Responsible AI Platform
🇳🇱 Nederlands

Annex XIII AI Act

class="oj-doc-ti" id="d1e38-144-1">BILAG XIII

Official text

id="anx_XIII"> BILAG XIII Kriterier for udpegelse af AI-modeller til almen brug med systemisk risiko, jf. artikel 51 Med henblik på at fastslå, at en AI-model til almen brug har kapaciteter eller virkninger, der svarer til dem, der er fastsat i artikel 51, stk. 1, litra a), tager Kommissionen hensyn til følgende kriterier:

a) antal parametre i modellen

b) datasættets kvalitet eller størrelse, f.eks. målt ved hjælp af tokens

c) den mængde beregningskraft, der anvendes til træning af modellen, målt i flydende kommatalsberegninger eller angivet ved en kombination af andre variabler såsom anslåede træningsomkostninger, anslået tid til træningen eller anslået energiforbrug til træningen

d) modellens input- og outputmetoder, f.eks. tekst til tekst (store sprogmodeller), tekst til billede, multimodalitet og de nyeste tærskler til bestemmelse af kapaciteter med stor virkning for hver modalitet, samt den specifikke type input og output (f.eks. biologiske sekvenser)

e) benchmarks og evalueringer af modellens kapaciteter, herunder hensyntagen til antal opgaver uden yderligere træning, tilpasningsevne til at lære nye, særskilte opgaver, dens grad af autonomi og skalerbarhed og de værktøjer, den har adgang til

f) om den har stor indvirkning på det indre marked på grund af dens omfang, hvilket formodes at være tilfældet, når den er blevet gjort tilgængelig for mindst 10 000 registrerede erhvervsbrugere etableret i Unionen

g) antal registrerede slutbrugere.

ELI: http://data.europa.eu/eli/reg/2024/1689/oj ISSN 1977-0634 (electronic edition)

////////////////////////$(document).ready(function(){generateTOC(true,'', 'Til toppen','false');scrollToCurrentUrlAnchor();});

Source: EUR-Lex, Regulation (EU) 2024/1689 — text reproduced verbatim.

📬 AI Act Weekly

Get the most important AI Act developments in your inbox every week.

Subscribe

Frequently asked questions

What does Annex XIII of the AI Act regulate?

Annex XIII describes the criteria the European Commission uses to determine whether a GPAI model poses systemic risk, under Article 51. These criteria determine whether additional obligations apply.

Which criteria determine if a GPAI model has systemic risk?

Seven criteria: (a) number of parameters, (b) dataset quality/size, (c) amount of compute for training, (d) input/output modalities and state-of-the-art thresholds, (e) benchmarks and evaluations, (f) internal market impact (10,000+ business users), and (g) number of registered end-users.

Is there a threshold for the number of parameters?

Annex XIII lists number of parameters as a criterion (point a), but does not set a fixed threshold. Article 51(1)(a) does mention a threshold of 10^25 FLOP of compute for training as a presumption of systemic risk.

When is a model presumed to have systemic risk?

Article 51(2) provides that a model is presumed to have systemic risk if cumulative compute for training exceeds 10^25 FLOP. The Commission may adjust this threshold through delegated acts.

Does the number of users count for systemic risk?

Yes, point f states that high impact on the internal market is presumed when the model has been made available to at least 10,000 registered business users in the EU. Point g also references the number of end-users.

Are multimodal models more likely to be systemic risk?

Annex XIII, point d, specifically mentions input/output modalities (text-to-text, text-to-image, multimodal) as a criterion, with state-of-the-art thresholds per modality. Multimodal capabilities can therefore contribute to the classification.

Who determines whether a model has systemic risk?

The European Commission determines this based on the criteria in Annex XIII and Article 51. The provider may also self-declare that their model has systemic risk. The 10^25 FLOP threshold creates a legal presumption.

What are the consequences of systemic risk classification?

Providers of GPAI models with systemic risk must comply with additional obligations: model evaluation, adversarial testing, incident reporting to the AI Office, and adequate cybersecurity protection (Article 55).