AI Act Obligations Now in Effect: What Developers Must Know
The first compliance deadlines under the EU’s landmark AI Act arrived in February 2025, marking the beginning of a new regulatory era. While the legislation phases in fully by 2027, the rules governing prohibited practices are now enforceable.
Companies developing or deploying AI systems in the EU market must immediately cease any activities classified as presenting an "unacceptable risk." This includes AI systems using subliminal manipulation, exploitative targeting of vulnerable persons, social scoring by public authorities, and real-time remote biometric identification in public spaces without strict law enforcement exceptions.
The practical challenge for businesses lies in interpreting these broad prohibitions. A chatbot that persuades a user to make a purchase through personalized emotional cues could arguably fall foul of the manipulation ban. Legal teams are now scrambling to classify their AI portfolios, document risk assessments, and implement human oversight mechanisms. Non-compliance carries fines of up to €35 million or 7% of global annual turnover. The grace period is definitively over.