Il-Ġurnal Uffiċjali
ta'l-Unjoni Ewropea

MT

Official Journal
of the European Union

EN

Is-serje L

L series

2024/1689

12.7.2024

2024/1689

12.7.2024

(1)

L-għan ta' dan ir-Regolament huwa li jtejjeb il-funzjonament tas-suq intern billi jistabbilixxi qafas legali uniformi b'mod partikolari għall-iżvilupp, l-introduzzjoni fis-suq, it-tqegħid fis-servizz u l-użu ta' sistemi ta' intelliġenza artifiċjali (sistemi tal-IA) fl-Unjoni, f'konformità mal-valuri tal-Unjoni, li jippromwovi l-adozzjoni ta' intelliġenza artifiċjali (IA) ċċentrata fuq il-bniedem u affidabbli filwaqt li jiżgura livell għoli ta' protezzjoni tas-saħħa, tas-sikurezza, tad-drittijiet fundamentali kif minquxa fil-Karta tad-Drittijiet Fundamentali tal-Unjoni Ewropea (“il-Karta”), inkluż id-demokrazija, l-istat tad-dritt u l-protezzjoni ambjentali, li jipproteġi kontra l-effetti ta' ħsara tas-sistemi tal-IA fl-Unjoni u li jappoġġa l-innovazzjoni. Dan ir-Regolament jiżgura l-moviment liberu transfruntier tal-oġġetti u s-servizzi bbażati fuq l-IA, u b'hekk jipprevjeni lill-Istati Membri milli jimponu restrizzjonijiet fuq l-iżvilupp, il-kummerċjalizzazzjoni u l-użu ta' sistemi tal-IA, sakemm mhumiex awtorizzati b'mod espliċitu b'dan ir-Regolament.

(1)

The purpose of this Regulation is to improve the functioning of the internal market by laying down a uniform legal framework in particular for the development, the placing on the market, the putting into service and the use of artificial intelligence systems (AI systems) in the Union, in accordance with Union values, to promote the uptake of human centric and trustworthy artificial intelligence (AI) while ensuring a high level of protection of health, safety, fundamental rights as enshrined in the Charter of Fundamental Rights of the European Union (the ‘Charter’), including democracy, the rule of law and environmental protection, to protect against the harmful effects of AI systems in the Union, and to support innovation. This Regulation ensures the free movement, cross-border, of AI-based goods and services, thus preventing Member States from imposing restrictions on the development, marketing and use of AI systems, unless explicitly authorised by this Regulation.

(2)

Jenħtieġ li dan ir-Regolament jiġi applikat f'konformità mal-valuri tal-Unjoni kif minquxa fil-Karta li jiffaċilitaw il-protezzjoni tal-persuni fiżiċi, tal-impriżi, tad-demokrazija, tal-istat tad-dritt u tal-protezzjoni ambjentali filwaqt li jagħti spinta lill-innovazzjoni u l-impjiegi u jagħmel lill-Unjoni minn ta' quddiem nett fl-adozzjoni ta' IA affidabbli.

(2)

This Regulation should be applied in accordance with the values of the Union enshrined as in the Charter, facilitating the protection of natural persons, undertakings, democracy, the rule of law and environmental protection, while boosting innovation and employment and making the Union a leader in the uptake of trustworthy AI.

(3)

Is-sistemi tal-IA jistgħu faċilment jiġu implimentati f'varjetà kbira ta' setturi tal-ekonomija u f'ħafna partijiet tas-soċjetà, inkluż b'mod transfruntier, u jistgħu faċilment jiċċirkolaw madwar l-Unjoni. Ċerti Stati Membri diġà esploraw l-adozzjoni ta' regoli nazzjonali biex jiżguraw li l-IA tkun affidabbli u sikura u li tiġi żviluppata u użata f'konformità mal-obbligi tad-drittijiet fundamentali. Regoli nazzjonali diverġenti jistgħu jwasslu għall-frammentazzjoni tas-suq intern u jistgħu jnaqqsu ċ-ċertezza legali tal-operaturi biex jiżviluppaw, jimportaw jew jużaw is-sistemi tal-IA. Għalhekk, jenħtieġ li jkun żgurat livell konsistenti u għoli ta' protezzjoni madwar l-Unjoni kollha sabiex tinkiseb IA affidabbli, filwaqt li jenħtieġ li jiġu evitati d-diverġenzi li jfixklu ċ-ċirkolazzjoni libera, l-innovazzjoni, l-implimentazzjoni u l-adozzjoni tas-sistemi tal-IA u tal-prodotti u tas-servizzi relatati fi ħdan is-suq intern, billi jiġu stabbiliti obbligi uniformi għall-operaturi u tkun żgurata l-protezzjoni uniformi tar-raġunijiet prevalenti ta' interess pubbliku u tad-drittijiet tal-persuni fis-suq intern kollu abbażi tal-Artikolu 114 tat-Trattat dwar il-Funzjonament tal-Unjoni Ewropea (TFUE). Peress li dan ir-Regolament fih regoli speċifiċi dwar il-protezzjoni tal-individwi fir-rigward tal-ipproċessar tad-data personali rigward restrizzjonijiet tal-użu ta' sistemi tal-IA għall-identifikazzjoni bijometrika remota għall-fini tal-infurzar tal-liġi, għall-użu ta' sistemi tal-IA għall-valutazzjonijiet tar-riskju ta' persuni fiżiċi għall-fini tal-infurzar tal-liġi u għall-użu ta' sistemi tal-IA ta' kategorizzazzjoni bijometrika għall-finijiet tal-infurzar tal-liġi, huwa xieraq li dan ir-Regolament, sa fejn huma kkonċernati dawk ir-regoli speċifiċi, jiġi bbażat fuq l-Artikolu 16 TFUE. Fid-dawl ta' dawk ir-regoli speċifiċi u r-rikors għall-Artikolu 16 TFUE, jixraq jiġi kkonsultat il-Bord Ewropew għall-Protezzjoni tad-Data.

(3)

AI systems can be easily deployed in a large variety of sectors of the economy and many parts of society, including across borders, and can easily circulate throughout the Union. Certain Member States have already explored the adoption of national rules to ensure that AI is trustworthy and safe and is developed and used in accordance with fundamental rights obligations. Diverging national rules may lead to the fragmentation of the internal market and may decrease legal certainty for operators that develop, import or use AI systems. A consistent and high level of protection throughout the Union should therefore be ensured in order to achieve trustworthy AI, while divergences hampering the free circulation, innovation, deployment and the uptake of AI systems and related products and services within the internal market should be prevented by laying down uniform obligations for operators and guaranteeing the uniform protection of overriding reasons of public interest and of rights of persons throughout the internal market on the basis of Article 114 of the Treaty on the Functioning of the European Union (TFEU). To the extent that this Regulation contains specific rules on the protection of individuals with regard to the processing of personal data concerning restrictions of the use of AI systems for remote biometric identification for the purpose of law enforcement, of the use of AI systems for risk assessments of natural persons for the purpose of law enforcement and of the use of AI systems of biometric categorisation for the purpose of law enforcement, it is appropriate to base this Regulation, in so far as those specific rules are concerned, on Article 16 TFEU. In light of those specific rules and the recourse to Article 16 TFEU, it is appropriate to consult the European Data Protection Board.

(4)

L-IA hi familja ta' teknoloġiji li qed tevolvi malajr u li tikkontribwixxi għal firxa wiesgħa ta' benefiċċji ekonomiċi, ambjentali u soċjetali fl-ispettru kollu tal-industriji u tal-attivitajiet soċjali. B'titjib fil-previżjoni, b'ottimizzazzjoni tal-operazzjonijiet u l-allokazzjoni tar-riżorsi, u b'personalizzazzjoni tas-soluzzjonijiet diġitali disponibbli għall-individwi u l-organizzazzjonijiet, l-użu tal-IA jista' jipprovdi vantaġġi kompetittivi ewlenin lill-impriżi u jappoġġa eżiti b'benefiċċji soċjali u ambjentali, bħal pereżempju fil-kura tas-saħħa, fl-agrikoltura, fis-sikurezza tal-ikel, fl-edukazzjoni u t-taħriġ, fil-media, fl-isports, fil-kultura, fil-ġestjoni tal-infrastruttura, fl-enerġija, fit-trasport u l-loġistika, fis-servizzi pubbliċi, fis-sigurtà, fil-ġustizzja, fl-effiċjenza tar-riżorsi u enerġetika, fil-monitoraġġ ambjentali, fil-konservazzjoni u r-restawr tal-bijodiversità u l-ekosistemi u fil-mitigazzjoni u l-adattament għat-tibdil fil-klima.

(4)

AI is a fast evolving family of technologies that contributes to a wide array of economic, environmental and societal benefits across the entire spectrum of industries and social activities. By improving prediction, optimising operations and resource allocation, and personalising digital solutions available for individuals and organisations, the use of AI can provide key competitive advantages to undertakings and support socially and environmentally beneficial outcomes, for example in healthcare, agriculture, food safety, education and training, media, sports, culture, infrastructure management, energy, transport and logistics, public services, security, justice, resource and energy efficiency, environmental monitoring, the conservation and restoration of biodiversity and ecosystems and climate change mitigation and adaptation.

(5)

Fl-istess ħin, skont iċ-ċirkostanzi fir-rigward tal-applikazzjoni, l-użu u l-livell ta' żvilupp teknoloġiku speċifiċi tagħha, l-IA tista' toħloq riskji u tikkawża ħsara lill-interessi pubbliċi u lid-drittijiet fundamentali li huma protetti bil-liġi tal-Unjoni. Din il-ħsara tista' tkun materjali jew mhux materjali, inkluż ħsara fiżika, psikoloġika, soċjetali jew ekonomika.

(5)

At the same time, depending on the circumstances regarding its specific application, use, and level of technological development, AI may generate risks and cause harm to public interests and fundamental rights that are protected by Union law. Such harm might be material or immaterial, including physical, psychological, societal or economic harm.

(6)

Minħabba l-impatt kbir li jista' jkollha l-IA fuq is-soċjetà u l-ħtieġa li tinbena l-fiduċja, huwa essenzjali li l-IA u l-qafas regolatorju tagħha jiġu żviluppati f'konformità mal-valuri tal-Unjoni minquxa fl-Artikolu 2 tat-Trattat dwar l-Unjoni Ewropea (TUE), id-drittijiet u l-libertajiet fundamentali minquxa fit-Trattati u, skont l-Artikolu 6 TUE, fil-Karta. Bħala prerekwiżit, jenħtieġ li l-IA tkun teknoloġija ċċentrata fuq il-bniedem. Jenħtieġ li sservi bħala għodda għan-nies, bl-għan aħħari li jiżdied il-benesseri tal-bniedem.

(6)

Given the major impact that AI can have on society and the need to build trust, it is vital for AI and its regulatory framework to be developed in accordance with Union values as enshrined in Article 2 of the Treaty on European Union (TEU), the fundamental rights and freedoms enshrined in the Treaties and, pursuant to Article 6 TEU, the Charter. As a prerequisite, AI should be a human-centric technology. It should serve as a tool for people, with the ultimate aim of increasing human well-being.

(7)

Biex ikun żgurat livell konsistenti u għoli ta' protezzjoni tal-interessi pubbliċi fir-rigward tas-saħħa, is-sikurezza, u d-drittijiet fundamentali, jenħtieġ li jiġu stabbiliti regoli komuni għas-sistemi tal-IA b'riskju għoli. Jenħtieġ li dawk ir-regoli jkunu konsistenti mal-Karta, nondiskriminatorji u konformi mal-impenji kummerċjali internazzjonali tal-Unjoni. Jenħtieġ li jqisu wkoll id-Dikjarazzjoni Ewropea dwar id-Drittijiet u l-Prinċipji Diġitali għad-Deċennju Diġitali u l-Linji Gwida dwar l-Etika għal IA affidabbli tal-Grupp ta' Esperti ta' Livell Għoli dwar l-Intelliġenza Artifiċjali (AI HLEG).

(7)

In order to ensure a consistent and high level of protection of public interests as regards health, safety and fundamental rights, common rules for high-risk AI systems should be established. Those rules should be consistent with the Charter, non-discriminatory and in line with the Union’s international trade commitments. They should also take into account the European Declaration on Digital Rights and Principles for the Digital Decade and the Ethics guidelines for trustworthy AI of the High-Level Expert Group on Artificial Intelligence (AI HLEG).

(8)

Għalhekk, huwa meħtieġ qafas legali tal-Unjoni li jistabbilixxi regoli armonizzati dwar l-IA biex jitrawmu l-iżvilupp, l-użu u l-adozzjoni tal-IA fis-suq intern li fl-istess ħin jissodisfa livell għoli ta' protezzjoni tal-interessi pubbliċi, bħas-saħħa u s-sikurezza, u l-protezzjoni tad-drittijiet fundamentali, inkluż id-demokrazija, l-istat tad-dritt u l-protezzjoni ambjentali kif rikonoxxuti u mħarsa bil-liġi tal-Unjoni. Biex jintlaħaq dak l-objettiv, jenħtieġ jiġu stabbiliti regoli li jirregolaw l-introduzzjoni fis-suq, it-tqegħid fis-servizz u l-użu ta' ċerti sistemi tal-IA, u b'hekk ikun żgurat il-funzjonament bla xkiel tas-suq intern u dawk is-sistemi jkunu jistgħu jibbenefikaw mill-prinċipju tal-moviment liberu tal-prodotti u tas-servizzi. Jenħtieġ li dawk ir-regoli jkunu ċari u robusti fil-protezzjoni tad-drittijiet fundamentali, jappoġġaw soluzzjonijiet innovattivi ġodda, li jippermettu ekosistema Ewropea ta' atturi pubbliċi u privati li joħolqu sistemi tal-IA f'konformità mal-valuri tal-Unjoni u jisfruttaw il-potenzjal tat-trasformazzjoni diġitali fir-reġjuni kollha tal-Unjoni. Billi jistabbilixxi dawk ir-regoli kif ukoll miżuri b'appoġġ għall-innovazzjoni b'enfasi partikolari fuq l-intrapriżi mikro, żgħar u ta' daqs medju (SMEs), inkluż negozji ġodda, dan ir-Regolament jappoġġa l-objettiv li jiġi promoss l-approċċ Ewropew iċċentrat fuq il-bniedem għall-IA u li jkun mexxej globali fl-iżvilupp ta' IA sigura, affidabbli u etika kif iddikjarat mill-Kunsill Ewropew (5), u jiżgura l-protezzjoni tal-prinċipji etiċi, kif mitlub speċifikament mill-Parlament Ewropew (6).

(8)

A Union legal framework laying down harmonised rules on AI is therefore needed to foster the development, use and uptake of AI in the internal market that at the same time meets a high level of protection of public interests, such as health and safety and the protection of fundamental rights, including democracy, the rule of law and environmental protection as recognised and protected by Union law. To achieve that objective, rules regulating the placing on the market, the putting into service and the use of certain AI systems should be laid down, thus ensuring the smooth functioning of the internal market and allowing those systems to benefit from the principle of free movement of goods and services. Those rules should be clear and robust in protecting fundamental rights, supportive of new innovative solutions, enabling a European ecosystem of public and private actors creating AI systems in line with Union values and unlocking the potential of the digital transformation across all regions of the Union. By laying down those rules as well as measures in support of innovation with a particular focus on small and medium enterprises (SMEs), including startups, this Regulation supports the objective of promoting the European human-centric approach to AI and being a global leader in the development of secure, trustworthy and ethical AI as stated by the European Council (5), and it ensures the protection of ethical principles, as specifically requested by the European Parliament (6).

(9)

Jenħtieġ li jiġu stabbiliti regoli armonizzati applikabbli għall-introduzzjoni fis-suq, għat-tqegħid fis-servizz u għall-użu tas-sistemi tal-IA b'riskju għoli b'mod konsistenti mar-Regolament (KE) Nru 765/2008 tal-Parlament Ewropew u tal-Kunsill (7), mad-Deċiżjoni Nru 768/2008/KE tal-Parlament Ewropew u tal-Kunsill (8) u mar-Regolament (UE) 2019/1020 tal-Parlament Ewropew u tal-Kunsill (9) (il-Qafas Leġiżlattiv Ġdid). Jenħtieġ li r-regoli armonizzati stabbiliti f'dan ir-Regolament japplikaw fis-setturi kollha u, f'konformità mal-Qafas Leġiżlattiv Ġdid, jenħtieġ li jkunu mingħajr preġudizzju għal-liġijiet eżistenti tal-Unjoni, b'mod partikolari dwar il-protezzjoni tad-data, il-protezzjoni tal-konsumatur, id-drittijiet fundamentali, l-impjiegi, il-protezzjoni tal-ħaddiema u s-sikurezza tal-prodotti, li dan ir-Regolament huwa komplementari għalihom. B'konsegwenza ta' dan, id-drittijiet u r-rimedji kollha previsti minn tali liġijiet tal-Unjoni għall-konsumaturi, u persuni oħra li fuqhom is-sistemi tal-IA jista' jkollhom impatt negattiv, inkluż fir-rigward tal-kumpens għal danni possibbli skont id-Direttiva tal-Kunsill 85/374/KEE (10) jibqgħu mhux affettwati u applikabbli bis-sħiħ. Barra minn hekk, fil-kuntest tal-impjiegi u l-protezzjoni tal-ħaddiema, jenħtieġ għalhekk li dan ir-Regolament ma jaffettwax il-liġi tal-Unjoni dwar il-politika soċjali u l-liġi nazzjonali tax-xogħol, f'konformità mal-liġi tal-Unjoni, fir-rigward tal-kundizzjonijiet tal-impjieg u tax-xogħol, inkluż is-saħħa u s-sikurezza fuq il-post tax-xogħol u r-relazzjoni bejn l-impjegaturi u l-ħaddiema. Jenħtieġ ukoll li dan ir-Regolament ma jaffettwax l-eżerċizzju tad-drittijiet fundamentali kif rikonoxxuti fl-Istati Membri u fil-livell tal-Unjoni, inkluż id-dritt jew il-libertà tal-istrajkjar jew li tittieħed azzjoni oħra koperta mis-sistemi speċifiċi ta' relazzjonijiet industrijali fl-Istati Membri kif ukoll id-dritt tan-negozjar, il-konklużjoni u l-infurzar ta' ftehimiet kollettivi jew id-dritt li tittieħed azzjoni kollettiva f'konformità mad-dritt nazzjonali. Jenħtieġ li dan ir-Regolament ma jaffettwax id-dispożizzjonijiet li għandhom l-għan li jtejbu l-kundizzjonijiet tax-xogħol fix-xogħol fuq il-pjattaformi stabbiliti f’ Direttiva tal-Parlament Ewropew u tal-Kunsill dwar it-titjib tal-kundizzjonijiet tax-xogħol fix-xogħol fuq il-pjattaformi. Barra minn hekk, dan ir-Regolament għandu l-għan li jsaħħaħ l-effettività ta' dawk id-drittijiet u r-rimedji eżistenti billi jistabbilixxi rekwiżiti u obbligi speċifiċi, inkluż fir-rigward tat-trasparenza, id-dokumentazzjoni teknika u ż-żamma tar-rekords tas-sistemi tal-IA. Jenħtieġ ukoll li l-obbligi imposti fuq diversi operaturi involuti fil-katina tal-valur tal-IA skont dan ir-Regolament japplikaw mingħajr preġudizzju għal-liġi nazzjonali, f'konformità mal-liġi tal-Unjoni, bl-effett li jillimitaw l-użu ta' ċerti sistemi tal-IA meta tali liġi taqa' barra mill-kamp ta' applikazzjoni ta' dan ir-Regolament jew tipprova tilħaq objettivi leġittimi ta' interess pubbliku għajr dawk segwiti minn dan ir-Regolament. Pereżempju, jenħtieġ li l-liġi nazzjonali tax-xogħol u l-liġi dwar il-protezzjoni tal-minorenni, jiġifieri persuni taħt l-età ta' 18-il sena, b'kont meħud tal-Kumment Ġenerali Nru 25 (2021) tal-UNCRC (Konvenzjoni tan-Nazzjonijiet Uniti dwar id-Drittijiet tat-Tfal) dwar id-drittijiet tat-tfal fir-rigward tal-ambjent diġitali, sakemm ma jkunux speċifiċi għas-sistemi tal-IA u jippruvaw jilħqu objettivi leġittimi oħra ta' interess pubbliku, ma jiġux affettwati minn dan ir-Regolament.

(9)

Harmonised rules applicable to the placing on the market, the putting into service and the use of high-risk AI systems should be laid down consistently with Regulation (EC) No 765/2008 of the European Parliament and of the Council (7), Decision No 768/2008/EC of the European Parliament and of the Council (8) and Regulation (EU) 2019/1020 of the European Parliament and of the Council (9) (New Legislative Framework). The harmonised rules laid down in this Regulation should apply across sectors and, in line with the New Legislative Framework, should be without prejudice to existing Union law, in particular on data protection, consumer protection, fundamental rights, employment, and protection of workers, and product safety, to which this Regulation is complementary. As a consequence, all rights and remedies provided for by such Union law to consumers, and other persons on whom AI systems may have a negative impact, including as regards the compensation of possible damages pursuant to Council Directive 85/374/EEC (10) remain unaffected and fully applicable. Furthermore, in the context of employment and protection of workers, this Regulation should therefore not affect Union law on social policy and national labour law, in compliance with Union law, concerning employment and working conditions, including health and safety at work and the relationship between employers and workers. This Regulation should also not affect the exercise of fundamental rights as recognised in the Member States and at Union level, including the right or freedom to strike or to take other action covered by the specific industrial relations systems in Member States as well as the right to negotiate, to conclude and enforce collective agreements or to take collective action in accordance with national law. This Regulation should not affect the provisions aiming to improve working conditions in platform work laid down in a Directive of the European Parliament and of the Council on improving working conditions in platform work. Moreover, this Regulation aims to strengthen the effectiveness of such existing rights and remedies by establishing specific requirements and obligations, including in respect of the transparency, technical documentation and record-keeping of AI systems. Furthermore, the obligations placed on various operators involved in the AI value chain under this Regulation should apply without prejudice to national law, in compliance with Union law, having the effect of limiting the use of certain AI systems where such law falls outside the scope of this Regulation or pursues legitimate public interest objectives other than those pursued by this Regulation. For example, national labour law and law on the protection of minors, namely persons below the age of 18, taking into account the UNCRC General Comment No 25 (2021) on children’s rights in relation to the digital environment, insofar as they are not specific to AI systems and pursue other legitimate public interest objectives, should not be affected by this Regulation.

(10)

Id-dritt fundamentali għall-protezzjoni tad-data personali huwa salvagwardjat b'mod partikolari mir-Regolamenti (UE) 2016/679 (11) u (UE) 2018/1725 (12) tal-Parlament Ewropew u tal-Kunsill u d-Direttiva (UE) 2016/680 tal-Parlament Ewropew u tal-Kunsill (13). Barra minn hekk, id-Direttiva 2002/58/KE tal-Parlament Ewropew u tal-Kunsill (14) tipproteġi l-ħajja privata u l-kunfidenzjalità tal-komunikazzjoni, inkluż billi tipprovdi kundizzjonijiet għal kwalunkwe ħżin ta' data personali u mhux personali u l-aċċess fi u minn tagħmir terminali. Dawk l-atti legali tal-Unjoni jipprovdu l-bażi għall-ipproċessar tad-data sostenibbli u responsabbli, inkluż fejn is-settijiet ta' data jinkludu taħlita ta' data personali u mhux personali. Dan ir-Regolament ma għandux l-għan li jaffettwa l-applikazzjoni tal-liġijiet eżistenti tal-Unjoni li jirregolaw l-ipproċessar tad-data personali, inkluż il-kompiti u s-setgħat tal-awtoritajiet superviżorji indipendenti kompetenti biex jimmonitorjaw il-konformità ma' dawk l-istrumenti. Lanqas ma jaffettwa l-obbligi tal-fornituri u tal-implimentaturi tas-sistemi tal-IA fir-rwol tagħhom bħala kontrolluri jew proċessuri tad-data li jirriżultaw mil-liġi tal-Unjoni jew dik nazzjonali dwar il-protezzjoni tad-data personali sa fejn it-tfassil, l-iżvilupp jew l-użu tas-sistemi tal-IA jinvolvu l-ipproċessar ta' data personali. Huwa xieraq ukoll li jiġi ċċarat li s-suġġetti tad-data jkomplu jgawdu d-drittijiet u l-garanziji kollha mogħtija lilhom minn tali liġi tal-Unjoni, inkluż id-drittijiet relatati mat-teħid ta' deċiżjonijiet individwali awtomatizzati biss, inkluż it-tfassil tal-profili. Jenħtieġ li r-regoli armonizzati għall-introduzzjoni fis-suq, għat-tqegħid fis-servizz u għall-użu tas-sistemi tal-IA stabbiliti skont dan ir-Regolament jiffaċilitaw l-implimentazzjoni effettiva u jippermettu l-eżerċizzju tad-drittijiet tas-suġġetti tad-data u rimedji oħra garantiti skont il-liġi tal-Unjoni dwar il-protezzjoni tad-data personali u ta' drittijiet fundamentali oħra.

(10)

The fundamental right to the protection of personal data is safeguarded in particular by Regulations (EU) 2016/679 (11) and (EU) 2018/1725 (12) of the European Parliament and of the Council and Directive (EU) 2016/680 of the European Parliament and of the Council (13). Directive 2002/58/EC of the European Parliament and of the Council (14) additionally protects private life and the confidentiality of communications, including by way of providing conditions for any storing of personal and non-personal data in, and access from, terminal equipment. Those Union legal acts provide the basis for sustainable and responsible data processing, including where data sets include a mix of personal and non-personal data. This Regulation does not seek to affect the application of existing Union law governing the processing of personal data, including the tasks and powers of the independent supervisory authorities competent to monitor compliance with those instruments. It also does not affect the obligations of providers and deployers of AI systems in their role as data controllers or processors stemming from Union or national law on the protection of personal data in so far as the design, the development or the use of AI systems involves the processing of personal data. It is also appropriate to clarify that data subjects continue to enjoy all the rights and guarantees awarded to them by such Union law, including the rights related to solely automated individual decision-making, including profiling. Harmonised rules for the placing on the market, the putting into service and the use of AI systems established under this Regulation should facilitate the effective implementation and enable the exercise of the data subjects’ rights and other remedies guaranteed under Union law on the protection of personal data and of other fundamental rights.

(11)

Jenħtieġ li dan ir-Regolament ikun mingħajr preġudizzju għad-dispożizzjonijiet dwar ir-responsabbiltà tal-fornituri ta’ servizzi intermedjarji kif stipulat fir-Regolament (UE) 2022/2065 tal-Parlament Ewropew u tal-Kunsill (15).

(11)

This Regulation should be without prejudice to the provisions regarding the liability of providers of intermediary services as set out in Regulation (EU) 2022/2065 of the European Parliament and of the Council (15).

