of using AI. There’s so much investment and so much experimentation happening…”

Related:It's Time For The EU AI Act – What You Need To Know

Steep fines will be an effective motivator, Dambrot says.

Read the rest of this article in InformationWeek

Read more about:


About the Author(s)


InformationWeek, a sister site to Data Center Knowledge, is a trusted source for CIOs and IT leaders seeking comprehensive and authentic coverage of the constantly evolving world of technology and its impact on business. Our experienced and ethical journalists conduct in-depth examinations of crucial issues and the impact of global events on IT operations and strategies, helping forward-thinking executives stay at the forefront of their industries. InformationWeek also provides a platform for enterprise IT leaders and leading tech companies to share their insights and experiences through exclusive interviews, opinion pieces, and events, offering firsthand accounts of strategies, trends, and innovations.

Subscribe to the Data Center Knowledge Newsletter
Get analysis and expert insight on the latest in data center business and technology delivered to your inbox daily.

You May Also Like