EU Commission proposes postponement and simplification for high-risk artificial intelligence standards
Brussels suggests a delay of up to 16 months for the application of high-risk AI rules, together with simplifications for SMEs and changes on GDPR, cookies and the Data Act
From our correspondent Beda Romano
BRUSSELS - Legislative packages are multiplying at European level to simplify legislation in certain areas. The European Commission presented on Wednesday 19 November changes in the digital field. On the sensitive front of the artificial intelligence, the EU executive proposes to postpone by 16 months at most the application of the rules dedicated to high-risk situations included in the regulation known in English as the AI Act.
As a reminder, the legislation came into force in August 2024, but full implementation is planned for August 2026. It provides for the use of artificial intelligence according to a gradation of risk. Unacceptable, and therefore banned, is the use that endangers the safety and life of people as well as individual rights. Other uses are divided into three categories: high risk, low risk and minimal risk. The first case includes, among others, essential services.
In a statement published today, the European Commission announced the postponement for up to 16 months (i.e. until December 2027) of the application of the high-risk rules, 'once the EU executive can see for itself that the necessary standards and support instruments are in place' and that companies will be able to fully apply the new European rules.
For some time the idea of a postponement had been circulating in Brussels, justifying it with the urgency of a less restrictive framework to enable European companies to compete freely with American or Chinese competitors (see Il Sole/24 Ore of 11 July). The decision for a postponement has been taken, but attributing it (for now) to the need for effectively enforceable standards. That said, the Commission also proposes more substantial changes.
among other things, it suggests "extending certain simplifications granted to small and medium-sized enterprises (SMEs) and small and medium capitalisation companies (SMCs), including simplified technical documentation requirements, with savings of at least EUR 225 million per year". Changes are also proposed to a number of legislative texts, including the one on the protection of personal data on the Internet (known by its English acronym GDPR).
