In the second in a series of articles on the EU AI Act, Tim Hickman, Partner, and Thomas Harper, Associate, at White & Case LLP, explore the broad scope of the AI Act and its impact on the data processing activities of organisations based outside of the EU.
The EU's Artificial Intelligence Act (the 'AI Act') has recently been approved by European lawmakers and is subject to final checks before publication in the Official Journal. In Part 1 in this series, we explored the AI Act's definition of 'AI systems', and concluded that the uncertainties arising from that definition are likely to pose a major challenge for organisations seeking to understand whether their data processing activities fall within the scope of the AI Act or not. In that article, we noted that Article 2 (5b) of the AI Act states that the AI Act 'shall not affect' the GDPR, but the AI Act nevertheless imposes potentially substantial compliance obligations on data processing activities that involve the use of AI systems.
In this article, we explore the scope of the AI Act, and examine its impact on the data processing activities of organisations based outside of the EU.
Reproduced with permission from Data Protection Ireland journal.
This article is prepared for the general information of interested persons. It is not, and does not attempt to be, comprehensive in nature. Due to the general nature of its content, it should not be regarded as legal advice.
