The AI Act and Its Limits

Regulation

The AI Act and Its Limits

The European Union has produced the most comprehensive AI regulation in the world. It also contains exemptions large enough to drive a surveillance apparatus through, and an implementation timeline that has given industry four years to prepare.

By the Editors — AI;DR, Issue 1 — Drafted with Claude Sonnet 4 · Editorial review by the editors · Sources: EUR-Lex, AlgorithmWatch, Access Now

The European AI Act entered into force in August 2024, following three years of negotiation that began with a Commission proposal in April 2021.[1] It is, by any measure, a significant piece of legislation: the first binding legal framework in the world to regulate artificial intelligence systems by risk category, impose conformity assessment requirements on high-risk applications, and ban a defined set of uses outright. It is also a document that has been substantially shaped by the industries it was designed to regulate — and that contains exemptions which civil society organisations have been documenting, publicly, since before the ink was dry.

The risk classification structure is the Act’s central architecture. Systems are divided into four tiers: unacceptable risk (banned), high risk (regulated), limited risk (transparency obligations), and minimal risk (no specific obligations). The banned category is narrow and specific: social scoring by public authorities, real-time remote biometric identification in public spaces, subliminal manipulation, and systems that exploit vulnerability.[2] The high-risk category is broader, covering AI used in critical infrastructure, education, employment, essential services, law enforcement, migration, and the administration of justice. For high-risk systems, providers must conduct conformity assessments, maintain technical documentation, and register their systems in a publicly accessible EU database.

The exemption for national security is not an edge case. It is a gap large enough to contain the surveillance practices that the ban on biometric identification was supposed to address.

The exemptions begin where the bans end. The prohibition on real-time remote biometric identification in public spaces — the most-discussed provision before the Act’s adoption — applies to law enforcement use in publicly accessible spaces, but with listed exceptions: the search for specific crime victims, the prevention of a specific and imminent terrorist threat, and the prosecution of criminal offences carrying a sentence of at least three years.[3] These exceptions are subject to judicial authorisation and time limits. They are also, as Access Now and other civil society organisations have argued, broad enough to encompass the routine use cases that the ban was intended to prevent.

The national security exemption is categorical. Article 2(3) of the Act states that it does not apply to AI systems developed or used exclusively for military, national security, or defence purposes.[4] This is not a narrow carve-out for intelligence services. It covers the development of lethal autonomous weapons systems, predictive policing tools used by security agencies, and mass surveillance infrastructure operated for national security purposes. The Act, in effect, regulates the commercial AI market while leaving the state use of AI in its most consequential applications entirely unaddressed.

The lobbying record is documented. AlgorithmWatch and Corporate Europe Observatory published a detailed account in 2022 of industry engagement with the Commission and Parliament during the drafting process.[5] Among the outcomes they identified: the removal of an early proposal to ban AI-based emotion recognition in employment and education contexts (it was reclassified as high-risk, not banned); the narrowing of the general-purpose AI provisions; and the insertion of language allowing self-assessment for many high-risk applications rather than requiring third-party audit. None of these changes were secret. They were made through the ordinary process of legislative amendment. The records are public.

The implementation timeline compounds the concern. The ban on unacceptable-risk systems applied six months after entry into force. Obligations for general-purpose AI models applied after twelve months. The high-risk system requirements — the core of the regulatory framework — do not fully apply until August 2026 for new systems, and August 2027 for existing ones already on the market.[6] Companies that began preparing for compliance when the Commission first proposed the regulation in 2021 have had, by the time the high-risk obligations bite, six years to adapt. Companies that find the obligations prohibitive have had six years to lobby for amendments or structure their products to fall outside the high-risk categories.

None of this is an argument against the AI Act. A legal framework with gaps is better than no framework. The GDPR, also imperfect and shaped by industry during its passage, has produced significant enforcement actions, established the right to erasure as a practical reality, and created a template that other jurisdictions have adapted. The question is not whether the AI Act is sufficient. It is whether the gaps that have been engineered into it will be closed before they are exploited at scale, and whether the enforcement bodies that will be responsible for implementation — national market surveillance authorities, newly created AI offices — will receive the resources and independence that enforcement requires.

The civil society organisations that tracked the lobbying are still watching. Their records are public. Reading them, before the implementation period ends, remains the most productive form of scrutiny available to anyone who believes that the regulation of powerful technology should not be left entirely to those who profit from it.

Sources & References

[1]

European Commission — Proposal for a Regulation of the European Parliament and of the Council laying down harmonised rules on artificial intelligence (Artificial Intelligence Act). COM/2021/206 final, 21 April 2021. Original Commission proposal, subsequently amended through legislative process. Legislation
EUR-Lex →

[2]

European Parliament & Council — Regulation (EU) 2024/1689 on Artificial Intelligence (AI Act). Article 5: Prohibited AI practices. Official Journal of the European Union, L 2024/1689, 12 July 2024. Legislation
EUR-Lex →

[3]

Access Now — The EU AI Act: A Critical Assessment. Policy brief, September 2024. Analysis of the law enforcement biometric identification exceptions, with reference to Article 5(2)–5(6). Report
accessnow.org →

[4]

Regulation (EU) 2024/1689 — Article 2(3): Scope exclusion for national security, defence, and military purposes. See also Recital 15, which clarifies that the exclusion covers both Member State and third-country military use of AI systems developed in the EU. Legislation
EUR-Lex →

[5]

AlgorithmWatch & Corporate Europe Observatory — Tracking the AI Act: How Industry Lobbying Shaped Europe’s AI Regulation. Joint report, 2022–2024. Tracks 300+ lobbying meetings, amendment proposals, and final legislative outcomes across three years of AI Act negotiations. Report
algorithmwatch.org →

[6]

Regulation (EU) 2024/1689 — Article 113: Entry into force and application dates. Prohibited practices: 6 months (February 2025). GPAI obligations: 12 months (August 2025). High-risk system obligations: 24 months for new systems (August 2026), 36 months for existing market systems (August 2027). Legislation
EUR-Lex →