(12)

Jenħtieġ li l-kunċett ta' “sistema tal-IA” f'dan ir-Regolament jiġi ddefinit b'mod ċar u jenħtieġ li jiġi allinjat mill-qrib mal-ħidma tal-organizzazzjonijiet internazzjonali li jaħdmu fuq l-IA biex tiġi żgurata ċ-ċertezza legali, tiġi ffaċilitata l-konverġenza internazzjonali u l-aċċettazzjoni wiesgħa, filwaqt li tingħata l-flessibbiltà biex jiġu akkomodati l-iżviluppi teknoloġiċi rapidi f'dan il-qasam. Barra minn hekk, jenħtieġ li d-definizzjoni tkun ibbażata fuq karatteristiċi ewlenin tas-sistemi tal-IA li jiddistingwuh minn sistemi ta' software tjew approċċi ta' programmazzjoni tradizzjonali aktar sempliċi u jenħtieġ li ma jkoprix sistemi li huma bbażati fuq ir-regoli definiti biss minn persuni fiżiċi biex iwettqu operazzjonijiet b'mod awtomatiku. Karatteristika ewlenija tas-sistemi tal-IA hija l-kapaċità tagħhom li jinferixxu. Din il-kapaċità li jinferixxu tirreferi għall-proċess tal-kisba tal-outputs, bħal previżjonijiet, kontenut, rakkomandazzjonijiet, jew deċiżjonijiet, li jistgħu jinfluwenzaw l-ambjenti fiżiċi u virtwali u għal kapaċità tas-sistemi tal-IA li jidderivaw mudelli jew algoritmi, jew it-tnejn, minn inputs jew data. It-tekniki li jippermettu inferenza waqt li tinbena sistema tal-IA jinkludu approċċi ta' tagħlim awtomatiku li jitgħallmu mid-data dwar kif jistgħu jintlaħqu ċerti objettivi, u approċċi bbażati fuq il-loġika u l-għarfien li jinferixxu minn għarfien ikkodifikat jew rappreżentazzjoni simbolika tal-kompitu li għandu jiġi solvut. Il-kapaċità ta' sistema tal-IA li tinferixxi tmur lil hinn mill-ipproċessar bażiku tad-data billi tippermetti l-apprendiment, ir-raġunament jew l-immudellar. It-terminu “bbażati fuq il-magni” jirreferi għall-fatt li s-sistemi tal-IA jaħdmu bil-magni. Ir-referenza għal objettivi espliċiti jew impliċiti tenfasizza li s-sistemi tal-IA jistgħu joperaw skont objettivi espliċiti definiti jew skont objettivi impliċiti. L-objettivi tas-sistema tal-IA jistgħu jkunu differenti mill-għan maħsub tas-sistema tal-IA f'kuntest speċifiku. Għall-finijiet ta' dan ir-Regolament, jenħtieġ li l-ambjenti jinftiehmu bħala l-kuntesti li fihom joperaw is-sistemi tal-IA, filwaqt li l-outputs iġġenerati mis-sistema tal-IA jirriflettu funzjonijiet differenti mwettqa mis-sistemi tal-IA u jinkludu previżjonijiet, kontenut, rakkomandazzjonijiet jew deċiżjonijiet. Is-sistemi tal-IA huma ddisinjati biex joperaw b'livelli varji ta' awtonomija, li jfisser li għandhom ċertu livell ta' indipendenza tal-azzjonijiet mill-involviment tal-bniedem u ta' kapaċitajiet biex joperaw mingħajr intervent mill-bniedem. L-adattabbiltà li sistema tal-IA tista' turi wara l-implimentazzjoni tirreferi għall-kapaċitajiet ta' awtotagħlim, li jippermettu li s-sistema tinbidel waqt li tkun qed tintuża. Is-sistemi tal-IA jistgħu jintużaw b'mod awtonomu jew bħala komponent ta' prodott, irrispettivament minn jekk is-sistema tkunx integrata fiżikament fil-prodott (inkorporata) jew taqdix il-funzjonalità tal-prodott mingħajr ma tkun integrata fih (mhux inkorporata).

(12)

The notion of ‘AI system’ in this Regulation should be clearly defined and should be closely aligned with the work of international organisations working on AI to ensure legal certainty, facilitate international convergence and wide acceptance, while providing the flexibility to accommodate the rapid technological developments in this field. Moreover, the definition should be based on key characteristics of AI systems that distinguish it from simpler traditional software systems or programming approaches and should not cover systems that are based on the rules defined solely by natural persons to automatically execute operations. A key characteristic of AI systems is their capability to infer. This capability to infer refers to the process of obtaining the outputs, such as predictions, content, recommendations, or decisions, which can influence physical and virtual environments, and to a capability of AI systems to derive models or algorithms, or both, from inputs or data. The techniques that enable inference while building an AI system include machine learning approaches that learn from data how to achieve certain objectives, and logic- and knowledge-based approaches that infer from encoded knowledge or symbolic representation of the task to be solved. The capacity of an AI system to infer transcends basic data processing by enabling learning, reasoning or modelling. The term ‘machine-based’ refers to the fact that AI systems run on machines. The reference to explicit or implicit objectives underscores that AI systems can operate according to explicit defined objectives or to implicit objectives. The objectives of the AI system may be different from the intended purpose of the AI system in a specific context. For the purposes of this Regulation, environments should be understood to be the contexts in which the AI systems operate, whereas outputs generated by the AI system reflect different functions performed by AI systems and include predictions, content, recommendations or decisions. AI systems are designed to operate with varying levels of autonomy, meaning that they have some degree of independence of actions from human involvement and of capabilities to operate without human intervention. The adaptiveness that an AI system could exhibit after deployment, refers to self-learning capabilities, allowing the system to change while in use. AI systems can be used on a stand-alone basis or as a component of a product, irrespective of whether the system is physically integrated into the product (embedded) or serves the functionality of the product without being integrated therein (non-embedded).

(13)

Jenħtieġ li l-kunċett ta' “implimentatur” imsemmi f'dan ir-Regolament jiġi interpretat bħala kwalunkwe persuna fiżika jew ġuridika, inkluż awtorità pubblika, aġenzija jew korp ieħor, li tuża sistema tal-IA li taħt l-awtorità tagħha, ħlief meta s-sistema tal-IA tintuża matul attività personali mhux professjonali. Skont it-tip ta' sistema tal-IA, l-użu tas-sistema jista' jaffettwa persuni oħra minbarra l-implimentatur.

(13)

The notion of ‘deployer’ referred to in this Regulation should be interpreted as any natural or legal person, including a public authority, agency or other body, using an AI system under its authority, except where the AI system is used in the course of a personal non-professional activity. Depending on the type of AI system, the use of the system may affect persons other than the deployer.

(14)

Jenħtieġ li l-kunċett ta' “data bijometrika” użat f'dan ir-Regolament jiġi interpretat fid-dawl tal-kunċett ta' data bijometrika kif definit fl-Artikolu 4, il-punt (14) tar-Regolament (UE) 2016/679, l-Artikolu 3, il-punt (18) tar-Regolament (UE) 2018/1725 u l-Artikolu 3, il-punt (13) tad-Direttiva (UE) 2016/680. Id-data bijometrika tista' tippermetti l-awtentikazzjoni, l-identifikazzjoni jew il-kategorizzazzjoni ta' persuni fiżiċi u r-rikonoxximent tal-emozzjonijiet ta' persuni fiżiċi.

(14)

The notion of ‘biometric data’ used in this Regulation should be interpreted in light of the notion of biometric data as defined in Article 4, point (14) of Regulation (EU) 2016/679, Article 3, point (18) of Regulation (EU) 2018/1725 and Article 3, point (13) of Directive (EU) 2016/680. Biometric data can allow for the authentication, identification or categorisation of natural persons and for the recognition of emotions of natural persons.

(15)

Jenħtieġ li l-kunċett ta' “identifikazzjoni bijometrika” imsemmi f'dan ir-Regolament jiġi ddefinit bħala r-rikonoxximent awtomatizzat ta' karatteristiċi fiżiċi, fiżjoloġiċi u ta' mġiba tal-bniedem bħall-wiċċ, il-moviment tal-għajnejn, il-forma tal-ġisem, il-vuċi, il-prosodija, il-mixja, il-qagħda, ir-rata tal-qalb, il-pressjoni tad-demm, ir-riħa, karatteristiċi tal-ittastjar, għall-fini li tiġi stabbilita l-identità ta' individwu billi titqabbel id-data bijometrika ta' dak l-individwu mad-data bijometrika ta' individwi maħżuna f'bażi ta' data ta' referenza, irrispettivament minn jekk l-individwu jkunx ta l-kunsens tiegħu jew le. Dan jeskludi sistemi tal-IA maħsuba biex jintużaw għall-verifika bijometrika, li tinkludi l-awtentikazzjoni, li l-iskop uniku tagħha huwa li tikkonferma li persuna fiżika speċifika hija l-persuna li tiddikjara li hija u li tikkonferma l-identità ta' persuna fiżika għall-iskop uniku li jkollha aċċess għal servizz, li tiftaħ apparat jew li jkollha aċċess sigur għall-bini.

(15)

The notion of ‘biometric identification’ referred to in this Regulation should be defined as the automated recognition of physical, physiological and behavioural human features such as the face, eye movement, body shape, voice, prosody, gait, posture, heart rate, blood pressure, odour, keystrokes characteristics, for the purpose of establishing an individual’s identity by comparing biometric data of that individual to stored biometric data of individuals in a reference database, irrespective of whether the individual has given its consent or not. This excludes AI systems intended to be used for biometric verification, which includes authentication, whose sole purpose is to confirm that a specific natural person is the person he or she claims to be and to confirm the identity of a natural person for the sole purpose of having access to a service, unlocking a device or having security access to premises.

(16)

Jenħtieġ li l-kunċett ta' “kategorizzazzjoni bijometrika” msemmi f'dan ir-Regolament jiġi ddefinit bħala l-assenjazzjoni ta' persuni fiżiċi għal kategoriji speċifiċi abbażi tad-data bijometrika tagħhom. Tali kategoriji speċifiċi jistgħu jkunu relatati ma' aspetti bħas-sess, l-età, il-kulur tax-xagħar, il-kulur tal-għajnejn, it-tatwaġġi, il-karatteristiċi tal-imġiba jew tal-personalità, il-lingwa, ir-reliġjon, l-appartenenza għal minoranza nazzjonali, l-orjentazzjoni sesswali jew dik politika. Dan ma jinkludix sistemi ta' kategorizzazzjoni bijometrika li huma karatteristika purament anċillari intrinsikament marbuta ma' servizz kummerċjali ieħor, li jfisser li l-karatteristika ma tistax, għal raġunijiet tekniċi oġġettivi, tintuża mingħajr is-servizz prinċipali, u l-integrazzjoni ta' dik il-karatteristika jew funzjonalità mhijiex mezz biex tiġi evitata l-applikabbiltà tar-regoli ta' dan ir-Regolament. Pereżempju, il-filtri li jikkategorizzaw il-karatteristiċi tal-wiċċ jew tal-ġisem użati fis-swieq online jistgħu jikkostitwixxu karatteristika anċillari bħal din peress li jistgħu jintużaw biss fir-rigward tas-servizz prinċipali li jikkonsisti fil-bejgħ ta' prodott billi jippermettu lill-konsumatur jara minn qabel kif jidher il-prodott fuqu nnifsu u jgħin lill-konsumatur jieħu deċiżjoni dwar ix-xiri. Il-filtri użati fuq servizzi ta' network soċjali online li jikkategorizzaw karatteristiċi tal-wiċċ jew tal-ġisem biex jippermettu lill-utenti jżidu jew jimmodifikaw stampi jew vidjos jistgħu jitqiesu wkoll bħala karatteristika anċillari peress li tali filtru ma jistax jintuża mingħajr is-servizz prinċipali tas-servizzi tan-network soċjali li jikkonsisti fil-kondiviżjoni tal-kontenut online.

(16)

The notion of ‘biometric categorisation’ referred to in this Regulation should be defined as assigning natural persons to specific categories on the basis of their biometric data. Such specific categories can relate to aspects such as sex, age, hair colour, eye colour, tattoos, behavioural or personality traits, language, religion, membership of a national minority, sexual or political orientation. This does not include biometric categorisation systems that are a purely ancillary feature intrinsically linked to another commercial service, meaning that the feature cannot, for objective technical reasons, be used without the principal service, and the integration of that feature or functionality is not a means to circumvent the applicability of the rules of this Regulation. For example, filters categorising facial or body features used on online marketplaces could constitute such an ancillary feature as they can be used only in relation to the principal service which consists in selling a product by allowing the consumer to preview the display of the product on him or herself and help the consumer to make a purchase decision. Filters used on online social network services which categorise facial or body features to allow users to add or modify pictures or videos could also be considered to be ancillary feature as such filter cannot be used without the principal service of the social network services consisting in the sharing of content online.

(17)

Jenħtieġ li l-kunċett ta' “sistema ta' identifikazzjoni bijometrika remota” msemmi f'dan ir-Regolament jiġi ddefinit b'mod funzjonali, bħala sistema tal-IA maħsuba għall-identifikazzjoni ta' persuni fiżiċi mingħajr l-involviment attiv tagħhom, tipikament mill-bogħod, permezz tat-tqabbil tad-data bijometrika ta' persuna mad-data bijometrika li tinsab f'bażi ta' data ta' referenza, irrispettivament mit-teknoloġija, mill-proċessi jew mit-tipi partikolari ta' data bijometrika użati. Tali sistemi ta’ identifikazzjoni bijometrika remota tipikament jintużaw biex jipperċepixxu diversi persuni jew l-imġiba tagħhom simultanjament sabiex jiffaċilitaw b'mod sinifikanti l-identifikazzjoni ta' persuni fiżiċi mingħajr l-involviment attiv tagħhom. Dan jeskludi sistemi tal-IA maħsuba biex jintużaw għall-verifika bijometrika, li tinkludi l-awtentikazzjoni, li l-iskop uniku tagħha huwa li tikkonferma li persuna fiżika speċifika hija l-persuna li tiddikjara li hija u li tikkonferma l-identità ta' persuna fiżika għall-iskop uniku li jkollha aċċess għal servizz, li tiftaħ apparat jew li jkollha aċċess sigur għall-bini. Dik l-esklużjoni hija ġġustifikata mill-fatt li tali sistemi x'aktarx ikollhom impatt minuri fuq id-drittijiet fundamentali ta' persuni fiżiċi meta mqabbla mas-sistemi ta’ identifikazzjoni bijometrika remota li jistgħu jintużaw għall-ipproċessar tad-data bijometrika ta' għadd kbir ta' persuni mingħajr l-involviment attiv tagħhom. Fil-każ ta' sistemi “fil-ħin reali”, il-qbid tad-data bijometrika, it-tqabbil u l-identifikazzjoni jsiru b'mod istantanju, kważi istantanju jew fi kwalunkwe każ mingħajr dewmien sinifikanti. F'dan ir-rigward, jenħtieġ li ma jkun hemm l-ebda lok li jiġu evitati r-regoli ta' dan ir-Regolament dwar l-użu “fil-ħin reali” tas-sistemi tal-IA kkonċernati billi jiġi previst xi dewmien żgħir. Is-sistemi “fil-ħin reali” jinvolvu l-użu ta' materjal “dirett” jew “kważi dirett”, bħal filmat, iġġenerat minn kamera jew minn apparat ieħor b'funzjonalità simili. Għall-kuntrarju, fil-każ tas-sistemi “f'ħin aktar tard”, id-data bijometrika tkun diġà nkisbet u t-tqabbil u l-identifikazzjoni jsiru biss wara ċertu dewmien sinifikanti. Dan jinvolvi materjal, bħal stampi jew filmati ġġenerati minn kameras tat-televiżjoni b'ċirkwit magħluq jew minn apparati privati, li jkun ġie ġġenerat qabel tkun intużat is-sistema fir-rigward tal-persuni fiżiċi kkonċernati.

(17)

The notion of ‘remote biometric identification system’ referred to in this Regulation should be defined functionally, as an AI system intended for the identification of natural persons without their active involvement, typically at a distance, through the comparison of a person’s biometric data with the biometric data contained in a reference database, irrespectively of the particular technology, processes or types of biometric data used. Such remote biometric identification systems are typically used to perceive multiple persons or their behaviour simultaneously in order to facilitate significantly the identification of natural persons without their active involvement. This excludes AI systems intended to be used for biometric verification, which includes authentication, the sole purpose of which is to confirm that a specific natural person is the person he or she claims to be and to confirm the identity of a natural person for the sole purpose of having access to a service, unlocking a device or having security access to premises. That exclusion is justified by the fact that such systems are likely to have a minor impact on fundamental rights of natural persons compared to the remote biometric identification systems which may be used for the processing of the biometric data of a large number of persons without their active involvement. In the case of ‘real-time’ systems, the capturing of the biometric data, the comparison and the identification occur all instantaneously, near-instantaneously or in any event without a significant delay. In this regard, there should be no scope for circumventing the rules of this Regulation on the ‘real-time’ use of the AI systems concerned by providing for minor delays. ‘Real-time’ systems involve the use of ‘live’ or ‘near-live’ material, such as video footage, generated by a camera or other device with similar functionality. In the case of ‘post’ systems, in contrast, the biometric data has already been captured and the comparison and identification occur only after a significant delay. This involves material, such as pictures or video footage generated by closed circuit television cameras or private devices, which has been generated before the use of the system in respect of the natural persons concerned.

(18)

Jenħtieġ li l-kunċett ta' “sistema ta' rikonoxximent tal-emozzjonijiet” imsemmi f'dan ir-Regolament jiġi ddefinit bħala sistema tal-IA għall-fini tal-identifikazzjoni jew l-inferenza ta' emozzjonijiet jew intenzjonijiet ta' persuni fiżiċi abbażi tad-data bijometrika tagħhom. Il-kunċett jirreferi għal emozzjonijiet jew intenzjonijiet bħal kuntentizza, diqa, rabja, sorpriża, disgust, imbarazzament, eċċitament, mistħija, disprezz, sodisfazzjon u divertiment. Ma jinkludix stati fiżiċi, bħal uġigħ jew għeja, inkluż, pereżempju, sistemi użati biex jiġi identifikat l-istat tal-għeja tal-bdoti professjonali jew tas-sewwieqa bl-għan li jiġu evitati l-aċċidenti. Dan lanqas ma jinkludi s-sempliċi kxif ta' espressjonijiet, ġesti jew movimenti faċilment apparenti, sakemm ma jintużawx biex jidentifikaw jew jinferixxu emozzjonijiet. Dawk l-espressjonijiet jistgħu jkunu espressjonijiet bażiċi tal-wiċċ bħal ħarsa bl-ikrah jew tbissima, jew ġesti bħall-moviment tal-idejn, dirgħajn jew ras, jew karatteristiċi tal-vuċi ta' persuna, bħal vuċi mgħollija jew minn taħt l-ilsien.

(18)

The notion of ‘emotion recognition system’ referred to in this Regulation should be defined as an AI system for the purpose of identifying or inferring emotions or intentions of natural persons on the basis of their biometric data. The notion refers to emotions or intentions such as happiness, sadness, anger, surprise, disgust, embarrassment, excitement, shame, contempt, satisfaction and amusement. It does not include physical states, such as pain or fatigue, including, for example, systems used in detecting the state of fatigue of professional pilots or drivers for the purpose of preventing accidents. This does also not include the mere detection of readily apparent expressions, gestures or movements, unless they are used for identifying or inferring emotions. Those expressions can be basic facial expressions, such as a frown or a smile, or gestures such as the movement of hands, arms or head, or characteristics of a person’s voice, such as a raised voice or whispering.

(19)

Għall-finijiet ta' dan ir-Regolament, jenħtieġ li l-kunċett ta' spazju aċċessibbli għall-pubbliku jinftiehem bħala li jirreferi għal kwalunkwe spazju fiżiku li huwa aċċessibbli għal għadd mhux determinat ta' persuni fiżiċi, u irrispettivament minn jekk l-ispazju inkwistjoni huwiex ta' sjieda privata jew pubblika, irrispettivament mill-attività li għaliha jista' jintuża l-ispazju, bħall-kummerċ, pereżempju, ħwienet, ristoranti, kafetteriji; bħas-servizzi, pereżempju, banek, attivitajiet professjonali, ospitalità; bħas-sport, pereżempju, pixxini, gyms, stadiums; bħat-trasport, pereżempju, stazzjonijiet tal-karozzi tal-linja, tal-metro u tal-ferrovija, ajruporti, mezzi tat-trasport; bħad-divertiment, pereżempju, ċinema, teatri, mużewijiet, swali tal-kunċerti u tal-konferenzi; jew bħar-ikreazzjoni jew mod ieħor, pereżempju, toroq pubbliċi u pjazez, parks, foresti, playgrounds. Jenħtieġ li spazju jiġi kklassifikat bħala aċċessibbli għall-pubbliku anki jekk, irrispettivament mir-restrizzjonijiet potenzjali tal-kapaċità jew tas-sigurtà, l-aċċess ikun soġġett għal ċerti kundizzjonijiet predeterminati li jistgħu jiġu ssodisfati minn għadd mhux determinat ta' persuni, bħax-xiri ta' biljett jew titolu tat-trasport, reġistrazzjoni minn qabel jew li persuna jkollha ċerta età. B'kuntrast ma' dan, jenħtieġ li spazju ma jitqiesx li jkun aċċessibbli għall-pubbliku jekk l-aċċess ikun limitat għal persuni fiżiċi speċifiċi u definiti permezz ta' liġijiet tal-Unjoni jew nazzjonali direttament relatati mas-sikurezza jew is-sigurtà pubblika jew permezz tal-manifestazzjoni ċara tar-rieda mill-persuna li jkollha l-awtorità rilevanti fuq il-post. Il-possibbiltà fattwali ta' aċċess waħedha, bħal bieb mhux imsakkar jew xatba miftuħa f'ċint, ma tfissirx li l-ispazju huwa aċċessibbli għall-pubbliku fil-preżenza ta' indikazzjonijiet jew ċirkostanzi li jissuġġerixxu l-kuntrarju, bħal sinjali li jipprojbixxu jew jirrestrinġu l-aċċess. Il-bini ta' kumpaniji u fabbriki, kif ukoll l-uffiċċji u l-postijiet tax-xogħol li huma maħsuba biex jiġu aċċessati biss mill-impjegati u l-fornituri tas-servizzi rilevanti, huma spazji li mhumiex aċċessibbli għall-pubbliku. Jenħtieġ li l-ispazji aċċessibbli għall-pubbliku ma jinkludux ħabsijiet jew kontroll fil-fruntieri. Xi spazji oħra jistgħu jinkludu spazji mhux aċċessibbli għall-pubbliku kif ukoll spazji aċċessibbli għall-pubbliku, bħall-entrata ta' bini residenzjali privat meħtieġa biex jinkiseb aċċess għal uffiċċju ta' tabib jew ajruport. L-ispazji online ma humiex koperti għax dawn mhumiex spazji fiżiċi. Jekk spazju partikolari jkunx aċċessibbli għall-pubbliku jenħtieġ, madankollu, jiġi determinat abbażi ta' każ b'każ, filwaqt li jitqiesu l-ispeċifiċitajiet tas-sitwazzjoni individwali inkwistjoni.

(19)

For the purposes of this Regulation the notion of ‘publicly accessible space’ should be understood as referring to any physical space that is accessible to an undetermined number of natural persons, and irrespective of whether the space in question is privately or publicly owned, irrespective of the activity for which the space may be used, such as for commerce, for example, shops, restaurants, cafés; for services, for example, banks, professional activities, hospitality; for sport, for example, swimming pools, gyms, stadiums; for transport, for example, bus, metro and railway stations, airports, means of transport; for entertainment, for example, cinemas, theatres, museums, concert and conference halls; or for leisure or otherwise, for example, public roads and squares, parks, forests, playgrounds. A space should also be classified as being publicly accessible if, regardless of potential capacity or security restrictions, access is subject to certain predetermined conditions which can be fulfilled by an undetermined number of persons, such as the purchase of a ticket or title of transport, prior registration or having a certain age. In contrast, a space should not be considered to be publicly accessible if access is limited to specific and defined natural persons through either Union or national law directly related to public safety or security or through the clear manifestation of will by the person having the relevant authority over the space. The factual possibility of access alone, such as an unlocked door or an open gate in a fence, does not imply that the space is publicly accessible in the presence of indications or circumstances suggesting the contrary, such as. signs prohibiting or restricting access. Company and factory premises, as well as offices and workplaces that are intended to be accessed only by relevant employees and service providers, are spaces that are not publicly accessible. Publicly accessible spaces should not include prisons or border control. Some other spaces may comprise both publicly accessible and non-publicly accessible spaces, such as the hallway of a private residential building necessary to access a doctor’s office or an airport. Online spaces are not covered, as they are not physical spaces. Whether a given space is accessible to the public should however be determined on a case-by-case basis, having regard to the specificities of the individual situation at hand.

(20)

Biex jinkisbu l-akbar benefiċċji mis-sistemi tal-IA filwaqt li jiġu protetti d-drittijiet fundamentali, is-saħħa u s-sikurezza u biex ikun jista' jsir kontroll demokratiku, jenħtieġ li l-litteriżmu fl-IA jgħammar lill-fornituri, lill-implimentaturi u lill-persuni affettwati bil-kunċetti meħtieġa biex jieħdu deċiżjonijiet infurmati dwar is-sistemi tal-IA. Dawk il-kunċetti jistgħu jvarjaw fir-rigward tal-kuntest rilevanti u jistgħu jinkludu l-fehim tal-applikazzjoni korretta tal-elementi tekniċi matul il-fażi tal-iżvilupp tas-sistema tal-IA, il-miżuri li għandhom jiġu applikati waqt l-użu tagħha, il-modi xierqa li bihom jiġi interpretat l-output tas-sistema tal-IA, u, fil-każ tal-persuni affettwati, l-għarfien meħtieġ biex jifhmu kif id-deċiżjonijiet meħuda bl-assistenza tal-IA ser ikollhom impatt fuqhom. Fil-kuntest tal-applikazzjoni ta' dan ir-Regolament, jenħtieġ li l-litteriżmu fl-IA jipprovdi lill-atturi rilevanti kollha fil-katina tal-valur tal-IA bl-għarfien meħtieġ biex tiġi żgurata l-konformità xierqa u l-infurzar korrett tiegħu. Barra minn hekk, l-implimentazzjoni wiesgħa ta' miżuri ta' litteriżmu fl-IA u l-introduzzjoni ta' azzjonijiet ta' segwitu xierqa jistgħu jikkontribwixxu għat-titjib tal-kundizzjonijiet tax-xogħol u fl-aħħar mill-aħħar isostnu l-konsolidazzjoni, u l-perkors tal-innovazzjoni ta' IA affidabbli fl-Unjoni. Jenħtieġ li l-Bord Ewropew għall-Intelliġenza Artifiċjali (“il-Bord”) jappoġġa lill-Kummissjoni fil-promozzjoni tal-għodod tal-litteriżmu fl-IA, is-sensibilizzazzjoni u l-fehim tal-pubbliku dwar il-benefiċċji, ir-riskji, is-salvagwardji, id-drittijiet u l-obbligi fir-rigward tal-użu ta' sistemi tal-IA. F'kooperazzjoni mal-partijiet ikkonċernati rilevanti, jenħtieġ li l-Kummissjoni u l-Istati Membri jiffaċilitaw it-tfassil ta' kodiċijiet ta' kondotta volontarji biex javvanzaw il-litteriżmu fl-IA fost il-persuni li jittrattaw l-iżvilupp, it-tħaddim u l-użu tal-IA.

(20)

In order to obtain the greatest benefits from AI systems while protecting fundamental rights, health and safety and to enable democratic control, AI literacy should equip providers, deployers and affected persons with the necessary notions to make informed decisions regarding AI systems. Those notions may vary with regard to the relevant context and can include understanding the correct application of technical elements during the AI system’s development phase, the measures to be applied during its use, the suitable ways in which to interpret the AI system’s output, and, in the case of affected persons, the knowledge necessary to understand how decisions taken with the assistance of AI will have an impact on them. In the context of the application this Regulation, AI literacy should provide all relevant actors in the AI value chain with the insights required to ensure the appropriate compliance and its correct enforcement. Furthermore, the wide implementation of AI literacy measures and the introduction of appropriate follow-up actions could contribute to improving working conditions and ultimately sustain the consolidation, and innovation path of trustworthy AI in the Union. The European Artificial Intelligence Board (the ‘Board’) should support the Commission, to promote AI literacy tools, public awareness and understanding of the benefits, risks, safeguards, rights and obligations in relation to the use of AI systems. In cooperation with the relevant stakeholders, the Commission and the Member States should facilitate the drawing up of voluntary codes of conduct to advance AI literacy among persons dealing with the development, operation and use of AI.

(21)

Biex ikunu żgurati kundizzjonijiet ekwi u protezzjoni effettiva tad-drittijiet u tal-libertajiet tal-individwi madwar l-Unjoni, jenħtieġ li r-regoli stabbiliti b'dan ir-Regolament japplikaw għall-fornituri tas-sistemi tal-IA b'mod mhux diskriminatorju, irrispettivament minn jekk humiex stabbiliti fl-Unjoni jew f'pajjiż terz, u għall-implimentaturi tas-sistemi tal-IA stabbiliti fl-Unjoni.

