European AI Act
after the issuing of a declaration of conformity, when the planed (individual) usage of the respective AI system is clear, and the specific circumstances of this usage are known. This is because even the same way of usage might pose different risks for privacy, depending on the circumstances of the individual application. At the time of the issuing of a declaration of conformity however, it is not clear in which (different) ways the AI system can or will be used and also the specific circumstances of the (different) individual usages cannot be foreseen.
Amendment 167, Article 48 – paragraph 3 Summary of Amendment ▪
AM 167 replaces ‘shall’ by ‘can’ in the context of drawing up a single EU declaration of conformity in cases in which high-risk AI systems are also subject to other Union harmonisation legislation.
Comment: ▪
We reject this AM. It is very important to retain ‘shall’ in order to secure coherence with other legal acts and reduce administrative burdens for companies.
Article 49 – CE marking of conformity Amendment 170 – Article 49 – paragraph 3a (new) Summary of Amendment
Comment:
▪
▪
AM 170 adds a new paragraph 3a to Article 49: ‘3 a. The CE marking shall be affixed only after assessment of the compliance with Union data protection law.’
We reject AM 170: The inclusion of data protection requirements in the context of the CE marking of an AI system is neither necessary, nor would it be in coherence with the approach of how (Union) data protection law shall be complied with. It’s because the processing of personal data by AI Systems is - as a matter of course - already subject to the GDPR. Moreover, a data protection law compliant concept can only be developed at a later stage after CE marking, when the planed (individual) usage of the respective AI system is clear, and the specific circumstances of this usage are known. This is because even the same way of
11
