The European Union Artificial Intelligence Regulation (“Regulation”) started its European Union legislative journey with the proposal submitted by the European Commission on 21 April 2021 and received the approval of the European Parliament and the European Council on 13 March 2024 and 21 May 2024 respectively as a result of lengthy negotiations. This fundamental legal source, with the full name “Regulation (EU) No 2024/1689 Laying Down Harmonised Rules on Artificial Intelligence and Amending Certain Union Legislative Acts,” is published in the Official Journal of the European Union on 12 July 2024.
The Regulation entered into force on 1 August 2024, corresponding to the twentieth day after 12 July, which is the date of its publication in the Official Journal of the European Union.
Although the Regulation is briefly referred to as the “Artificial Intelligence Act” within the European Union and this usage has spread to other jurisdictions, it must be emphasised that this regulation is a European Union regulation, not national legislation. In this respect, the Regulation will enter into force in all European Union member states without the need for an additional regulation and will be applied in accordance with the stipulated timetable.
Temporal Application of the Regulation
The implementation phase of the Regulation, like its legislative preparation phase, will extend over a relatively long period. Complying with the obligations imposed by the Regulation, establishing the necessary corporate system, and overall preparation of all related actors will take time. This is undisputed by the European Union legislators themselves. For this reason, there are differences between the date of entry into force of the Regulation and the date of its application.
Different parts of the Regulation will start to apply at different times. Firstly, Chapters I and II, which include the general provisions and the provisions on prohibited artificial intelligence practices, will apply from 2 February 2025. The general application date of the Regulation is 2 August 2026. The implementation of the obligations relating to certain high-risk AI systems, which are linked to existing European Union product safety legislation, will start from 2 August 2027.
In the light of these explanations, the temporal application of the Regulation can be summarized as follows:
6 months after the Regulation enters into force
(2 February 2025) |
Member States of the European Union will phase out the prohibited systems. |
12 months after the Regulation enters into force
(2 August 2025) |
Obligations imposed on general-purpose artificial intelligence models will enter into force. |
24 months after the Regulation enters into force
(2 August 2026) |
The high-risk system obligations in Annex III of the Regulation will enter into force. |
36 months after the Regulation enters into force
(2 August 2027) |
High-risk system obligations that are currently subject to other European Union legislation will come into force. |
Main Points Regulated by the Regulation
The Regulation subjects the systems that fall within the broad definition of artificial intelligence systems and general-purpose artificial intelligence models to various technical requirements and strict obligations according to their risks and areas of use.
Non-general-purpose artificial intelligence models are not defined in the Regulation. On the other hand, artificial intelligence systems and general-purpose artificial intelligence models are defined as follows:
Artificial Intelligence System: | Artificial intelligence system refers to a machine-based system that is designed to operate with varying levels of autonomy and that may exhibit adaptiveness after deployment, and that, for explicit or implicit objectives, infers, from the input it receives, how to generate outputs such as predictions, content, recommendations, or decisions that can influence physical or virtual environments. |
General Purpose Artificial Intelligence Model: | A general-purpose artificial intelligence model refers to an AI model, including where such an AI model is trained with a large amount of data using self-supervision at scale, that displays significant generality and is capable of competently performing a wide range of distinct tasks regardless of the way the model is placed on the market and that can be integrated into a variety of downstream systems or applications, except AI models that are used for research, development or prototyping activities before they are placed on the market. |
Risk-Based Approach and Risk Classification
The systematic of the Regulation is based on the risk-based approach, which has long been strongly embedded in the regulatory efforts in various jurisdictions as well as the design of standardisation rules. In this context, the use of artificial intelligence systems in some activities is completely prohibited, while other artificial intelligence systems and general-purpose models are categorised according to their risk levels.
The classification of artificial intelligence systems is expressed under four main headings for easier understanding in the information provided by the European Commission:
- Systems with unacceptable risk: This concept refers to systems engaged in activities prohibited under Article 5 of the Regulation.
- High-risk systems: This concept refers to the systems used in the sectors and activities determined in accordance with Article 6 of the Regulation.
- Systems with limited risk: This concept refers to systems that perform functions triggering the transparency obligation under Article 50 of the Regulation
- Low-risk systems: This concept refers to systems that are neither prohibited nor high-risk.
There is a mutually exclusive hierarchy between unacceptable risk, high-risk, and low-risk systems. In other words, a system classified under one of these three categories cannot be included in another. However, systems with limited risk are different. A system that is classified as either high-risk or low-risk may also fall into the limited risk category based on its function. Therefore, it is possible to carry out activities mapped to limited risk and be subject to the relevant obligations for all systems except those prohibited due to unacceptable risk.
Scope of Application of the Regulation
The Regulation is not a sector-specific regulation and covers all sectors.