(21)

In order to ensure a level playing field and an effective protection of rights and freedoms of individuals across the Union, the rules established by this Regulation should apply to providers of AI systems in a non-discriminatory manner, irrespective of whether they are established within the Union or in a third country, and to deployers of AI systems established within the Union.

(22)

Fid-dawl tan-natura diġitali tagħhom, jenħtieġ li ċerti sistemi tal-IA jkunu fil-kamp ta' applikazzjoni ta' dan ir-Regolament anki meta ma jiġux introdotti fis-suq, ma jitqiegħdux fis-servizz, u ma jintużawx fl-Unjoni. Pereżempju, dan hu l-każ fejn operatur stabbilit fl-Unjoni jikkuntratta ċerti servizzi lil operatur stabbilit f'pajjiż terz fir-rigward ta' attività li tkun ser titwettaq minn sistema tal-IA u li tikkwalifika bħala b'riskju għoli. F'dawk iċ-ċirkostanzi, is-sistema tal-IA użata f'pajjiż terz mill-operatur tista' tipproċessa d-data miġbura legalment fl-Unjoni u trasferita minnha, u tipprovdi lill-operatur kontraenti fl-Unjoni l-output ta' dik is-sistema tal-IA li jirriżulta minn dak l-ipproċessar, mingħajr ma dik is-sistema tal-IA tiġi introdotta fis-suq, titqiegħed fis-servizz jew tintuża fl-Unjoni. Biex tiġi evitata ċ-ċirkumvenzjoni ta' dan ir-Regolament u biex tiġi żgurata protezzjoni effettiva tal-persuni fiżiċi li jinsabu fl-Unjoni, jenħtieġ li dan ir-Regolament japplika wkoll għall-fornituri u għall-implimentaturi tas-sistemi tal-IA li huma stabbiliti f'pajjiż terz, sa fejn l-output prodott minn dawk is-sistemi ikun maħsub biex jintuża fl-Unjoni. Madankollu, biex jitqiesu l-arranġamenti eżistenti u l-ħtiġijiet speċjali għall-kooperazzjoni futura mas-sħab barranin li magħhom jiġu skambjati informazzjoni u evidenza, jenħtieġ li dan ir-Regolament ma japplikax għall-awtoritajiet pubbliċi ta' pajjiż terz u għal organizzazzjonijiet internazzjonali meta jaġixxu fil-qafas ta' kooperazzjoni jew ta' ftehimiet internazzjonali konklużi fil-livell tal-Unjoni jew nazzjonali għall-infurzar tal-liġi u għall-kooperazzjoni ġudizzjarja mal-Unjoni jew mal-Istati Membri, dment li l-pajjiż terz jew l-organizzazzjoni internazzjonali rilevanti jipprovdu salvagwardji adegwati fir-rigward tal-protezzjoni tad-drittijiet u l-libertajiet fundamentali tal-individwi. Fejn rilevanti, dan jista' jkopri attivitajiet ta' entitajiet fdati mill-pajjiżi terzi biex iwettqu kompiti speċifiċi b'appoġġ għal tali infurzar tal-liġi u kooperazzjoni ġudizzjarja. Tali qafas għall-kooperazzjoni jew ftehimiet ġew stabbiliti b'mod bilaterali bejn l-Istati Membri u pajjiżi terzi jew bejn l-Unjoni Ewropea, il-Europol u aġenziji oħra tal-Unjoni u pajjiżi terzi u organizzazzjonijiet internazzjonali. Jenħtieġ li l-awtoritajiet kompetenti għas-superviżjoni tal-awtoritajiet tal-infurzar tal-liġi u dawk ġudizzjarji skont dan ir-Regolament jivvalutaw jekk dawk l-oqfsa għall-kooperazzjoni jew il-ftehimiet internazzjonali jinkludux salvagwardji adegwati fir-rigward tal-protezzjoni tad-drittijiet u l-libertajiet fundamentali tal-individwi. L-awtoritajiet nazzjonali riċevituri u l-istituzzjonijiet, il-korpi, l-uffiċċji u l-aġenziji tal-Unjoni li jagħmlu użu minn tali outputs fl-Unjoni jibqgħu responsabbli biex jiżguraw li l-użu tagħhom jikkonforma mal-liġi tal-Unjoni. Meta dawk il-ftehimiet internazzjonali jiġu riveduti jew jiġu konklużi oħrajn ġodda fil-futur, jenħtieġ li l-partijiet kontraenti jagħmlu l-akbar sforzi possibbli biex jallinjaw dawk il-ftehimiet mar-rekwiżiti ta' dan ir-Regolament.

(22)

In light of their digital nature, certain AI systems should fall within the scope of this Regulation even when they are not placed on the market, put into service, or used in the Union. This is the case, for example, where an operator established in the Union contracts certain services to an operator established in a third country in relation to an activity to be performed by an AI system that would qualify as high-risk. In those circumstances, the AI system used in a third country by the operator could process data lawfully collected in and transferred from the Union, and provide to the contracting operator in the Union the output of that AI system resulting from that processing, without that AI system being placed on the market, put into service or used in the Union. To prevent the circumvention of this Regulation and to ensure an effective protection of natural persons located in the Union, this Regulation should also apply to providers and deployers of AI systems that are established in a third country, to the extent the output produced by those systems is intended to be used in the Union. Nonetheless, to take into account existing arrangements and special needs for future cooperation with foreign partners with whom information and evidence is exchanged, this Regulation should not apply to public authorities of a third country and international organisations when acting in the framework of cooperation or international agreements concluded at Union or national level for law enforcement and judicial cooperation with the Union or the Member States, provided that the relevant third country or international organisation provides adequate safeguards with respect to the protection of fundamental rights and freedoms of individuals. Where relevant, this may cover activities of entities entrusted by the third countries to carry out specific tasks in support of such law enforcement and judicial cooperation. Such framework for cooperation or agreements have been established bilaterally between Member States and third countries or between the European Union, Europol and other Union agencies and third countries and international organisations. The authorities competent for supervision of the law enforcement and judicial authorities under this Regulation should assess whether those frameworks for cooperation or international agreements include adequate safeguards with respect to the protection of fundamental rights and freedoms of individuals. Recipient national authorities and Union institutions, bodies, offices and agencies making use of such outputs in the Union remain accountable to ensure their use complies with Union law. When those international agreements are revised or new ones are concluded in the future, the contracting parties should make utmost efforts to align those agreements with the requirements of this Regulation.

(23)

Jenħtieġ li dan ir-Regolament japplika wkoll għall-istituzzjonijiet, il-korpi, l-uffiċċji u l-aġenziji tal-Unjoni meta dawn jaġixxu bħala fornitur jew implimentatur ta' sistema tal-IA.

(23)

This Regulation should also apply to Union institutions, bodies, offices and agencies when acting as a provider or deployer of an AI system.

(24)

Jekk, u sa fejn, is-sistemi tal-IA jiġu introdotti fis-suq, jitqiegħdu fis-servizz, jew jintużaw b'modifika jew mingħajr modifika ta' tali sistemi għal finijiet militari, ta' difiża jew ta' sigurtà nazzjonali, dawk jenħtieġ li jiġu esklużi mill-kamp ta' applikazzjoni ta' dan ir-Regolament irrispettivament minn liema tip ta' entità tkun qed twettaq dawk l-attivitajiet, bħal jekk tkunx entità pubblika jew privata. Fir-rigward ta' finijiet militari u ta' difiża, tali esklużjoni hija ġġustifikata kemm mill-Artikolu 4(2) TUE kif ukoll mill-ispeċifiċitajiet tal-politika ta' difiża komuni tal-Istati Membri u tal-Unjoni koperta mill-Kapitolu 2 tat-Titolu V TUE li huma soġġetti għad-dritt internazzjonali pubbliku, li huwa għalhekk il-qafas legali aktar xieraq għar-regolamentazzjoni tas-sistemi tal-IA fil-kuntest tal-użu ta' forza letali u sistemi oħra tal-IA fil-kuntest ta' attivitajiet militari u ta' difiża. Fir-rigward ta' finijiet ta' sigurtà nazzjonali, l-esklużjoni hija ġġustifikata kemm mill-fatt li s-sigurtà nazzjonali tibqa' r-responsabbiltà unika tal-Istati Membri f'konformità mal-Artikolu 4(2) TUE kif ukoll min-natura speċifika u l-ħtiġijiet operazzjonali tal-attivitajiet ta' sigurtà nazzjonali u regoli nazzjonali speċifiċi applikabbli għal dawk l-attivitajiet. Madankollu, jekk sistema tal-IA żviluppata, introdotta fis-suq, imqiegħda fis-servizz jew użata għal finijiet militari, ta' difiża jew ta' sigurtà nazzjonali tintuża barra minn dawk temporanjament jew b'mod permanenti għal finijiet oħra, pereżempju, għal finijiet ċivili jew umanitarji, għal finijiet ta' infurzar tal-liġi jew ta' sigurtà pubblika, tali sistema taqa' fil-kamp ta' applikazzjoni ta' dan ir-Regolament. F'dak il-każ, jenħtieġ li l-entità li tuża s-sistema tal-IA għal finijiet oħra għajr dawk militari, ta' difiża jew ta' sigurtà nazzjonali tiżgura l-konformità tas-sistema tal-IA ma' dan ir-Regolament, sakemm is-sistema ma tkunx diġà konformi ma' dan ir-Regolament. Is-sistemi tal-IA introdotti fis-suq jew imqiegħda fis-servizz għal skop eskluż, jiġifieri militari, ta' difiża jew ta' sigurtà nazzjonali, u skop wieħed jew aktar mhux esklużi, bħal finijiet ċivili jew infurzar tal-liġi, jaqgħu fil-kamp ta' applikazzjoni ta' dan ir-Regolament u jenħtieġ li l-fornituri ta' dawk is-sistemi jiżguraw il-konformità ma' dan ir-Regolament. F'dawk il-każijiet, jenħtieġ li l-fatt li sistema tal-IA tista' taqa' fil-kamp ta' applikazzjoni ta' dan ir-Regolament ma jaffettwax il-possibbiltà li entitajiet li qed iwettqu attivitajiet nazzjonali ta' sigurtà, ta' difiża u militari, irrispettivament mit-tip ta' entità li twettaq dawk l-attivitajiet, jużaw sistemi tal-IA għal finijiet ta' sigurtà, militari u ta' difiża nazzjonali, li l-użu tagħhom huwa eskluż mill-kamp ta' applikazzjoni ta' dan ir-Regolament. Jenħtieġ li sistema tal-IA introdotta fis-suq għal finijiet ċivili jew ta' infurzar tal-liġi li tintuża b'modifika jew mingħajr modifika għal finijiet militari, ta' difiża jew ta' sigurtà nazzjonali ma taqax fil-kamp ta' applikazzjoni ta' dan ir-Regolament, irrispettivament mit-tip ta' entità li twettaq dawk l-attivitajiet.

(24)

If, and insofar as, AI systems are placed on the market, put into service, or used with or without modification of such systems for military, defence or national security purposes, those should be excluded from the scope of this Regulation regardless of which type of entity is carrying out those activities, such as whether it is a public or private entity. As regards military and defence purposes, such exclusion is justified both by Article 4(2) TEU and by the specificities of the Member States’ and the common Union defence policy covered by Chapter 2 of Title V TEU that are subject to public international law, which is therefore the more appropriate legal framework for the regulation of AI systems in the context of the use of lethal force and other AI systems in the context of military and defence activities. As regards national security purposes, the exclusion is justified both by the fact that national security remains the sole responsibility of Member States in accordance with Article 4(2) TEU and by the specific nature and operational needs of national security activities and specific national rules applicable to those activities. Nonetheless, if an AI system developed, placed on the market, put into service or used for military, defence or national security purposes is used outside those temporarily or permanently for other purposes, for example, civilian or humanitarian purposes, law enforcement or public security purposes, such a system would fall within the scope of this Regulation. In that case, the entity using the AI system for other than military, defence or national security purposes should ensure the compliance of the AI system with this Regulation, unless the system is already compliant with this Regulation. AI systems placed on the market or put into service for an excluded purpose, namely military, defence or national security, and one or more non-excluded purposes, such as civilian purposes or law enforcement, fall within the scope of this Regulation and providers of those systems should ensure compliance with this Regulation. In those cases, the fact that an AI system may fall within the scope of this Regulation should not affect the possibility of entities carrying out national security, defence and military activities, regardless of the type of entity carrying out those activities, to use AI systems for national security, military and defence purposes, the use of which is excluded from the scope of this Regulation. An AI system placed on the market for civilian or law enforcement purposes which is used with or without modification for military, defence or national security purposes should not fall within the scope of this Regulation, regardless of the type of entity carrying out those activities.

(25)

Jenħtieġ li dan ir-Regolament jappoġġa l-innovazzjoni, jirrispetta l-libertà tax-xjenza, u ma jdgħajjifx l-attività ta' riċerka u żvilupp. Għalhekk, jeħtieġ li jiġu esklużi mill-kamp ta' applikazzjoni tagħha s-sistemi u l-mudelli tal-IA żviluppati speċifikament u mqiegħda fis-servizz għall-iskop uniku ta' riċerka u żvilupp xjentifiċi. Barra minn hekk, jeħtieġ li jiġi żgurat li dan ir-Regolament ma jaffettwax b'xi mod ieħor l-attività xjentifika ta' riċerka u żvilupp dwar is-sistemi jew il-mudelli tal-IA qabel ma jitqiegħdu fis-suq jew fis-servizz. Fir-rigward tar-riċerka orjentata lejn il-prodott, l-ittestjar u l-attività ta' żvilupp fir-rigward ta' sistemi jew mudelli tal-IA, id-dispożizzjonijiet ta' dan ir-Regolament jenħtieġ li ma japplikawx ukoll qabel ma dawk is-sistemi u l-mudelli jitqiegħdu fis-servizz jew jiġu introdotti fis-suq. Dik l-esklużjoni hija mingħajr preġudizzju għall-obbligu ta' konformità ma' dan ir-Regolament meta sistema tal-IA li taqa' fil-kamp ta' applikazzjoni ta' dan ir-Regolament tiġi introdotta fis-suq jew titqiegħed fis-servizz bħala riżultat ta' tali attività ta' riċerka u żvilupp u għall-applikazzjoni ta' dispożizzjonijiet dwar ambjenti ta' esperimentazzjoni regolatorja għall-IA u ttestjar fil-kundizzjonijiet tad-dinja reali. Barra minn hekk, mingħajr preġudizzju għall-esklużjoni tas-sistemi tal-IA żviluppati speċifikament u mqiegħda fis-servizz għall-iskop uniku ta' riċerka u żvilupp xjentifiku, jenħtieġ li kwalunkwe sistema oħra tal-IA li tista' tintuża għat-twettiq ta' kwalunkwe attività ta' riċerka u żvilupp tibqa' soġġetta għad-dispożizzjonijiet ta' dan ir-Regolament. Fi kwalunkwe każ, jenħtieġ li kwalunkwe attività ta' riċerka u żvilupp titwettaq f'konformità mal-istandards etiċi u professjonali rikonoxxuti għar-riċerka xjentifika u jenħtieġ li titwettaq f'konformità mal-liġi tal-Unjoni applikabbli.

(25)

This Regulation should support innovation, should respect freedom of science, and should not undermine research and development activity. It is therefore necessary to exclude from its scope AI systems and models specifically developed and put into service for the sole purpose of scientific research and development. Moreover, it is necessary to ensure that this Regulation does not otherwise affect scientific research and development activity on AI systems or models prior to being placed on the market or put into service. As regards product-oriented research, testing and development activity regarding AI systems or models, the provisions of this Regulation should also not apply prior to those systems and models being put into service or placed on the market. That exclusion is without prejudice to the obligation to comply with this Regulation where an AI system falling into the scope of this Regulation is placed on the market or put into service as a result of such research and development activity and to the application of provisions on AI regulatory sandboxes and testing in real world conditions. Furthermore, without prejudice to the exclusion of AI systems specifically developed and put into service for the sole purpose of scientific research and development, any other AI system that may be used for the conduct of any research and development activity should remain subject to the provisions of this Regulation. In any event, any research and development activity should be carried out in accordance with recognised ethical and professional standards for scientific research and should be conducted in accordance with applicable Union law.

(26)

Biex jiddaħħal sett proporzjonat u effettiv ta' regoli vinkolanti għas-sistemi tal-IA, jenħtieġ jitħaddem approċċ definit b'mod ċar u bbażat fuq ir-riskji. Jenħtieġ li dak l-approċċ ifassal it-tip u l-kontenut ta' dawk ir-regoli skont l-intensità u l-ambitu tar-riskji li jistgħu jiġġeneraw is-sistemi tal-IA. Għalhekk, jeħtieġ li jiġu pprojbiti ċerti prattiki mhux aċċettabbli tal-IA, li jiġu stabbiliti rekwiżiti għal sistemi tal-IA b'riskju għoli u obbligi għall-operaturi rilevanti, u li jiġu stabbiliti obbligi tat-trasparenza għal ċerti sistemi tal-IA.

(26)

In order to introduce a proportionate and effective set of binding rules for AI systems, a clearly defined risk-based approach should be followed. That approach should tailor the type and content of such rules to the intensity and scope of the risks that AI systems can generate. It is therefore necessary to prohibit certain unacceptable AI practices, to lay down requirements for high-risk AI systems and obligations for the relevant operators, and to lay down transparency obligations for certain AI systems.

(27)

Filwaqt li l-approċċ ibbażat fuq ir-riskju huwa l-bażi għal sett proporzjonat u effettiv ta' regoli vinkolanti, huwa importanti li jitfakkru l-Linji gwida tal-2019 dwar l-etika għal IA affidabbli żviluppati mill-AI HLEG maħtur mill-Kummissjoni. F'dawk il-linji gwida l-AI HLEG żviluppa seba' prinċipji etiċi mhux vinkolanti għall-IA li huma maħsuba biex jgħinu li jiġi żgurat li l-IA tkun affidabbli u etikament xierqa. Is-seba' prinċipji jinkludu: intervent u sorveljanza mill-bniedem; robustezza u sikurezza teknika; privatezza u governanza tad-data; trasparenza; diversità, nondiskriminazzjoni u ekwità; benesseri tas-soċjetà u tal-ambjent u responsabbiltà. Mingħajr preġudizzju għar-rekwiżiti legalment vinkolanti ta' dan ir-Regolament u kwalunkwe liġi applikabbli oħra tal-Unjoni, dawk il-linji gwida jikkontribwixxu għat-tfassil ta' IA koerenti, affidabbli u ċċentrata fuq il-bniedem, f'konformità mal-Karta u mal-valuri li fuqhom hija msejsa l-Unjoni. Skont il-linji gwida tal-AI HLEG, intervent u sorveljanza mill-bniedem tfisser li s-sistemi tal-IA jiġu żviluppati u użati bħala għodda li taqdi lin-nies, tirrispetta d-dinjità u l-awtonomija personali tal-bniedem, u li tiffunzjona b'mod li jista' jiġi kkontrollat u ssorveljat mill-bniedem kif xieraq. Robustezza u sikurezza teknika tfisser li s-sistemi tal-IA jiġu żviluppati u użati b'mod li jippermetti r-robustezza fil-każ ta' problemi u reżiljenza kontra tentattivi biex jinbidlu l-użu jew il-prestazzjoni tas-sistema tal-IA biex ikun jista' jsir użu illegali minn partijiet terzi, u tiġi minimizzata l-ħsara mhux intenzjonata. Privatezza u governanza tad-data tfisser li s-sistemi tal-IA jiġu żviluppati u użati f'konformità mar-regoli dwar il-privatezza u l-protezzjoni tad-data, filwaqt li tiġi pproċessata data li tissodisfa standards għoljin mil-lat ta' kwalità u integrità. Trasparenza tfisser li s-sistemi tal-IA jiġu żviluppati u użati b'mod li jippermettu traċċabbiltà u spjegabbiltà xierqa, filwaqt li jiżguraw li l-bnedmin ikunu konxji li qed jikkomunikaw jew jinteraġixxu ma' sistema tal-IA kif ukoll jinfurmaw kif xieraq lill-implimentaturi dwar il-kapaċitajiet u l-limitazzjonijiet ta' dik is-sistema tal-IA u lill-persuni affettwati dwar id-drittijiet tagħhom. Diversità, nondiskriminazzjoni u ġustizzja tfisser li s-sistemi tal-IA jiġu żviluppati u użati b'mod li jinkludi atturi differenti u li jippromwovi aċċess ugwali, ugwaljanza bejn il-ġeneri u diversità kulturali filwaqt li jevita impatti diskriminatorji u preġudizzji inġusti li huma pprojbiti mil-liġi tal-Unjoni jew dik nazzjonali. Benesseri tas-soċjetà u tal-ambjent tfisser li s-sistemi tal-IA jiġu żviluppati u użati b'mod sostenibbli u li ma jagħmilx ħsara lill-ambjent kif ukoll b'mod li jkunu ta' benefiċċju għall-bnedmin kollha, filwaqt li jiġu mmonitorjati u vvalutati l-impatti fit-tul fuq l-individwu, is-soċjetà u d-demokrazija. Jenħtieġ li l-applikazzjoni ta' dawk il-prinċipji tiġi riflessa, meta jkun possibbli, fid-disinn u l-użu tal-mudelli tal-IA. Jenħtieġ li fi kwalunkwe każ iservu bħala bażi għall-abbozzar ta' kodiċijiet ta' kondotta skont dan ir-Regolament. Il-partijiet ikkonċernati kollha, inkluż l-industrija, id-dinja akkademika, is-soċjetà ċivili u l-organizzazzjonijiet tal-istandardizzazzjoni, huma mħeġġa jqisu, kif xieraq, il-prinċipji etiċi għall-iżvilupp tal-aħjar prattiki u standards volontarji.

(27)

While the risk-based approach is the basis for a proportionate and effective set of binding rules, it is important to recall the 2019 Ethics guidelines for trustworthy AI developed by the independent AI HLEG appointed by the Commission. In those guidelines, the AI HLEG developed seven non-binding ethical principles for AI which are intended to help ensure that AI is trustworthy and ethically sound. The seven principles include human agency and oversight; technical robustness and safety; privacy and data governance; transparency; diversity, non-discrimination and fairness; societal and environmental well-being and accountability. Without prejudice to the legally binding requirements of this Regulation and any other applicable Union law, those guidelines contribute to the design of coherent, trustworthy and human-centric AI, in line with the Charter and with the values on which the Union is founded. According to the guidelines of the AI HLEG, human agency and oversight means that AI systems are developed and used as a tool that serves people, respects human dignity and personal autonomy, and that is functioning in a way that can be appropriately controlled and overseen by humans. Technical robustness and safety means that AI systems are developed and used in a way that allows robustness in the case of problems and resilience against attempts to alter the use or performance of the AI system so as to allow unlawful use by third parties, and minimise unintended harm. Privacy and data governance means that AI systems are developed and used in accordance with privacy and data protection rules, while processing data that meets high standards in terms of quality and integrity. Transparency means that AI systems are developed and used in a way that allows appropriate traceability and explainability, while making humans aware that they communicate or interact with an AI system, as well as duly informing deployers of the capabilities and limitations of that AI system and affected persons about their rights. Diversity, non-discrimination and fairness means that AI systems are developed and used in a way that includes diverse actors and promotes equal access, gender equality and cultural diversity, while avoiding discriminatory impacts and unfair biases that are prohibited by Union or national law. Social and environmental well-being means that AI systems are developed and used in a sustainable and environmentally friendly manner as well as in a way to benefit all human beings, while monitoring and assessing the long-term impacts on the individual, society and democracy. The application of those principles should be translated, when possible, in the design and use of AI models. They should in any case serve as a basis for the drafting of codes of conduct under this Regulation. All stakeholders, including industry, academia, civil society and standardisation organisations, are encouraged to take into account, as appropriate, the ethical principles for the development of voluntary best practices and standards.

(28)

Minbarra l-bosta użi ta' benefiċċju tal-IA, din tista' tintuża ħażin ukoll u tipprovdi għodod ġodda u b'saħħithom għal prattiki manipulattivi, ta' sfruttament u ta' kontroll soċjali. Dawn il-prattiki huma partikolarment ta' ħsara u abbużivi u jenħtieġ li jiġu pprojbiti għax imorru kontra l-valuri tal-Unjoni ta' rispett għad-dinjità umana, libertà, ugwaljanza, demokrazija u l-istat tad-dritt u d-drittijiet fundamentali minquxa fil-Karta, fosthom id-dritt ta' nondiskriminazzjoni, għal protezzjoni tad-data u għal privatezza u d-drittijiet tat-tfal.

(28)

Aside from the many beneficial uses of AI, it can also be misused and provide novel and powerful tools for manipulative, exploitative and social control practices. Such practices are particularly harmful and abusive and should be prohibited because they contradict Union values of respect for human dignity, freedom, equality, democracy and the rule of law and fundamental rights enshrined in the Charter, including the right to non-discrimination, to data protection and to privacy and the rights of the child.

(29)

Tekniki manipulattivi bbażati fuq l-IA jistgħu jintużaw biex jipperswadu lin-nies jinvolvu ruħhom f'imġiba mhux mixtieqa, jew biex iqarrqu bihom billi jġiegħluhom jieħdu deċiżjonijiet b'mod li jimmina u jfixkel l-awtonomija, it-teħid ta' deċiżjonijiet u l-għażliet liberi tagħhom. L-introduzzjoni fis-suq, it-tqegħid fis-servizz jew l-użu ta' ċerti sistemi tal-IA bl-objettiv jew bl-effett li jfixklu materjalment l-imġiba tal-bniedem, fejn x'aktarx isseħħ ħsara sinifikanti, b'mod partikolari li jkollhom impatti negattivi importanti biżżejjed fuq is-saħħa fiżika, psikoloġika jew fuq l-interessi finanzjarji, ikunu partikolarment perikolużi u għalhekk jenħtieġ li jiġu pprojbiti. Tali sistemi tal-IA jimplimentaw komponenti subliminali bħall-awdjo, immaġni jew vidjo li l-persuni ma jistgħux jipperċepixxu, peress li dawk l-istimuli jmorru lil hinn mill-perċezzjoni tal-bniedem, jew tekniki manipulattivi jew qarrieqa oħra li jdgħajfu jew ifixklu l-awtonomija, it-teħid ta' deċiżjonijiet jew l-għażla libera tal-persuna b'modi li n-nies ma jkunux konxji ta’ dawn it-tekniki jew, fejn ikunu konxji tagħhom, xorta waħda jkunu ingannati jew ma jkunux jistgħu jikkontrollawhom jew jirreżistuhom. Dan jista' jkun iffaċilitat, pereżempju, minn interfaċċi bejn il-moħħ u l-magna jew realtà virtwali peress li jippermettu livell ogħla ta' kontroll ta' liema stimuli jiġu ppreżentati lill-persuni, sa fejn dawn jistgħu jfixklu materjalment l-imġiba tagħhom b'mod li jagħmel ħsara sinifikanti. Barra minn hekk, is-sistemi tal-IA jistgħu jisfruttaw ukoll il-vulnerabbiltajiet ta' persuna jew ta' grupp speċifiku ta' persuni minħabba l-età tagħhom, diżabbiltà skont it-tifsira tad-Direttiva (UE) 2019/882 tal-Parlament Ewropew u tal-Kunsill (16), jew sitwazzjoni soċjali jew ekonomika speċifika li x'aktarx tirrendi lil dawk il-persuni aktar vulnerabbli għal sfruttament bħal persuni li jgħixu f'faqar estrem u minoranzi etniċi jew reliġjużi. Tali sistemi tal-IA jistgħu jiġu introdotti fis-suq, jitqiegħdu fis-servizz jew jintużaw bl-objettiv jew bl-effett li jfixklu materjalment l-imġiba ta' persuna u b'mod li jikkawżaw jew li raġonevolment x'aktarx jikkawżaw ħsara sinifikanti lil dik il-persuna jew lil persuna jew gruppi oħra ta' persuni, inkluż ħsara li tista' takkumula maż-żmien, u għalhekk jenħtieġ li jiġu pprojbiti. Jista' ma jkunx possibbli li wieħed jassumi li hemm intenzjoni ta' tfixkil tal-imġiba meta t-tfixkil jirriżulta minn fatturi esterni għas-sistema tal-IA li huma barra mill-kontroll tal-fornitur jew tal-implimentatur, jiġifieri fatturi li jistgħu ma jkunux raġonevolment prevedibbli u għalhekk mhux possibbli għall-fornitur jew għall-implimentatur tas-sistema tal-IA biex jimmitiga. Fi kwalunkwe każ, ma huwiex meħtieġ li l-fornitur jew l-implimentatur ikollhom l-intenzjoni li jikkawżaw ħsara sinifikanti, dment li tali ħsara ma tirriżultax mill-prattiki manipulattivi jew ta' sfruttament li ġejjin mill-IA. Il-projbizzjonijiet għal tali prattiki tal-IA huma komplementari għad-dispożizzjonijiet li jinsabu fid-Direttiva 2005/29/KE tal-Parlament Ewropew u tal-Kunsill (17), b'mod partikolari prattiki kummerċjali inġusti li jwasslu għal ħsara ekonomika jew finanzjarja għall-konsumaturi huma pprojbiti fiċ-ċirkostanzi kollha, irrispettivament minn jekk jiġux stabbiliti permezz ta' sistemi tal-IA jew b'xi mod ieħor. Jenħtieġ li l-projbizzjonijiet ta' prattiki manipulattivi u ta' sfruttament f'dan ir-Regolament ma jaffettwaw il-prattiki legali fil-kuntest ta' trattament mediku bħat-trattament psikoloġiku ta' marda mentali jew ir-riabilitazzjoni fiżika, meta dawk il-prattiki jitwettqu f'konformità mal-liġi u l-istandards mediċi applikabbli, pereżempju l-kunsens espliċitu tal-individwi jew tar-rappreżentanti legali tagħhom. Barra minn hekk, jenħtieġ li l-prattiki kummerċjali komuni u leġittimi, pereżempju fil-qasam tar-reklamar, li jikkonformaw mal-liġi applikabbli ma jitqisux fihom infushom bħala li jikkostitwixxu prattiki manipulattivi li jagħmlu ħsara li ġejjin mill-IA.

