FEEREET

Future focused insights on tech, society, and innovation.

SOCIETY, CULTURE & LIFESTYLE
AI & FUTURE TECHNOLOGIES
LEARNING, GUIDES & EXPLANATIONS
SCIENCE, SPACE & DISCOVERY

What Is the EU AI Act? A Simple Explanation for Non-Tech People

8โ€“12 minutes
1,829 words

A law that affects almost every digital product you use was signed in Europe, and most people have no idea it exists. The EU AI Act is the world’s first comprehensive legal framework for artificial intelligence, and whether you work in an office in Riga, visit a hospital in Lyon, or apply for a job in Berlin, it is already beginning to shape your life in ways worth understanding.

Let’s Start From the Beginning: What Is Artificial Intelligence?

Before explaining the law, it helps to be clear about what it is actually regulating. Artificial intelligence, or AI, is a broad term for computer systems that can perform tasks which normally require human-like thinking. Recognising faces in a photo, recommending which film to watch next, deciding whether a bank should approve your loan application, reading a medical scan for signs of disease, filtering job applications before a human sees them. All of these are AI in action.

AI is not one single technology. It is a family of different tools and approaches, some of them simple and some of them extraordinarily complex. What they share is the ability to process information and make decisions or predictions in ways that go beyond a basic set of fixed instructions written by a programmer.

This matters for the law because AI systems make decisions that affect real people in serious ways. And until the EU AI Act, there were essentially no consistent rules across Europe about how those decisions could be made, what safeguards had to be in place, or what rights people had when an AI system made a decision about them.

What Problem Is the EU AI Act Trying to Solve?

To understand the law you need to understand what was going wrong without it.

Across Europe, AI systems were being used in high-stakes situations with very little oversight. Algorithms (step-by-step decision-making processes run by computers) were being used to decide who got welfare benefits in the Netherlands. A system called SyRI (System Risk Indication) used data analysis to identify citizens as potential fraud risks, and was eventually struck down by a Dutch court in 2020 for violating human rights. Facial recognition systems used in public spaces by law enforcement agencies were found to have significant error rates, particularly for people with darker skin tones. Hiring platforms were using AI to filter CVs in ways that reproduced historical discrimination patterns.

These were not science fiction scenarios. They were happening across European societies with essentially no legal framework to challenge them or demand accountability. Citizens who were disadvantaged by algorithmic decisions often had no way to know an algorithm had been involved, no right to request a human review, and no clear legal avenue to seek redress.

The EU AI Act is designed to fix this by creating a clear, enforceable set of rules that apply to every AI system operating in the European Union, regardless of where the company that built it is based.

How the Law Actually Works: The Risk Pyramid

The EU AI Act organises AI systems into four categories based on how much risk they pose to people. Think of it as a pyramid, with the most dangerous uses at the top and the least dangerous at the bottom.

Unacceptable Risk: Banned Completely

At the top of the pyramid sit AI applications that the EU has decided pose unacceptable risks to people’s rights and safety. These are simply banned. They include AI systems that use subliminal manipulation to influence behaviour without people being aware of it, tools that exploit the vulnerabilities of specific groups such as children or people with disabilities, social scoring systems that rate citizens on their behaviour to grant or deny access to services (a practice already deployed at scale in China), and most uses of real-time biometric surveillance in public spaces.

If you have heard about China’s social credit system, where citizens receive scores based on monitored behaviour that affects their access to travel, education, and services, you now understand exactly what the EU is prohibiting within its borders.

High Risk: Allowed But Strictly Regulated

The second level covers AI applications that are allowed but must meet rigorous standards before they can be deployed. High-risk AI includes systems used in hiring and employment, credit scoring and financial decisions, education and student assessment, healthcare diagnostics, law enforcement, border control, and critical infrastructure.

For each of these applications, the company using AI must conduct a conformity assessment (a documented evaluation proving the system meets required standards) before deployment. They must keep records of how the system works and how it was tested. They must ensure a human can intervene in or override the AI’s decisions. And they must be transparent with the people affected, informing them that an AI system was involved in decisions about them.

For EU citizens, this means that if an AI system assesses your job application, decides your insurance premium, or contributes to a medical diagnosis, you now have legal rights to transparency and human oversight that simply did not exist before.

Limited Risk: Transparency Required

The third level covers AI systems with lower risk but where basic transparency is still important. The primary example is chatbots and AI-generated content. If you are talking to an AI customer service assistant rather than a human, the system must make this clear. If an image, video, or piece of text has been generated by AI, it must be labelled as such.

