Decoding the Red Lines: Unpacking Prohibited AI Practices Under the EU AI Act

Following our previous exploration of the EDPB's vital opinion on AI and GDPR, we continue our deep dive into the groundbreaking EU AI Act. This time, we shine a spotlight on the Act's Article 5 – the "red lines" that define unequivocally prohibited AI practices. Understanding these prohibitions is not merely a matter of compliance; it's about grasping the ethical and societal values underpinning the EU's approach to Artificial Intelligence.

The EU AI Act isn't just about fostering innovation; it's fundamentally about safeguarding fundamental rights. Article 5 embodies this commitment, outlining AI systems that are deemed too risky, too intrusive, or simply incompatible with European values. Violations of these prohibitions carry the most significant penalties under the Act, underscoring their gravity.

This article will dissect these prohibited practices, revealing the nuances, exceptions, and practical implications for organizations developing, deploying, or even considering using AI within the EU.

Understanding the Playing Field: Key Concepts of the AI Act

Before diving into the prohibitions, let's briefly recap some essential elements of the AI Act, as highlighted in our briefing document:

• Broad Scope, Specific Focus: The Act casts a wide net, applying across sectors and encompassing both public and private entities. It's not limited to specific industries but rather focuses on the use and capabilities of AI systems.
• Actor Differentiation: The Act carefully distinguishes between various actors in the AI ecosystem: Providers: Those who develop AI systems and place them on the market. Deployers: Those who use AI systems under their authority. Importers & Distributors: Entities involved in the supply chain. Product Manufacturers: Integrating AI into broader products. For Article 5, the responsibilities primarily fall on providers (ensuring their systems don't embody prohibited practices) and deployers (choosing and using systems responsibly).
• Use-Case Based Exclusions: Certain areas are carved out, such as AI for national security, defense, pure research, and personal, non-professional use. Crucially, these exclusions are based on the purpose and use of the AI, not the entity involved. As our briefing quote emphasizes: "Whether that exclusion applies therefore depends on the purposes or the uses of the AI system, not the entities carrying out the activities with that system..." This means even a government agency might be subject to the Act if its AI use falls outside the narrowly defined exclusions.

Article 5: The List of AI "No-Go Zones"

Article 5 meticulously outlines the prohibited AI practices. Let's break down each category:

1. AI Systems Deploying Subliminal, Manipulative, or Deceptive Techniques (Art. 5(1)(a)-(b))

• What it Prohibits: AI systems designed to subtly manipulate individuals through subliminal techniques beyond their conscious awareness, or those that exploit vulnerabilities related to age or disability in a manner that causes (or is likely to cause) harm.
• Rationale: This prohibition strikes at the heart of autonomy and free will. It aims to prevent AI from becoming a tool for hidden coercion, undermining informed decision-making and potentially causing psychological or physical harm. Think of AI-driven interfaces designed to nudge users into actions they wouldn't consciously choose, or systems preying on vulnerable populations.
• Practical Implications: Transparency in user interfaces becomes paramount. Providers must ensure their AI systems are not designed to exploit unconscious biases or vulnerabilities. This may require careful design choices and rigorous testing to ensure ethical user interaction. This isn't just about overt deception; subtle manipulation is also targeted.

2. AI Systems for Social Scoring for General Purpose by Public Authorities (Art. 5(1)(c))

• What it Prohibits: AI systems used by public authorities (or on their behalf) to evaluate or classify natural persons based on their social behavior or known or predicted personal or personality characteristics, leading to detrimental or discriminatory treatment in contexts unrelated to the original data collection.
• Rationale: This prohibition directly addresses the specter of "social credit systems." It prevents governments from using AI to create pervasive systems of social control, where behavior in one area (e.g., online activity) can negatively impact access to services or opportunities in completely unrelated areas (e.g., loan applications, social benefits). This safeguards against algorithmic discrimination and the chilling effect of constant social monitoring.
• Key Nuance: The prohibition extends beyond mere "evaluation" to "classification," encompassing broader categorizations that might not involve explicit judgment but still lead to discriminatory outcomes. As the briefing states: "The scope of ‘classification’ is therefore broader than ‘evaluation’ and can also cover other types of classifications or categorisations of natural persons or groups of persons based on criteria that do not necessarily involve a particular assessment or judgement about those persons or groups of persons and their characteristics or behaviour."
• Practical Implications: Public authorities must critically examine any AI systems that classify or evaluate individuals. Even seemingly benign classifications can fall under this prohibition if they lead to detrimental effects in unrelated contexts. Transparency about how public sector AI is used is crucial to avoid perceptions of social scoring.