(29)

AI-enabled manipulative techniques can be used to persuade persons to engage in unwanted behaviours, or to deceive them by nudging them into decisions in a way that subverts and impairs their autonomy, decision-making and free choices. The placing on the market, the putting into service or the use of certain AI systems with the objective to or the effect of materially distorting human behaviour, whereby significant harms, in particular having sufficiently important adverse impacts on physical, psychological health or financial interests are likely to occur, are particularly dangerous and should therefore be prohibited. Such AI systems deploy subliminal components such as audio, image, video stimuli that persons cannot perceive, as those stimuli are beyond human perception, or other manipulative or deceptive techniques that subvert or impair person’s autonomy, decision-making or free choice in ways that people are not consciously aware of those techniques or, where they are aware of them, can still be deceived or are not able to control or resist them. This could be facilitated, for example, by machine-brain interfaces or virtual reality as they allow for a higher degree of control of what stimuli are presented to persons, insofar as they may materially distort their behaviour in a significantly harmful manner. In addition, AI systems may also otherwise exploit the vulnerabilities of a person or a specific group of persons due to their age, disability within the meaning of Directive (EU) 2019/882 of the European Parliament and of the Council (16), or a specific social or economic situation that is likely to make those persons more vulnerable to exploitation such as persons living in extreme poverty, ethnic or religious minorities. Such AI systems can be placed on the market, put into service or used with the objective to or the effect of materially distorting the behaviour of a person and in a manner that causes or is reasonably likely to cause significant harm to that or another person or groups of persons, including harms that may be accumulated over time and should therefore be prohibited. It may not be possible to assume that there is an intention to distort behaviour where the distortion results from factors external to the AI system which are outside the control of the provider or the deployer, namely factors that may not be reasonably foreseeable and therefore not possible for the provider or the deployer of the AI system to mitigate. In any case, it is not necessary for the provider or the deployer to have the intention to cause significant harm, provided that such harm results from the manipulative or exploitative AI-enabled practices. The prohibitions for such AI practices are complementary to the provisions contained in Directive 2005/29/EC of the European Parliament and of the Council (17), in particular unfair commercial practices leading to economic or financial harms to consumers are prohibited under all circumstances, irrespective of whether they are put in place through AI systems or otherwise. The prohibitions of manipulative and exploitative practices in this Regulation should not affect lawful practices in the context of medical treatment such as psychological treatment of a mental disease or physical rehabilitation, when those practices are carried out in accordance with the applicable law and medical standards, for example explicit consent of the individuals or their legal representatives. In addition, common and legitimate commercial practices, for example in the field of advertising, that comply with the applicable law should not, in themselves, be regarded as constituting harmful manipulative AI-enabled practices.

(30)

Jenħtieġ li jiġu pprojbiti s-sistemi ta' kategorizzazzjoni bijometrika li huma bbażati fuq id-data bijometrika tal-persuni fiżiċi, bħall-wiċċ jew il-marka tas-swaba' ta' persuna individwali, biex jiddeduċu jew jinferixxu l-opinjonijiet politiċi ta' individwu, is-sħubija fi trade union, it-twemmin reliġjuż jew filosofiku, ir-razza, il-ħajja sesswali jew l-orjentazzjoni sesswali. Jenħtieġ li dik il-projbizzjoni ma tkoprix it-tikkettar, il-filtrazzjoni jew il-kategorizzazzjoni legali ta' settijiet ta' data bijometriċi miksuba f'konformità mal-liġi tal-Unjoni jew dik nazzjonali skont id-data bijometrika, bħall-issortjar ta' immaġnijiet skont il-kulur tax-xagħar jew il-kulur tal-għajnejn, li jistgħu jintużaw pereżempju fil-qasam tal-infurzar tal-liġi.

(30)

Biometric categorisation systems that are based on natural persons’ biometric data, such as an individual person’s face or fingerprint, to deduce or infer an individuals’ political opinions, trade union membership, religious or philosophical beliefs, race, sex life or sexual orientation should be prohibited. That prohibition should not cover the lawful labelling, filtering or categorisation of biometric data sets acquired in line with Union or national law according to biometric data, such as the sorting of images according to hair colour or eye colour, which can for example be used in the area of law enforcement.

(31)

Sistemi tal-IA li jipprovdu punteġġ għaċ-ċittadini minn atturi pubbliċi jew privati fir-rigward ta' persuni fiżiċi jistgħu jwasslu għal eżiti diskriminatorji u għall-esklużjoni ta' ċerti gruppi. Jistgħu jiksru d-dritt għad-dinjità u ta' nondiskriminazzjoni u l-valuri tal-ugwaljanza u tal-ġustizzja. Tali sistemi tal-IA jevalwaw jew jikklassifikaw persuni fiżiċi jew gruppi ta' persuni abbażi ta' diversi punti tad-data relatati mal-imġiba soċjali tagħhom f'kuntesti multipli jew karatteristiċi personali jew tal-personalità magħrufa, inferiti jew imbassrin matul ċerti perjodi ta' żmien. Il-punteġġ għaċ-ċittadini miksub minn dawn is-sistemi tal-IA jista' jwassal għal trattament detrimentali jew mhux favorevoli ta' persuni fiżiċi jew ta' gruppi sħaħ tagħhom f'kuntesti soċjali, li ma jkunux marbuta mal-kuntest li fih kienet oriġinarjament iġġenerata jew inġabret id-data, jew għal trattament detrimentali sproporzjonat jew mhux iġġustifikat għall-gravità tal-imġiba soċjali tagħhom. Għalhekk, jenħtieġ li jiġu pprojbiti s-sistemi tal-IA li jinvolvu prattiki ta' punteġġ inaċċettabbli u li jwasslu għal tali eżiti detrimentali jew mhux favorevoli. Jenħtieġ li dik il-projbizzjoni ma taffettwax il-prattiki ta' evalwazzjoni legali ta' persuni fiżiċi li jitwettqu għal skop speċifiku f'konformità mal-liġi tal-Unjoni u nazzjonali.

(31)

AI systems providing social scoring of natural persons by public or private actors may lead to discriminatory outcomes and the exclusion of certain groups. They may violate the right to dignity and non-discrimination and the values of equality and justice. Such AI systems evaluate or classify natural persons or groups thereof on the basis of multiple data points related to their social behaviour in multiple contexts or known, inferred or predicted personal or personality characteristics over certain periods of time. The social score obtained from such AI systems may lead to the detrimental or unfavourable treatment of natural persons or whole groups thereof in social contexts, which are unrelated to the context in which the data was originally generated or collected or to a detrimental treatment that is disproportionate or unjustified to the gravity of their social behaviour. AI systems entailing such unacceptable scoring practices and leading to such detrimental or unfavourable outcomes should therefore be prohibited. That prohibition should not affect lawful evaluation practices of natural persons that are carried out for a specific purpose in accordance with Union and national law.

(32)

L-użu tas-sistemi tal-IA għall-identifikazzjoni bijometrika remota “fil-ħin reali” ta' persuni fiżiċi fi spazji aċċessibbli għall-pubbliku għall-finijiet ta' infurzar tal-liġi huwa partikolarment intrużiv għad-drittijiet u l-libertajiet tal-persuni kkonċernati, peress li dan jista' jaffettwa l-ħajja privata ta' parti kbira tal-popolazzjoni, jevoka sentiment ta' sorveljanza kostanti u indirettament jiddisswadi l-eżerċitar tal-libertà ta' għaqda u ta' drittijiet fundamentali oħra. L-inakkuratezzi tekniċi tas-sistemi tal-IA maħsuba għall-identifikazzjoni bijometrika remota ta' persuni fiżiċi jistgħu jwasslu għal riżultati preġudikati u jħallu effetti diskriminatorji. Tali riżultati preġudikati possibbli u effetti diskriminatorji huma partikolarment rilevanti fir-rigward tal-età, l-etniċità, ir-razza, is-sess jew id-diżabilitajiet. Barra minn hekk, l-immedjatezza tal-impatt u l-opportunitajiet limitati għal aktar kontrolli jew korrezzjonijiet fir-rigward tal-użu ta' dawn is-sistemi li joperaw fil-ħin reali jinvolvu riskji akbar għad-drittijiet u l-libertajiet tal-persuni kkonċernati fil-kuntest ta’, jew l-impatt mill-attivitajiet tal-infurzar tal-liġi.

(32)

The use of AI systems for ‘real-time’ remote biometric identification of natural persons in publicly accessible spaces for the purpose of law enforcement is particularly intrusive to the rights and freedoms of the concerned persons, to the extent that it may affect the private life of a large part of the population, evoke a feeling of constant surveillance and indirectly dissuade the exercise of the freedom of assembly and other fundamental rights. Technical inaccuracies of AI systems intended for the remote biometric identification of natural persons can lead to biased results and entail discriminatory effects. Such possible biased results and discriminatory effects are particularly relevant with regard to age, ethnicity, race, sex or disabilities. In addition, the immediacy of the impact and the limited opportunities for further checks or corrections in relation to the use of such systems operating in real-time carry heightened risks for the rights and freedoms of the persons concerned in the context of, or impacted by, law enforcement activities.

(33)

Għalhekk, jenħtieġ li l-użu ta' dawk is-sistemi għall-finijiet ta' infurzar tal-liġi jiġi pprojbit, minbarra f'sitwazzjonijiet elenkati b'mod eżawrjenti u definiti b'mod ristrett, meta l-użu hu strettament meħtieġ biex jinkiseb interess pubbliku sostanzjali li l-importanza tiegħu tisboq ir-riskji. Dawk is-sitwazzjonijiet jinvolvu t-tiftix għal ċerti vittmi tal-kriminalità inkluż il-persuni neqsin; ċerti theddidiet għall-ħajja jew għas-sikurezza fiżika ta' persuni fiżiċi jew ta' attakk terroristiku; u l-lokalizzazzjoni jew l-identifikazzjoni ta' awturi jew suspettati tar-reati kriminali elenkati f'anness ta' dan ir-Regolament, fejn dawk ir-reati kriminali jkunu punibbli fl-Istat Membru kkonċernat b'piena li ċċaħħad il-libertà jew b'ordni ta' detenzjoni għal perjodu massimu ta' mill-inqas erba' snin, u kif inhuma definiti fil-liġi ta' dak l-Istat Membru. Tali limitu fil-piena li ċċaħħad il-libertà jew l-ordni ta' detenzjoni f'konformità mal-liġi nazzjonali jikkontribwixxi biex jiġi żgurat li r-reat jenħtieġ li jkun serju biżżejjed biex potenzjalment jiġġustifika l-użu ta' sistemi ta’ identifikazzjoni bijometrika remota “fil-ħin reali”. Barra minn hekk, il-lista ta’ reati kriminali pprovduta f’anness ta’ dan ir-Regolament hija bbażata fuq it-32 reat kriminali elenkati fid-Deċiżjoni Qafas tal-Kunsill 2002/584/ĠAI (18), b'kont meħud li xi wħud minn dawk ir-reati aktarx li fil-prattika jkunu aktar rilevanti minn oħrajn, fis-sens li r-rikors għal identifikazzjoni bijometrika remota “fil-ħin reali” jkun prevedibbilment meħtieġ u proporzjonat sa gradi varji ħafna biex fil-prattika jkun hemm il-lokalizzazzjoni jew l-identifikazzjoni ta' awtur ta' reat kriminali jew ta' persuna suspettata b'reati kriminali differenti elenkati u b'kunsiderazzjoni tad-differenzi li x'aktarx ikun hemm fil-gravità, fil-probabbiltà u fl-iskala tal-ħsara jew tal-konsegwenzi negattivi possibbli. Theddida imminenti għall-ħajja jew għas-sikurezza fiżika ta' persuni fiżiċi tista' tirriżulta wkoll minn tfixkil serju tal-infrastruttura kritika, kif definit fl-Artikolu 2, il-punt (4) tad-Direttiva (UE) 2022/2557 tal-Parlament Ewropew u tal-Kunsill (19), fejn it-tfixkil jew il-qerda ta' tali infrastruttura kritika tirriżulta f'theddida imminenti għall-ħajja jew għas-sikurezza fiżika ta' persuna, inkluż permezz ta' dannu serju għall-forniment ta' provvisti bażiċi lill-popolazzjoni jew għall-eżerċizzju tal-funzjoni ewlenija tal-Istat. Barra minn hekk, jenħtieġ li dan ir-Regolament jippreserva l-kapaċità tal-awtoritajiet tal-infurzar tal-liġi, tal-kontroll fil-fruntieri, tal-immigrazzjoni jew tal-ażil li jwettqu verifiki tal-identità fil-preżenza tal-persuna kkonċernata f'konformità mal-kundizzjonijiet stipulati fil-liġi tal-Unjoni u f'dik nazzjonali għal tali verifiki. B'mod partikolari, jenħtieġ li l-awtoritajiet tal-infurzar tal-liġi, tal-kontroll fil-fruntiera, tal-immigrazzjoni jew tal-ażil ikunu jistgħu jużaw sistemi ta' informazzjoni, f'konformità mal-liġi tal-Unjoni jew dik nazzjonali, biex jidentifikaw persuni li, matul kontroll tal-identità, jew jirrifjutaw li jiġu identifikati jew ma jkunux jistgħu jiddikjaraw jew jagħtu prova tal-identità tagħhom, mingħajr ma tkun meħtieġa minn dan ir-Regolament li tikseb awtorizzazzjoni minn qabel. Din tista' tkun, pereżempju, persuna involuta f'reat, li ma tkunx trid, jew ma tkunx tista', minħabba aċċident jew kundizzjoni medika, tiddivulga l-identità tagħha lill-awtoritajiet tal-infurzar tal-liġi.

(33)

The use of those systems for the purpose of law enforcement should therefore be prohibited, except in exhaustively listed and narrowly defined situations, where the use is strictly necessary to achieve a substantial public interest, the importance of which outweighs the risks. Those situations involve the search for certain victims of crime including missing persons; certain threats to the life or to the physical safety of natural persons or of a terrorist attack; and the localisation or identification of perpetrators or suspects of the criminal offences listed in an annex to this Regulation, where those criminal offences are punishable in the Member State concerned by a custodial sentence or a detention order for a maximum period of at least four years and as they are defined in the law of that Member State. Such a threshold for the custodial sentence or detention order in accordance with national law contributes to ensuring that the offence should be serious enough to potentially justify the use of ‘real-time’ remote biometric identification systems. Moreover, the list of criminal offences provided in an annex to this Regulation is based on the 32 criminal offences listed in the Council Framework Decision 2002/584/JHA (18), taking into account that some of those offences are, in practice, likely to be more relevant than others, in that the recourse to ‘real-time’ remote biometric identification could, foreseeably, be necessary and proportionate to highly varying degrees for the practical pursuit of the localisation or identification of a perpetrator or suspect of the different criminal offences listed and having regard to the likely differences in the seriousness, probability and scale of the harm or possible negative consequences. An imminent threat to life or the physical safety of natural persons could also result from a serious disruption of critical infrastructure, as defined in Article 2, point (4) of Directive (EU) 2022/2557 of the European Parliament and of the Council (19), where the disruption or destruction of such critical infrastructure would result in an imminent threat to life or the physical safety of a person, including through serious harm to the provision of basic supplies to the population or to the exercise of the core function of the State. In addition, this Regulation should preserve the ability for law enforcement, border control, immigration or asylum authorities to carry out identity checks in the presence of the person concerned in accordance with the conditions set out in Union and national law for such checks. In particular, law enforcement, border control, immigration or asylum authorities should be able to use information systems, in accordance with Union or national law, to identify persons who, during an identity check, either refuse to be identified or are unable to state or prove their identity, without being required by this Regulation to obtain prior authorisation. This could be, for example, a person involved in a crime, being unwilling, or unable due to an accident or a medical condition, to disclose their identity to law enforcement authorities.

(34)

Biex ikun żgurat li dawk is-sistemi jintużaw b'mod responsabbli u proporzjonat, hu importanti wkoll li jiġi stabbilit li, f'kull waħda minn dawk is-sitwazzjonijiet elenkati b'mod eżawrjenti u definiti b'mod ristrett, jenħtieġ jitqiesu ċerti elementi, b'mod partikolari fir-rigward tan-natura tas-sitwazzjoni li twassal għat-talba u l-konsegwenzi tal-użu għad-drittijiet u għal-libertajiet tal-persuni kollha kkonċernati u s-salvagwardji u l-kundizzjonijiet previsti fl-użu. Barra minn hekk, jenħtieġ li l-użu tas-sistemi ta’ identifikazzjoni bijometrika remota “fil-ħin reali” fi spazji aċċessibbli għall-pubbliku għal finijiet ta' infurzar tal-liġi jiġi implimentat biss biex jikkonferma l-identità tal-individwu fil-mira b'mod speċifiku u jenħtieġ li jkun limitat għal dak li huwa strettament meħtieġ fir-rigward tal-perjodu ta' żmien, kif ukoll il-kamp ta' applikazzjoni ġeografiku u personali, filwaqt li jitqiesu b'mod partikolari l-evidenza jew l-indikazzjonijiet rigward it-theddid, il-vittmi jew l-awtur. Jenħtieġ li l-użu tas-sistema ta’ identifikazzjoni bijometrika remota fil-ħin reali fi spazji aċċessibbli għall-pubbliku jiġi awtorizzat biss jekk l-awtorità rilevanti tal-infurzar tal-liġi tkun lestiet valutazzjoni tal-impatt fuq id-drittijiet fundamentali u, sakemm ma jkunx previst mod ieħor f'dan ir-Regolament, tkun irreġistrat is-sistema fil-bażi tad-data kif stipulat f'dan ir-Regolament. Jenħtieġ li l-bażi ta' data ta' referenza tal-persuni tkun adattata għal kull każ ta' użu f'kull waħda mis-sitwazzjonijiet imsemmija hawn fuq.

(34)

In order to ensure that those systems are used in a responsible and proportionate manner, it is also important to establish that, in each of those exhaustively listed and narrowly defined situations, certain elements should be taken into account, in particular as regards the nature of the situation giving rise to the request and the consequences of the use for the rights and freedoms of all persons concerned and the safeguards and conditions provided for with the use. In addition, the use of ‘real-time’ remote biometric identification systems in publicly accessible spaces for the purpose of law enforcement should be deployed only to confirm the specifically targeted individual’s identity and should be limited to what is strictly necessary concerning the period of time, as well as the geographic and personal scope, having regard in particular to the evidence or indications regarding the threats, the victims or perpetrator. The use of the real-time remote biometric identification system in publicly accessible spaces should be authorised only if the relevant law enforcement authority has completed a fundamental rights impact assessment and, unless provided otherwise in this Regulation, has registered the system in the database as set out in this Regulation. The reference database of persons should be appropriate for each use case in each of the situations mentioned above.

(35)

Jenħtieġ li kull użu tas-sistema ta’ identifikazzjoni bijometrika remota “fil-ħin reali” fi spazji aċċessibbli għall-pubbliku għal finijiet ta' infurzar tal-liġi jkun soġġett għal awtorizzazzjoni espliċita u speċifika minn awtorità ġudizzjarja jew minn awtorità amministrattiva indipendenti ta' Stat Membru li d-deċiżjoni tagħha tkun vinkolanti. Jenħtieġ li tali awtorizzazzjoni fil-prinċipju tinkiseb qabel l-użu tas-sistema tal-IA bil-ħsieb li tiġi identifikata persuna jew persuni. Jenħtieġ li jitħallew isiru eċċezzjonijiet għal dik ir-regola f'sitwazzjonijiet debitament ġustifikati abbażi ta' urġenza, jiġifieri, f'sitwazzjonijiet meta l-ħtieġa li tintuża s-sistema kkonċernata tkun tali li tagħmilha effettivament u oġġettivament impossibbli li tinkiseb awtorizzazzjoni qabel ma jibda l-użu tas-sistema tal-IA. Jenħtieġ li f'sitwazzjonijiet ta' urġenza bħal dawn, l-użu tas-sistema tal-IA jkun ristrett għall-minimu assolut meħtieġ u jenħtieġ li jkun soġġett għal salvagwardji u għal kundizzjonijiet xierqa, kif determinati fil-liġi nazzjonali u speċifikati fil-kuntest ta' kull każ individwali ta' użu urġenti mill-awtorità tal-infurzar tal-liġi nnifisha. Barra minn hekk, jenħtieġ li f'sitwazzjonijiet bħal dawn l-awtorità tal-infurzar tal-liġi titlob tali awtorizzazzjoni filwaqt li tipprovdi r-raġunijiet għaliex ma setgħetx titlobha qabel, mingħajr dewmien żejjed u f'mhux aktar tard minn 24 siegħa. Jekk tali awtorizzazzjoni tiġi rrifjutata, jenħtieġ li l-użu ta' sistemi ta’ identifikazzjoni bijometrika f'ħin reali marbuta ma' dik l-awtorizzazzjoni jitwaqqaf b'effett immedjat u jenħtieġ li d-data kollha relatata ma' dan l-użu titwarrab u titħassar. Din id-data tinkludi data tal-input miksuba direttament minn sistema tal-IA waqt l-użu ta' tali sistema kif ukoll ir-riżultati u l-outputs tal-użu marbut ma' dik l-awtorizzazzjoni. Jenħtieġ li ma tinkludix input li jkun miksub legalment f'konformità ma' liġi tal-Unjoni jew nazzjonali oħra. Fi kwalunkwe każ, jenħtieġ li l-ebda deċiżjoni li tipproduċi effett legali negattiv fuq persuna ma tittieħed biss abbażi tal-output tas-sistema ta’ identifikazzjoni bijometrika remota.

(35)

Each use of a ‘real-time’ remote biometric identification system in publicly accessible spaces for the purpose of law enforcement should be subject to an express and specific authorisation by a judicial authority or by an independent administrative authority of a Member State whose decision is binding. Such authorisation should, in principle, be obtained prior to the use of the AI system with a view to identifying a person or persons. Exceptions to that rule should be allowed in duly justified situations on grounds of urgency, namely in situations where the need to use the systems concerned is such as to make it effectively and objectively impossible to obtain an authorisation before commencing the use of the AI system. In such situations of urgency, the use of the AI system should be restricted to the absolute minimum necessary and should be subject to appropriate safeguards and conditions, as determined in national law and specified in the context of each individual urgent use case by the law enforcement authority itself. In addition, the law enforcement authority should in such situations request such authorisation while providing the reasons for not having been able to request it earlier, without undue delay and at the latest within 24 hours. If such an authorisation is rejected, the use of real-time biometric identification systems linked to that authorisation should cease with immediate effect and all the data related to such use should be discarded and deleted. Such data includes input data directly acquired by an AI system in the course of the use of such system as well as the results and outputs of the use linked to that authorisation. It should not include input that is legally acquired in accordance with another Union or national law. In any case, no decision producing an adverse legal effect on a person should be taken based solely on the output of the remote biometric identification system.

(36)

Sabiex iwettqu l-kompiti tagħhom f'konformità mar-rekwiżiti stipulati f'dan ir-Regolament kif ukoll fir-regoli nazzjonali, jenħtieġ li l-awtorità tas-sorveljanza tas-suq rilevanti u l-awtorità nazzjonali għall-protezzjoni tad-data jiġu nnotifikati b'kull użu tas-sistema ta’ identifikazzjoni bijometrika f'ħin reali. Jenħtieġ li l-awtoritajiet tas-sorveljanza tas-suq u l-awtoritajiet nazzjonali tal-protezzjoni tad-data li jkunu ġew innotifikati jippreżentaw rapport annwali lill-Kummissjoni dwar l-użu tas-sistemi ta’ identifikazzjoni bijometrika f'ħin reali.

(36)

In order to carry out their tasks in accordance with the requirements set out in this Regulation as well as in national rules, the relevant market surveillance authority and the national data protection authority should be notified of each use of the real-time biometric identification system. Market surveillance authorities and the national data protection authorities that have been notified should submit to the Commission an annual report on the use of real-time biometric identification systems.

(37)

Barra minn hekk, jixraq li, fi ħdan il-qafas eżawrjenti stabbilit b'dan ir-Regolament, jenħtieġ li jkun previst li dan l-użu fit-territorju ta' Stat Membru f'konformità ma' dan ir-Regolament ikun possibbli biss meta u sa fejn l-Istat Membru kkonċernat ikun iddeċieda li jipprevedi b'mod espliċitu l-possibbiltà li jawtorizza dan l-użu fir-regoli dettaljati tiegħu tal-liġi nazzjonali. Għaldaqstant, l-Istati Membri huma liberi skont dan ir-Regolament li ma jipprevedu l-ebda possibbiltà bħal din jew li jipprevedu biss din il-possibbiltà fir-rigward ta' wħud mill-objettivi li jistgħu jiġġustifikaw l-użu awtorizzat identifikat f'dan ir-Regolament. Jenħtieġ li tali regoli nazzjonali jiġu nnotifikati lill-Kummissjoni fi żmien 30 jum mill-adozzjoni tagħhom.

(37)

Furthermore, it is appropriate to provide, within the exhaustive framework set by this Regulation that such use in the territory of a Member State in accordance with this Regulation should only be possible where and in as far as the Member State concerned has decided to expressly provide for the possibility to authorise such use in its detailed rules of national law. Consequently, Member States remain free under this Regulation not to provide for such a possibility at all or to only provide for such a possibility in respect of some of the objectives capable of justifying authorised use identified in this Regulation. Such national rules should be notified to the Commission within 30 days of their adoption.

