The EU AI Act is a landmark legislation that regulates AI applications, ensuring they are safe, transparent, and respectful of EU values and fundamental rights. For AI vendors and HR technology companies, understanding and adhering to the EU AI Act is not just a legal obligation but a strategic necessity. In this post, we'll navigate the essentials of the EU AI Act and its implications for AI-driven recruitment and HR services.
What is the EU AI Act?
The EU AI Act is a landmark regulation by the European Union aimed to regulate the use of artificial intelligence within its member states. It’s the first of its kind, aiming to ensure that AI systems used in the EU are safe, transparent, traceable, non-discriminatory, and environmentally friendly.
At its core, the EU AI Act lays out clear guidelines for what AI systems can and cannot do. It identifies specific practices that are outright prohibited to protect the public. For high-risk AI systems, which are those that could significantly impact people’s safety or fundamental rights, the Act establishes stringent requirements. These systems must comply with stringent standards to ensure they operate safely and ethically. Additionally, the Act outlines the responsibilities of those who develop, deploy, operate and use AI systems, and sets up mechanisms for market monitoring, governance, and enforcement.
Proposed by the European Commission in April 2021 and agreed upon by the European Parliament and the Council in December 2023, it Act entered into force on August 1, 2024, marking a significant step towards comprehensive AI regulation.
Does the EU AI Act apply outside of the EU?
The EU AI Act is designed with the primary goal of protecting individuals within the European Union from potential risks associated with AI systems. What makes this legislation particularly influential is that it doesn’t just apply to AI providers or deployers within the EU, but also to any organisation, anywhere in the world, whose AI system’s output is used within the Union. This means that even if a company is based outside the EU, they must comply with the Act if their AI tools or systems are used in any capacity within the EU.
In the context of HR and recruitment, the implications are significant. For instance, employers outside the EU using AI systems to evaluate job applicants from within the EU, or to manage the performance of teams with EU-based members, will need to ensure their AI systems comply with the Act. The same goes for HR tech providers offering AI-driven tools within the EU.
Many globally active companies are likely to take a more unified approach to compliance, choosing to ensure that all their AI systems comply with the AI Act, rather than assessing each use case individually. This approach not only simplifies compliance but also prepares these companies for the likely global influence of the EU AI Act, similar to how the GDPR set a global standard for data protection.
What HR/Recruitment use cases are impacted by the EU AI Act?
The EU AI Act is taking a significant step towards regulating artificial intelligence with a risk-based approach. This means that AI systems are classified based on their risk levels, and different requirements are applied accordingly. Here’s a quick overview of the four risk categories:
- Unacceptable risk: These are systems that go against fundamental values and rights and whose use is prohibited.
- High risk: These systems could significantly harm health, safety, or fundamental rights and therefore face stringent regulations.
- Limited risk: Systems in this category pose a moderate threat to fundamental rights and are subject to transparency rules.
- Minimal risk: These systems pose negligible threats and aren’t subject to any specific requirements.
In the realm of employment, many AI systems fall under the high-risk category. This is due to their substantial impact on career opportunities, livelihoods, and the rights of individuals. The AI Act identifies several high-risk use cases in HR and recruitment, including:
- Job application analysis: These tools evaluate and filter job applications, which can significantly influence hiring decisions.
- Targeted job advertisements: These systems place job ads strategically, affecting who gets to see job opportunities.
- Promotion or termination: AI tools that support decisions related to employee promotion or termination are also considered high-risk.
- Performance and behaviour monitoring: These systems evaluate the performance and behaviour of employees, impacting career progression and workplace dynamics.
While most HR and recruitment AI tools fall into the high-risk category, there are important exceptions:
- AI systems used for biometric categorisation or to infer the emotional state of individuals in the workplace or education are considered to pose an unacceptable risk unless used for medical or safety purposes, and are thus prohibited.
- AI systems designed for narrow procedural tasks that enhance the results of prior human activities without posing “pose a significant risk of harm to the health, safety or fundamental rights of natural persons and are subject to strict requirements” fall the limited risk category and thus are only subject to transparency obligations.
What are the obligations for HR Tech vendors?
AI systems are classified into different risk categories, and the responsibilities vary accordingly. While limited risk systems have to meet specific transparency obligations, high-risk systems come with a much more extensive set of requirements. Most of these obligations fall on the provider of the AI system, which includes:
- Put a quality management system in place, including:
- a risk management and mitigation system and examination
- test and validation procedures to be carried out before, during and after the development
- implementation and maintenance of a post-market monitoring system
- setting up appropriate data governance and management practices
- Create detailed technical documentations to support the compliance process
- Logging of activities to ensure traceability of results and changes to the system
- Implement measures to facilitate the interpretation of the system outputs and allow deployers to implement human oversight.
- Perform a conformity assessment and draw up an EU declaration of conformity prior to putting the system into service
How can HR Tech vendors prepare for the EU AI Act?
The EU AI Act is more than just a compliance requirement—it’s a chance for AI vendors to make ethical AI a core part of their business. Here’s how to approach it:
- Invest in understanding: Collaborate with legal and technical professionals to ensure your AI solutions fully comply with the new regulations.
- Analyse policies and procedures: Review your practices and processes to identify areas that need improvement to align the AI Act’s requirements.
- Review AI systems: Assign an EU AI Act risk category to identify relevant requirements for each AI system.
- Conduct system tests: Regularly test your AI systems to detect and correct potential issues like unfair biases that could lead to discriminatory outcomes
- Regular Impartial audits: Engage with independent auditors to ensure ongoing compliance.
What are the opportunities for HR Tech vendors?
The EU AI Act is more than just a set of regulations—it’s a call to innovate with ethics at the forefront. For HR Tech companies, this means developing AI solutions that not only streamline processes but also uphold human rights and societal values. Imagine a recruitment tool that not only speeds up candidate screening but also identifies and mitigates bias in job descriptions, actively promoting diversity and inclusion. Such innovations aren’t just about compliance; they reflect a commitment to building a fairer and more inclusive workplace.
By adopting the EU AI Act’s guidelines early, HR Tech companies can position themselves as leaders in ethical AI. This proactive approach not only ensures compliance but also helps companies stand out in the market. Clients who prioritise ethical standards and legal compliance are more likely to trust and stay with companies that are committed to responsible AI.
The European Commission has acknowledged the importance of these early efforts through the EU AI Pact, which encourages and supports companies to start preparing for compliance now. By voluntarily committing to these standards, HR Tech providers not only ensure they are ready for future regulations, but are also recognised as leaders in creating responsible, ethical AI in the industry.
How can Warden help?
Warden’s auditing platform has been designed to address many of key requirements outlined by the Act, helping AI vendors to ensure their systems are compliant, transparent, and ethically responsible. Here’s how Warden can support your journey towards compliance and innovation:
- Pre-market testing: Warden's auditing platform performs rigorous testing of AI systems before (and after) they are released on the market. This process identifies potential areas of non-compliance and recommends corrective actions.
- Bias detection and mitigation: In particular, Warden’s platform analyses AI systems for potential biases and suggests modifications to maximise fairness, helping vendors meet the ethical standards demanded by the Act.
- Transparency and explainability: Warden makes it easy for vendors to provide clear, understandable explanations of how their AI systems make decisions. This is crucial for meeting the Act’s requirements and building trust with end-users.
- Post-market monitoring and reporting: Compliance with the EU AI Act is not a one-time effort but an ongoing process. Warden's continuous monitoring and reporting features enable vendors to keep their AI systems in check over time.
Schedule a demo to find out how Warden can help you comply with the the requirements of the EU AI Act and stay ahead in an increasingly regulated and competitive market.