This is the provision that will most visibly affect everyday internet use across Europe. News articles, marketing content, social media posts, and customer communications that are AI-generated will need to carry clear disclosures. The era of invisible AI-generated content, at least within the EU, is officially ending.

Minimal Risk: Carry On

At the base of the pyramid sit AI applications with minimal risk to people. Spam filters, AI-powered video games, recommendation systems for entertainment platforms, and most consumer applications fall into this category. These are not regulated by the AI Act in any meaningful way. You can use them just as you did before.

Three Real Examples That Show Why This Matters

The Dutch Welfare Algorithm Scandal

The Netherlands case that helped inspire the EU AI Act involved a government welfare fraud detection system that automatically flagged citizens as fraud risks based on factors including their nationality and whether they had dual citizenship. Thousands of families were wrongly investigated and had benefits suspended. When journalists and legal advocates finally forced transparency about how the system worked, the discriminatory patterns in its decision-making became visible.

Under the EU AI Act, a system like SyRI would be classified as high-risk, requiring documented bias testing, human oversight of individual decisions, and transparency with citizens about AI involvement in decisions affecting their benefits. Whether it would have been allowed to operate at all is a genuinely open question.

Germany’s Healthcare AI Under New Rules

German hospitals and health insurers have been among the most active early adopters of AI for diagnostic support, particularly in radiology where AI systems can analyse medical images to identify tumours, fractures, and other conditions. Under the EU AI Act, all of these systems now fall into the high-risk category.

German medical AI companies like Siemens Healthineers, which develops AI-powered imaging technology used across European hospitals, have had to invest significantly in the documentation, testing, and compliance processes the Act requires. The transition has created costs and administrative work. It has also created a clearer, more defensible basis for trusting that the AI systems used in your healthcare are held to the same accountability standards as the medicines prescribed to you.

Estonia’s Govtech Sector Adapts

Estonia, which has built its entire public administration on digital foundations and uses algorithmic tools across a wide range of government services, has had to carefully audit its existing systems against the EU AI Act’s risk categories. Several applications used in public sector decision-making qualify as high-risk under the new framework, requiring documentation and oversight processes that the Estonian government has been working to implement ahead of the Act’s full enforcement timeline.

Estonia’s advantage is that its culture of digital transparency, including the portal where citizens can see who has accessed their data, aligns naturally with the AI Act’s emphasis on accountability. The administrative adjustments are significant but the underlying values were already pointing in the same direction.

Europe vs. the US: Why This Comparison Matters

The United States has no equivalent federal AI law. American companies are operating under a patchwork of sector-specific rules, state-level initiatives, and voluntary commitments that vary enormously in strength and enforceability. The Biden administration issued an executive order on AI safety in 2023, and the Trump administration subsequently revised the approach. Neither produced anything close to the comprehensive, binding framework the EU has created.

This divergence has immediate practical consequences. American AI companies developing products for the European market must now comply with the EU AI Act or exit that market entirely. Because the EU represents over 450 million consumers, most major American AI companies are choosing compliance, which means European regulatory standards are effectively shaping the global AI industry in ways that extend far beyond European borders.

It is the same story as GDPR, where Europe’s data privacy law forced changes to how American technology companies operated worldwide. Europe regulates at home and the effects spread globally, simply because the European market is too large to abandon.

What the EU AI Act Means for You Specifically

If you are a European citizen, the Act gives you concrete new rights. You have the right to be told when an AI system was involved in a significant decision about you. You have the right to a meaningful human review of high-risk AI decisions. You have the right to accurate information about AI-generated content you encounter. And you have the protection of knowing that the most dangerous uses of AI against citizens are simply banned.

If you work for or run a company in Europe that uses AI in hiring, finance, healthcare, education, or public services, your compliance obligations are significant and the timeline for meeting them is already running. The enforcement provisions of the Act include fines of up to 35 million euros or 7% of global annual turnover for the most serious violations.

The EU AI Act will not make AI perfect or eliminate all the ways it can cause harm. But it establishes, for the first time anywhere in the world, that AI is not above the law and that the people most affected by algorithmic decisions have rights worth protecting.

๐Ÿ’ฌ Here is the question worth sitting with: Now that you understand what the EU AI Act actually does, does it make you feel more protected as a citizen, or does it feel like a law that will mostly affect businesses while ordinary people remain largely unaware of the rights it gives them? And what would it take for you to actually use those rights? Tell us in the comments.

Leave a Reply

FEEREET

Privacy and cookies policy
Terms of Use
Contact Us
About

ยฉ Copyright 2026 Feereet

Discover more from FEEREET

Subscribe now to keep reading and get access to the full archive.

Continue reading