(38)

L-użu tas-sistemi tal-IA għall-identifikazzjoni bijometrika remota fil-ħin reali ta' persuni fiżiċi fi spazji aċċessibbli għall-pubbliku għal finijiet ta' infurzar tal-liġi bilfors jinvolvi l-ipproċessar ta' data bijometrika. Ir-regoli ta' dan ir-Regolament li jipprojbixxu dan l-użu, soġġetta għal ċerti eċċezzjonijiet, u li huma bbażati fuq l-Artikolu 16 TFUE, jenħtieġ japplikaw bħala lex specialis fir-rigward tar-regoli dwar l-ipproċessar tad-data bijometrika li jinsabu fl-Artikolu 10 tad-Direttiva (UE) 2016/680, u b'hekk jirregolaw dan l-użu u l-ipproċessar tad-data bijometrika involuta b'mod eżawrjenti. Għalhekk, jenħtieġ li dawn l-użu u l-ipproċessar ikunu possibbli biss sa fejn ikun kompatibbli mal-qafas stabbilit b'dan ir-Regolament, mingħajr ma jkun hemm ambitu, barra minn dak il-qafas, għall-awtoritajiet kompetenti, meta jaġixxu għall-finijiet ta' infurzar tal-liġi, li jużaw dawn is-sistemi u jipproċessaw din id-data b'rabta magħhom abbażi tar-raġunijiet elenkati fl-Artikolu 10 tad-Direttiva (UE) 2016/680. F'dak il-kuntest, dan ir-Regolament mhux maħsub biex jipprovdi l-bażi legali għall-ipproċessar ta' data personali skont l-Artikolu 8 tad-Direttiva (UE) 2016/680. Madankollu, jenħtieġ li l-użu tas-sistemi ta’ identifikazzjoni bijometrika remota fil-ħin reali fi spazji aċċessibbli għall-pubbliku għal finijiet oħra għajr l-infurzar tal-liġi, inkluż minn awtoritajiet kompetenti, ma jkunx kopert mill-qafas speċifiku rigward dan l-użu għall-finijiet ta' infurzar tal-liġi stabbilit b'dan ir-Regolament. Għalhekk, jenħtieġ li dan l-użu għal finijiet oħra għajr l-infurzar tal-liġi ma jkunx soġġett għar-rekwiżit ta' awtorizzazzjoni skont dan ir-Regolament u r-regoli dettaljati applikabbli tal-liġi nazzjonali li jistgħu jagħtu effett lil dik l-awtorizzazzjoni.

(38)

The use of AI systems for real-time remote biometric identification of natural persons in publicly accessible spaces for the purpose of law enforcement necessarily involves the processing of biometric data. The rules of this Regulation that prohibit, subject to certain exceptions, such use, which are based on Article 16 TFEU, should apply as lex specialis in respect of the rules on the processing of biometric data contained in Article 10 of Directive (EU) 2016/680, thus regulating such use and the processing of biometric data involved in an exhaustive manner. Therefore, such use and processing should be possible only in as far as it is compatible with the framework set by this Regulation, without there being scope, outside that framework, for the competent authorities, where they act for purpose of law enforcement, to use such systems and process such data in connection thereto on the grounds listed in Article 10 of Directive (EU) 2016/680. In that context, this Regulation is not intended to provide the legal basis for the processing of personal data under Article 8 of Directive (EU) 2016/680. However, the use of real-time remote biometric identification systems in publicly accessible spaces for purposes other than law enforcement, including by competent authorities, should not be covered by the specific framework regarding such use for the purpose of law enforcement set by this Regulation. Such use for purposes other than law enforcement should therefore not be subject to the requirement of an authorisation under this Regulation and the applicable detailed rules of national law that may give effect to that authorisation.

(39)

Jenħtieġ li kull ipproċessar tad-data bijometrika u ta' data personali oħra involuta fl-użu tas-sistemi tal-IA għall-identifikazzjoni bijometrika, għajr b'rabta mal-użu tas-sistemi ta’ identifikazzjoni bijometrika remota “fil-ħin reali” fi spazji aċċessibbli għall-pubbliku għal finijiet ta' infurzar tal-liġi kif regolat b'dan ir-Regolament, jibqa' jikkonforma mar-rekwiżiti kollha li jirriżultaw mill-Artikolu 10 tad-Direttiva (UE) 2016/680. Għal finijiet għajr l-infurzar tal-liġi, l-Artikolu 9(1) tar-Regolament (UE) 2016/679 u l-Artikolu 10(1) tar-Regolament (UE) 2018/1725 jipprojbixxu l-ipproċessar ta' data bijometrika soġġetta għal eċċezzjonijiet limitati kif previst f'dawk l-Artikoli. Fl-applikazzjoni tal-Artikolu 9(1) tar-Regolament (UE) 2016/679, l-użu tal-identifikazzjoni bijometrika remota għal finijiet oħra għajr l-infurzar tal-liġi diġà kien soġġett għal deċiżjonijiet ta' projbizzjoni mill-awtoritajiet nazzjonali tal-protezzjoni tad-data.

(39)

Any processing of biometric data and other personal data involved in the use of AI systems for biometric identification, other than in connection to the use of real-time remote biometric identification systems in publicly accessible spaces for the purpose of law enforcement as regulated by this Regulation, should continue to comply with all requirements resulting from Article 10 of Directive (EU) 2016/680. For purposes other than law enforcement, Article 9(1) of Regulation (EU) 2016/679 and Article 10(1) of Regulation (EU) 2018/1725 prohibit the processing of biometric data subject to limited exceptions as provided in those Articles. In the application of Article 9(1) of Regulation (EU) 2016/679, the use of remote biometric identification for purposes other than law enforcement has already been subject to prohibition decisions by national data protection authorities.

(40)

F'konformità mal-Artikolu 6a tal-Protokoll Nru 21 dwar il-pożizzjoni tar-Renju Unit u tal-Irlanda fir-rigward tal-ispazju ta' libertà, sigurtà u ġustizzja, kif anness mat-TUE u mat-TFUE, l-Irlanda mhix marbuta bir-regoli stabbiliti fl-Artikolu 5(1), l-ewwel subparagrafu, il-punt (g), sa fejn japplika għall-użu ta' sistemi ta' kategorizzazzjoni bijometrika għal attivitajiet fil-qasam tal-kooperazzjoni tal-pulizija u l-kooperazzjoni ġudizzjarja f'materji kriminali, l-Artikolu 5(1), l-ewwel subparagrafu, il-punt (d), sa fejn japplika għall-użu tas-sistemi tal-IA koperti minn dik id-dispożizzjoni, l-Artikolu 5(1), l-ewwel subparagrafu, il-punt (h), l-Artikolu 5(2) sa (6) u l-Artikolu 26(10) ta' dan ir-Regolament adottat abbażi tal-Artikolu 16 TFUE relatati mal-ipproċessar ta' data personali mill-Istati Membri meta jwettqu attivitajiet li huma fil-kamp ta' applikazzjoni tal-Kapitolu 4 jew tal-Kapitolu 5 tat-Titolu V tal-Parti Tlieta TFUE, meta l-Irlanda mhix marbuta bir-regoli li jirregolaw il-forom ta' kooperazzjoni ġudizzjarja f'materji kriminali jew ta' kooperazzjoni tal-pulizija li jeħtieġu konformità mad-dispożizzjonijiet stabbiliti abbażi tal-Artikolu 16 TFUE.

(40)

In accordance with Article 6a of Protocol No 21 on the position of the United Kingdom and Ireland in respect of the area of freedom, security and justice, as annexed to the TEU and to the TFEU, Ireland is not bound by the rules laid down in Article 5(1), first subparagraph, point (g), to the extent it applies to the use of biometric categorisation systems for activities in the field of police cooperation and judicial cooperation in criminal matters, Article 5(1), first subparagraph, point (d), to the extent it applies to the use of AI systems covered by that provision, Article 5(1), first subparagraph, point (h), Article 5(2) to (6) and Article 26(10) of this Regulation adopted on the basis of Article 16 TFEU which relate to the processing of personal data by the Member States when carrying out activities falling within the scope of Chapter 4 or Chapter 5 of Title V of Part Three of the TFEU, where Ireland is not bound by the rules governing the forms of judicial cooperation in criminal matters or police cooperation which require compliance with the provisions laid down on the basis of Article 16 TFEU.

(41)

F'konformità mal-Artikoli 2 u 2a tal-Protokoll Nru 22 dwar il-pożizzjoni tad-Danimarka, kif anness mat-TUE u mat-TFUE, id-Danimarka mhix marbuta bir-regoli stabbiliti fl-Artikolu 5(1), l-ewwel subparagrafu, il-punt (g) sa fejn japplika għall-użu ta' sistemi ta' kategorizzazzjoni bijometrika għal attivitajiet fil-qasam tal-kooperazzjoni tal-pulizija u l-kooperazzjoni ġudizzjarja f'materji kriminali, l-Artikolu 5(1), l-ewwel subparagrafu, il-punt (d), sa fejn japplikaw għall-użu tas-sistemi tal-IA koperti minn dik id-dispożizzjoni, l-Artikolu 5(1), l-ewwel subparagrafu, il-punt (h), (2) sa (6) u l-Artikolu 26(10) ta' dan ir-Regolament adottat abbażi tal-Artikolu 16 TFUE, u lanqas mhi soġġetta għall-applikazzjoni tagħhom, relatati mal-ipproċessar tad-data personali mill-Istati Membri meta jwettqu l-attivitajiet li huma fil-kamp ta' applikazzjoni tal-Kapitolu 4 jew tal-Kapitolu 5 tat-Titolu V tal-Parti Tlieta TFUE.

(41)

In accordance with Articles 2 and 2a of Protocol No 22 on the position of Denmark, annexed to the TEU and to the TFEU, Denmark is not bound by rules laid down in Article 5(1), first subparagraph, point (g), to the extent it applies to the use of biometric categorisation systems for activities in the field of police cooperation and judicial cooperation in criminal matters, Article 5(1), first subparagraph, point (d), to the extent it applies to the use of AI systems covered by that provision, Article 5(1), first subparagraph, point (h), (2) to (6) and Article 26(10) of this Regulation adopted on the basis of Article 16 TFEU, or subject to their application, which relate to the processing of personal data by the Member States when carrying out activities falling within the scope of Chapter 4 or Chapter 5 of Title V of Part Three of the TFEU.

(42)

Jenħtieġ li f'konformità mal-preżunzjoni tal-innoċenza, il-persuni fiżiċi fl-Unjoni dejjem jiġu ġġudikati fuq l-imġiba reali tagħhom. Jenħtieġ li l-persuni fiżiċi qatt ma jiġu ġġudikati fuq imġiba prevista mill-IA abbażi biss tat-tfassil ta' profili, tal-kwalitajiet u l-karatteristiċi tal-personalità tagħhom, bħan-nazzjonalità, il-post tat-twelid, il-post tar-residenza, l-għadd ta' tfal, il-livell ta' dejn jew it-tip ta' karozza, mingħajr suspett raġonevoli li dik il-persuna tkun involuta f'attività kriminali abbażi ta' fatti verifikabbli oġġettivi u mingħajr il-valutazzjoni ta' tali fatti mill-bniedem. Għalhekk, jenħtieġ li jiġu pprojbiti l-valutazzjonijiet tar-riskju mwettqa fir-rigward ta' persuni fiżiċi sabiex tiġi vvalutata l-probabbiltà li jwettqu offiża jew biex titbassar l-okkorrenza ta' reat kriminali attwali jew potenzjali abbażi biss tat-tfassil ta' profili tagħhom jew tal-valutazzjoni tal-kwalitajiet u l-karatteristiċi tal-personalità tagħhom. Fi kwalunkwe każ, dik il-projbizzjoni ma tirreferix għal u ma ssemmix analitika tar-riskju li mhijiex ibbażata fuq it-tfassil ta' profili ta' individwi jew fuq il-kwalitajiet tal-personalità u l-karatteristiċi ta' individwi, bħal sistemi tal-IA li jużaw analitika tar-riskju biex jivvalutaw l-probabbiltà ta' frodi finanzjarja minn impriżi abbażi ta' tranżazzjonijiet suspettużi jew għodod analitiċi tar-riskju li jipprevedu l-probabbiltà ta' lokalizzazzjoni ta' narkotiċi jew oġġetti illeċiti mill-awtoritajiet doganali, pereżempju abbażi ta' rotot ta' traffikar magħrufa.

(42)

In line with the presumption of innocence, natural persons in the Union should always be judged on their actual behaviour. Natural persons should never be judged on AI-predicted behaviour based solely on their profiling, personality traits or characteristics, such as nationality, place of birth, place of residence, number of children, level of debt or type of car, without a reasonable suspicion of that person being involved in a criminal activity based on objective verifiable facts and without human assessment thereof. Therefore, risk assessments carried out with regard to natural persons in order to assess the likelihood of their offending or to predict the occurrence of an actual or potential criminal offence based solely on profiling them or on assessing their personality traits and characteristics should be prohibited. In any case, that prohibition does not refer to or touch upon risk analytics that are not based on the profiling of individuals or on the personality traits and characteristics of individuals, such as AI systems using risk analytics to assess the likelihood of financial fraud by undertakings on the basis of suspicious transactions or risk analytic tools to predict the likelihood of the localisation of narcotics or illicit goods by customs authorities, for example on the basis of known trafficking routes.

(43)

Jenħtieġ li l-introduzzjoni fis-suq, it-tqegħid fis-servizz għal dak l-għan speċifiku, jew l-użu ta' sistemi tal-IA li joħolqu jew jespandu bażijiet tad-data tar-rikonoxximent tal-wiċċ permezz ta' scraping mhux immirat tal-immaġnijiet tal-wiċċ mill-internet jew mill-filmati tas-CCTV jiġu pprojbiti, peress li dik il-prattika żżid mas-sens ta' sorveljanza tal-massa u tista' twassal għal ksur serju tad-drittijiet fundamentali, inkluż id-dritt għall-privatezza.

(43)

The placing on the market, the putting into service for that specific purpose, or the use of AI systems that create or expand facial recognition databases through the untargeted scraping of facial images from the internet or CCTV footage, should be prohibited because that practice adds to the feeling of mass surveillance and can lead to gross violations of fundamental rights, including the right to privacy.

(44)

Hemm tħassib serju dwar il-bażi xjentifika tas-sistemi tal-IA li għandhom l-għan li jidentifikaw jew jinferixxu l-emozzjonijiet, b'mod partikolari peress li l-espressjoni tal-emozzjonijiet tvarja b'mod konsiderevoli bejn il-kulturi u s-sitwazzjonijiet, u anke f'individwu wieħed. Fost in-nuqqasijiet ewlenin ta' sistemi bħal dawn hemm l-affidabbiltà limitata, in-nuqqas ta' speċifiċità u l-ġeneralizzabbiltà limitata. Għalhekk, is-sistemi tal-IA li jidentifikaw jew jinferixxu emozzjonijiet jew intenzjonijiet ta' persuni fiżiċi abbażi tad-data bijometrika tagħhom jistgħu jwasslu għal eżiti diskriminatorji u jistgħu jkunu intrużivi għad-drittijiet u l-libertajiet tal-persuni kkonċernati. Meta jitqies l-iżbilanċ tal-poter fil-kuntest tax-xogħol jew tal-edukazzjoni, flimkien man-natura intrużiva ta' dawn is-sistemi, tali sistemi jistgħu jwasslu għal trattament detrimentali jew sfavorevoli ta' ċerti persuni fiżiċi jew gruppi sħaħ tagħhom. Għalhekk, jenħtieġ li l-introduzzjoni fis-suq, it-tqegħid fis-servizz, jew l-użu ta' sistemi tal-IA maħsuba biex jintużaw biex jiġi identifikat l-istat emozzjonali ta' individwi f'sitwazzjonijiet relatati mal-post tax-xogħol u mal-edukazzjoni jiġu pprojbiti. Jenħtieġ li dik il-projbizzjoni ma tkoprix is-sistemi tal-IA introdotti fis-suq strettament għal raġunijiet mediċi jew ta' sikurezza, bħal sistemi maħsuba għal użu terapewtiku.

(44)

There are serious concerns about the scientific basis of AI systems aiming to identify or infer emotions, particularly as expression of emotions vary considerably across cultures and situations, and even within a single individual. Among the key shortcomings of such systems are the limited reliability, the lack of specificity and the limited generalisability. Therefore, AI systems identifying or inferring emotions or intentions of natural persons on the basis of their biometric data may lead to discriminatory outcomes and can be intrusive to the rights and freedoms of the concerned persons. Considering the imbalance of power in the context of work or education, combined with the intrusive nature of these systems, such systems could lead to detrimental or unfavourable treatment of certain natural persons or whole groups thereof. Therefore, the placing on the market, the putting into service, or the use of AI systems intended to be used to detect the emotional state of individuals in situations related to the workplace and education should be prohibited. That prohibition should not cover AI systems placed on the market strictly for medical or safety reasons, such as systems intended for therapeutical use.

(45)

Jenħtieġ li l-prattiki li huma pprojbiti mil-liġi tal-Unjoni, inkluż il-liġi dwar il-protezzjoni tad-data, il-liġi dwar in-nondiskriminazzjoni, il-liġi dwar il-protezzjoni tal-konsumatur, u l-liġi tal-kompetizzjoni, ma jiġux affettwati minn dan ir-Regolament.

(45)

Practices that are prohibited by Union law, including data protection law, non-discrimination law, consumer protection law, and competition law, should not be affected by this Regulation.

(46)

Jenħtieġ li s-sistemi tal-IA b'riskju għoli jiġu introdotti fis-suq tal-Unjoni, jitqiegħdu fis-servizz jew jintużaw biss jekk ikunu konformi ma' ċerti rekwiżiti obbligatorji. Jenħtieġ li dawk ir-rekwiżiti jiżguraw li s-sistemi tal-IA b'riskju għoli disponibbli fl-Unjoni jew li l-output tagħhom jintuża b'xi mod ieħor fl-Unjoni ma jkunux joħolqu riskji inaċċettabbli għal interessi pubbliċi importanti tal-Unjoni kif rikonoxxuti u mħarsa bil-liġi tal-Unjoni. Abbażi tal-Qafas Leġiżlattiv Ġdid, kif iċċarat fl-avviż tal-Kummissjoni “‘Il-Gwida Blu’ dwar l-implimentazzjoni tar-regoli tal-prodotti tal-UE tal-2022” (20), ir-regola ġenerali hija li aktar minn att legali wieħed tal-leġiżlazzjoni tal-Unjoni dwar l-armonizzazzjoni, bħar-Regolamenti (UE) 2017/745 (21) u (UE) 2017/746 (22) tal-Parlament Ewropew u tal-Kunsill jew id-Direttiva 2006/42/KE tal-Parlament Ewropew u tal-Kunsill (23), jista' jkun applikabbli għal prodott wieħed, peress li l-introduzzjoni fis-suq jew it-tqegħid fis-servizz jista' jseħħ biss meta l-prodott jikkonforma mal-leġiżlazzjoni applikabbli kollha tal-Unjoni dwar l-armonizzazzjoni. Sabiex tiġi żgurata l-konsistenza u jiġu evitati piżijiet jew kostijiet amministrattivi bla bżonn, jenħtieġ li l-fornituri ta' prodott li jkun fih sistemi ta' IA b'riskju għoli waħda jew aktar, li għalihom japplikaw ir-rekwiżiti ta' dan ir-Regolament u tal-leġiżlazzjoni tal-Unjoni dwar l-armonizzazzjoni elenkati f'anness ta' dan ir-Regolament, ikollhom flessibbiltà fir-rigward tad-deċiżjonijiet operazzjonali dwar kif tiġi żgurata l-konformità ta' prodott li jkun fih sistema tal-IA waħda jew aktar mar-rekwiżiti applikabbli kollha tal-leġiżlazzjoni tal-Unjoni dwar l-armonizzazzjoni bl-aħjar mod. Jenħtieġ li s-sistemi tal-IA identifikati bħala b'riskju għoli jkunu limitati għal dawk li għandhom impatt dannuż sinifikanti fuq is-saħħa, is-sikurezza u d-drittijiet fundamentali tal-persuni fl-Unjoni u din il-limitazzjoni jenħtieġ li timminimizza kwalunkwe restrizzjoni potenzjali fuq il-kummerċ internazzjonali.

(46)

High-risk AI systems should only be placed on the Union market, put into service or used if they comply with certain mandatory requirements. Those requirements should ensure that high-risk AI systems available in the Union or whose output is otherwise used in the Union do not pose unacceptable risks to important Union public interests as recognised and protected by Union law. On the basis of the New Legislative Framework, as clarified in the Commission notice ‘The “Blue Guide” on the implementation of EU product rules 2022’ (20), the general rule is that more than one legal act of Union harmonisation legislation, such as Regulations (EU) 2017/745 (21) and (EU) 2017/746 (22) of the European Parliament and of the Council or Directive 2006/42/EC of the European Parliament and of the Council (23), may be applicable to one product, since the making available or putting into service can take place only when the product complies with all applicable Union harmonisation legislation. To ensure consistency and avoid unnecessary administrative burdens or costs, providers of a product that contains one or more high-risk AI systems, to which the requirements of this Regulation and of the Union harmonisation legislation listed in an annex to this Regulation apply, should have flexibility with regard to operational decisions on how to ensure compliance of a product that contains one or more AI systems with all applicable requirements of the Union harmonisation legislation in an optimal manner. AI systems identified as high-risk should be limited to those that have a significant harmful impact on the health, safety and fundamental rights of persons in the Union and such limitation should minimise any potential restriction to international trade.

(47)

Is-sistemi tal-IA jista' jkollhom impatt negattiv fuq is-saħħa u s-sikurezza tal-persuni, b'mod partikolari meta dawn is-sistemi jaħdmu bħala komponenti tas-sikurezza tal-prodotti. B'mod konsistenti mal-objettivi tal-leġiżlazzjoni tal-Unjoni dwar l-armonizzazzjoni biex jiġi ffaċilitat il-moviment liberu tal-prodotti fis-suq intern u biex ikun żgurat li prodotti sikuri u konformi b'xi mod ieħor biss jitqiegħdu fis-suq, hu importanti li jiġu evitati u mitigati kif xieraq ir-riskji għas-sikurezza li jistgħu jiġu ġġenerati minn prodott sħiħ minħabba l-komponenti diġitali tiegħu, inkluż sistemi tal-IA. Pereżempju, jenħtieġ li r-robots dejjem aktar awtonomi, sew fil-kuntest tal-manifattura kif ukoll fil-kuntest tal-assistenza u l-kura personali, ikunu jistgħu joperaw u jwettqu l-funzjonijiet tagħhom mingħajr periklu f'ambjenti kumplessi. Bl-istess mod, fis-settur tas-saħħa fejn l-interessi għall-ħajja u għas-saħħa huma partikolarment għoljin, jenħtieġ li s-sistemi dijanjostiċi dejjem aktar sofistikati u s-sistemi li jappoġġaw id-deċiżjonijiet umani jkunu affidabbli u preċiżi.

(47)

AI systems could have an adverse impact on the health and safety of persons, in particular when such systems operate as safety components of products. Consistent with the objectives of Union harmonisation legislation to facilitate the free movement of products in the internal market and to ensure that only safe and otherwise compliant products find their way into the market, it is important that the safety risks that may be generated by a product as a whole due to its digital components, including AI systems, are duly prevented and mitigated. For instance, increasingly autonomous robots, whether in the context of manufacturing or personal assistance and care should be able to safely operate and performs their functions in complex environments. Similarly, in the health sector where the stakes for life and health are particularly high, increasingly sophisticated diagnostics systems and systems supporting human decisions should be reliable and accurate.

(48)

Il-firxa tal-impatt negattiv ikkawżat mis-sistema tal-IA fuq id-drittijiet fundamentali protetti mill-Karta għandha rilevanza partikolari meta sistema tal-IA tkun qed tiġi klassifikata li għandha riskju għoli. Dawk id-drittijiet jinkludu d-dritt għad-dinjità tal-bniedem, ir-rispett għall-ħajja privata u tal-familja, il-protezzjoni tad-data personali, il-libertà tal-espressjoni u tal-informazzjoni, il-libertà ta' għaqda u ta' assoċjazzjoni, id-dritt għan-nondiskriminazzjoni, id-dritt għall-edukazzjoni, il-protezzjoni tal-konsumatur, id-drittijiet tal-ħaddiema, id-drittijiet tal-persuni b'diżabbiltà, l-ugwaljanza bejn il-ġeneri, id-drittijiet ta' proprjetà intellettwali, id-dritt għal rimedju effettiv u għal proċess imparzjali, id-dritt għad-difiża u l-preżunzjoni ta' innoċenza, u d-dritt għal amministrazzjoni tajba. Minbarra dawk id-drittijiet, hu importanti li jiġi enfasizzat il-fatt li t-tfal għandhom drittijiet speċifiċi kif minqux fl-Artikolu 24 tal-Karta u fil-Konvenzjoni tan-Nazzjonijiet Uniti dwar id-Drittijiet tat-Tfal, żviluppata aktar fil-Kumment Ġenerali Nru 25 tal-UNCRC fir-rigward tal-ambjent diġitali, li t-tnejn li huma jirrikjedu kunsiderazzjoni tal-vulnerabbiltajiet tat-tfal u l-għoti ta' tali protezzjoni u kura kif meħtieġ għall-benesseri tagħhom. Jenħtieġ li d-dritt fundamentali għal livell għoli ta' protezzjoni ambjentali, kif minqux fil-Karta u implimentat fil-politiki tal-Unjoni, jitqies ukoll meta tkun qed tiġi vvalutata s-severità tad-dannu li sistema tal-IA tista' tikkawża, inkluż fir-rigward tas-saħħa u s-sikurezza tal-persuni.

(48)

The extent of the adverse impact caused by the AI system on the fundamental rights protected by the Charter is of particular relevance when classifying an AI system as high risk. Those rights include the right to human dignity, respect for private and family life, protection of personal data, freedom of expression and information, freedom of assembly and of association, the right to non-discrimination, the right to education, consumer protection, workers’ rights, the rights of persons with disabilities, gender equality, intellectual property rights, the right to an effective remedy and to a fair trial, the right of defence and the presumption of innocence, and the right to good administration. In addition to those rights, it is important to highlight the fact that children have specific rights as enshrined in Article 24 of the Charter and in the United Nations Convention on the Rights of the Child, further developed in the UNCRC General Comment No 25 as regards the digital environment, both of which require consideration of the children’s vulnerabilities and provision of such protection and care as necessary for their well-being. The fundamental right to a high level of environmental protection enshrined in the Charter and implemented in Union policies should also be considered when assessing the severity of the harm that an AI system can cause, including in relation to the health and safety of persons.

(49)

Fir-rigward tas-sistemi tal-IA b'riskju għoli li huma komponenti tas-sikurezza tal-prodotti jew tas-sistemi, jew li huma stess huma prodotti jew sistemi li jaqgħu fil-kamp ta' applikazzjoni tar-Regolament (KE) Nru 300/2008 tal-Parlament Ewropew u tal-Kunsill (24), ir-Regolament (UE) Nru 167/2013 tal-Parlament Ewropew u tal-Kunsill (25), ir-Regolament (UE) Nru 168/2013 tal-Parlament Ewropew u tal-Kunsill (26), id-Direttiva 2014/90/UE tal-Parlament Ewropew u tal-Kunsill (27), id-Direttiva (UE) 2016/797 tal-Parlament Ewropew u tal-Kunsill (28), ir-Regolament (UE) 2018/858 tal-Parlament Ewropew u tal-Kunsill (29), ir-Regolament (UE) 2018/1139 tal-Parlament Ewropew u tal-Kunsill (30), u r-Regolament (UE) 2019/2144 tal-Parlament Ewropew u tal-Kunsill (31), huwa xieraq li dawk l-atti jiġu emendati biex jiġi żgurat li l-Kummissjoni tqis, abbażi tal-ispeċifiċitajiet tekniċi u regolatorji ta' kull settur, u mingħajr ma tinterferixxi mal-governanza, il-valutazzjoni tal-konformità u l-mekkaniżmi ta' infurzar eżistenti u l-awtoritajiet stabbiliti fih, ir-rekwiżiti obbligatorji għas-sistemi tal-IA b'riskju għoli stabbiliti f'dan ir-Regolament meta tadotta kwalunkwe att delegat jew ta' implimentazzjoni rilevanti abbażi ta' dawk l-atti.

(49)

As regards high-risk AI systems that are safety components of products or systems, or which are themselves products or systems falling within the scope of Regulation (EC) No 300/2008 of the European Parliament and of the Council (24), Regulation (EU) No 167/2013 of the European Parliament and of the Council (25), Regulation (EU) No 168/2013 of the European Parliament and of the Council (26), Directive 2014/90/EU of the European Parliament and of the Council (27), Directive (EU) 2016/797 of the European Parliament and of the Council (28), Regulation (EU) 2018/858 of the European Parliament and of the Council (29), Regulation (EU) 2018/1139 of the European Parliament and of the Council (30), and Regulation (EU) 2019/2144 of the European Parliament and of the Council (31), it is appropriate to amend those acts to ensure that the Commission takes into account, on the basis of the technical and regulatory specificities of each sector, and without interfering with existing governance, conformity assessment and enforcement mechanisms and authorities established therein, the mandatory requirements for high-risk AI systems laid down in this Regulation when adopting any relevant delegated or implementing acts on the basis of those acts.

