EU Debates Reforming AI Act Amid Rapid Progress

The EU's AI Act, the world's first comprehensive legal framework for artificial intelligence, employs a tiered, risk-based approach to regulation. Systems are categorized from unacceptable risk, which are banned outright, to high, limited, and minimal risk, with obligations scaling accordingly. Prohibited practices include social scoring and untargeted scraping of facial images from the internet or CCTV. For "high-risk" AI systems—those used in critical areas like infrastructure, education, hiring, and law enforcement—the requirements are stringent before market entry. Providers must conduct adequate risk assessments, use high-quality data sets to minimize bias, ensure detailed documentation, and allow for human oversight. The compliance deadline for these systems is set for mid-2026. Enforcement is managed by the newly formed European AI Office, which sits within the European Commission. This office not only supervises the rules for general-purpose AI models but also supports an "AI Pact," a voluntary initiative for companies to comply with key obligations ahead of the legal deadlines. The AI Office is staffed with technical specialists, lawyers, and policy experts and has the power to investigate infringements and recommend sanctions. This push for regulation coincides with a significant uptake of AI in the European public sector, which now has more public sector AI projects than the US and UK. Case studies include a chatbot named Muni assisting residents in 37 Danish municipalities, AI-powered traffic management in Verona, Italy, and Estonia's use of predictive models in healthcare. Half of all European "GovTech" investment deals in 2024 were AI-related. The implementation of AI in public services directly intersects with digital accessibility mandates like the Web Content Accessibility Guidelines (WCAG). As governments deploy AI chatbots and other generative UIs, ensuring these tools are perceivable, operable, understandable, and robust for users with disabilities is critical. Common failures in AI tools include a lack of keyboard navigation support and the absence of descriptive alt text for AI-generated images, which violates core WCAG principles. Service design principles are crucial for integrating these complex AI systems into public-facing government services. The practice involves mapping the entire user journey—from online applications to in-person interactions—to ensure the technology serves both citizens and the civil servants who operate the systems. Good service design brings policy, operations, and technology teams together early to align on how AI can improve a service without creating new points of friction. Despite the progress, member states are divided on the AI Act's complexity, with countries like Denmark calling for simplification while Germany warns against altering the law's core structure. Industry groups have also voiced concerns that high compliance costs could stifle innovation. In response to these concerns, the EU is supporting innovation through "regulatory sandboxes," which are controlled environments where companies can test new AI products with regulatory supervision before a full market launch.