Responsible AI Platform
🇳🇱 Nederlands

Annex XIII AI Act

class="oj-doc-ti" id="d1e38-144-1">PRILOG XIII.

Official text

id="anx_XIII"> PRILOG XIII. Kriteriji za određivanje UI modela opće namjene sa sistemskim rizikom iz članka 51. Kako bi utvrdila ima li određeni UI model opće namjene sposobnosti ili učinak jednakovrijedne onima iz članka 51. stavka 1. točke (a), Komisija uzima u obzir sljedeće kriterije:

(a) broj parametara modela;

(b) kvalitetu ili veličinu skupa podataka, primjerice mjereno tokenima;

(c) količinu računanja upotrijebljenu za treniranje modela, izmjerenu u matematičkim operacijama nad brojevima s pomičnim zarezom ili izraženu kombinacijom drugih varijabli kao što su procijenjeni troškovi treniranja, procijenjeno vrijeme potrebno za treniranje ili procijenjena potrošnja energije za treniranje;

(d) ulazne i izlazne modalitete modela, kao što su pretvaranje teksta u tekst (veliki jezični modeli), pretvaranje teksta u sliku, multimodalnost i najnoviji pragovi za utvrđivanje sposobnosti visokog učinka za svaki modalitet, kao i specifičnu vrstu ulaznih i izlaznih podataka (npr. biološke sekvence);

(e) referentne vrijednosti i evaluacije sposobnosti modela, što uključuje uzimanje u obzir broja zadaća bez dodatnog treniranja, prilagodljivost za učenje novih, različitih zadaća, njegovu razinu autonomije i skalabilnosti, alate kojima ima pristup;

(f) ima li model zbog svojeg dosega znatan utjecaj na unutarnje tržište, što se pretpostavlja ako je stavljen na raspolaganje najmanje 10 000 registriranih poslovnih korisnika s poslovnim nastanom u Uniji;

(g) broj registriranih krajnjih korisnika.

ELI: http://data.europa.eu/eli/reg/2024/1689/oj ISSN 1977-0847 (electronic edition)

////////////////////////$(document).ready(function(){generateTOC(true,'', 'Povratak na vrh','false');scrollToCurrentUrlAnchor();});

Source: EUR-Lex, Regulation (EU) 2024/1689 — text reproduced verbatim.

📬 AI Act Weekly

Get the most important AI Act developments in your inbox every week.

Subscribe

Frequently asked questions

What does Annex XIII of the AI Act regulate?

Annex XIII describes the criteria the European Commission uses to determine whether a GPAI model poses systemic risk, under Article 51. These criteria determine whether additional obligations apply.

Which criteria determine if a GPAI model has systemic risk?

Seven criteria: (a) number of parameters, (b) dataset quality/size, (c) amount of compute for training, (d) input/output modalities and state-of-the-art thresholds, (e) benchmarks and evaluations, (f) internal market impact (10,000+ business users), and (g) number of registered end-users.

Is there a threshold for the number of parameters?

Annex XIII lists number of parameters as a criterion (point a), but does not set a fixed threshold. Article 51(1)(a) does mention a threshold of 10^25 FLOP of compute for training as a presumption of systemic risk.

When is a model presumed to have systemic risk?

Article 51(2) provides that a model is presumed to have systemic risk if cumulative compute for training exceeds 10^25 FLOP. The Commission may adjust this threshold through delegated acts.

Does the number of users count for systemic risk?

Yes, point f states that high impact on the internal market is presumed when the model has been made available to at least 10,000 registered business users in the EU. Point g also references the number of end-users.

Are multimodal models more likely to be systemic risk?

Annex XIII, point d, specifically mentions input/output modalities (text-to-text, text-to-image, multimodal) as a criterion, with state-of-the-art thresholds per modality. Multimodal capabilities can therefore contribute to the classification.

Who determines whether a model has systemic risk?

The European Commission determines this based on the criteria in Annex XIII and Article 51. The provider may also self-declare that their model has systemic risk. The 10^25 FLOP threshold creates a legal presumption.

What are the consequences of systemic risk classification?

Providers of GPAI models with systemic risk must comply with additional obligations: model evaluation, adversarial testing, incident reporting to the AI Office, and adequate cybersecurity protection (Article 55).