(50)

Fir-rigward ta' sistemi tal-IA li huma komponenti tas-sikurezza ta' prodotti, jew li huma stess ikunu prodotti, li jaqgħu fil-kamp ta' applikazzjoni ta' ċerta leġiżlazzjoni tal-Unjoni dwar l-armonizzazzjoni elenkata f’anness ta’ dan ir-Regolament, jixraq li jiġu kklassifikati bħala b'riskju għoli skont dan ir-Regolament jekk il-prodott ikkonċernat jgħaddi mill-proċedura ta' valutazzjoni tal-konformità mwettqa minn korp terz ta' valutazzjoni tal-konformità skont dik il-leġiżlazzjoni rilevanti tal-Unjoni dwar l-armonizzazzjoni. B'mod partikolari, dawn il-prodotti huma makkinarju, ġugarelli, liftijiet, tagħmir u sistemi protettivi maħsuba għal użu f'ambjenti potenzjalment esplożivi, f'tagħmir tar-radju, apparat tal-pressa, tagħmir ta' opri tal-baħar għar-rikreazzjoni, installazzjonijiet tal-funikular, apparati li jaħarqu fjuwils gassużi, apparati mediċi, apparati mediċi dijanjostiċi in vitro, karozzi u avjazzjoni.

(50)

As regards AI systems that are safety components of products, or which are themselves products, falling within the scope of certain Union harmonisation legislation listed in an annex to this Regulation, it is appropriate to classify them as high-risk under this Regulation if the product concerned undergoes the conformity assessment procedure with a third-party conformity assessment body pursuant to that relevant Union harmonisation legislation. In particular, such products are machinery, toys, lifts, equipment and protective systems intended for use in potentially explosive atmospheres, radio equipment, pressure equipment, recreational craft equipment, cableway installations, appliances burning gaseous fuels, medical devices, in vitro diagnostic medical devices, automotive and aviation.

(51)

Jenħtieġ li l-klassifikazzjoni ta' sistema tal-IA bħala li għandha riskju għoli skont dan ir-Regolament mhux bilfors tkun tfisser li l-prodott li l-komponent tas-sikurezza tiegħu jkun is-sistema tal-IA, jew is-sistema tal-IA stess bħala prodott, jitqiesu li huma b'“riskju għoli” skont il-kriterji stabbiliti fil-leġiżlazzjoni rilevanti tal-Unjoni dwar l-armonizzazzjoni li tapplika għall-prodott. B'mod partikolari, dan huwa l-każ għar-Regolamenti (UE) 2017/745 u (UE) 2017/746, fejn tiġi pprovduta valutazzjoni tal-konformità minn parti terza għal prodotti b'riskju medju u b'riskju għoli.

(51)

The classification of an AI system as high-risk pursuant to this Regulation should not necessarily mean that the product whose safety component is the AI system, or the AI system itself as a product, is considered to be high-risk under the criteria established in the relevant Union harmonisation legislation that applies to the product. This is, in particular, the case for Regulations (EU) 2017/745 and (EU) 2017/746, where a third-party conformity assessment is provided for medium-risk and high-risk products.

(52)

Fir-rigward ta' sistemi awtonomi tal-IA, jiġifieri sistemi tal-IA b'riskju għoli minbarra dawk li huma komponenti tas-sikurezza tal-prodotti, jew li huma stess ikunu prodotti, jixraq li jiġu klassifikati bħala b’riskju għoli jekk, fid-dawl tal-għan maħsub tagħhom, dawn jippreżentaw riskju għoli ta’ ħsara għas-saħħa u s-sikurezza jew għad-drittijiet fundamentali tal-persuni, filwaqt li jitqiesu kemm is-severità tal-ħsara possibbli u l-probabbiltà li din isseħħ, u jintużaw f’għadd ta’ oqsma speċifikament definiti minn qabel speċifikati f’dan ir-Regolament. L-identifikazzjoni ta’ dawk is-sistemi hija bbażata fuq l-istess metodoloġija u kriterji previsti wkoll għal kull emenda futura tal-lista tas-sistemi tal-IA b’riskju għoli li jenħtieġ li l-Kummissjoni tingħata s-setgħa li tadotta, permezz ta’ atti delegati, biex jitqies il-pass rapidu tal-iżvilupp teknoloġiku, kif ukoll il-bidliet potenzjali fl-użu tas-sistemi tal-IA.

(52)

As regards stand-alone AI systems, namely high-risk AI systems other than those that are safety components of products, or that are themselves products, it is appropriate to classify them as high-risk if, in light of their intended purpose, they pose a high risk of harm to the health and safety or the fundamental rights of persons, taking into account both the severity of the possible harm and its probability of occurrence and they are used in a number of specifically pre-defined areas specified in this Regulation. The identification of those systems is based on the same methodology and criteria envisaged also for any future amendments of the list of high-risk AI systems that the Commission should be empowered to adopt, via delegated acts, to take into account the rapid pace of technological development, as well as the potential changes in the use of AI systems.

(53)

Huwa importanti wkoll li jiġi ċċarat li jista’ jkun hemm każijiet speċifiċi li fihom is-sistemi tal-IA msemmija f’oqsma predefiniti speċifikati f’dan ir-Regolament ma jwasslux għal riskju sinifikanti ta’ ħsara għall-interessi legali protetti f’dawk l-oqsma minħabba li ma jinfluwenzawx materjalment it-teħid tad-deċiżjonijiet jew ma jagħmlux ħsara sostanzjali lil dawk l-interessi. Għall-finijiet ta’ dan ir-Regolament, jenħtieġ li sistema tal-IA li ma tinfluwenzax materjalment l-eżitu tat-teħid tad-deċiżjonijiet tinftiehem li tkun sistema tal-IA li ma jkollhiex impatt fuq is-sustanza, u b’hekk fuq l-eżitu, tat-teħid tad-deċiżjonijiet, kemm jekk ikun mill-bniedem kif ukoll jekk awtomatizzat. Sistema tal-IA li ma tinfluwenzax materjalment l-eżitu tat-teħid tad-deċiżjonijiet tista’ tinkludi sitwazzjonijiet li fihom tiġi ssodisfata waħda jew aktar mill-kundizzjonijiet li ġejjin. L-ewwel tali kundizzjoni jenħtieġ li tkun li s-sistema tal-IA tkun maħsuba biex twettaq kompitu proċedurali ristrett, bħal sistema tal-IA li tittrasforma data mhux strutturata f’data strutturata, sistema tal-IA li tikklassifika dokumenti li jkunu deħlin f’kategoriji jew sistema tal-IA li tintuża biex jiġu identifikati duplikati fost għadd kbir ta’ applikazzjonijiet. Dawk il-kompiti huma ta’ natura tant ristretta u limitata li joħolqu biss riskji limitati li ma jiżdidux permezz tal-użu ta’ sistema tal-IA f'kuntest li huwa elenkat bħala użu b'riskju għoli f'anness ta' dan ir-Regolament. It-tieni kundizzjoni jenħtieġ li tkun li l-kompitu mwettaq mis-sistema tal-IA jkun maħsub biex itejjeb ir-riżultat ta' attività tal-bniedem li tkun tlestiet qabel li tista' tkun rilevanti għall-finijiet tal-użi b’riskju għoli elenkati f’anness ta’ dan ir-Regolament. Meta jitqiesu dawk il-karatteristiċi, is-sistema tal-IA tipprovdi biss saff addizzjonali għal attività tal-bniedem bil-konsegwenza li r-riskju jkun imnaqqas. Dik il-kundizzjoni tkun tapplika, pereżempju, għal sistemi tal-IA li huma maħsuba biex itejbu l-lingwa użata f'dokumenti diġà abbozzati, pereżempju fir-rigward tat-ton professjonali, l-istil akkademiku tal-lingwa jew billi t-test jiġi allinjat mal-messaġġ li tkun trid twassal marka partikolari. It-tielet kundizzjoni jenħtieġ li tkun li s-sistema tal-IA tkun maħsuba biex tidentifika xejriet ta' teħid ta' deċiżjonijiet jew devjazzjonijiet minn xejriet ta' teħid ta' deċiżjonijiet preċedenti. Ir-riskju jitnaqqas minħabba li l-użu tas-sistema tal-IA jsegwi valutazzjoni mill-bniedem li tkun tlestiet qabel li ma tkunx maħsuba biex tissostitwixxi jew tinfluwenza, mingħajr rieżami xieraq mill-bniedem. Tali sistemi tal-IA jinkludu pereżempju dawk li, minħabba ċertu tendenzi fl-għoti tal-marki minn għalliem, jistgħu jintużaw biex jiġi vverifikat ex post jekk l-għalliem setax iddevja mit-tendenzi fl-għoti tal-marki sabiex jiġu mmarkati inkonsistenzi jew anomaliji potenzjali. Ir-raba' kundizzjoni jenħtieġ li tkun li s-sistema tal-IA tkun maħsuba biex twettaq kompitu li jkun biss preparatorju għal valutazzjoni rilevanti għall-finijiet tas-sistemi tal-IA elenkati f'anness ta' dan ir-Regolament, u b'hekk ikun hemm riskju baxx ħafna li l-impatt possibbli tal-output tas-sistema ser jippreżenta xi riskju għall-valutazzjoni li ssegwi. Dik il-kundizzjoni tkopri, fost l-oħrajn, soluzzjonijiet intelliġenti għat-trattament tal-fajls, li jinkludu diversi funzjonijiet mill-indiċjar, it-tiftix, l-ipproċessar tat-test u tad-diskors jew il-kollegament tad-data ma' sorsi oħra ta' data, jew sistemi tal-IA użati għat-traduzzjoni ta' dokumenti inizjali. Fi kwalunkwe każ, jenħtieġ li s-sistemi tal-IA użati f’każijiet ta’ użu b'riskju għoli elenkati f’anness ta’ dan ir-Regolament jitqiesu li joħolqu riskji sinifikanti ta' ħsara għas-saħħa, għas-sikurezza jew għad-drittijiet fundamentali jekk is-sistema tal-IA timplika tfassil ta' profili skont it-tifsira tal-Artikolu 4, il-punt (4) tar-Regolament (UE) 2016/679 jew l-Artikolu 3, il-punt (4) tad-Direttiva (UE) 2016/680 jew l-Artikolu 3, il-punt (5) tar-Regolament (UE) 2018/1725. Biex jiġu żgurati t-traċċabbiltà u t-trasparenza, jenħtieġ li fornitur li jqis li sistema tal-IA mhijiex b'riskju għoli abbażi ta' dawk il-kundizzjonijiet imsemmija hawn fuq ifassal dokumentazzjoni tal-valutazzjoni qabel ma dik is-sistema tiġi introdotta fis-suq jew titqiegħed fis-servizz u jenħtieġ li jipprovdi dik id-dokumentazzjoni lill-awtoritajiet nazzjonali kompetenti fuq talba. Jenħtieġ li tali fornitur ikun obbligat jirreġistra s-sistema tal-IA fil-bażi tad-data tal-UE stabbilita skont dan ir-Regolament. Bil-ħsieb li tiġi pprovduta gwida ulterjuri għall-implimentazzjoni prattika tal-kundizzjonijiet li skonthom is-sistemi tal-IA elenkati f’anness ta’ dan ir-Regolament huma, fuq bażi eċċezzjonali, mhux b'riskju għoli, jenħtieġ li l-Kummissjoni, wara li tikkonsulta lill-Bord, tipprovdi linji gwida li jispeċifikaw dik l-implimentazzjoni prattika kkompletata b'lista komprensiva ta' eżempji prattiċi ta' każijiet ta' użu ta' sistemi tal-IA li huma b'riskju għoli u każijiet ta’ użu li mhumiex.

(53)

It is also important to clarify that there may be specific cases in which AI systems referred to in pre-defined areas specified in this Regulation do not lead to a significant risk of harm to the legal interests protected under those areas because they do not materially influence the decision-making or do not harm those interests substantially. For the purposes of this Regulation, an AI system that does not materially influence the outcome of decision-making should be understood to be an AI system that does not have an impact on the substance, and thereby the outcome, of decision-making, whether human or automated. An AI system that does not materially influence the outcome of decision-making could include situations in which one or more of the following conditions are fulfilled. The first such condition should be that the AI system is intended to perform a narrow procedural task, such as an AI system that transforms unstructured data into structured data, an AI system that classifies incoming documents into categories or an AI system that is used to detect duplicates among a large number of applications. Those tasks are of such narrow and limited nature that they pose only limited risks which are not increased through the use of an AI system in a context that is listed as a high-risk use in an annex to this Regulation. The second condition should be that the task performed by the AI system is intended to improve the result of a previously completed human activity that may be relevant for the purposes of the high-risk uses listed in an annex to this Regulation. Considering those characteristics, the AI system provides only an additional layer to a human activity with consequently lowered risk. That condition would, for example, apply to AI systems that are intended to improve the language used in previously drafted documents, for example in relation to professional tone, academic style of language or by aligning text to a certain brand messaging. The third condition should be that the AI system is intended to detect decision-making patterns or deviations from prior decision-making patterns. The risk would be lowered because the use of the AI system follows a previously completed human assessment which it is not meant to replace or influence, without proper human review. Such AI systems include for instance those that, given a certain grading pattern of a teacher, can be used to check ex post whether the teacher may have deviated from the grading pattern so as to flag potential inconsistencies or anomalies. The fourth condition should be that the AI system is intended to perform a task that is only preparatory to an assessment relevant for the purposes of the AI systems listed in an annex to this Regulation, thus making the possible impact of the output of the system very low in terms of representing a risk for the assessment to follow. That condition covers, inter alia, smart solutions for file handling, which include various functions from indexing, searching, text and speech processing or linking data to other data sources, or AI systems used for translation of initial documents. In any case, AI systems used in high-risk use-cases listed in an annex to this Regulation should be considered to pose significant risks of harm to the health, safety or fundamental rights if the AI system implies profiling within the meaning of Article 4, point (4) of Regulation (EU) 2016/679 or Article 3, point (4) of Directive (EU) 2016/680 or Article 3, point (5) of Regulation (EU) 2018/1725. To ensure traceability and transparency, a provider who considers that an AI system is not high-risk on the basis of the conditions referred to above should draw up documentation of the assessment before that system is placed on the market or put into service and should provide that documentation to national competent authorities upon request. Such a provider should be obliged to register the AI system in the EU database established under this Regulation. With a view to providing further guidance for the practical implementation of the conditions under which the AI systems listed in an annex to this Regulation are, on an exceptional basis, non-high-risk, the Commission should, after consulting the Board, provide guidelines specifying that practical implementation, completed by a comprehensive list of practical examples of use cases of AI systems that are high-risk and use cases that are not.

(54)

Peress li d-data bijometrika tikkostitwixxi kategorija speċjali ta' data personali, huwa xieraq li diversi każijiet ta' użu kritiku tas-sistemi bijometriċi jiġu kklassifikati bħala b'riskju għoli, sa fejn l-użu tagħhom ikun permess skont il-liġi rilevanti tal-Unjoni u dik nazzjonali. L-inakkuratezzi tekniċi tas-sistemi tal-IA maħsuba għall-identifikazzjoni bijometrika remota ta' persuni fiżiċi jistgħu jwasslu għal riżultati preġudikati u jħallu effetti diskriminatorji. Ir-riskju ta' tali riżultati preġudikati u effetti diskriminatorji huma partikolarment rilevanti fir-rigward tal-età, l-etniċità, ir-razza, is-sess jew id-diżabilitajiet. Jenħtieġ għalhekk li s-sistemi ta’ identifikazzjoni bijometrika remota jiġu kklassifikati bħala b'riskju għoli fid-dawl tar-riskji li jippreżentaw. Tali klassifikazzjoni teskludi sistemi tal-IA maħsuba biex jintużaw għall-verifika bijometrika, inkluż l-awtentikazzjoni, li l-iskop uniku tagħha huwa li tikkonferma li persuna fiżika speċifika hija l-persuna li dik il-persuna tiddikjara li hija u li tikkonferma l-identità ta' persuna fiżika għall-iskop uniku li jkollha aċċess għal servizz, li tiftaħ apparat jew li jkollha aċċess sigur għall-bini. Barra minn hekk, jenħtieġ li s-sistemi tal-IA bbażati fuq data bijometrika maħsuba biex jintużaw għall-kategorizzazzjoni bijometrika skont attributi jew karatteristiċi sensittivi protetti skont l-Artikolu 9(1) tar-Regolament (UE) 2016/679, sakemm dawn ma jkunux ipprojbiti skont dan ir-Regolament, u s-sistemi ta' rikonoxximent tal-emozzjonijiet li mhumiex ipprojbiti skont dan ir-Regolament, jiġu kklassifikati bħala b'riskju għoli. Jenħtieġ li s-sistemi bijometriċi li huma maħsuba li jintużaw biss għall-fini li jippermettu ċ-ċibersigurtà u l-miżuri tal-protezzjoni tad-data personali ma jitqisux li jkunu sistemi tal-IA b’riskju għoli.

(54)

As biometric data constitutes a special category of personal data, it is appropriate to classify as high-risk several critical-use cases of biometric systems, insofar as their use is permitted under relevant Union and national law. Technical inaccuracies of AI systems intended for the remote biometric identification of natural persons can lead to biased results and entail discriminatory effects. The risk of such biased results and discriminatory effects is particularly relevant with regard to age, ethnicity, race, sex or disabilities. Remote biometric identification systems should therefore be classified as high-risk in view of the risks that they pose. Such a classification excludes AI systems intended to be used for biometric verification, including authentication, the sole purpose of which is to confirm that a specific natural person is who that person claims to be and to confirm the identity of a natural person for the sole purpose of having access to a service, unlocking a device or having secure access to premises. In addition, AI systems intended to be used for biometric categorisation according to sensitive attributes or characteristics protected under Article 9(1) of Regulation (EU) 2016/679 on the basis of biometric data, in so far as these are not prohibited under this Regulation, and emotion recognition systems that are not prohibited under this Regulation, should be classified as high-risk. Biometric systems which are intended to be used solely for the purpose of enabling cybersecurity and personal data protection measures should not be considered to be high-risk AI systems.

(55)

Fir-rigward tal-ġestjoni u t-tħaddim tal-infrastruttura kritika, jixraq li s-sistemi tal-IA maħsuba biex jintużaw bħala komponenti tas-sikurezza fil-ġestjoni u t-tħaddim tal-infrastruttura diġitali kritika kif elenkat fil-punt (8) tal-Anness tad-Direttiva (UE) 2022/2557, tat-traffiku tat-triq u fil-provvista tal-ilma, tal-gass, tat-tisħin u tal-elettriku jiġu kklassifikati bħala b'riskju għoli, għax il-falliment jew il-funzjonament ħażin tagħhom jistgħu jqiegħdu f'riskju l-ħajja u s-saħħa tal-persuni fuq skala kbira u jwasslu għal tfixkil sinifikanti fl-eżekuzzjoni ordinarja tal-attivitajiet soċjali u ekonomiċi. Il-komponenti tas-sikurezza tal-infrastruttura kritika, inkluż l-infrastruttura diġitali kritika, huma sistemi użati biex jipproteġu direttament l-integrità fiżika tal-infrastruttura kritika jew is-saħħa u s-sikurezza tal-persuni u l-proprjetà iżda li mhumiex meħtieġa sabiex is-sistema tiffunzjona. Il-falliment jew il-funzjonament ħażin ta' tali komponenti jista' jwassal direttament għal riskji għall-integrità fiżika tal-infrastruttura kritika u b'hekk għal riskji għas-saħħa u s-sikurezza tal-persuni u l-proprjetà. Jenħtieġ li l-komponenti maħsuba biex jintużaw biss għal finijiet taċ-ċibersigurtà ma jikkwalifikawx bħala komponenti ta' sikurezza. Eżempji ta' komponenti ta' sikurezza ta' tali infrastruttura kritika jistgħu jinkludu sistemi għall-monitoraġġ tas-sistemi ta' kontroll tal-pressjoni tal-ilma jew tal-allarm tan-nar fiċ-ċentri tal-cloud computing.

(55)

As regards the management and operation of critical infrastructure, it is appropriate to classify as high-risk the AI systems intended to be used as safety components in the management and operation of critical digital infrastructure as listed in point (8) of the Annex to Directive (EU) 2022/2557, road traffic and the supply of water, gas, heating and electricity, since their failure or malfunctioning may put at risk the life and health of persons at large scale and lead to appreciable disruptions in the ordinary conduct of social and economic activities. Safety components of critical infrastructure, including critical digital infrastructure, are systems used to directly protect the physical integrity of critical infrastructure or the health and safety of persons and property but which are not necessary in order for the system to function. The failure or malfunctioning of such components might directly lead to risks to the physical integrity of critical infrastructure and thus to risks to health and safety of persons and property. Components intended to be used solely for cybersecurity purposes should not qualify as safety components. Examples of safety components of such critical infrastructure may include systems for monitoring water pressure or fire alarm controlling systems in cloud computing centres.

(56)

L-implimentazzjoni tas-sistemi tal-IA fl-edukazzjoni huwa importanti biex jiġu promossi l-edukazzjoni u t-taħriġ diġitali ta' kwalità għolja u biex l-istudenti u l-għalliema kollha jkunu jistgħu jiksbu u jikkondividu l-ħiliet u l-kompetenzi diġitali meħtieġa, inkluż il-litteriżmu fil-media, u l-ħsieb kritiku, biex jieħdu sehem attiv fl-ekonomija, fis-soċjetà, u fil-proċessi demokratiċi. Madankollu, is-sistemi tal-IA użati fl-edukazzjoni jew fit-taħriġ vokazzjonali, b'mod partikolari għad-determinazzjoni tal-aċċess jew l-ammissjoni, għall-assenjazzjoni ta' persuni lil istituzzjonijiet jew programmi edukattivi u ta' taħriġ vokazzjonali fil-livelli kollha, għall-evalwazzjoni tal-eżiti tal-apprendiment tal-persuni, għall-valutazzjoni tal-livell xieraq ta' edukazzjoni għal individwu u li materjalment jinfluwenzaw il-livell ta' edukazzjoni u taħriġ li l-individwi ser jirċievu jew ser ikunu jistgħu jaċċessaw jew għall-monitoraġġ u għad-detezzjoni ta' mġiba pprojbita tal-istudenti matul it-testijiet jenħtieġ li jiġu kklassifikati bħala sistemi tal-IA b'riskju għoli, għax jistgħu jiddeterminaw il-kors edukattiv u professjonali tal-ħajja ta' persuna u għalhekk jistgħu jaffettwaw l-abbiltà ta' dik il-persuna li tiżgura l-għajxien. Meta jitfasslu u jintużaw b'mod mhux xieraq, dawn is-sistemi jistgħu jkunu partikolarment intrużivi u jistgħu jiksru d-dritt għal edukazzjoni u taħriġ kif ukoll id-dritt ta' nondiskriminazzjoni, u jipperpetwaw mudelli storiċi ta' diskriminazzjoni, pereżempju kontra n-nisa, ċerti gruppi ta' età, persuni b'diżabbiltà, jew persuni ta' ċerta oriġini razzjali jew etnika jew orjentazzjoni sesswali.

(56)

The deployment of AI systems in education is important to promote high-quality digital education and training and to allow all learners and teachers to acquire and share the necessary digital skills and competences, including media literacy, and critical thinking, to take an active part in the economy, society, and in democratic processes. However, AI systems used in education or vocational training, in particular for determining access or admission, for assigning persons to educational and vocational training institutions or programmes at all levels, for evaluating learning outcomes of persons, for assessing the appropriate level of education for an individual and materially influencing the level of education and training that individuals will receive or will be able to access or for monitoring and detecting prohibited behaviour of students during tests should be classified as high-risk AI systems, since they may determine the educational and professional course of a person’s life and therefore may affect that person’s ability to secure a livelihood. When improperly designed and used, such systems may be particularly intrusive and may violate the right to education and training as well as the right not to be discriminated against and perpetuate historical patterns of discrimination, for example against women, certain age groups, persons with disabilities, or persons of certain racial or ethnic origins or sexual orientation.

(57)

Jenħtieġ li s-sistemi tal-IA użati fl-impjiegi, fil-ġestjoni tal-ħaddiema u fl-aċċess għal impjieg indipendenti, b'mod partikolari għar-reklutaġġ u għall-għażla tal-persuni, għat-teħid ta' deċiżjonijiet li jaffettwaw it-termini tar-relazzjonijiet marbuta max-xogħol, il-promozzjoni u t-terminazzjoni ta' relazzjonijiet kuntrattwali relatati max-xogħol, għall-allokazzjoni ta' kompiti abbażi tal-imġiba individwali, il-kwalitajiet jew il-karatteristiċi personali u għall-monitoraġġ jew l-evalwazzjoni ta' persuni f'relazzjonijiet kuntrattwali relatati max-xogħol, jiġu kklassifikati wkoll bħala b'riskju għoli, peress li dawk is-sistemi jista' jkollhom impatt sinifikanti fuq il-prospetti futuri tal-karriera, l-għajxien ta' dawk il-persuni u d-drittijiet tal-ħaddiema. Jenħtieġ li r-relazzjonijiet kuntrattwali rilevanti relatati max-xogħol ikunu jinvolvu b'mod sinifikattiv lill-impjegati u lill-persuni li jipprovdu servizzi permezz ta' pjattaformi kif imsemmi fil-Programm ta' Ħidma tal-Kummissjoni għall-2021. Tul il-proċess kollu tar-reklutaġġ u fl-evalwazzjoni, fil-promozzjoni, jew fiż-żamma ta' persuni f'relazzjonijiet kuntrattwali relatati max-xogħol, dawn is-sistemi jistgħu jipperpetwaw mudelli storiċi ta' diskriminazzjoni, pereżempju kontra n-nisa, ċerti gruppi ta' età, persuni b'diżabbiltà, jew persuni ta' ċerta oriġini razzjali jew etnika jew orjentazzjoni sesswali. Is-sistemi tal-IA użati għall-monitoraġġ tal-prestazzjoni u tal-imġiba ta' tali persuni jistgħu jdgħajfu wkoll id-drittijiet fundamentali tagħhom għall-protezzjoni tad-data u l-privatezza.

(57)

AI systems used in employment, workers management and access to self-employment, in particular for the recruitment and selection of persons, for making decisions affecting terms of the work-related relationship, promotion and termination of work-related contractual relationships, for allocating tasks on the basis of individual behaviour, personal traits or characteristics and for monitoring or evaluation of persons in work-related contractual relationships, should also be classified as high-risk, since those systems may have an appreciable impact on future career prospects, livelihoods of those persons and workers’ rights. Relevant work-related contractual relationships should, in a meaningful manner, involve employees and persons providing services through platforms as referred to in the Commission Work Programme 2021. Throughout the recruitment process and in the evaluation, promotion, or retention of persons in work-related contractual relationships, such systems may perpetuate historical patterns of discrimination, for example against women, certain age groups, persons with disabilities, or persons of certain racial or ethnic origins or sexual orientation. AI systems used to monitor the performance and behaviour of such persons may also undermine their fundamental rights to data protection and privacy.