3. AI Systems for Individual Risk Assessment of Natural Persons to Predict Criminal Offences (Art. 5(1)(d))

• What it Prohibits: AI systems solely predicting the risk of an individual committing a criminal offense based only on profiling or personality characteristics.
• Rationale: This prohibition tackles predictive policing based on flawed or discriminatory data. It rejects the notion of pre-emptive punishment based on algorithmic hunches derived from personality traits or group profiles. It prioritizes individual agency and the presumption of innocence.
• Crucial Distinction: The Act permits AI to support human assessment of criminal risk when based on "objective and verifiable facts directly linked to that criminal activity." The line is drawn at relying solely on profiling or personality. AI can assist law enforcement by analyzing evidence and data related to specific crimes, but not by generating risk scores based on who someone is rather than what they've demonstrably done. As our briefing clarifies: "the prohibition does not apply if the AI system is used to support the human assessment of the involvement of a person in a criminal activity based on objective and verifiable facts directly linked to that criminal activity."
• Profiling Defined: The briefing document also clarifies that applying a group profile to an individual for prediction constitutes "profiling" under this article: "Whenever an AI system makes prediction and applies such a (group) profile to a specific individual, this constitutes profiling of the person and may therefore fall within the prohibition of Article 5(1)(d) AI Act."
• Private Actors: While primarily aimed at law enforcement, this prohibition can extend to private actors performing law enforcement-related tasks under legal obligations. However, it generally excludes typical risk assessments by businesses to protect their own interests (e.g., fraud prevention), even if those risks are linked to criminal acts.
• Practical Implications: Law enforcement agencies must be extremely cautious about using AI for predictive policing. Systems must be demonstrably based on objective evidence, not discriminatory profiling. Providers offering AI to law enforcement need to ensure compliance with this nuanced prohibition. The definition of "objective and verifiable facts" will be a key area of interpretation.

4. AI Systems that Categorize Natural Persons Based on Biometric Data Inferring Sensitive Attributes (Art. 5(1)(g))

• What it Prohibits: AI systems that categorize individuals using biometric data (e.g., facial images, fingerprints) to infer sensitive attributes such as race, political opinions, religious or philosophical beliefs, trade union membership, sex life, or sexual orientation.
• Rationale: This prohibition is a strong safeguard against biometric surveillance and discriminatory categorization based on highly sensitive personal characteristics. It recognizes the inherent risks of bias and discrimination when AI attempts to infer sensitive attributes from biometric data, which can be inaccurate and perpetuate harmful stereotypes. The briefing emphasizes: "The term ‘categorisation’ refers to the fact that persons are individually categorised by the AI system based on their biometric data." This focuses on the act of categorizing individuals based on biometric analysis to infer sensitive attributes.
• Practical Implications: Development and deployment of AI systems designed to infer sensitive attributes from biometrics are essentially off-limits in the EU, except under very limited and tightly controlled research contexts (likely requiring explicit ethical review and safeguards). Companies offering biometric analysis solutions need to carefully assess if their systems could be interpreted as falling under this prohibition.

5. Real-Time Remote Biometric Identification (RBI) Systems in Publicly Accessible Spaces for Law Enforcement (Art. 5(1)(h))

