European Union: Cybersecurity requirements for "high-risk AI systems" in Regulation laying down harmonised rules on artificial intelligence (AI Act)

Progress

Current status
in grace period
02 Aug 2027 in force
02 Aug 2026 in force
01 Aug 2024 in grace period
21 May 2024 adopted
13 Mar 2024 under deliberation
09 Dec 2023 under deliberation
14 Jun 2023 under deliberation
11 May 2023 under deliberation
06 Dec 2022 under deliberation
21 Apr 2021 under deliberation

Scope

Implementers
Austria
Belgium
Bulgaria
Croatia
Cyprus
Czechia
Denmark
Estonia
Finland
France
Germany
Greece
Hungary
Ireland
Italy
Latvia
Lithuania
Luxembourg
Malta
Netherlands
Poland
Portugal
Romania
Slovakia
Slovenia
Spain
Sweden
Policy Area
Authorisation, registration and licensing
Policy Instrument
Cybersecurity regulation
Regulated Economic Activity
ML and AI development
Government Branch
legislature
executive
Government Body
parliament
central government
Implementation Level
supranational

Timeline of events

02 Aug 2027
in force

Implemented AI Act including cybersecurity requirement for Article 6(1) "high-risk AI systems"

On 2 August 2027, the regulation laying down harmonised rules on Artificial Intelligence (Artificial Intelligence Act) comes into effect for "high-risk AI systems" referred to in Article 6(1) of the Act. The Act specifies that high-risk AI systems m…

Source
Event type law
Action type implementation
Government branch legislature
Government body parliament
02 Aug 2026
in force

Implemented AI Act including cybersecurity requirement for Annex III "high-risk AI systems"

On 2 August 2026, the regulation laying down harmonised rules on Artificial Intelligence (Artificial Intelligence Act) comes into effect for "high-risk AI systems" referred to in Annex III of the Act. The Act specifies that high-risk AI systems must…

Source
Event type law
Action type implementation
Government branch legislature
Government body parliament
01 Aug 2024
in grace period

Entry into force with grace period of AI Act including cybersecurity requirement for "high-risk AI systems"

On 1 August 2024, the regulation laying down harmonised rules on Artificial Intelligence (Artificial Intelligence Act) enters into force, 20 days following its publication in the Official Journal, with a grace period on its implementation. The Act s…

Source
Event type law
Action type in force with grace period
Government branch legislature
Government body parliament
21 May 2024
adopted

Adopted AI Act including cybersecurity requirement for "high-risk AI systems" by Council

On 21 May 2024, the Council of the European Union adopted the regulation laying down harmonised rules on Artificial Intelligence (Artificial Intelligence Act). The Act specifies that high-risk AI systems must be designed in a way that achieves an ap…

Source
Event type law
Action type adoption
Government branch legislature
Government body parliament
13 Mar 2024
under deliberation

Passed AI Act including cybersecurity requirement for "high-risk AI systems" by EU Parliament

On 13 March 2024, the European Parliament passed the regulation laying down harmonised rules on Artificial Intelligence (Artificial Intelligence Act). The Act specifies that high-risk AI systems must be designed in a way that achieves an appropriat…

Source
Event type law
Action type passage
Government branch legislature
Government body parliament
09 Dec 2023
under deliberation

Reached Council and Parliament agreement on AI Act including cybersecurity requirement for "high-risk AI systems"

On 9 December 2023, the Parliament and the Council of the European Union adopted a provisional agreement on the proposal on harmonised rules on artificial intelligence (AI Act). The compromise agreement clarifies the definition of an AI system by a…

Source
Event type law
Action type passage
Government branch legislature
Government body parliament
14 Jun 2023
under deliberation

Adopted EU Parliament position AI Act including cybersecurity requirement for "high-risk AI systems"

On 14 May 2023, the European Parliament adopted its position on the Act on Harmonised Rules for Artificial Intelligence (AI Act), which includes cybersecurity requirements for so-called "high-risk AI systems" (Art.15). Specifically, high-risk AI sy…

Source
Event type law
Action type passage
Government branch legislature
Government body parliament
11 May 2023
under deliberation

Adopted LIBRE and IMCO's position on AI Act including cybersecurity requirement for "high-risk AI systems"

On 11 May 2023, the European Parliament Committee on Civil Liberties, Justice and Home Affairs (LIBE) and Internal Market and Consumer Protection Committee (IMCO) adopted their position on the Act on Harmonised Rules for Artificial Intelligence (AI …

Source
Event type law
Action type passage
Government branch legislature
Government body parliament
06 Dec 2022
under deliberation

Adopted Council general approach on AI Act including cybersecurity requirement for "high-risk AI systems"

On 6 December 2022, the Council of the European Union adopted its general approach on the Artificial Intelligence Act (AI Act), which includes cybersecurity requirements for so-called "high-risk AI systems" (Art.15). Specifically, high-risk AI syste…

Source
Event type law
Action type passage
Government branch executive
Government body central government
21 Apr 2021
under deliberation

Published AI regulation proposal including cybersecurity requirements for "high-risk" AI systems

On 21 April 2021, the European Commission proposed a regulation on a European approach to Artificial Intelligence, which includes cybersecurity requirements for so-called "high-risk AI systems" (Art.15). Specifically, high-risk AI systems must be de…

Source
Event type law
Action type introduction
Government branch executive
Government body central government

We use cookies and other technologies to perform analytics on our website. By opting in, you consent to the use by us and our third-party partners of cookies and data gathered from your use of our platform. See our Privacy Policy to learn more about the use of data and your rights.