Annex XIII AI Act
KritÄriji atzÄ«Å”anai par vispÄrÄ«ga lietojuma MI modeli ar sistÄmisku risku, kas minÄts 51.Ā pantÄ
Official text
id="anx_XIIIĀ "> XIIIĀ PIELIKUMS KritÄriji atzÄ«Å”anai par vispÄrÄ«ga lietojuma MI modeli ar sistÄmisku risku, kas minÄts 51.Ā pantÄ Lai noteiktu, vai vispÄrÄ«ga lietojuma MI modelim ir spÄjas vai ietekme, kas ir lÄ«dzvÄrtÄ«ga 51.Ā panta 1.Ā punkta a)Ā apakÅ”punktÄ minÄtajÄm spÄjÄm vai ietekmei, Komisija Åem vÄrÄ Å”Ädus kritÄrijus:
a) modeļa parametru skaits;
b) datu kopu kvalitÄte vai lielums, piemÄram, mÄrot ar datsegmentiem;
c) modeļa apmÄcÄ«bai izmantotais skaitļoÅ”anas resursu apjoms, mÄrÄ«ts peldoÅ”Ä punkta operÄcijÄs vai izteikts ar citu mainÄ«go lielumu kombinÄciju, piemÄram, apmÄcÄ«bas lÄstÄs izmaksas, lÄstais apmÄcÄ«bai nepiecieÅ”amais laiks vai lÄstais enerÄ£ijas patÄriÅÅ” apmÄcÄ«bai;
d) modeļa ievades un izvades modalitÄtes, piemÄram, no teksta uz tekstu (lielie valodu modeļi), no teksta uz attÄlu, multimodalitÄte un jaunÄkÄs robežvÄrtÄ«bas augstas ietekmes spÄju noteikÅ”anai katrai modalitÄtei, un konkrÄtais ievaddatu un iznÄkumu veids (piemÄram, bioloÄ£iskÄs sekvences);
e) modeļa spÄju kritÄriji un izvÄrtÄÅ”anas, tostarp Åemot vÄrÄ uzdevumu skaitu bez papildu apmÄcÄ«bas, spÄju pielÄgoties jaunu, atŔķirÄ«gu uzdevumu apguvei, tÄ autonomijas pakÄpi un mÄrogojamÄ«bu, rÄ«kus, kuriem tam ir piekļuve;
f) vai tam ir liela ietekme uz iekÅ”Äjo tirgu tÄ tvÄruma dÄļĀ ā to tÄ pieÅem, kad modelis ir darÄ«ts pieejams vismaz 10Ā 000 reÄ£istrÄtu komerciÄlo lietotÄju, kas iedibinÄti SavienÄ«bÄ;
g) reÄ£istrÄto galalietotÄju skaits.
ELI: http://data.europa.eu/eli/reg/2024/1689/oj ISSN 1977-0715 (electronic edition)
////////////////////////$(document).ready(function(){generateTOC(true,'', 'Uz paŔu augŔu','false');scrollToCurrentUrlAnchor();});
Source: EUR-Lex, Regulation (EU) 2024/1689 ā text reproduced verbatim.
š¬ AI Act Weekly
Get the most important AI Act developments in your inbox every week.
SubscribeFrequently asked questions
What does Annex XIII of the AI Act regulate?
Annex XIII describes the criteria the European Commission uses to determine whether a GPAI model poses systemic risk, under Article 51. These criteria determine whether additional obligations apply.
Which criteria determine if a GPAI model has systemic risk?
Seven criteria: (a) number of parameters, (b) dataset quality/size, (c) amount of compute for training, (d) input/output modalities and state-of-the-art thresholds, (e) benchmarks and evaluations, (f) internal market impact (10,000+ business users), and (g) number of registered end-users.
Is there a threshold for the number of parameters?
Annex XIII lists number of parameters as a criterion (point a), but does not set a fixed threshold. Article 51(1)(a) does mention a threshold of 10^25 FLOP of compute for training as a presumption of systemic risk.
When is a model presumed to have systemic risk?
Article 51(2) provides that a model is presumed to have systemic risk if cumulative compute for training exceeds 10^25 FLOP. The Commission may adjust this threshold through delegated acts.
Does the number of users count for systemic risk?
Yes, point f states that high impact on the internal market is presumed when the model has been made available to at least 10,000 registered business users in the EU. Point g also references the number of end-users.
Are multimodal models more likely to be systemic risk?
Annex XIII, point d, specifically mentions input/output modalities (text-to-text, text-to-image, multimodal) as a criterion, with state-of-the-art thresholds per modality. Multimodal capabilities can therefore contribute to the classification.
Who determines whether a model has systemic risk?
The European Commission determines this based on the criteria in Annex XIII and Article 51. The provider may also self-declare that their model has systemic risk. The 10^25 FLOP threshold creates a legal presumption.
What are the consequences of systemic risk classification?
Providers of GPAI models with systemic risk must comply with additional obligations: model evaluation, adversarial testing, incident reporting to the AI Office, and adequate cybersecurity protection (Article 55).