EU AI Act's Global Reach Questioned as Parliament Disables AI

- The AI Act has a significant extraterritorial reach, applying to any company providing AI systems or services used by people within the EU, regardless of where the company is based. This "market location" principle means that if an AI system's output is consumed in the EU, the regulation applies. - The decision by the European Parliament's IT department was driven by the conclusion that it could not guarantee the security of data processed by cloud-based AI features like writing assistants and text summarization tools. The concern is that sensitive data, including draft legislation and confidential correspondence, is sent off-device to external servers, creating unacceptable security risks. - The AI Act introduces a tiered, risk-based classification for AI systems: unacceptable risk systems are banned, high-risk systems face stringent requirements, and limited-risk systems have transparency obligations. High-risk applications include those in critical infrastructure, education, and law enforcement. - The law has a phased implementation timeline stretching to August 2027. Prohibitions on certain AI systems began in February 2025, rules for general-purpose AI models will apply from August 2025, and the majority of rules for high-risk systems will be enforced by August 2026. - Major international standards bodies, including the International Organization for Standardization (ISO), the International Electrotechnical Commission (IEC), and the International Telecommunication Union (ITU), are actively collaborating to develop global standards for AI. A key initiative is the joint development of standards covering the entire AI ecosystem, from terminology and governance to risk management and ethics. - A 2025 International AI Standards Summit is scheduled for December 2-3 in Seoul, organized by the ISO, IEC, and ITU to advance the development of global AI standards in line with objectives like the UN's Global Digital Compact. - The development of harmonized standards to support the AI Act is facing delays. The European Commission requested standards from CEN and CENELEC with an initial deadline of April 2025, but the work is now expected to extend into 2026, potentially requiring temporary solutions. - Critics have raised concerns that the AI Act's definition of AI is too broad, potentially stifling innovation by regulating simpler software systems that do not pose a significant risk. There are also worries about the compliance costs and administrative burden, particularly for small and medium-sized enterprises.