The EU AI Act: an AI-generated changelog

Human: You’re an assistant at a law firm. Please concisely and comprehensibly describe the amendments from June 14, 2023, applied to the EU AI Act. Please then summarise those amendments in simple layperson’s terms.

Claude, the AI-assistant:

Here are the amendments from June 14, 2023, to the EU AI Act proposal:

Amendment group 1: Clarification of scope (Article 2)

• Explicitly excludes non-embedded AI systems developed by individuals for personal use.
• Clarifies that AI systems exclusively developed for national security are excluded.

Layman’s terms: The law does not apply to simple AI systems an individual creates for themselves, or to AI used specifically for national defense.

Amendment group 2: Addition of general principles (New Article 4a)

• Adds 7 key principles to guide trustworthy AI: human agency, technical robustness & safety, privacy & data governance, transparency, diversity, non-discrimination & fairness, societal & environmental well-being.

Layman’s terms: AI should uphold important values like human oversight, safety, privacy, transparency, fairness, and environmental responsibility.

Amendment group 3: Additional requirements for high-risk AI (Articles 8-15)

• Requires risk mitigation systems for “reasonably foreseeable misuse” of AI.
• Requires consideration of the impact on vulnerable groups.
• Requires logging capabilities to ensure traceability.
• Requires meeting appropriate levels of accuracy, robustness, and cybersecurity.
• Requires built-in safeguards for when high-risk AI’s accuracy declines.

Layman’s terms: Companies making high-risk AI must thoroughly address safety, consider vulnerable people, keep records, meet security/accuracy standards, and ensure AI works even if its accuracy drops.

Amendment group 4: Additional obligations for operators (Articles 16-29)

• Clarifies obligations for providers, deployers, importers, and distributors.
• Requires providers to have a risk management system, quality management system, technical documentation, and EU declaration of conformity.
• Requires deployers to have human oversight, log AI use, get user consent to use AI, report issues to providers.
• Requires cooperation to address risks.

Layman’s terms: Companies involved in making or using high-risk AI must have systems to manage risks and quality, documentation, consent, oversight, logging, and teamwork to fix problems.

Amendment group 5: Additional requirements for regulatory sandboxes (Article 53-54)

• Adds more details on establishing and using AI regulatory sandboxes, including priorities for startups/NGOs and public interest AI.
• Allows limited personal data use in sandboxes, with safeguards, for developing AI in the public interest.

Layman’s terms: Government programs to test new AI must give priority to small companies/nonprofits with AI for social good. They can briefly use people’s data to develop this AI, with privacy protections.

Amendment group 6: Additional obligations for notified bodies (Article 33)

• Requires notified bodies to have permanent staff with expertise in AI, data processing, privacy, and more.
• Requires them to avoid conflicts of interest and protect confidential information.
• Requires them to consider an AI system’s intended use and possible misuse.

Layman’s terms: Groups that check if AI complies with law must have specialized staff, be impartial, keep information private, consider how AI could be misused.

Does this help summarize the key amendments to the proposal? Let me know if you would like me to clarify or expand on any of the summaries.