{"id":58013,"date":"2025-01-15T14:10:00","date_gmt":"2025-01-15T14:10:00","guid":{"rendered":"https:\/\/www.threatshub.org\/blog\/innovating-in-line-with-the-european-unions-ai-act\/"},"modified":"2025-01-15T14:10:00","modified_gmt":"2025-01-15T14:10:00","slug":"innovating-in-line-with-the-european-unions-ai-act","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/innovating-in-line-with-the-european-unions-ai-act\/","title":{"rendered":"Innovating in line with the European Union\u2019s AI Act\u00a0"},"content":{"rendered":"
<\/div>\n

As our <\/span>Microsoft AI Tour<\/span><\/a> reached Brussels, Paris, and Berlin toward the end of last year, we met with European organizations that were energized by the possibilities of our latest AI technologies and engaged in deployment projects. They were also alert to the fact that 2025 is the year that key obligations under the European Union\u2019s AI Act come into effect, opening a new chapter in digital regulation as the world\u2019s first, comprehensive AI law becomes a reality. <\/span> <\/span><\/p>\n

At Microsoft, we are ready to help our customers do two things at once: innovate with AI and comply with the EU AI Act. We are building our products and services to comply with our obligations under the EU AI Act and working with our customers to help them deploy and use the technology compliantly. We are also engaged with European policymakers to support the development of efficient and effective implementation practices under the EU AI Act that are aligned with emerging international norms. <\/span> <\/span><\/p>\n

Below, we go into more detail on these efforts. Since the dates for compliance with the EU AI Act are staggered and key implementation details are not yet finalized, we will be publishing information and tools on an ongoing basis. You can consult our EU AI Act documentation on the <\/span>Microsoft Trust Center<\/span><\/a> to stay up to date.<\/span> <\/span><\/p>\n

Building Microsoft products and services that comply with the EU AI Act<\/span> <\/span><\/h3>\n

Organizations around the world use Microsoft products and services for innovative AI solutions that empower them to achieve more. For these customers, particularly those operating globally and across different jurisdictions, regulatory compliance is of paramount importance. This is why, in every customer agreement, Microsoft has committed to comply with all laws and regulations applicable to Microsoft. This includes the EU AI Act. It is also why we made early decisions to build and continue to invest in our AI governance program.<\/span> <\/span><\/p>\n

As outlined in our inaugural <\/span>Transparency Report<\/span><\/a>, we have adopted a risk management approach that spans the entire AI development lifecycle. We use practices like impact assessments and red-teaming to help us identify potential risks and ensure that teams building the highest-risk models and systems receive additional oversight and support through governance processes, like our Sensitive Uses program. After mapping risks, we use systematic measurement to evaluate the prevalence and severity of risks against defined metrics. We manage risks by implementing mitigations like the classifiers that form part of <\/span>Azure AI Content Safety<\/span><\/a> and ensuring ongoing monitoring and incident response. <\/span> <\/span><\/p>\n

Our framework for guiding engineering teams building Microsoft AI solutions\u2014the <\/span>Responsible AI Standard<\/span><\/a>\u2014was drafted with an early version of the EU AI Act in mind. <\/span> <\/span><\/p>\n

Building on these foundational components of our program, we have devoted significant resources to implementing the EU AI Act across Microsoft. Cross-functional working groups combining AI governance, engineering, legal, and public policy experts have been working for months to identify whether and how our internal standards and practices should be updated to reflect the final text of the EU AI Act as well as early indications of implementation details. They have also been identifying any additional engineering work needed to ensure readiness.\u202f<\/span> <\/span><\/p>\n

For example, the EU AI Act\u2019s prohibited practices provisions are among the first provisions to come into effect in February 2025. Ahead of the European Commission\u2019s newly established AI Office providing additional guidance, we have taken a proactive, layered approach to compliance. This includes:<\/span>\u200b<\/span> <\/span><\/p>\n