Is Your Software an Artificial Intelligence System under the EU AI Act?

Show Notes

Could your everyday software like spreadsheets and routine business tools soon be labeled “Artificial Intelligence System” under European Union’s sweeping new AI Act? 

Join tech and data lawyer Giulio Coraggio from the law firm DLA Piper as he unpacks the European Commission’s fresh guidelines, revealing how the EU plans to draw the line between traditional software and true artificial intelligence. 

The proper qualification of a software by any business allows a better understanding of the relevant obligations and applicable regime, allowing to limit potential risks and exploit technology to its best.

📌 You can find our contacts 👉 www.dlapiper.com

Transcript

Have you ever caught yourself wondering if your old, reliable spreadsheet could somehow develop a mind of its own? Probably not—but with the European Union’s new AI Act on the horizon, the line between “intelligent” software and traditional applications is becoming more important than ever. If you’ve been curious about whether your software could be labeled as an AI system, keep reading.

The EU AI Act aims to strike a balance between fostering technological innovation and protecting individuals and society from the potential risks AI can pose. It’s poised to regulate any entity—within or outside the EU—that develops, distributes, or uses AI in the European market. By doing so, it sets a precedent that may shape tech regulations across the globe.

Yet, one of the most crucial questions is: What exactly qualifies as an AI system under this new law? The answer matters because only software that meets the regulatory definition will be subject to the Act’s obligations and compliance requirements.

According to the newly published guidelines by the European Commission, an “AI system” must be:

1. Machine-based – It’s not just a static tool; it operates through computing machinery.
2. Capable of Various Levels of Autonomy – It can function with limited or no human intervention.
3. Adaptive After Deployment – It may learn and evolve once released.
4. Has Explicit or Implicit Objectives – It’s designed to achieve certain goals or tasks.
5. Processes Inputs to Generate Outputs – It works on data (or human interaction) to produce meaningful results.
6. Outputs Can Include Predictions, Content, or Decisions – It goes beyond static results by offering forward-looking insights or conclusions.
7. Can Influence Physical or Virtual Environments – Its outputs can shape events or decisions in the real world or digital spaces.

This definition follows a lifecycle approach, recognizing that AI development and deployment can involve different processes. In the pre-deployment phase, you build the AI system; in the post-deployment phase, you (or end users) actually use it. Not all seven elements must appear in both phases, ensuring a flexible framework that can adapt to evolving technologies.

Let’s take a simple example: Excel spreadsheets. You can write sophisticated formulas, generate complex analyses, or even create macros to automate tasks. However, Excel’s operations remain dictated by static rules. There’s no inherent ability to learn from data or modify behavior over time. Consequently, the output doesn’t evolve or offer autonomous recommendations—it only produces what you’ve instructed it to.

By contrast, true AI systems can refine predictions and decisions as they process more data. Think about machine learning models that become more accurate over time or recommendation engines that tailor suggestions based on user behavior.

While traditional software can be advanced, it typically adheres to strict, pre-defined rules. For instance, your accounting program may automate payroll and invoice generation, but it won’t suddenly adapt its logic to unexpected scenarios unless its human operator reconfigures it.

An AI system, on the other hand, is designed to learn and update its outputs based on real-time data and experiences. This ability to adapt and act with relative autonomy is what places AI systems under the regulatory scope of the EU AI Act, differentiating them from static algorithms and software applications.

Why This Matters for Your Business

• Regulatory Reach: Because the EU AI Act applies to companies worldwide if they offer AI services within Europe, you could be affected even if you’re based outside the EU.
• Risk Management: Complying with AI-specific regulations may require additional transparency, risk assessment, and documentation.
• Innovation vs. Compliance: The Act aims to stimulate AI growth while ensuring consumer protection and ethical use, shaping how AI-driven products are developed, marketed, and used in practice.

Ultimately, if your software exhibits autonomy and adaptivity—creating outputs that influence real decisions—you might need to gear up for the upcoming compliance requirements.

As we stand on the brink of a new regulatory era, it’s more critical than ever to understand what the EU deems as “Artificial Intelligence.” If you’re just working with pivot tables and formulas, there’s no cause for alarm—yet. But if you’re dabbling in machine learning, predictive analytics, or truly adaptive algorithms, you’ll want to keep a close eye on how the EU AI Act continues to evolve.

Have questions or insights about the line between ordinary software and AI systems? Join the conversation! Share your thoughts, especially if your organization is preparing for the new regulatory framework.