Article 27 Fundamental rights impact assessment for high-risk AI systems

Whilst risksmeans the combination of the probability of an occurrence of harm and the severity of that harm; related to AI systemsmeans a machine-based system that is designed to operate with varying levels of autonomy and that may exhibit adaptiveness after deployment, and that, for explicit or implicit objectives, infers, from the input it receives, how to generate outputs such as predictions, content, recommendations, or decisions that can influence physical or virtual environments; can result from the way such systems are designed, risksmeans the combination of the probability of an occurrence of harm and the severity of that harm; can as well stem from how such AI systemsmeans a machine-based system that is designed to operate with varying levels of autonomy and that may exhibit adaptiveness after deployment, and that, for explicit or implicit objectives, infers, from the input it receives, how to generate outputs such as predictions, content, recommendations, or decisions that can influence physical or virtual environments; are used. Deployersmeans a natural or legal person, public authority, agency or other body using an AI system under its authority except where the AI system is used in the course of a personal non-professional activity; of high-risk AI systemmeans a machine-based system that is designed to operate with varying levels of autonomy and that may exhibit adaptiveness after deployment, and that, for explicit or implicit objectives, infers, from the input it receives, how to generate outputs such as predictions, content, recommendations, or decisions that can influence physical or virtual environments; therefore play a critical role in ensuring that fundamental rights are protected, complementing the obligations of the providermeans a natural or legal person, public authority, agency or other body that develops an AI system or a general-purpose AI model or that has an AI system or a general-purpose AI model developed and places it on the market or puts the AI system into service under its own name or trademark, whether for payment or free of charge; when developing the AI systemmeans a machine-based system that is designed to operate with varying levels of autonomy and that may exhibit adaptiveness after deployment, and that, for explicit or implicit objectives, infers, from the input it receives, how to generate outputs such as predictions, content, recommendations, or decisions that can influence physical or virtual environments;. Deployersmeans a natural or legal person, public authority, agency or other body using an AI system under its authority except where the AI system is used in the course of a personal non-professional activity; are best placed to understand how the high-risk AI systemmeans a machine-based system that is designed to operate with varying levels of autonomy and that may exhibit adaptiveness after deployment, and that, for explicit or implicit objectives, infers, from the input it receives, how to generate outputs such as predictions, content, recommendations, or decisions that can influence physical or virtual environments; will be used concretely and can therefore identify potential significant risksmeans the combination of the probability of an occurrence of harm and the severity of that harm; that were not foreseen in the development phase, due to a more precise knowledge of the context of use, the persons or groups of persons likely to be affected, including vulnerable groups. Deployersmeans a natural or legal person, public authority, agency or other body using an AI system under its authority except where the AI system is used in the course of a personal non-professional activity; of high-risk AI systemsmeans a machine-based system that is designed to operate with varying levels of autonomy and that may exhibit adaptiveness after deployment, and that, for explicit or implicit objectives, infers, from the input it receives, how to generate outputs such as predictions, content, recommendations, or decisions that can influence physical or virtual environments; listed in an annex to this Regulation also play a critical role in informing natural persons and should, when they make decisions or assist in making decisions related to natural persons, where applicable, inform the natural persons that they are subject, for the purpose of real-world testing, means a natural person who participates in testing in real-world conditions; to the use of the high-risk AI systemmeans a machine-based system that is designed to operate with varying levels of autonomy and that may exhibit adaptiveness after deployment, and that, for explicit or implicit objectives, infers, from the input it receives, how to generate outputs such as predictions, content, recommendations, or decisions that can influence physical or virtual environments;. This information should include the intended purposemeans the use for which an AI system is intended by the provider, including the specific context and conditions of use, as specified in the information supplied by the provider in the instructions for use, promotional or sales materials and statements, as well as in the technical documentation; and the type of decisions it makes. The deployermeans a natural or legal person, public authority, agency or other body using an AI system under its authority except where the AI system is used in the course of a personal non-professional activity; should also inform the natural persons about their right to an explanation provided under this Regulation. With regard to high-risk AI systemsmeans a machine-based system that is designed to operate with varying levels of autonomy and that may exhibit adaptiveness after deployment, and that, for explicit or implicit objectives, infers, from the input it receives, how to generate outputs such as predictions, content, recommendations, or decisions that can influence physical or virtual environments; used for law enforcementmeans activities carried out by law enforcement authorities or on their behalf for the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, including safeguarding against and preventing threats to public security; purposes, that obligation should be implemented in accordance with Article 13 of Directive (EU) 2016/680.

