Policy Briefing — EU AI Act unacceptable-risk ban takes effect on 2 February 2025
Organisations operating in the EU must decommission or redesign AI systems classified as unacceptable risk under Articles 5 and 113(2)(a) of Regulation (EU) 2024/1689 before enforcement begins on 2 February 2025.
Executive briefing: The EU AI Act’s Article 5 prohibitions on unacceptable-risk AI systems become enforceable on 2 February 2025—six months after the Regulation entered into force. Public authorities and private operators must verify that biometric categorisation, untargeted facial scraping, social scoring, and manipulative AI practices have ceased or been redesigned with appropriate safeguards.
Key prohibitions
- Biometric surveillance. AI systems that infer sensitive attributes (e.g., political opinions, sexual orientation) through biometric categorisation are banned.
- Social scoring. Public authorities cannot deploy AI systems that evaluate or classify the trustworthiness of natural persons leading to detrimental or unjustified treatment.
- Cognitive manipulation. AI systems that deploy subliminal techniques or exploit vulnerabilities of specific groups, materially distorting behaviour, are prohibited.
Program actions
- Inventory validation. Audit AI inventories to flag any systems touching Article 5 categories and document retirement or redesign timelines ahead of 2 February enforcement.
- Controller attestations. For law-enforcement use cases relying on derogations, ensure legal bases and necessity/proportionality assessments satisfy Article 5(1) exceptions.
- Record retention. Maintain evidence of system shutdown, including model artefacts, data disposal logs, and governance approvals, to respond to market surveillance authorities.