Policymakers in Europe are diligently working on matters related to artificial intelligence, and updates are being closely monitored. This coverage includes laws and policies pertaining to AI, as well as their implications for Europe, fundamental rights, and democracy. Interested parties can sign up for CDT Europe's AI Bulletin via email through CDT’s website.

The Artificial Intelligence Act is scheduled for publication in the EU Official Journal on July 12, with an effective date of August 1. These dates will dictate when various sections of the Act will begin to apply and trigger deadlines for specific action items under the Act. The section on prohibited AI systems will start to apply six months after its entry into force.

In the shortest deadline established by the Act, Member States must nominate public authorities protecting fundamental rights under the Act within three months — likely by November. These authorities will have powers to access any documentation produced pursuant to the Act in connection with high-risk AI systems listed under Annex III when necessary for their mandate.

Within 12 months — by August 2025 — Member States must designate their national market surveillance authorities (MSAs), who will be key regulators under the Act. Concerns about the independence of these authorities have already been raised due to prospective choices made by some Member States.

For example, Italy's draft law on AI appoints the Agency for Digital Italy and the National Cybersecurity Agency as MSAs, prompting civil society outcry. The Italian data protection authority (DPA) has called for these agencies' independence given their important role in enforcing the Act. Similarly, a French parliamentary report recommended that CNIL be the national regulator on artificial intelligence. Recently, both the Dutch DPA and Dutch Authority for Digital Infrastructure asserted that the DPA would be appropriate for regulating AI systems not covered by product safety legislation.

Internal documents suggest that within six months post-entry into force, the European Commission will issue an implementing act establishing a scientific panel of independent experts tasked with monitoring general-purpose AI models and supporting the AI Office. Guidelines on practically implementing prohibitions on unacceptable risk AI systems are also expected during this period.

The governance ecosystem of the AI Act has been initiated with formal announcements regarding its structure. The newly formed AI Office hosted its first webinar focusing on risk management approaches within AI governance. This discussion included how EU-wide standards for products and services interact with provisions of the Act despite being largely inaccessible to many civil society organizations.

The AI Board held its first meeting last week to discuss initial deliverables and priorities along with internal rules of procedure. Priorities in upcoming months include developing Codes of Practice and designating fundamental rights authorities.

Two remaining governance entities under the AI Act are yet to be formally set up: a scientific panel of independent experts planned within six months post-entry into force, and an Advisory Forum whose status remains unclear at present despite its mission's importance in bringing multistakeholder perspectives into regulatory discussions.

Civil society coordination remains essential as this regulatory environment evolves. Although finalised, provisions allow for multiple delegated acts from the Commission alongside developing Codes of Practice and Conducts critical for compliance demonstration.

On June 18, CDT Europe hosted a workshop where civil society organizations discussed collective priorities concerning implementation steps outlined in outputs required under different aspects such as guidelines on prohibited practices or templates needed by public authorities deploying high-risk systems.

A notable shortcoming lies in lacking mandatory open consultations involving tasked entities producing written outputs—leaving meaningful engagement opportunities discretionary at best unless proactively ensured otherwise through advocacy efforts aimed towards setting higher consultation standards beyond statutory requirements alone.

In other news related specifically around ‘AI & EU’:

Meta paused using personal data belonging users' services training purposes weeks following privacy policy changes enabling usage public content platforms train AIs prompted societal organization noyb filing complaints against changes across European DPAs resulting pause welcomed Irish UK DPAs alike;

Data protection agencies grapple impacts posed onto broader landscape recent series consultations closed Information Commissioner’s Office UK while France CNIL opened consultation ongoing until September.

Content recommendations curated monthly include:

Independent analysis commissioned European Parliament discussing human rights weaponization impacts thereof;

French DPA compliance recommendations GDPR alignment development contexts;

Tech Policy Press commentary Brussels Affect dynamics;

Centre Democracy Technology latest briefings expression freedoms scope perspectives provided therein.