GDPR · EDPB · IT security
Sources on data protection, supervision, EDPB, cybersecurity and technical security for AI systems.
The EDPB and EDPS provide joint recommendations on data protection aspects of the European Biotech Act proposal. The proposal aims to strengthen the biotechnology industry while ensuring GDPR compliance in clinical trials and AI use.
Source: European Data Protection Board
The EDPB 2025 Annual Report summarises the activities of the Support Pool of Experts (SPE), including completed projects on AI risks, data protection enforcement, and technological tools. The report highlights transparency and cooperation between supervisory authorities.
Source: European Data Protection Board
The Federal Office for Information Security (BSI) examines interactions between AI and IT security. It analyzes risks, develops evaluation criteria, and promotes the secure use of AI systems in security-critical areas.
Source: Bundesamt für Sicherheit in der Informationstechnik
The AI Act provides for AI real labs to foster innovation by allowing companies to test AI systems under real-world conditions and clarify legal issues. The Federal Network Agency conducted a pilot project and offers the EUSAiR pilot project for businesses.
Source: Bundesnetzagentur
The Federal Network Agency provides guidelines and best practices for General Purpose AI (GPAI) models under the EU AI Act. These include transparency obligations, copyright regulations, and safety measures. The Code of Practice supports providers in complying with the EU AI Act.
Source: Bundesnetzagentur
The Federal Network Agency provides information on the EU AI Act, which regulates AI development and use in the EU. The Act will be fully applied in stages from August 2027. Companies can learn about risk classification, transparency requirements, and the AI Compliance Compass.
Source: Bundesnetzagentur
The Federal Network Agency prepares the implementation of the EU AI Act in Germany. The regulation governs AI systems on a risk-based approach, with strict requirements for transparency and safety at high risk. Effective from August 2027.
Source: Bundesnetzagentur
The European Commission has published draft guidelines on the classification of artificial intelligence (AI) as high-risk systems. These guidelines aim to help providers and users assess whether a system is classified as high-risk. High-risk systems are those that could endanger health, safety, or fundamental rights.
Source: European Commission
The EU AI Act is the world's first comprehensive AI regulation. It addresses risks to health, safety, and fundamental rights. The FAQ guide explains the scope, prohibited practices, high-risk systems, transparency requirements, and governance. It helps businesses and authorities understand and comply with the regulations.
Source: European Commission
The European Commission promotes harmonised standards for the EU AI Act to simplify compliance. These standards, developed by CEN, CENELEC, and ETSI, will be published from 2026 onwards. They provide legal certainty for providers of high-risk AI systems.
Source: European Commission
The European Commission promotes harmonised standards for AI systems to ensure legal certainty and support innovation. These standards help companies comply with the EU AI Act, particularly for high-risk applications.
Source: European Commission
The General-Purpose AI Code of Practice was developed through an inclusive process involving over 1000 participants from industry, civil society, and authorities. It helps providers comply with the AI Act's requirements for safety, transparency, and copyright. The code is voluntary and will be applied from August 2025.
Source: European Commission / AI Office
The voluntary EU Code of Practice for General-Purpose AI supports providers in complying with AI Act requirements. It covers transparency, copyright, safety, and security for advanced models. Developed through a multi-stakeholder process, the Code serves as a guideline to facilitate compliance with the AI Act.
Source: European Commission / AI Office
The General-Purpose AI Code of Practice is a voluntary EU Commission guideline developed by 13 independent experts with input from over 1,000 stakeholders. It assists providers in complying with AI Act rules for GPAI from August 2, 2025. The Code includes three chapters on transparency, copyright, and safety.
Source: European Commission / AI Office
The EU initiates the development of the first General-Purpose AI Code of Practice with four working groups on transparency, copyright rules, risk identification, technical risk mitigation, and internal risk management. Experts from academia, industry, and civil society will collaborate until April 2025 to create a comprehensive framework.
Source: European Commission / AI Office
The voluntary General-Purpose AI Code of Practice helps providers comply with the AI Act's legal obligations regarding safety, transparency, and copyright. It consists of three chapters and was published on July 10, 2025.
Source: European Commission / AI Office
The voluntary GPAI Code of Practice supports providers of general-purpose AI models in complying with the EU AI Act obligations regarding safety, transparency, and copyright. It consists of three chapters and was published on July 10, 2025.
Source: European Commission / AI Office
The EU promotes the development and use of safe and trustworthy AI systems. The AI Act follows a risk-based approach to enable innovation while ensuring safety. Complementary strategies such as the Apply AI Strategy and the AI Continent Action Plan strengthen Europe's technological sovereignty and competitiveness.
Source: European Commission / DG CONNECT
Article 6 of the EU AI Act defines criteria for classifying AI systems as high-risk. A system is considered high-risk if it serves as a safety component or is listed in Annex III, unless it meets exceptions under paragraph 3. The Commission will publish guidelines for practical implementation by 2026.
Source: European Commission / AI Act Service Desk
Article 5 of the EU AI Act prohibits AI practices that violate fundamental rights, such as manipulative, exploitative, or social scoring systems. It also bans AI systems for real-time remote biometric identification in public spaces for law enforcement, except under urgent exceptions.
Source: European Commission / AI Act Service Desk
Article 3 of the EU AI Act defines key terms used throughout the regulation. These definitions clarify AI systems, prohibited practices, high-risk applications, and transparency requirements. They form the basis for consistent application of the law.
Source: European Commission / AI Act Service Desk
The EU AI Act applies to all who offer, use, or market AI systems or general-purpose AI models in the EU market. Military applications, research, and private use are excluded. The scope is defined in Article 2 of the AI Act.
Source: European Commission / AI Act Service Desk
Article 1 of the EU AI Act defines the regulation's objective: protecting health, safety, and fundamental rights while promoting trustworthy, human-centric AI. It establishes the scope and principles for regulating AI systems in the EU.
Source: European Commission / AI Act Service Desk
The European Commission provides legal and strategic documents, communication materials, and guidelines for the EU AI Act via the AI Act Service Desk. This includes consultations on GPAI copyright exceptions, a whistleblower tool, proposals to simplify AI legislation, and technical guidelines for document submission.
Source: European Commission / AI Act Service Desk
The AI Act Service Desk FAQs address key questions on the EU AI Act amendments, risk categorization, transparency obligations, and governance. Targeted at providers and users of AI systems.
Source: European Commission / AI Act Service Desk
The EU Commission's AI Act Service Desk enables stakeholders to submit questions about the AI Act to the AI Office. Users can log in with EU Login, complete a form, and ask questions in any official EU language. Communication happens via email.
Source: European Commission / AI Act Service Desk
The AI Act Explorer by the European Commission is an interactive platform for navigating the EU Artificial Intelligence Act (Regulation (EU) 2024/1689). It enables users to search for prohibited practices, risk classifications, transparency obligations, general-purpose AI models, and enforcement mechanisms. The structure by chapters, articles, and annexes supports legal professionals and businesses in complying with the regulations.
Source: European Commission / AI Act Service Desk
Regulation (EU) 2024/1689 establishes harmonized rules for artificial intelligence to strengthen the internal market and ensure a high level of protection for health, safety, and fundamental rights. It governs high-risk AI systems, protects personal data, and promotes trustworthy AI.
Source: EUR-Lex / Europäische Union
