EU AI Act bans certain AI systems and cracks down on AI literacy

The EU AI Act, originally passed in March 2024, is now partially in effect as of 2nd February 2025, bringing a host of regulations that organisations developing and implementing AI will have to follow.

This most recent deadline enforces the prohibition of certain AI systems and sets forth requirements on AI literacy for the workforce.

Michael Curry, president of data modernisation at Rocket Software – a specialist in AI and IT modernisation said, “Chapter 1, Article 4 of the EU AI Act is mandating compulsory AI literacy for any business that either uses or develops AI systems. This regulation is focused on awareness and education, as it requires businesses to take ownership of the upskilling of their own workforce and create an educational structure internally that will equip their employees with the necessary skills to use these systems responsibly and ethically.

“This will be a crucial element of compliance going forward, but it’s also a necessary one: workforces that lack the knowledge to operate their AI-powered systems will never see the true return on investment on their innovations, and moreover, the abuse of AI carries the potential to do huge damage to any company. From data leaks to AI hallucinations, organisations need to take the AI literacy training of their employees just as seriously as they would if they were operating heavy equipment.

“Chapter 2, Article 5 of the Act enforces boundaries on current AI practices and prohibits ones that infringe on the rights of individuals or seeks to do harm. These include a whole host of use cases, from social engineering to classifying individuals based on their behavioural patterns, to predicting criminal behaviour. Any organisation that uses AI for HR or personal evaluation purposes needs to do a thorough audit of their processes to ensure they remain compliant.

“To achieve this, businesses need to adapt robust privacy policies surrounding their AI systems, as well as access controls to protect sensitive data. Now is the time to set up comprehensive monitoring systems that ensure the AI used continues to adhere to these regulations and any potential breach is immediately flagged, so organisations can manage risks accordingly.”