AI Geletterdheid

AI literacy is more than just knowing what AI is. According to Article 3(56) of the EU AI Act, it includes: "skills, knowledge and understanding that allow providers, deployers and affected persons to make an informed deployment of AI systems and to gain awareness about the opportunities and risks of AI." Article 4 requires organizations to ensure "a sufficient level of AI literacy" for staff working with AI. This is not optional advice but a legal obligation since February 2, 2025.

An AI-literate professional masters four core competencies: 1) UNDERSTAND - Fundamental understanding of how AI works: difference between AI/ML/generative AI, how training data affects output, what AI can and cannot do, basics of LLMs. 2) EVALUATE - Critical assessment: recognizing hallucinations and errors, identifying bias, assessing reliability, understanding risks and limitations. 3) APPLY - Responsible deployment: effective prompting, privacy-conscious use, compliance with regulations, making ethical considerations. 4) COMMUNICATE - Effectively convey: making AI use transparent, explaining to colleagues, informing stakeholders, documenting AI decisions.

The EU AI Act distinguishes levels by role. MANAGEMENT & BOARD (strategic level): understanding AI governance, risks and strategic implications - CEO, CTO, directors, AI Ethics Board. AI USERS (operational level): working with AI tools daily, assessing output, responsible use - customer service, marketing, HR, legal. COMPLIANCE & RISK (control level): overseeing AI use, monitoring risks, ensuring compliance - compliance officers, risk managers, DPOs, internal audit. DEVELOPERS & IT (technical level): deep knowledge of AI systems and technical compliance requirements - data scientists, ML engineers, developers, IT architects.

The Dutch Data Protection Authority recommends a multi-year action plan in 4 steps. STEP 1 - INVENTORY (Week 1-2): Map AI systems including purpose, degree of autonomy and impact. Document who works with them and current knowledge level. STEP 2 - SET GOALS (Week 3-4): Define measurable goals per risk domain. Assign responsibilities. Present to board for commitment. STEP 3 - IMPLEMENT (Month 2): Start role-specific training. Publish AI use register internally. Write culture/vision document. STEP 4 - EVALUATE (Month 3+): Discuss results in management team, analyze residual risk, adjust goals. Include in management reporting. AI literacy is not a one-time event but an ongoing organizational capability.

AI literacy is more than a compliance checkbox. LEGAL GOVERNANCE: show how you apply Article 4 in a risk-based way per role, system and context. RISK MANAGEMENT: prevent data breaches, bias incidents and reputation damage through employees who understand AI risks. MORE EFFECTIVE AI ADOPTION: teams that understand AI get more value and make fewer mistakes. INNOVATION CAPACITY: AI-literate employees see opportunities others miss and can meaningfully apply AI. EMPLOYEE SATISFACTION: investing in AI skills gives confidence and perspective in a changing work environment. COMPETITIVE ADVANTAGE: AI-literate teams move faster and more responsibly than competitors.

The original Digital Omnibus on AI proposal sought to amend Article 4: less emphasis on a direct organisational obligation and more emphasis on encouragement by the Commission and Member States. The EDPB and EDPS advised keeping the direct obligation for organisations. On 7 May 2026, the Council and European Parliament reached a provisional political agreement on the AI Act amendments, but the official agreement communication does not spell out Article 4 as a settled amendment. The practical line is therefore clear: do not claim AI literacy has disappeared. Until a formal amendment applies, the current AI Act remains in force, and training remains necessary for responsible use, risk management and demonstrable governance.