AI Act: The Commission’s New Guidelines on Prohibited Practices
Skip to main content
Select location France
  • Insights
  • AI Act: The Commission’s New Guidelines on Prohibited Practices
Insight

AI Act: The Commission’s New Guidelines on Prohibited Practices

Marguerite Brac de La Perrière
06/02/2025
A dark background with a web of interconnected blue and purple lines forming a network. Numerous glowing white nodes are scattered throughout the web, creating a complex, geometric pattern that suggests a digital or technological theme.

Locations

France

Following the entry into force on February 2 of the first chapters concerning AI control and prohibited practices, and at a time of heated debate over Deepseek, these guidelines include practical guidance for suppliers and users of AI systems, reminding them in particular that:
 

  • the material scope of the AI Act covers practices relating to the placing on the market, commissioning and use, irrespective of the means of supply, whether in return for payment or free of charge, with a view to its first use as intended by the supplier
  • "use” is to be understood as including any misuse of an AI system (whether ‘reasonably foreseeable’ or not),
  • during the research and development (R&D) phase, AI developers have the freedom to experiment and test new functionalities that could involve techniques that could be considered manipulative and covered by prohibited practices. Early R&D phases are essential for refining AI technologies and ensuring that they meet safety and ethical standards before being brought to market, they must nevertheless be conducted in compliance with ethical and professional standards in scientific research and in compliance with applicable Union law (including the RGPD),
  • prohibited AI practices must be considered in relation to AI systems classified as high-risk, the latter possibly constituting prohibited AI and vice versa depending on their specific characteristics, according to the risk assessment and management carried out by the supplier,
  • each operator must take steps, according to his or her role and control over the system in the value chain, to ensure that AI systems are made available and used responsibly and safely,
  • even if an AI system is not prohibited by AI law, its use could still be prohibited or illegal based on other provisions of law (for example, in the absence of a legal basis for the processing of personal data required by the RGPD, discrimination prohibited by Union law, etc.).

To date, in order to ensure the control of AI, companies must have:

  • mapped their AI systems,
  • trained their teams on AI set up a user charter and a framework for the IT department, to ensure control of AI.

For the record, fines of up to €15M or #3% of worldwide annual sales, and €35M for prohibited AI, or 7%.

These new guidelines mark a crucial step in the regulation of artificial intelligence in Europe.

Areas of Expertise

Tech and Data