(58)

Qasam ieħor li fih l-użu tas-sistemi tal-IA jixirqilhom kunsiderazzjoni speċjali hu l-aċċess għal ċerti servizzi u benefiċċji privati u pubbliċi essenzjali u t-tgawdija ta' dawn is-servizzi u l-benefiċċji meħtieġa biex in-nies jipparteċipaw bis-sħiħ fis-soċjetà jew biex itejbu l-istandard tal-għajxien tagħhom. B'mod partikolari, il-persuni fiżiċi li japplikaw għal jew li jirċievu benefiċċji u servizzi essenzjali ta' assistenza pubblika mill-awtoritajiet pubbliċi, jiġifieri s-servizzi tal-kura tas-saħħa, il-benefiċċji tas-sigurtà soċjali, is-servizzi soċjali li jipprovdu protezzjoni f'każijiet bħall-maternità, il-mard, l-inċidenti industrijali, id-dipendenza jew ix-xjuħija u t-telf tal-impjieg u l-assistenza soċjali u tal-akkomodazzjoni, huma tipikament dipendenti fuq dawk il-benefiċċji u s-servizzi u f'pożizzjoni vulnerabbli fir-rigward tal-awtoritajiet responsabbli. Jekk is-sistemi tal-IA jintużaw biex jiġi determinat jekk dawn il-benefiċċji u s-servizzi għandhomx jingħataw, jiċċaħħdu, jitnaqqsu, jitneħħew jew jittieħdu lura mill-awtoritajiet, inkluż jekk il-benefiċjarji humiex leġittimament intitolati għal tali benefiċċji jew servizzi, dawk is-sistemi jista' jkollhom impatt sinifikanti fuq l-għajxien tal-persuni u jistgħu jiksru d-drittijiet fundamentali tagħhom, bħad-dritt għall-protezzjoni soċjali, id-dritt ta' nondiskriminazzjoni, għad-dinjità umana jew għal rimedju effettiv u għalhekk jenħtieġ li jiġu kklassifikati bħala b'riskju għoli. Madankollu, jenħtieġ li dan ir-Regolament ma jfixkilx l-iżvilupp u l-użu ta' approċċi innovattivi fl-amministrazzjoni pubblika, li jkunu jistgħu jibbenefikaw minn użu aktar mifrux ta' sistemi tal-IA konformi u sikuri, dment li dawk is-sistemi ma jkunux jinvolvu riskju għoli għall-persuni ġuridiċi u fiżiċi. Barra minn hekk, jenħtieġ li s-sistemi tal-IA użati biex jevalwaw il-kreditu jew għall-evalwazzjoni tal-affidabbiltà kreditizja ta' xi persuni fiżiċi jiġu kklassifikati bħala b'riskju għoli peress li jiddeterminaw l-aċċess ta' dawk il-persuni għal riżorsi finanzjarji jew għal servizzi essenzjali bħall-akkomodazzjoni, l-elettriku, u s-servizzi tat-telekomunikazzjoni. Is-sistemi tal-IA użati għal dawk il-finijiet jistgħu jwasslu għad-diskriminazzjoni bejn persuni jew gruppi u jistgħu jipperpetwaw mudelli storiċi ta' diskriminazzjoni, dħal dik ibbażati fuq l-oriġini razzjali jew etnika, il-ġeneru, id-diżabbiltà, l-età jew l-orjentazzjoni sesswali, jew jistgħu joħolqu forom ġodda ta' impatti diskriminatorji. Madankollu, jenħtieġ li s-sistemi tal-IA previsti mil-liġi tal-Unjoni għall-fini li tiġi identifikata frodi fl-offerta ta' servizzi finanzjarji u għal finijiet prudenzjali biex jiġu kkalkulati r-rekwiżiti kapitali tal-istituzzjonijiet ta' kreditu u tal-impriżi tal-assigurazzjoni ma jitqisux li jkunu b'riskju għoli skont dan ir-Regolament. Barra minn hekk, is-sistemi tal-IA maħsuba biex jintużaw għall-valutazzjoni tar-riskju u l-ipprezzar fir-rigward ta' persuni fiżiċi għall-assigurazzjoni tas-saħħa u tal-ħajja jista' wkoll ikollhom impatt sinifikanti fuq l-għajxien tal-persuni u jekk ma jkunux imfassla, żviluppati u użati kif xieraq, jistgħu jiksru d-drittijiet fundamentali tagħhom u jistgħu jwasslu għal konsegwenzi serji għall-ħajja u għas-saħħa tan-nies, inkluż l-esklużjoni finanzjarja u d-diskriminazzjoni. Fl-aħħar nett, jenħtieġ li anki s-sistemi tal-IA użati biex jiġu evalwati u kklassifikati telefonati ta' emerġenza minn persuni fiżiċi jew biex tintbagħat jew tiġi stabbilita prijorità fid-dispaċċ ta' servizzi tal-ewwel rispons ta' emerġenza, inkluż mill-pulizija, mill-ħaddiema tat-tifi tan-nar u mill-għajnuna medika, kif ukoll tas-sistemi tat-triage tal-pazjenti fil-qasam tal-kura tas-saħħa ta' emerġenza, jiġu kklassifikati bħala b'riskju għoli għax dawn jieħdu deċiżjonijiet f'sitwazzjonijiet kritiċi ħafna għall-ħajja u għas-saħħa tal-persuni u għall-proprjetà tagħhom.

(58)

Another area in which the use of AI systems deserves special consideration is the access to and enjoyment of certain essential private and public services and benefits necessary for people to fully participate in society or to improve one’s standard of living. In particular, natural persons applying for or receiving essential public assistance benefits and services from public authorities namely healthcare services, social security benefits, social services providing protection in cases such as maternity, illness, industrial accidents, dependency or old age and loss of employment and social and housing assistance, are typically dependent on those benefits and services and in a vulnerable position in relation to the responsible authorities. If AI systems are used for determining whether such benefits and services should be granted, denied, reduced, revoked or reclaimed by authorities, including whether beneficiaries are legitimately entitled to such benefits or services, those systems may have a significant impact on persons’ livelihood and may infringe their fundamental rights, such as the right to social protection, non-discrimination, human dignity or an effective remedy and should therefore be classified as high-risk. Nonetheless, this Regulation should not hamper the development and use of innovative approaches in the public administration, which would stand to benefit from a wider use of compliant and safe AI systems, provided that those systems do not entail a high risk to legal and natural persons. In addition, AI systems used to evaluate the credit score or creditworthiness of natural persons should be classified as high-risk AI systems, since they determine those persons’ access to financial resources or essential services such as housing, electricity, and telecommunication services. AI systems used for those purposes may lead to discrimination between persons or groups and may perpetuate historical patterns of discrimination, such as that based on racial or ethnic origins, gender, disabilities, age or sexual orientation, or may create new forms of discriminatory impacts. However, AI systems provided for by Union law for the purpose of detecting fraud in the offering of financial services and for prudential purposes to calculate credit institutions’ and insurance undertakings’ capital requirements should not be considered to be high-risk under this Regulation. Moreover, AI systems intended to be used for risk assessment and pricing in relation to natural persons for health and life insurance can also have a significant impact on persons’ livelihood and if not duly designed, developed and used, can infringe their fundamental rights and can lead to serious consequences for people’s life and health, including financial exclusion and discrimination. Finally, AI systems used to evaluate and classify emergency calls by natural persons or to dispatch or establish priority in the dispatching of emergency first response services, including by police, firefighters and medical aid, as well as of emergency healthcare patient triage systems, should also be classified as high-risk since they make decisions in very critical situations for the life and health of persons and their property.

(59)

Minħabba r-rwol u r-responsabbiltà tagħhom, l-azzjonijiet tal-awtoritajiet tal-infurzar tal-liġi li jinvolvu ċerti użi tas-sistemi tal-IA huma kkaratterizzati minn grad sinifikanti ta' żbilanċ fil-poter u jistgħu jwasslu għal sorveljanza, għal arrest jew għal ċaħda tal-libertà ta' persuna fiżika u għal impatti negattivi oħra fuq id-drittijiet fundamentali garantiti fil-Karta. B'mod partikolari, jekk is-sistema tal-IA ma tkunx imħarrġa b'data ta' kwalità għolja, ma tkunx tissodisfa rekwiżiti adegwati fir-rigward tal-prestazzjoni, l-akkuratezza jew ir-robustezza tagħha, jew ma tkunx imfassla u ttestjata kif xieraq qabel ma tiġi introdotta fis-suq jew titqiegħed fis-servizz b'xi mod ieħor, din tista' tindividwa persuni b'mod diskriminatorju jew b'mod skorrett jew inġust. Barra minn hekk, l-eżerċitar ta' drittijiet fundamentali proċedurali importanti, bħad-dritt għal rimedju effettiv u għal proċess ġust kif ukoll id-dritt għal difiża u l-preżunzjoni tal-innoċenza, jista' jiġi mfixkel meta, b'mod partikolari, dawn is-sistemi tal-IA ma jkunux trasparenti, spjegabbli u dokumentati biżżejjed. Għalhekk, sakemm l-użu tagħhom ikun permess skont il-liġi rilevanti tal-Unjoni u dik nazzjonali, jixraq li xi sistemi tal-IA maħsuba biex jintużaw fil-kuntest tal-infurzar tal-liġi jiġu kklassifikati bħala b'riskju għoli, meta l-akkuratezza, l-affidabbiltà u t-trasparenza jkunu partikolarment importanti biex jiġu evitati impatti negattivi, tinżamm il-fiduċja pubblika u jiġu żgurati r-responsabbiltà u rimedju effettiv. Minħabba n-natura tal-attivitajiet u r-riskji relatati magħhom, jenħtieġ li dawk is-sistemi tal-IA b'riskju għoli jinkludu b'mod partikolari s-sistemi tal-IA maħsuba biex jintużaw minn jew f'isem l-awtoritajiet tal-infurzar tal-liġi jew minn istituzzjonijiet, korpi, uffiċċji jew aġenziji tal-Unjoni b'appoġġ għall-awtoritajiet tal-infurzar tal-liġi għall-valutazzjoni tar-riskju ta' persuna fiżika li ssir vittma ta' reati kriminali, bħal poligrafi u għodod simili, għall-evalwazzjoni tal-affidabbiltà tal-evidenza waqt investigazzjoni jew prosekuzzjoni ta' reati kriminali, u, sa fejn mhux ipprojbit skont dan ir-Regolament, għall-valutazzjoni tar-riskju ta' persuna fiżika li twettaq reat jew twettaq reat mill-ġdid mhux biss abbażi tat-tfassil ta' profili ta' persuni fiżiċi jew tal-valutazzjoni tal-kwalitajiet u l-karatteristiċi tal-personalità jew l-imġiba kriminali fil-passat ta' persuni fiżiċi jew gruppi, għat-tfassil ta' profili matul il-kxif, l-investigazzjoni jew il-prosekuzzjoni ta' reati kriminali. Jenħtieġ li s-sistemi tal-IA maħsuba speċifikament biex jintużaw għal proċedimenti amministrattivi mill-awtoritajiet tat-taxxa u tad-dwana kif ukoll mill-unitajiet tal-intelligence finanzjarja li jwettqu kompiti amministrattivi li janalizzaw l-informazzjoni skont il-liġi tal-Unjoni kontra l-ħasil tal-flus ma jiġux klassifikati bħala sistemi tal-IA b'riskju għoli użati mill-awtoritajiet tal-infurzar tal-liġi għall-fini tal-prevenzjoni, il-kxif, l-investigazzjoni u l-prosekuzzjoni ta' reati kriminali. Jenħtieġ li l-użu tal-għodod tal-IA mill-awtoritajiet tal-infurzar tal-liġi u awtoritajiet rilevanti oħra ma jsirx fattur ta' inugwaljanza jew esklużjoni. Jenħtieġ li l-impatt tal-użu tal-għodod tal-IA fuq id-drittijiet tad-difiża tal-persuni suspettati ma jiġix injorat, b'mod partikolari d-diffikultà biex tinkiseb informazzjoni sinifikattiva dwar il-funzjonament ta' dawk is-sistemi u d-diffikultà li tirriżulta biex jiġu kkontestati r-riżultati tagħhom fil-qorti, b'mod partikolari minn persuni fiżiċi li qed jiġu investigati.

(59)

Given their role and responsibility, actions by law enforcement authorities involving certain uses of AI systems are characterised by a significant degree of power imbalance and may lead to surveillance, arrest or deprivation of a natural person’s liberty as well as other adverse impacts on fundamental rights guaranteed in the Charter. In particular, if the AI system is not trained with high-quality data, does not meet adequate requirements in terms of its performance, its accuracy or robustness, or is not properly designed and tested before being put on the market or otherwise put into service, it may single out people in a discriminatory or otherwise incorrect or unjust manner. Furthermore, the exercise of important procedural fundamental rights, such as the right to an effective remedy and to a fair trial as well as the right of defence and the presumption of innocence, could be hampered, in particular, where such AI systems are not sufficiently transparent, explainable and documented. It is therefore appropriate to classify as high-risk, insofar as their use is permitted under relevant Union and national law, a number of AI systems intended to be used in the law enforcement context where accuracy, reliability and transparency is particularly important to avoid adverse impacts, retain public trust and ensure accountability and effective redress. In view of the nature of the activities and the risks relating thereto, those high-risk AI systems should include in particular AI systems intended to be used by or on behalf of law enforcement authorities or by Union institutions, bodies, offices, or agencies in support of law enforcement authorities for assessing the risk of a natural person to become a victim of criminal offences, as polygraphs and similar tools, for the evaluation of the reliability of evidence in in the course of investigation or prosecution of criminal offences, and, insofar as not prohibited under this Regulation, for assessing the risk of a natural person offending or reoffending not solely on the basis of the profiling of natural persons or the assessment of personality traits and characteristics or the past criminal behaviour of natural persons or groups, for profiling in the course of detection, investigation or prosecution of criminal offences. AI systems specifically intended to be used for administrative proceedings by tax and customs authorities as well as by financial intelligence units carrying out administrative tasks analysing information pursuant to Union anti-money laundering law should not be classified as high-risk AI systems used by law enforcement authorities for the purpose of prevention, detection, investigation and prosecution of criminal offences. The use of AI tools by law enforcement and other relevant authorities should not become a factor of inequality, or exclusion. The impact of the use of AI tools on the defence rights of suspects should not be ignored, in particular the difficulty in obtaining meaningful information on the functioning of those systems and the resulting difficulty in challenging their results in court, in particular by natural persons under investigation.

(60)

Is-sistemi tal-IA użati fil-ġestjoni tal-migrazzjoni, tal-ażil u tal-kontroll fil-fruntieri jaffettwaw lil persuni li spiss ikunu f'pożizzjoni partikolarment vulnerabbli u li jiddependu fuq l-eżitu tal-azzjonijiet tal-awtoritajiet pubbliċi kompetenti. Għalhekk, l-akkuratezza, in-natura nondiskriminatorja u t-trasparenza tas-sistemi tal-IA użati f'dawk il-kuntesti huma partikolarment importanti biex ikun żgurat ir-rispett għad-drittijiet fundamentali tal-persuni affettwati, b'mod partikolari d-drittijiet tagħhom ta' moviment liberu, ta' nondiskriminazzjoni, ta' protezzjoni tal-ħajja privata u ta' data personali, ta' protezzjoni internazzjonali u ta' amministrazzjoni tajba. Għalhekk, sa fejn l-użu tagħhom ikun permess skont il-liġi rilevanti tal-Unjoni u nazzjonali, jixraq li jiġu kklassifikati bħala b'riskju għoli s-sistemi tal-IA maħsuba biex jintużaw minn jew f'isem awtoritajiet pubbliċi kompetenti jew minn istituzzjonijiet, korpi, uffiċċji jew aġenziji tal-Unjoni inkarigati b'kompiti fl-oqsma tal-migrazzjoni, l-ażil u l-ġestjoni tal-kontroll tal-fruntieri, bħal pereżempju poligrafi u għodod simili, għall-valutazzjoni ta' ċerti riskji maħluqa minn persuni fiżiċi li jidħlu fit-territorju ta' Stat Membru jew li japplikaw għal viża jew ażil, biex jassistu lill-awtoritajiet pubbliċi kompetenti għall-eżami, inkluż il-valutazzjoni relatata tal-affidabbiltà tal-evidenza, tal-applikazzjonijiet għall-ażil, tal-viża u tal-permessi ta' residenza u tal-ilmenti assoċjati fir-rigward tal-objettiv li tiġi stabbilita l-eliġibbiltà tal-persuni fiżiċi li japplikaw għal status, għall-fini tad-detezzjoni, ir-rikonoxximent jew l-identifikazzjoni ta' persuni fiżiċi fil-kuntest tal-ġestjoni tal-migrazzjoni, l-ażil u l-kontroll tal-fruntieri, bl-eċċezzjoni tal-verifika tad-dokumenti tal-ivvjaġġar. Jenħtieġ li s-sistemi tal-IA fil-qasam tal-ġestjoni tal-migrazzjoni, tal-ażil u tal-kontroll fil-fruntieri koperti b'dan ir-Regolament ikunu konformi mar-rekwiżiti proċedurali rilevanti stabbiliti mir-Regolament (KE) Nru 810/2009 tal-Parlament Ewropew u tal-Kunsill (32), mid-Direttiva 2013/32/UE tal-Parlament Ewropew u tal-Kunsill (33), u minn leġiżlazzjoni rilevanti oħra tal-Unjoni. Jenħtieġ li l-użu tas-sistemi tal-IA fil-ġestjoni tal-migrazzjoni, tal-ażil u tal-kontroll fil-fruntieri, fl-ebda ċirkostanza, ma jintuża mill-Istati Membri jew mill-istituzzjonijiet, mill-korpi, mill-uffiċċji jew mill-aġenziji tal-Unjoni bħala mezz biex jevitaw l-obbligi internazzjonali tagħhom skont il-Konvenzjoni tan-NU dwar l-Istatus tar-Refuġjati magħmula f'Ġinevra fit-28 ta' Lulju 1951 kif emendata mill-Protokoll tal-31 ta' Jannar 1967. Jenħtieġ li lanqas ma jintużaw biex jinkiser il-prinċipju ta' non-refoulement, jew biex jiġu mċaħħda perkorsi legali sikuri u effettivi lejn it-territorju tal-Unjoni, inkluż id-dritt għall-protezzjoni internazzjonali.

(60)

AI systems used in migration, asylum and border control management affect persons who are often in particularly vulnerable position and who are dependent on the outcome of the actions of the competent public authorities. The accuracy, non-discriminatory nature and transparency of the AI systems used in those contexts are therefore particularly important to guarantee respect for the fundamental rights of the affected persons, in particular their rights to free movement, non-discrimination, protection of private life and personal data, international protection and good administration. It is therefore appropriate to classify as high-risk, insofar as their use is permitted under relevant Union and national law, AI systems intended to be used by or on behalf of competent public authorities or by Union institutions, bodies, offices or agencies charged with tasks in the fields of migration, asylum and border control management as polygraphs and similar tools, for assessing certain risks posed by natural persons entering the territory of a Member State or applying for visa or asylum, for assisting competent public authorities for the examination, including related assessment of the reliability of evidence, of applications for asylum, visa and residence permits and associated complaints with regard to the objective to establish the eligibility of the natural persons applying for a status, for the purpose of detecting, recognising or identifying natural persons in the context of migration, asylum and border control management, with the exception of verification of travel documents. AI systems in the area of migration, asylum and border control management covered by this Regulation should comply with the relevant procedural requirements set by the Regulation (EC) No 810/2009 of the European Parliament and of the Council (32), the Directive 2013/32/EU of the European Parliament and of the Council (33), and other relevant Union law. The use of AI systems in migration, asylum and border control management should, in no circumstances, be used by Member States or Union institutions, bodies, offices or agencies as a means to circumvent their international obligations under the UN Convention relating to the Status of Refugees done at Geneva on 28 July 1951 as amended by the Protocol of 31 January 1967. Nor should they be used to in any way infringe on the principle of non-refoulement, or to deny safe and effective legal avenues into the territory of the Union, including the right to international protection.

(61)

Jenħtieġ li ċerti sistemi tal-IA maħsuba għall-amministrazzjoni tal-ġustizzja u għall-proċessi demokratiċi jiġu kklassifikati bħala b'riskju għoli, meta jitqies l-impatt potenzjalment sinifikanti tagħhom fuq id-demokrazija, l-istat tad-dritt, il-libertajiet individwali u d-dritt għal rimedju effettiv u għal proċess imparzjali. B'mod partikolari, biex jiġu indirizzati r-riskji ta' preġudizzji, żbalji u opaċità potenzjali, jixraq li s-sistemi maħsuba biex jintużaw minn awtorità ġudizzjarja jew f'isimha biex jgħinu lill-awtoritajiet ġudizzjarji fir-riċerka u l-interpretazzjoni tal-fatti u tal-liġi u fl-applikazzjoni tal-liġi għal sett konkret ta' fatti, jikkwalifikaw bħala sistemi tal-IA b'riskju għoli. Jenħtieġ li s-sistemi tal-IA maħsuba biex jintużaw minn korpi għal soluzzjonijiet alternattivi għat-tilwim għal dawk il-finijiet jitqiesu wkoll li huma b'riskju għoli meta l-eżiti tal-proċedimenti ta' soluzzjoni alternattiva għat-tilwim jipproduċu effetti legali għall-partijiet. L-użu ta' għodod tal-IA jista' jappoġġa s-setgħa tat-teħid ta' deċiżjonijiet tal-imħallfin jew l-indipendenza ġudizzjarja, iżda jenħtieġ li ma jissostitwixxihiex: it-teħid finali ta' deċiżjonijiet irid jibqa' attività mmexxija mill-bniedem. Madankollu, jenħtieġ li l-klassifikazzjoni ta' sistemi tal-IA bħala b'riskju għoli ma testendix għal sistemi tal-IA maħsuba għal attivitajiet amministrattivi purament anċillari li ma jaffettwawx l-amministrazzjoni attwali tal-ġustizzja f'każijiet individwali, bħall-anonimizzazzjoni jew il-psewdonimizzazzjoni ta' deċiżjonijiet ġudizzjarji, ta' dokumenti jew ta' data, il-komunikazzjoni bejn il-persunal jew il-kompiti amministrattivi.

(61)

Certain AI systems intended for the administration of justice and democratic processes should be classified as high-risk, considering their potentially significant impact on democracy, the rule of law, individual freedoms as well as the right to an effective remedy and to a fair trial. In particular, to address the risks of potential biases, errors and opacity, it is appropriate to qualify as high-risk AI systems intended to be used by a judicial authority or on its behalf to assist judicial authorities in researching and interpreting facts and the law and in applying the law to a concrete set of facts. AI systems intended to be used by alternative dispute resolution bodies for those purposes should also be considered to be high-risk when the outcomes of the alternative dispute resolution proceedings produce legal effects for the parties. The use of AI tools can support the decision-making power of judges or judicial independence, but should not replace it: the final decision-making must remain a human-driven activity. The classification of AI systems as high-risk should not, however, extend to AI systems intended for purely ancillary administrative activities that do not affect the actual administration of justice in individual cases, such as anonymisation or pseudonymisation of judicial decisions, documents or data, communication between personnel, administrative tasks.

(62)

Mingħajr preġudizzju għar-regoli previsti fir-Regolament (UE) 2024/… tal-Parlament Ewropew u tal-Kunsill (34), u sabiex jiġu indirizzati r-riskji ta' interferenza esterna mhux dovuta fuq id-dritt tal-vot minqux fl-Artikolu 39 tal-Karta, u ta' effetti negattivi fuq id-demokrazija u l-istat tad-dritt, jenħtieġ li s-sistemi tal-IA maħsuba biex jintużaw bil-għan li jinfluwenzaw l-eżitu ta' elezzjoni jew referendum jew l-imġiba tal-votazzjoni ta' persuni fiżiċi fl-eżerċizzju tal-vot tagħhom fl-elezzjonijiet jew fir-referenda jiġu kklassifikati bħala sistemi tal-IA b'riskju għoli bl-eċċezzjoni ta' sistemi tal-IA li l-output tagħhom ma jkunx espost għal persuni fiżiċi, bħal għodod użati għall-organizzazzjoni, l-ottimizzazzjoni u l-istruttura ta' kampanji politiċi minn perspettiva amministrattiva u loġistika.

(62)

Without prejudice to the rules provided for in Regulation (EU) 2024/900 of the European Parliament and of the Council (34), and in order to address the risks of undue external interference with the right to vote enshrined in Article 39 of the Charter, and of adverse effects on democracy and the rule of law, AI systems intended to be used to influence the outcome of an election or referendum or the voting behaviour of natural persons in the exercise of their vote in elections or referenda should be classified as high-risk AI systems with the exception of AI systems whose output natural persons are not directly exposed to, such as tools used to organise, optimise and structure political campaigns from an administrative and logistical point of view.

(63)

Jenħtieġ li l-fatt li sistema tal-IA tiġi kklassifikata bħala sistema tal-IA b'riskju għoli skont dan ir-Regolament ma jiġix interpretat bħala indikatur li l-użu tas-sistema huwa legali skont atti oħra tal-liġi tal-Unjoni jew skont il-liġi nazzjonali kompatibbli mal-liġi tal-Unjoni, bħal dwar il-protezzjoni tad-data personali, dwar l-użu tal-poligrafi u ta' għodod simili jew ta' sistemi oħra biex jiġi identifikat l-istat emozzjonali ta' persuni fiżiċi. Jenħtieġ li kull użu bħal dan ikompli jseħħ biss f'konformità mar-rekwiżiti applikabbli li jirriżultaw mill-Karta u mill-atti applikabbli tal-liġi sekondarja tal-Unjoni u tal-liġi nazzjonali. Jenħtieġ li dan ir-Regolament ma jinftiehemx li jipprevedi l-bażi legali għall-ipproċessar tad-data personali, inkluż kategoriji speċjali ta' data personali, meta rilevanti, sakemm mhux speċifikament previst mod ieħor f'dan ir-Regolament.

(63)

The fact that an AI system is classified as a high-risk AI system under this Regulation should not be interpreted as indicating that the use of the system is lawful under other acts of Union law or under national law compatible with Union law, such as on the protection of personal data, on the use of polygraphs and similar tools or other systems to detect the emotional state of natural persons. Any such use should continue to occur solely in accordance with the applicable requirements resulting from the Charter and from the applicable acts of secondary Union law and national law. This Regulation should not be understood as providing for the legal ground for processing of personal data, including special categories of personal data, where relevant, unless it is specifically otherwise provided for in this Regulation.

(64)

Biex jiġu mitigati r-riskji minn sistemi tal-IA b'riskju għoli introdotti fis-suq jew imqiegħda fis-servizz u biex jiġi żgurat livell għoli ta' affidabbiltà, jenħtieġ li ċerti rekwiżiti obbligatorji japplikaw għas-sistemi tal-IA b'riskju għoli, filwaqt li jitqies l-għan maħsub u l-kuntest tal-użu tas-sistema tal-IA u skont is-sistema ta' ġestjoni tar-riskju li għandha tiġi stabbilita mill-fornitur. Jenħtieġ li l-miżuri adottati mill-fornituri biex jikkonformaw mar-rekwiżiti obbligatorji ta' dan ir-Regolament iqisu l-ogħla livell ta' żvilupp tekniku rikonoxxut b'mod ġenerali dwar l-IA, u jkunu proporzjonati u effettivi biex jintlaħqu l-objettivi ta' dan ir-Regolament. Abbażi tal-Qafas Leġiżlattiv Ġdid, kif iċċarat fl-avviż tal-Kummissjoni “Il-‘Gwida Blu’ dwar l-implimentazzjoni tar-regoli tal-prodotti tal-UE tal-2022” ir-regola ġenerali hija li aktar minn att legali wieħed tal-leġiżlazzjoni tal-Unjoni dwar l-armonizzazzjoni jista’ jkun applikabbli għal prodott wieħed, peress li l-introduzzjoni fis-suq jew it-tqegħid fis-servizz jista' jseħħ biss meta l-prodott jikkonforma mal-leġiżlazzjoni applikabbli kollha tal-Unjoni dwar l-armonizzazzjoni. Il-perikli tas-sistemi tal-IA koperti mir-rekwiżiti ta' dan ir-Regolament jikkonċernaw aspetti differenti mill-leġiżlazzjoni eżistenti tal-Unjoni dwar l-armonizzazzjoni u għalhekk ir-rekwiżiti ta' dan ir-Regolament jikkomplementaw il-korp eżistenti tal-leġiżlazzjoni tal-Unjoni dwar l-armonizzazzjoni. Pereżempju, prodotti ta' makkinarju jew ta' apparati mediċi li jinkorporaw sistema tal-IA jistgħu jippreżentaw riskji mhux indirizzati mir-rekwiżiti essenzjali tas-saħħa u s-sikurezza stipulati fil-leġiżlazzjoni armonizzata rilevanti tal-Unjoni, peress li dik il-liġi settorjali ma tittrattax riskji speċifiċi għas-sistemi tal-IA. Dan jitlob li jkun hemm l-applikazzjoni simultanja u komplementari tad-diversi atti leġiżlattivi. Sabiex tiġi żgurata l-konsistenza u jiġu evitati piż u kostijiet amministrattivi bla bżonn, jenħtieġ li l-fornituri ta' prodott li jkun fih sistema ta' IA b'riskju għoli waħda jew aktar, li għaliha japplikaw ir-rekwiżiti ta' dan ir-Regolament u tal-leġiżlazzjoni tal-Unjoni dwar l-armonizzazzjoni bbażata fuq il-Qafas Leġiżlattiv Ġdid u elenkata f'anness ta' dan ir-Regolament, ikollhom flessibbiltà fir-rigward tad-deċiżjonijiet operazzjonali dwar kif tiġi żgurata l-konformità ta' prodott li jkun fih sistema tal-IA waħda jew aktar mar-rekwiżiti applikabbli kollha ta' dik il-leġiżlazzjoni armonizzata tal-Unjoni bl-aħjar mod. Dik il-flessibbiltà tista' tfisser, pereżempju, deċiżjoni mill-fornitur li jintegra parti mill-proċessi ta' ttestjar u rapportar, informazzjoni u dokumentazzjoni meħtieġa skont dan ir-Regolament fid-dokumentazzjoni u l-proċeduri diġà eżistenti meħtieġa skont il-leġiżlazzjoni eżistenti tal-Unjoni dwar l-armonizzazzjoni bbażata fuq il-Qafas Leġiżlattiv Ġdid u elenkata f'anness ta' dan ir-Regolament. Dan jenħtieġ li bl-ebda mod ma jimmina l-obbligu tal-fornitur li jikkonforma mar-rekwiżiti applikabbli kollha.

