regulation··6 min read

Prohibited AI Practices: What's Banned Under the EU AI Act

A detailed look at AI systems and practices that are completely prohibited in the EU.

By Legal Compliance Team
#prohibited#banned#unacceptable-risk#compliance

Some AI applications are considered too risky and are banned outright in the EU. Here's what you need to know.

Completely Prohibited Systems

1. Social Scoring

Banned: AI systems that evaluate or classify people based on social behavior or personal characteristics over time.

Why: Risk of discrimination and violation of fundamental rights.

2. Exploitation of Vulnerabilities

Banned: AI that exploits vulnerabilities of specific groups (children, elderly, disabled) to materially distort behavior.

Example: Toys using voice assistance to manipulate children.

3. Subliminal Manipulation

Banned: AI deploying subliminal techniques beyond a person's consciousness to distort behavior.

Key: Must cause or be likely to cause physical or psychological harm.

4. Real-time Biometric Identification (with exceptions)

Banned: Use of real-time remote biometric identification in publicly accessible spaces for law enforcement.

Exceptions:

  • Search for missing persons
  • Prevention of specific terrorist threats
  • Detection of serious crimes (with judicial authorization)

Implementation Timeline

February 2, 2025: All prohibitions take effect

  • Organizations must cease prohibited practices
  • Existing systems must be decommissioned
  • No grace period provided

Penalties for Violations

  • Up to €35 million OR
  • 7% of global annual turnover
  • Whichever is higher

Border Cases and Clarifications

What's NOT Prohibited:

  • Post-remote biometric identification (with safeguards)
  • Biometric verification (1:1 matching)
  • Private space biometric systems
  • Employee monitoring (subject to labor laws)

Gray Areas Requiring Legal Review:

  • Emotion recognition in specific contexts
  • Predictive policing systems
  • Behavioral analytics for security

Compliance Actions

  1. Immediate audit of all AI systems
  2. Identify any prohibited use cases
  3. Discontinue prohibited practices by February 2025
  4. Document compliance measures
  5. Implement alternative solutions where needed

Seeking Clarification

If unsure whether your system is prohibited:

  • Consult with legal experts
  • Request guidance from regulators
  • Err on the side of caution
  • Consider alternative approaches

The penalties are severe - when in doubt, don't deploy.

Ready to assess your AI system?

Use our free tool to classify your AI system under the EU AI Act and understand your compliance obligations.

Start Risk Assessment →

Related Articles

Understanding EU AI Act Risk Categories: A Complete Guide

Learn about the four risk categories defined by the EU AI Act and how to classify your AI system correctly.

May 28, 20258 min read

EU AI Act for Startups: Practical Compliance Guide

A startup-friendly guide to navigating EU AI Act compliance without breaking the bank.

May 22, 20255 min read

EU AI Act Enters Into Force: Timeline and Implementation Phases

On August 1, 2024, the EU AI Act officially entered into force. Here's what this milestone means and the timeline ahead.

Aug 1, 202410 min read