De EU AI Act (AI-verordening) is de eerste uitgebreide AI-wet ter wereld. Vanaf 2025 moeten Europese bedrijven voldoen aan regels over transparantie, risicobeheer en verantwoord gebruik van AI-systemen.

Geldt de AI Act voor mijn webshop?

Als u AI-tools gebruikt zoals chatbots, productaanbevelingen of AI-gegenereerde content, dan gelden er transparantieverplichtingen. Zelfs een simpele chatbot valt onder Artikel 50 van de AI Act.

Wat zijn de deadlines?

De AI-literacy verplichting (Artikel 4) geldt al sinds 2 februari 2025. Transparantieverplichtingen voor chatbots en AI-content gelden vanaf 2 augustus 2026.

Wat kan ik zelf doen?

Belangrijkste stap: zorg dat gebruikers weten wanneer ze met AI communiceren. Voeg disclaimers toe bij chatbots, label AI-gegenereerde content, en vermeld AI-gebruik in uw privacybeleid.

Is deze scan juridisch advies?

Nee, onze scan is informatief en geeft een indicatie van uw compliance-status. Voor juridisch advies raden wij aan een gespecialiseerd adviseur te raadplegen.

EU AI Act: Key Developments & What They Mean for You

The EU AI Act: A Moving Target

The EU AI Act (Regulation 2024/1689) is one of the most ambitious regulatory frameworks for artificial intelligence globally. However, recent developments show that its implementation is far from static. From delays to shifting priorities, businesses must stay agile to remain compliant. Here’s what’s changed and how it impacts you.

---

Delays and Loopholes: The Oversight Gap

The European Parliament’s decision to delay parts of the AI Act’s implementation has raised concerns about weakened oversight, particularly for high-risk AI systems ^[2]. While the Act aims to ensure safety and transparency, these delays may allow some systems to bypass critical scrutiny during the transition period.

Key takeaway: High-risk AI systems (e.g., those used in healthcare, recruitment, or law enforcement) must still comply with core requirements, even if enforcement is staggered. The delay does not eliminate obligations under Art. 50 (post-market monitoring) or Art. 5 (prohibited practices).

---

General-Purpose AI Models: A New Frontier

The AI Act introduces specific rules for General-Purpose AI (GPAI) models, which underpin many modern applications like chatbots, image generators, and recommendation systems. The Center for Democracy and Technology highlights that these models must adhere to transparency and risk management standards ^[9], even if they’re not classified as high-risk.

What this means for you:

If your website uses AI tools like chatbots or content generators, document how these models are trained and deployed.
Ensure users are informed about AI interactions (e.g., disclosing chatbot usage).

---

Diverging Views on Sectoral Laws

EU countries are struggling to align the AI Act with existing sectoral laws (e.g., GDPR, medical device regulations). MLex reports that national interpretations vary, creating a patchwork of compliance requirements ^[4]. For businesses operating across multiple EU member states, this inconsistency complicates adherence.

Recommendation for webshop owners: 1. Map your AI systems to identify overlaps with sectoral laws (e.g., GDPR for data processing). 2. Consult local experts in each EU country where you operate to navigate conflicting rules.

---

The Interplay with GDPR: A Delicate Balance

Amnesty International warns that recent tech law reforms could inadvertently weaken GDPR protections by creating conflicts with the AI Act ^[1]. For example, AI-driven profiling or automated decision-making may face conflicting requirements under both frameworks.

Actionable step:

Review your data processing agreements to ensure they align with both the AI Act and GDPR.
Conduct a Data Protection Impact Assessment (DPIA) for high-risk AI systems.

---

Compliance Timeline: What’s Next?

The AI Act’s implementation is staggered, with key deadlines approaching:

February 2025: Rules for high-risk AI systems (e.g., biometric identification) take effect.
August 2025: Obligations for general-purpose AI models begin.
2026: Full enforcement for most provisions.

Kennedys Law LLP emphasizes that businesses should prioritize compliance based on their AI system’s risk level ^[7]. Use the timeline to phase your efforts, starting with the highest-risk applications.

---

Global Context: The US and Colorado’s AI Laws

While the EU leads in AI regulation, the US and individual states are not far behind. The Trump Administration is pushing for a federal AI framework, while Colorado’s AI Policy Work Group has proposed an updated framework to replace its state AI Act [3, 8]. For businesses with global operations, this means preparing for a patchwork of regulations.

Recommendation:

Monitor state-level AI laws in the US if you serve American customers.
Use the EU AI Act as a baseline to streamline compliance efforts.

---

Political Agreements: The AI Omnibus

The IAPP reports that MEPs have reached a preliminary political agreement on an AI omnibus, which may refine certain provisions of the Act ^[10]. While details are still emerging, this suggests ongoing adjustments to the framework.

What to watch:

Updates to transparency requirements for AI systems.
Clarifications on liability rules for AI-driven decisions.

---

Practical Steps for Compliance

1. Audit Your AI Systems

Start by cataloging all AI tools used on your website or in your operations. Classify them by risk level (unacceptable, high, limited, or minimal risk) as defined in Art. 6.

2. Implement Transparency Measures

For high-risk systems, ensure users are informed about AI usage. This could include:

Clear disclosures in your privacy policy.
Notices for automated decision-making (e.g., AI-driven pricing or recommendations).

3. Prepare for Post-Market Monitoring

Under Art. 50, you must monitor AI systems after deployment for risks or incidents. Set up processes to log and address issues promptly.

---

Not Legal Advice

This article provides general insights into the EU AI Act but does not constitute legal advice. For tailored guidance, consult a legal professional specializing in AI regulation.

---

Stay Ahead with AI Act Scanner

The EU AI Act is evolving, and compliance requires vigilance. AI Act Scanner helps you identify AI usage on your website and assess compliance risks in minutes. Scan your website today to stay ahead of the curve.

---