1.5 KiB
EU AI Act
EU AI Act
First comprehensive AI regulation globally (effective August 2026). Risk-based tiers: unacceptable (banned), high-risk (conformity assessment), limited (transparency), minimal (code of conduct). High-risk systems require: risk management, data governance, technical documentation, transparency, human oversight, accuracy/robustness/cybersecurity. Third-party conformity assessment for some high-risk systems (notified bodies).
Who must comply: Providers and deployers of AI systems in the EU. Extraterritorial if the AI system output is used in the EU. Scope covers GPAI (general-purpose AI) with additional obligations for systemic-risk GPAI.
Penalties: Up to 35M EUR or 7% of global turnover (higher than GDPR).
Why it matters: The EU AI Act's conformity assessment requirement creates an instant certification market. Passepartout's gate stack can serve as the human oversight and accuracy/robustness infrastructure for any AI system deployed through it. The verification monopoly argument applies at maximum force: an ACL2-verified gate stack is the most defensible approach to AI Act compliance. First-mover advantage: the regulation takes effect August 2026. No certification body or tool vendor has an ACL2-based compliance pipeline. First to market captures the standard-setting role.