EU AI Act Compliance Timeline Kicks In
The EU AI Act is moving into its phased compliance timeline, establishing a structured risk-classification framework for AI systems. A recent podcast summary highlights that the act categorizes AI by risk level, from unacceptable to minimal. The timeline, which began in early 2025, requires startups to quickly align with the new standards, particularly if their products touch on sensitive areas like biometrics or credit scoring.
The Act's prohibitions on "unacceptable risk" AI, such as government-run social scoring and manipulative techniques, have been in effect since February 2025. The next major deadline is August 2025, when rules for general-purpose AI models and the governance framework become applicable. The bulk of the rules for high-risk systems will apply from August 2026. Banned practices include AI that exploits vulnerabilities of people due to age or disability, most "real-time" remote biometric identification in public spaces for law enforcement, and emotion recognition in workplaces or schools. Untargeted scraping of facial images from the internet or CCTV to create facial recognition databases is also forbidden. For products deemed "high-risk"—like those in critical infrastructure, medical devices, or employment screening—the requirements are stringent. Startups in these areas must implement robust risk management systems, ensure high-quality, non-discriminatory datasets, maintain detailed technical documentation, and allow for human oversight. Penalties for non-compliance are severe and designed to exceed GDPR fines. Violating the ban on unacceptable AI practices can lead to fines of up to €35 million or 7% of a company's total worldwide annual turnover, whichever is higher. Other violations carry penalties of up to €15 million or 3% of turnover. The EU's comprehensive, risk-based framework contrasts sharply with the United States' more fragmented approach. The U.S. relies on a mix of sector-specific rules, federal guidelines like President Biden's Executive Order, and a patchwork of state-level legislation rather than a single binding law. In the startup's home state, California is pushing ahead with its own set of rules. Recent legislative efforts focus on issues like automated discrimination in hiring and housing, the use of AI-generated likenesses, and requiring transparency when AI makes critical decisions about individuals. New regulations for AI tools used in employment are set to take effect in October 2025.
