Written by Meeri Haataja, CEO of Saidot
The act will be disruptive for teams and organizations in human resources and education: service providers in recruiting, candidate evaluation, workforce management, schools and educational institutions at all levels. Companies' HR teams deploying HR technologies. Even job advertisers. Regulative risks are becoming more central to their operations, and we can anticipate growing investments in compliance from the companies operating in these fields.
Governments will be another one of the most disrupted sectors. Public authorities using AI systems for law enforcement, migration, asylum and border control, administration of justice, health, education, traffic, or allocation of public benefits and services – will be highly impacted. For them, preparations will probably be the most challenging, considering the scale of AI activities that fall under the regulation. I anticipate that many Member States will use the opportunity not to impose administrative fines on public authorities for the same reasons.
Companies operating in regulated industries, financial services (banking, health and life insurance), health, and transport will also be impacted. For them, building preparedness will require work but may be less disruptive due to the typically more established risk, quality, and compliance processes. The focus will be on adapting those for new AI-specific requirements.
AI product companies selling to any of the above sectors will also be highly impacted. AI product companies building high-risk AI products will need to establish ways to ensure compliance throughout the product lifecycles. AI providers should also expect growing ethical requirements from their buyers while enterprises establish compliance processes across all AI they use.
Technology services companies will be indirectly impacted by growing enterprise procurement requirements and AI supply chain controls. They will also have a role in supporting directly impacted customers in establishing proper governance practices.
Tech companies and anyone providing general-purpose AI systems will need to consider the potential uses of such systems for high-risk purposes. If allowing the use for high-risk purposes, the providers must establish their compliance and ways to support the users' compliance via transparency and potential other means.
Finally, providers and users of AI systems that interact with people need to ensure that users are informed about interacting with AI. Providers and users of AI systems for biometric categorization, emotion recognition, or image/content creation and manipulation (deep fakes) must give specific notifications of such dataprocessing during the AI interaction. We're likely to see a lot of new transparency and explainability features come our way while using AI services going forward.