In order to efficiently ensure that fundamental rights are protected, deployersmeans a natural or legal person, public authority, agency or other body using an AI system under its authority except where the AI system is used in the course of a personal non-professional activity; of high-risk AI systemsmeans a machine-based system that is designed to operate with varying levels of autonomy and that may exhibit adaptiveness after deployment, and that, for explicit or implicit objectives, infers, from the input it receives, how to generate outputs such as predictions, content, recommendations, or decisions that can influence physical or virtual environments; that are bodies governed by public law, or private entities providing public services and deployersmeans a natural or legal person, public authority, agency or other body using an AI system under its authority except where the AI system is used in the course of a personal non-professional activity; of certain high-risk AI systemsmeans a machine-based system that is designed to operate with varying levels of autonomy and that may exhibit adaptiveness after deployment, and that, for explicit or implicit objectives, infers, from the input it receives, how to generate outputs such as predictions, content, recommendations, or decisions that can influence physical or virtual environments; listed in an annex to this Regulation, such as banking or insurance entities, should carry out a fundamental rights impact assessment prior to putting it into use. Services important for individuals that are of public nature may also be provided by private entities. Private entities providing such public services are linked to tasks in the public interest such as in the areas of education, healthcare, social services, housing, administration of justice. The aim of the fundamental rights impact assessment is for the deployermeans a natural or legal person, public authority, agency or other body using an AI system under its authority except where the AI system is used in the course of a personal non-professional activity; to identify the specific risksmeans the combination of the probability of an occurrence of harm and the severity of that harm; to the rights of individuals or groups of individuals likely to be affected, identify measures to be taken in the case of a materialisation of those risksmeans the combination of the probability of an occurrence of harm and the severity of that harm;. The impact assessment should be performed prior to deploying the high-risk AI systemmeans a machine-based system that is designed to operate with varying levels of autonomy and that may exhibit adaptiveness after deployment, and that, for explicit or implicit objectives, infers, from the input it receives, how to generate outputs such as predictions, content, recommendations, or decisions that can influence physical or virtual environments;, and should be updated when the deployermeans a natural or legal person, public authority, agency or other body using an AI system under its authority except where the AI system is used in the course of a personal non-professional activity; considers that any of the relevant factors have changed. The impact assessment should identify the deployermeans a natural or legal person, public authority, agency or other body using an AI system under its authority except where the AI system is used in the course of a personal non-professional activity;’s relevant processes in which the high-risk AI systemmeans a machine-based system that is designed to operate with varying levels of autonomy and that may exhibit adaptiveness after deployment, and that, for explicit or implicit objectives, infers, from the input it receives, how to generate outputs such as predictions, content, recommendations, or decisions that can influence physical or virtual environments; will be used in line with its intended purposemeans the use for which an AI system is intended by the provider, including the specific context and conditions of use, as specified in the information supplied by the provider in the instructions for use, promotional or sales materials and statements, as well as in the technical documentation;, and should include a description of the period of time and frequency in which the system is intended to be used as well as of specific categories of natural persons and groups who are likely to be affected in the specific context of use. The assessment should also include the identification of specific risksmeans the combination of the probability of an occurrence of harm and the severity of that harm; of harm likely to have an impact on the fundamental rights of those persons or groups. While performing this assessment, the deployermeans a natural or legal person, public authority, agency or other body using an AI system under its authority except where the AI system is used in the course of a personal non-professional activity; should take into account information relevant to a proper assessment of the impact, including but not limited to the information given by the providermeans a natural or legal person, public authority, agency or other body that develops an AI system or a general-purpose AI model or that has an AI system or a general-purpose AI model developed and places it on the market or puts the AI system into service under its own name or trademark, whether for payment or free of charge; of the high-risk AI systemmeans a machine-based system that is designed to operate with varying levels of autonomy and that may exhibit adaptiveness after deployment, and that, for explicit or implicit objectives, infers, from the input it receives, how to generate outputs such as predictions, content, recommendations, or decisions that can influence physical or virtual environments; in the instructions for usemeans the information provided by the provider to inform the deployer of, in particular, an AI system’s intended purpose and proper use;. In light of the risksmeans the combination of the probability of an occurrence of harm and the severity of that harm; identified, deployersmeans a natural or legal person, public authority, agency or other body using an AI system under its authority except where the AI system is used in the course of a personal non-professional activity; should determine measures to be taken in the case of a materialisation of those risksmeans the combination of the probability of an occurrence of harm and the severity of that harm;, including for example governance arrangements in that specific context of use, such as arrangements for human oversight according to the instructions of use or, complaint handling and redress procedures, as they could be instrumental in mitigating risksmeans the combination of the probability of an occurrence of harm and the severity of that harm; to fundamental rights in concrete use-cases. After performing that impact assessment, the deployermeans a natural or legal person, public authority, agency or other body using an AI system under its authority except where the AI system is used in the course of a personal non-professional activity; should notify the relevant market surveillance authoritymeans the national authority carrying out the activities and taking the measures pursuant to Regulation (EU) 2019/1020;. Where appropriate, to collect relevant information necessary to perform the impact assessment, deployersmeans a natural or legal person, public authority, agency or other body using an AI system under its authority except where the AI system is used in the course of a personal non-professional activity; of high-risk AI systemmeans a machine-based system that is designed to operate with varying levels of autonomy and that may exhibit adaptiveness after deployment, and that, for explicit or implicit objectives, infers, from the input it receives, how to generate outputs such as predictions, content, recommendations, or decisions that can influence physical or virtual environments;, in particular when AI systemsmeans a machine-based system that is designed to operate with varying levels of autonomy and that may exhibit adaptiveness after deployment, and that, for explicit or implicit objectives, infers, from the input it receives, how to generate outputs such as predictions, content, recommendations, or decisions that can influence physical or virtual environments; are used in the public sector, could involve relevant stakeholders, including the representatives of groups of persons likely to be affected by the AI systemmeans a machine-based system that is designed to operate with varying levels of autonomy and that may exhibit adaptiveness after deployment, and that, for explicit or implicit objectives, infers, from the input it receives, how to generate outputs such as predictions, content, recommendations, or decisions that can influence physical or virtual environments;, independent experts, and civil society organisations in conducting such impact assessments and designing measures to be taken in the case of materialisation of the risksmeans the combination of the probability of an occurrence of harm and the severity of that harm;. The European Artificial Intelligence Office (AI Officemeans the Commission’s function of contributing to the implementation, monitoring and supervision of AI systems and general-purpose AI models, and AI governance, provided for in Commission Decision of 24 January 2024; references in this Regulation to the AI Office shall be construed as references to the Commission;) should develop a template for a questionnaire in order to facilitate compliance and reduce the administrative burden for deployersmeans a natural or legal person, public authority, agency or other body using an AI system under its authority except where the AI system is used in the course of a personal non-professional activity;.