IA Regulation. ST: Methodological Approach and Case Studies

This article discusses the regulation on artificial intelligence (AI), also known as the "AI Act." It is a European regulation (Regulation (EU) 2024/1689) that aims to establish harmonized rules on the use of artificial intelligence. This regulation follows a series of texts referring to the principle of AI regulation (discussions initiated in 2014 in Europe), in a context where certain AI-based solutions can be used for malicious purposes (fraud, cyberattacks) or in inappropriate contexts (decisions depriving individuals of their rights based on AI processing, for example). It is scheduled to come into force in 2026 for high-risk AI and is based on a risk-based approach for organizations designing or using AI. This text is part of a major trend in Europe towards the implementation of risk management and internal control principles for organizations defining or using artificial intelligence solutions . Its principle is to consider the organization associated with the use of artificial intelligence in order to protect consumers and customers of companies, but also citizens and employees of organizations . One of the underlying principles is simple: implementing an AI-based process can present risks, particularly when certain AI systems are used without an appropriate governance framework or without sufficient control over their operation. Without security measures or principles for controlling both the solution and its use by users, high risks could arise (e.g., information security breaches related to the use of AI in data management and analysis software, or risks of discriminatory practices related to insufficiently controlled AI-based recruitment processes whose algorithms are beyond the control of users)