There are four fundamental conditions for the application of the Regulation, comprising three positive criteria and one negative criterion:
- There must be an artificial intelligence system or a general-purpose artificial intelligence model.
- For artificial intelligence systems, there should be one of the covered operators or a provider for the general-purpose artificial intelligence model.
- The system or the model and the respective operator must be within the territorial scope of the Regulation.
- As a negative condition, none of the exceptions to the Regulation’s application should be present.
Especially in terms of the geographical scope of application, the Regulation has the potential to directly impact Türkiye. Indeed, the Scope clause in Article 2 of the Regulation clearly states that the Regulation applies to, among others:
- Providers (whether located in the European Union or in a third country) placing on the market or putting into service AI systems or placing on the market general-purpose AI models in the European Union,
- Deployers of artificial intelligence systems that have their place of establishment or located within the European Union or in a third country, and
- Providers and deployers of artificial intelligence systems having their place of establishment or that are located in a third country, where the output produced by the artificial intelligence system is used in the European Union.
Therefore, even though the Regulation has passed through the internal legal processes of the European Union institutions and is published as an instrument of European Union law to be applied there, it will legally impact actors outside the European Union who are captured by the extraterritorial scope of the Regulation, similarly to the European Union General Data Protection Regulation. In parallel, it is already affecting the regulatory developments surrounding artificial intelligence in other jurisdictions as a comprehensive system of rules on the subject. This effect has been present since the introduction of the Regulation as a Commission proposal and its intensity will only increase over time.
Considerations for Actors in Türkiye
In light of the above explanations, the Regulation will have direct and indirect effects on actors in Türkiye.
- The Regulation will have a direct effect on operators falling within the scope specified in the Scope article, even if they are established in Türkiye.
Considering that the European Union represents a significant economic area and co-operation for Türkiye and Turkish actors, this issue will have a significant impact on actors in Türkiye.
- The Regulation, as the first legal framework in the field of artificial intelligence, significantly influences international developments.
Especially in the case of Türkiye, due to the Customs Union regulations and Türkiye’s status as a European Union candidate country, European Union regulations stand out not only as a source but also as a fundamental reference as the main reference source. In this respect, it is possible to say that the Regulation will be a significant shaping factor in the legislative work to be made in Türkiye.
Developments on Artificial Intelligence Regulations in Türkiye
Extensive studies are also carried out in Türkiye for the regulation of artificial intelligence systems.
- In 2021, the National Artificial Intelligence Strategy 2021-2025, prepared in cooperation with the Digital Transformation Office of the Presidency and the Ministry of Industry and Technology and with the participation of all relevant stakeholders, entered into force with the Presidential Circular No. 2021/18 published in the Official Gazette dated 20/08/2021 and numbered 31574.
In the strategy, the measures that will put Türkiye’s work in the field of artificial intelligence on common ground between 2021 and 2025 and the governance mechanism to be established to implement these measures are set out. Within the scope of strategic priorities, 24 objectives and 119 measures were identified.
- On 24 June 2024, Türkiye’s first Artificial Intelligence law proposal was submitted to the Presidency of the Grand National Assembly of Türkiye.
The law proposal, consisting of 8 articles, defines artificial intelligence systems as “computer-based systems capable of performing human-like cognitive functions and possessing abilities such as learning, reasoning, problem solving, perception and language comprehension”. The draft law aims to ensure the safe, ethical and fair use of artificial intelligence technologies, protect personal data and establish a regulatory framework for the development of artificial intelligence systems.
- On 24 July 2024, the National Artificial Intelligence Strategy 2024-2025 Action Plan was published.
This action plan updates the National Artificial Intelligence Strategy 2021-2025. In the long term, Türkiye’s strategic focus is mainly on developing productive artificial intelligence systems for efficient use of resources, developing value-added products and services using Turkish language models, strengthening R&D, innovation and startup ecosystems, increasing access to high-performance computing infrastructures and data, and transforming the workforce and increasing expert human resources.
Conclusion
The Regulation impacts regulatory efforts related to artificial intelligence all over the world, including the European Union and Türkiye. In terms of scope, it is designed to have a direct impact on artificial intelligence ecosystem actors outside the European Union.
Although the full implementation of the Regulation will take time, it should be considered that this time should be used efficiently to make the necessary preparations for compliance with the legislation, as such compliance cannot be achieved overnight.
Actors in Türkiye should follow the developments related to the Regulation, both because it will affect the steps to be taken in Türkiye and because they may be directly covered by it due to its broad scope of application.
Technical and legal assessments and legal analyses of the issues covered by the Regulation are time-consuming processes. In this respect, it would be beneficial for the actors that will be covered to start their assessment and analysis processes regarding the Regulation now.
To review our previous article titled The EU AI Act – First Comprehensive Legal Framework for AI, please click here.
For further information, please contact us.
Legal disclaimer: The information provided in this note is intended for informational purposes only and does not constitute legal advice.