• What it Prohibits (General Rule): Real-time RBI systems used by law enforcement in publicly accessible spaces are generally prohibited. This is the most heavily debated and strictly regulated prohibition in the Act.
• Rationale: This near-total ban reflects deep concerns about mass surveillance, chilling effects on freedom of expression and assembly, and the potential for misuse and abuse of powerful biometric identification technologies in public spaces. The Act recognizes that pervasive real-time RBI poses a fundamental threat to democratic societies. As the briefing states, regarding national legislation enabling RBI: "National laws shall not exceed the limits set by Article 5(1)(h) AI Act and shall respect all further related conditions set forth in the AI Act." And emphasizes the strong limitations on RBI usage: "the objectives for which the use of real-time RBI systems for law enforcement purposes in publicly accessible spaces is allowed must be strictly, exhaustively, and narrowly defined, and appear when there is a ‘strict necessity’ to achieve ‘a substantial public interest’ which ‘outweighs the risks’ posed to fundamental rights."
• Exhaustive and Narrow Exceptions: The Act outlines a very limited and strictly defined set of exceptions where real-time RBI might be permitted under stringent conditions: Targeted search for victims of crime (e.g., trafficking, sexual exploitation) or missing persons. Prevention of an imminent and specific threat to life or physical safety, or a genuine and present or foreseeable threat of a terrorist attack. Localization or identification of suspects of serious crimes listed in Annex II of the AI Act (e.g., terrorism, murder, rape).
• Cumulative and Stringent Conditions: Even within these exceptions, numerous cumulative conditions and safeguards apply: Strict Necessity and Proportionality: Use must be demonstrably necessary and proportionate to the specific objective. Fundamental Rights Impact Assessment (FRIA) – Mandatory: A comprehensive FRIA is required before deployment, evaluating impacts on rights like privacy, data protection, freedom of movement, assembly, expression, non-discrimination, and human dignity. Registration: Authorized systems must be registered in an EU-wide database (except in duly justified urgency cases, with registration to follow without undue delay). Prior Authorization – Judicial or Independent Authority: Each individual use (not just the system itself) must be pre-authorized by a judicial authority or an independent administrative body. This authorization must be based on a reasoned request and demonstrate necessity and proportionality. As highlighted: "Each individual use of a real-time RBI system for one of the permitted exceptions must be authorised prior to its deployment by a judicial authority or other independent authority under Article 5(3) AI Act." Temporal and Geographic Limitations: Use must be strictly limited in time, geographic scope, and targeted individuals. National Law Enabling and Regulating: Member States must have national laws explicitly allowing and regulating real-time RBI for law enforcement within the AI Act's strict confines. Without such national legislation, as the briefing quote states: "In the absence of national legislation allowing and regulating such use, law enforcement authorities and other entities should refrain from using those systems."
• Practical Implications: Real-time RBI in public spaces for law enforcement is essentially a "last resort" option in the EU, permissible only in very exceptional and tightly controlled circumstances. Companies developing RBI systems need to be acutely aware of these restrictions. Law enforcement agencies must establish robust legal frameworks, implement rigorous safeguards, and justify each instance of use with demonstrable necessity and proportionality, obtaining prior authorization for every deployment. The layered approval process (FRIA, registration, prior authorization) highlights the EU's commitment to preventing misuse.

Why Should Organizations Care About Article 5 Prohibitions?

Compliance with Article 5 isn't just a legal obligation; it's a matter of ethical AI development and responsible innovation. Here’s why these prohibitions matter to your organization:

• Avoid Stiff Penalties: Violations of Article 5 incur the highest fines under the AI Act – up to €30 million or 6% of global annual turnover, whichever is higher.
• Uphold Ethical Standards: Embracing these prohibitions demonstrates a commitment to ethical AI practices and builds trust with users and stakeholders.
• Mitigate Reputational Risk: Using prohibited AI systems can severely damage an organization's reputation and public image.
• Foster Innovation within Ethical Boundaries: The Act encourages innovation that respects fundamental rights. Understanding the "red lines" allows organizations to focus their AI development on ethical and compliant applications.
• Gain Competitive Advantage: In a world increasingly concerned about AI ethics and privacy, organizations that proactively comply with the AI Act and demonstrate responsible AI practices will likely gain a competitive edge, particularly in the EU market.

Navigating the Ethical Compass of AI

Article 5 of the EU AI Act is not merely a list of restrictions; it's a powerful statement of values. It draws clear ethical boundaries for AI development and deployment within the EU, prioritizing fundamental rights and human dignity.

For organizations operating in or targeting the EU market, understanding and adhering to these prohibitions is paramount. It requires a shift towards "ethics by design" in AI development, robust due diligence in system selection, and a commitment to transparency and accountability in AI deployment.

The EU AI Act's prohibited practices are not roadblocks to innovation, but rather guideposts towards a future where AI serves humanity in a responsible and rights-respecting manner.

Stay tuned for the next article in our series, where we will delve into the "high-risk" category of AI systems under the EU AI Act and the conformity assessment procedures required.

Let's discuss! What are your thoughts on these prohibited AI practices? Do you foresee challenges in implementing these prohibitions in practice? What steps are organizations taking to ensure ethical and rights-respecting AI development? Share your insights in the comments below! #EUAIAct #AIAct #ArtificialIntelligence #Ethics #Compliance #DataProtection #TechLaw #Regulation #ProhibitedAI #FundamentalRights #Innovation #ResponsibleAI