(64)

To mitigate the risks from high-risk AI systems placed on the market or put into service and to ensure a high level of trustworthiness, certain mandatory requirements should apply to high-risk AI systems, taking into account the intended purpose and the context of use of the AI system and according to the risk-management system to be established by the provider. The measures adopted by the providers to comply with the mandatory requirements of this Regulation should take into account the generally acknowledged state of the art on AI, be proportionate and effective to meet the objectives of this Regulation. Based on the New Legislative Framework, as clarified in Commission notice ‘The “Blue Guide” on the implementation of EU product rules 2022’, the general rule is that more than one legal act of Union harmonisation legislation may be applicable to one product, since the making available or putting into service can take place only when the product complies with all applicable Union harmonisation legislation. The hazards of AI systems covered by the requirements of this Regulation concern different aspects than the existing Union harmonisation legislation and therefore the requirements of this Regulation would complement the existing body of the Union harmonisation legislation. For example, machinery or medical devices products incorporating an AI system might present risks not addressed by the essential health and safety requirements set out in the relevant Union harmonised legislation, as that sectoral law does not deal with risks specific to AI systems. This calls for a simultaneous and complementary application of the various legislative acts. To ensure consistency and to avoid an unnecessary administrative burden and unnecessary costs, providers of a product that contains one or more high-risk AI system, to which the requirements of this Regulation and of the Union harmonisation legislation based on the New Legislative Framework and listed in an annex to this Regulation apply, should have flexibility with regard to operational decisions on how to ensure compliance of a product that contains one or more AI systems with all the applicable requirements of that Union harmonised legislation in an optimal manner. That flexibility could mean, for example a decision by the provider to integrate a part of the necessary testing and reporting processes, information and documentation required under this Regulation into already existing documentation and procedures required under existing Union harmonisation legislation based on the New Legislative Framework and listed in an annex to this Regulation. This should not, in any way, undermine the obligation of the provider to comply with all the applicable requirements.

(65)

Jenħtieġ li s-sistema ta' ġestjoni tar-riskju tkun tikkonsisti fi proċess iterattiv kontinwu li jkun ippjanat u mħaddem tul iċ-ċiklu tal-ħajja kollu ta' sistema tal-IA b'riskju għoli. Jenħtieġ li dak il-proċess ikollu l-għan li jidentifika u jimmitiga r-riskji rilevanti tas-sistemi tal-IA fuq is-saħħa, is-sikurezza u d-drittijiet fundamentali. Jenħtieġ li s-sistema tal-ġestjoni tar-riskju tiġi rieżaminata u aġġornata regolarment biex jiġi żgurat li titkompla l-effettività tagħha, kif ukoll il-ġustifikazzjoni u d-dokumentazzjoni ta' kwalunkwe deċiżjoni u azzjoni sinifikanti meħuda soġġett għal dan ir-Regolament. Jenħtieġ li dan il-proċess jiżgura li l-fornitur jidentifika r-riskji jew l-impatti negattivi u jimplimenta miżuri ta' mitigazzjoni għar-riskji magħrufa u raġonevolment prevedibbli tas-sistemi tal-IA għas-saħħa, għas-sikurezza u għad-drittijiet fundamentali fid-dawl tal-għan maħsub tagħhom u tal-użu ħażin raġonevolment prevedibbli, inkluż ir-riskji possibbli li jirriżultaw mill-interazzjoni bejn is-sistema tal-IA u l-ambjent li topera fih. Jenħtieġ li s-sistema tal-ġestjoni tar-riskju tadotta l-aktar miżuri xierqa ta' ġestjoni tar-riskju fid-dawl tal-ogħla livell ta' żvilupp tekniku fl-IA. Meta jidentifika l-aktar miżuri xierqa ta' ġestjoni tar-riskju, jenħtieġ li l-fornitur jiddokumenta u jispjega l-għażliet li jkunu saru u, meta rilevanti, jinvolvi esperti u partijiet ikkonċernati esterni. Meta jidentifika l-użu ħażin raġonevolment prevedibbli ta' sistemi tal-IA b'riskju għoli, il-fornitur jenħtieġ li jkopri l-użi ta' sistemi tal-IA li, filwaqt li ma jkunux koperti direttament mill-għan maħsub u previst fl-istruzzjoni għall-użu, xorta waħda jistgħu jkunu raġonevolment mistennija li jirriżultaw minn imġiba umana faċilment prevedibbli fil-kuntest tal-karatteristiċi speċifiċi u tal-użu ta' sistema tal-IA partikolari. Jenħtieġ li kwalunkwe ċirkostanza magħrufa jew prevedibbli relatata mal-użu tas-sistema tal-IA b'riskju għoli f'konformità mal-għan maħsub tagħha jew f'kundizzjonijiet ta' użu ħażin raġonevolment prevedibbli, li tista' twassal għal riskji għas-saħħa u s-sikurezza jew għad-drittijiet fundamentali, tiġi inkluża fl-istruzzjonijiet għall-użu li huma pprovduti mill-fornitur. Dan biex jiġi żgurat li l-implimentatur ikun konxju u jqishom meta juża s-sistema tal-IA b'riskju għoli. Jenħtieġ li l-identifikazzjoni u l-implimentazzjoni ta' miżuri ta' mitigazzjoni tar-riskju għal użu ħażin prevedibbli skont dan ir-Regolament ma jirrikjedux taħriġ addizzjonali speċifiku għas-sistema tal-IA b'riskju għoli mill-fornitur biex jiġi indirizzat l-użu ħażin prevedibbli. Madankollu, il-fornituri huma mħeġġa jikkunsidraw tali miżuri ta' taħriġ addizzjonali biex itaffu l-użi ħżiena prevedibbli raġonevoli kif meħtieġ u xieraq.

(65)

The risk-management system should consist of a continuous, iterative process that is planned and run throughout the entire lifecycle of a high-risk AI system. That process should be aimed at identifying and mitigating the relevant risks of AI systems on health, safety and fundamental rights. The risk-management system should be regularly reviewed and updated to ensure its continuing effectiveness, as well as justification and documentation of any significant decisions and actions taken subject to this Regulation. This process should ensure that the provider identifies risks or adverse impacts and implements mitigation measures for the known and reasonably foreseeable risks of AI systems to the health, safety and fundamental rights in light of their intended purpose and reasonably foreseeable misuse, including the possible risks arising from the interaction between the AI system and the environment within which it operates. The risk-management system should adopt the most appropriate risk-management measures in light of the state of the art in AI. When identifying the most appropriate risk-management measures, the provider should document and explain the choices made and, when relevant, involve experts and external stakeholders. In identifying the reasonably foreseeable misuse of high-risk AI systems, the provider should cover uses of AI systems which, while not directly covered by the intended purpose and provided for in the instruction for use may nevertheless be reasonably expected to result from readily predictable human behaviour in the context of the specific characteristics and use of a particular AI system. Any known or foreseeable circumstances related to the use of the high-risk AI system in accordance with its intended purpose or under conditions of reasonably foreseeable misuse, which may lead to risks to the health and safety or fundamental rights should be included in the instructions for use that are provided by the provider. This is to ensure that the deployer is aware and takes them into account when using the high-risk AI system. Identifying and implementing risk mitigation measures for foreseeable misuse under this Regulation should not require specific additional training for the high-risk AI system by the provider to address foreseeable misuse. The providers however are encouraged to consider such additional training measures to mitigate reasonable foreseeable misuses as necessary and appropriate.

(66)

Jenħtieġ li r-rekwiżiti japplikaw għas-sistemi tal-IA b'riskju għoli fir-rigward tal-ġestjoni tar-riskju, il-kwalità u r-rilevanza tas-settijiet tad-data użati, id-dokumentazzjoni teknika u ż-żamma tar-rekords, it-trasparenza u l-għoti tal-informazzjoni lill-implimentaturi, is-sorveljanza mill-bniedem, u r-robustezza, l-akkuratezza u ċ-ċibersigurtà. Dawk ir-rekwiżiti huma meħtieġa biex itaffu b'mod effettiv ir-riskji għas-saħħa u s-sikurezza u għad-drittijiet fundamentali. Billi l-ebda miżura oħra anqas restrittiva għall-kummerċ ma tkun raġonevolment disponibbli, dawk ir-rekwiżiti mhumiex restrizzjonijiet mhux ġustifikati għall-kummerċ.

(66)

Requirements should apply to high-risk AI systems as regards risk management, the quality and relevance of data sets used, technical documentation and record-keeping, transparency and the provision of information to deployers, human oversight, and robustness, accuracy and cybersecurity. Those requirements are necessary to effectively mitigate the risks for health, safety and fundamental rights. As no other less trade restrictive measures are reasonably available those requirements are not unjustified restrictions to trade.

(67)

Id-data ta' kwalità għolja u l-aċċess għal data ta' kwalità għolja għandhom rwol vitali fl-għoti tal-istruttura u fl-iżgurar tal-prestazzjoni ta' ħafna sistemi tal-IA, speċjalment meta jintużaw tekniki li jinvolvu t-taħriġ tal-mudelli, bl-għan li jiġi żgurat li s-sistema tal-IA b'riskju għoli taħdem kif suppost u b'mod sikur u ma ssirx sors ta' diskriminazzjoni pprojbit mil-liġi tal-Unjoni. Settijiet tad-data ta' kwalità għolja għal taħriġ, validazzjoni u ttestjar jirrikjedu l-implimentazzjoni ta' prattiki xierqa ta' governanza u ġestjoni tad-data. Jenħtieġ li s-settijiet tad-data għal taħriġ, validazzjoni u ttestjar, inkluż it-tikketti, ikunu rilevanti, rappreżentattivi biżżejjed, u sa fejn possibbli mingħajr żbalji u kompluti fid-dawl tal-għan maħsub tas-sistema. Sabiex tiġi ffaċilitata l-konformità mal-liġi tal-Unjoni dwar il-protezzjoni tad-data, bħar-Regolament (UE) 2016/679, jenħtieġ li l-prattiki ta' governanza u tal-ġestjoni tad-data jinkludu, fil-każ ta' data personali, trasparenza fir-rigward tal-iskop oriġinali tal-ġbir tad-data. Jenħtieġ li s-settijiet tad-data jkollhom ukoll il-proprjetajiet statistiċi xierqa, inkluż fir-rigward tal-persuni jew tal-gruppi ta' persuni li fir-rigward tagħhom hija maħsuba li tintuża s-sistema tal-IA b'riskju għoli, b'attenzjoni speċifika għall-mitigazzjoni tal-preġudizzji possibbli fis-settijiet tad-data, li x'aktarx jaffettwaw is-saħħa u s-sikurezza tal-persuni, ikollhom impatt negattiv fuq id-drittijiet fundamentali jew iwasslu għal diskriminazzjoni pprojbita skont il-liġi tal-Unjoni, speċjalment meta l-outputs tad-data jinfluwenzaw l-inputs għal operazzjonijiet futuri (feedback loops). Il-preġudizzji jistgħu pereżempju jkunu inerenti fis-settijiet tad-data sottostanti, speċjalment meta tkun qed tintuża data storika, jew iġġenerati meta s-sistemi jiġu implimentati f'ambjenti reali. Ir-riżultati pprovduti mis-sistemi tal-IA jistgħu jiġu influwenzati minn tali preġudizzji inerenti li huma inklinati li jiżdiedu gradwalment u b'hekk jipperpetwaw u jamplifikaw id-diskriminazzjoni eżistenti, b'mod partikolari għal persuni li jagħmlu parti minn ċerti gruppi vulnerabbli, inkluż gruppi razzjali jew etniċi. Jenħtieġ li r-rekwiżit li s-settijiet tad-data jkunu kemm jista' jkun kompluti u mingħajr żbalji ma jaffettwax l-użu ta' tekniki li jippreservaw il-privatezza fil-kuntest tal-iżvilupp u l-ittestjar tas-sistemi tal-IA. B'mod partikolari, jenħtieġ li s-settijiet tad-data jqisu, sa fejn ikun meħtieġ mill-għan maħsub tagħhom, il-karatteristiċi jew l-elementi partikolari għall-ambjent jew għall-issettjar ġeografiku, kuntestwali, komportamentali jew funzjonali speċifiku li fih tkun maħsuba li tintuża s-sistema tal-IA. Ir-rekwiżiti relatati mal-governanza tad-data jistgħu jiġu rrispettati billi jsir rikors għal partijiet terzi li joffru servizzi ta' konformità ċċertifikati inkluż verifika tal-governanza tad-data, tal-integrità tas-sett tad-data, u tat-taħriġ tad-data, il-prattiki tal-validazzjoni u tal-ittestjar, sa fejn tiġi żgurata l-konformità mar-rekwiżiti tad-data ta' dan ir-Regolament.

(67)

High-quality data and access to high-quality data plays a vital role in providing structure and in ensuring the performance of many AI systems, especially when techniques involving the training of models are used, with a view to ensure that the high-risk AI system performs as intended and safely and it does not become a source of discrimination prohibited by Union law. High-quality data sets for training, validation and testing require the implementation of appropriate data governance and management practices. Data sets for training, validation and testing, including the labels, should be relevant, sufficiently representative, and to the best extent possible free of errors and complete in view of the intended purpose of the system. In order to facilitate compliance with Union data protection law, such as Regulation (EU) 2016/679, data governance and management practices should include, in the case of personal data, transparency about the original purpose of the data collection. The data sets should also have the appropriate statistical properties, including as regards the persons or groups of persons in relation to whom the high-risk AI system is intended to be used, with specific attention to the mitigation of possible biases in the data sets, that are likely to affect the health and safety of persons, have a negative impact on fundamental rights or lead to discrimination prohibited under Union law, especially where data outputs influence inputs for future operations (feedback loops). Biases can for example be inherent in underlying data sets, especially when historical data is being used, or generated when the systems are implemented in real world settings. Results provided by AI systems could be influenced by such inherent biases that are inclined to gradually increase and thereby perpetuate and amplify existing discrimination, in particular for persons belonging to certain vulnerable groups, including racial or ethnic groups. The requirement for the data sets to be to the best extent possible complete and free of errors should not affect the use of privacy-preserving techniques in the context of the development and testing of AI systems. In particular, data sets should take into account, to the extent required by their intended purpose, the features, characteristics or elements that are particular to the specific geographical, contextual, behavioural or functional setting which the AI system is intended to be used. The requirements related to data governance can be complied with by having recourse to third parties that offer certified compliance services including verification of data governance, data set integrity, and data training, validation and testing practices, as far as compliance with the data requirements of this Regulation are ensured.

(68)

Għall-iżvilupp u l-valutazzjoni ta' sistemi tal-IA b'riskju għoli, jenħtieġ li ċerti atturi, bħal fornituri, korpi notifikati u entitajiet rilevanti oħra, bħaċ-Ċentri Ewropej tal-Innovazzjoni Diġitali, il-faċilitajiet tal-esperimentazzjoni u ttestjar, u r-riċerkaturi, ikunu jistgħu jaċċessaw u jużaw settijiet tad-data ta' kwalità għolja fl-oqsma tal-attivitajiet ta' dawk l-atturi li huma relatati ma' dan ir-Regolament. L-ispazji komuni Ewropej tad-data stabbiliti mill-Kummissjoni u l-faċilitazzjoni tal-kondiviżjoni tad-data bejn in-negozji u mal-gvern fl-interess pubbliku ser ikunu strumentali biex jipprovdu aċċess affidabbli, responsabbli u nondiskriminatorju għal data ta' kwalità għolja għat-taħriġ, il-validazzjoni u l-ittestjar tas-sistemi tal-IA. Pereżempju, fil-qasam tas-saħħa, l-ispazju Ewropew tad-data dwar is-saħħa ser jiffaċilita aċċess nondiskriminatorju għal data dwar is-saħħa u t-taħriġ ta' algoritmi tal-IA fuq dawk is-settijiet tad-data, b'mod li jiżgura l-privatezza, li hu sigur, fil-ħin, trasparenti u affidabbli, u b'governanza istituzzjonali xierqa. L-awtoritajiet kompetenti rilevanti, inkluż dawk settorjali, li jipprovdu jew jappoġġaw l-aċċess għad-data, jistgħu jappoġġaw ukoll il-forniment ta' data ta' kwalità għolja għat-taħriġ, il-validazzjoni u l-ittestjar tas-sistemi tal-IA.

(68)

For the development and assessment of high-risk AI systems, certain actors, such as providers, notified bodies and other relevant entities, such as European Digital Innovation Hubs, testing experimentation facilities and researchers, should be able to access and use high-quality data sets within the fields of activities of those actors which are related to this Regulation. European common data spaces established by the Commission and the facilitation of data sharing between businesses and with government in the public interest will be instrumental to provide trustful, accountable and non-discriminatory access to high-quality data for the training, validation and testing of AI systems. For example, in health, the European health data space will facilitate non-discriminatory access to health data and the training of AI algorithms on those data sets, in a privacy-preserving, secure, timely, transparent and trustworthy manner, and with an appropriate institutional governance. Relevant competent authorities, including sectoral ones, providing or supporting the access to data may also support the provision of high-quality data for the training, validation and testing of AI systems.

(69)

Id-dritt għall-privatezza u għall-protezzjoni tad-data personali jrid jiġi ggarantit tul iċ-ċiklu tal-ħajja kollu tas-sistema tal-IA. F'dan ir-rigward, il-prinċipji tal-minimizzazzjoni tad-data u tal-protezzjoni tad-data mid-disinn u b'mod awtomatiku, kif stipulati fil-liġi tal-Unjoni dwar il-protezzjoni tad-data, huma applikabbli meta tiġi pproċessata d-data personali. Il-miżuri meħuda mill-fornituri biex jiżguraw il-konformità ma' dawk il-prinċipji jistgħu jinkludu mhux biss l-anonimizzazzjoni u l-kriptaġġ, iżda wkoll l-użu ta' teknoloġija li tippermetti li l-algoritmi jinġiebu fid-data u li tippermetti t-taħriġ tas-sistemi tal-IA mingħajr it-trażmissjoni bejn il-partijiet jew l-ikkupjar tad-data mhux ipproċessata jew strutturata nnifisha, mingħajr preġudizzju għar-rekwiżiti dwar il-governanza tad-data previsti f'dan ir-Regolament.

(69)

The right to privacy and to protection of personal data must be guaranteed throughout the entire lifecycle of the AI system. In this regard, the principles of data minimisation and data protection by design and by default, as set out in Union data protection law, are applicable when personal data are processed. Measures taken by providers to ensure compliance with those principles may include not only anonymisation and encryption, but also the use of technology that permits algorithms to be brought to the data and allows training of AI systems without the transmission between parties or copying of the raw or structured data themselves, without prejudice to the requirements on data governance provided for in this Regulation.

(70)

Biex jiġi protett id-dritt ta' oħrajn mid-diskriminazzjoni li tista' tirriżulta mill-preġudizzju fis-sistemi tal-IA, jenħtieġ li l-fornituri, b'mod eċċezzjonali, sa fejn ikun strettament meħtieġ għall-fini tal-iżgurar tal-kxif u l-korrezzjoni tal-preġudizzji fir-rigward tas-sistemi tal-IA b'riskju għoli, soġġetti għal salvagwardji xierqa għad-drittijiet u l-libertajiet fundamentali tal-persuni fiżiċi u wara l-applikazzjoni tal-kundizzjonijiet applikabbli kollha stabbiliti f'dan ir-Regolament flimkien mal-kundizzjonijiet stabbiliti fir-Regolamenti (UE) 2016/679 u (UE) 2018/1725 u fid-Direttiva (UE) 2016/680, ikunu jistgħu jipproċessaw ukoll kategoriji speċjali ta' data personali, bħala kwistjoni ta' interess pubbliku sostanzjali skont it-tifsira tal-Artikolu 9(2), il-punt (g) tar-Regolament (UE) 2016/679 u l-Artikolu 10(2), il-punt (g) tar-Regolament (UE) 2018/1725.

(70)

In order to protect the right of others from the discrimination that might result from the bias in AI systems, the providers should, exceptionally, to the extent that it is strictly necessary for the purpose of ensuring bias detection and correction in relation to the high-risk AI systems, subject to appropriate safeguards for the fundamental rights and freedoms of natural persons and following the application of all applicable conditions laid down under this Regulation in addition to the conditions laid down in Regulations (EU) 2016/679 and (EU) 2018/1725 and Directive (EU) 2016/680, be able to process also special categories of personal data, as a matter of substantial public interest within the meaning of Article 9(2), point (g) of Regulation (EU) 2016/679 and Article 10(2), point (g) of Regulation (EU) 2018/1725.

(71)

Huwa essenzjali li jkun hemm informazzjoni komprensibbli dwar kif ġew żviluppati s-sistemi tal-IA b'riskju għoli u kif jaħdmu tul ħajjithom kollha biex tkun tista' ssir it-traċċabbiltà ta' dawk is-sistemi, biex tiġi vverifikata l-konformità mar-rekwiżiti skont dan ir-Regolament, kif ukoll biex isir monitoraġġ tal-operazzjonijiet tagħhom u sorveljanza ta' wara t-tqegħid fis-suq. Għal dan il-għan, hemm bżonn li jinżammu rekords u li jkun hemm disponibbli dokumentazzjoni teknika, bl-informazzjoni meħtieġa biex tiġi vvalutata l-konformità tas-sistema tal-IA mar-rekwiżiti rilevanti u tiġi ffaċilitata s-sorveljanza ta' wara t-tqegħid fis-suq. Jenħtieġ li din l-informazzjoni tkun tinkludi l-karatteristiċi ġenerali, il-kapaċitajiet u l-limitazzjonijiet tas-sistema, tal-algoritmi, tad-data, tat-taħriġ, tal-ittestjar u tal-proċessi ta' validazzjoni użati kif ukoll dokumentazzjoni dwar is-sistema rilevanti tal-ġestjoni tar-riskji u li tkun mfassla f'forma ċara u komprensiva. Jenħtieġ li d-dokumentazzjoni teknika tinżamm aġġornata b'mod xieraq tul il-ħajja tas-sistema tal-IA. Barra minn hekk, jenħtieġ li s-sistemi tal-IA b'riskju għoli jippermettu teknikament ir-reġistrazzjoni awtomatika tal-avvenimenti, permezz ta' reġistri, tul il-ħajja tas-sistema.

(71)

Having comprehensible information on how high-risk AI systems have been developed and how they perform throughout their lifetime is essential to enable traceability of those systems, verify compliance with the requirements under this Regulation, as well as monitoring of their operations and post market monitoring. This requires keeping records and the availability of technical documentation, containing information which is necessary to assess the compliance of the AI system with the relevant requirements and facilitate post market monitoring. Such information should include the general characteristics, capabilities and limitations of the system, algorithms, data, training, testing and validation processes used as well as documentation on the relevant risk-management system and drawn in a clear and comprehensive form. The technical documentation should be kept up to date, appropriately throughout the lifetime of the AI system. Furthermore, high-risk AI systems should technically allow for the automatic recording of events, by means of logs, over the duration of the lifetime of the system.

(72)

Biex jiġi indirizzat it-tħassib relatat mal-opaċità u l-kumplessità ta' ċerti sistemi tal-IA u biex l-implimentaturi jiġu megħjuna jissodisfaw l-obbligi tagħhom skont dan ir-Regolament, jenħtieġ li tkun meħtieġa trasparenza għas-sistemi tal-IA b'riskju għoli qabel ma jiġu introdotti fis-suq jew jitqiegħdu fis-servizz. Jenħtieġ li s-sistemi tal-IA b'riskju għoli jitfasslu b'mod li jippermetti lill-implimentaturi jifhmu kif taħdem is-sistema tal-IA, jevalwaw il-funzjonalità tagħha, u jifhmu l-elementi b'saħħithom u l-limitazzjonijiet tagħha. Jenħtieġ li s-sistemi tal-IA b'riskju għoli jkunu akkumpanjati minn informazzjoni xierqa fil-forma ta' struzzjonijiet dwar l-użu. Jenħtieġ li tali informazzjoni tinkludi l-karatteristiċi, il-kapaċitajiet u l-limitazzjonijiet tal-prestazzjoni tas-sistema tal-IA. Dawk ikopru informazzjoni dwar ċirkostanzi magħrufa u prevedibbli possibbli relatati mal-użu tas-sistema tal-IA b'riskju għoli, inkluż l-azzjoni tal-implimentatur li tista' tinfluwenza l-imġiba u l-prestazzjoni tas-sistema, li skontha s-sistema tal-IA tista' twassal għal riskji għas-saħħa, is-sikurezza, u d-drittijiet fundamentali, dwar il-bidliet li jkunu ġew iddeterminati minn qabel u vvalutati għall-konformità mill-fornitur u dwar il-miżuri rilevanti ta' sorveljanza mill-bniedem, inkluż il-miżuri li jiffaċilitaw l-interpretazzjoni tal-outputs tas-sistema tal-IA mill-implimentaturi. It-trasparenza, inkluż l-istruzzjonijiet ta' akkumpanjament għall-użu, għandha tassisti lill-implimentaturi fl-użu tas-sistema u tappoġġa t-teħid ta' deċiżjonijiet infurmat minnhom., Jenħtieġ li l-implimentaturi, fost l-oħrajn, jkunu f'pożizzjoni aħjar biex jagħmlu l-għażla korretta tas-sistema li beħsiebhom jużaw fid-dawl tal-obbligi applikabbli għalihom, jiġu edukati dwar l-użi maħsuba u preklużi, u jużaw is-sistema tal-IA b'mod korrett u kif xieraq. Biex jissaħħu l-leġibbiltà u l-aċċessibbiltà tal-informazzjoni inkluża fl-istruzzjonijiet tal-użu, meta xieraq, jenħtieġ li jiġu inklużi eżempji illustrattivi, pereżempju dwar il-limitazzjonijiet u dwar l-użi maħsuba u preklużi tas-sistema tal-IA. Jenħtieġ li l-fornituri jiżguraw li d-dokumentazzjoni kollha, inkluż l-istruzzjonijiet għall-użu, ikun fiha informazzjoni sinifikanti, komprensiva, aċċessibbli u li tinftiehem, filwaqt li jitqiesu l-ħtiġijiet u l-għarfien prevedibbli tal-implimentaturi fil-mira. Jenħtieġ li l-istruzzjonijiet għall-użu jkunu disponibbli b'lingwa li tista' tinftiehem faċilment mill-implimentaturi fil-mira, kif determinat mill-Istat Membru kkonċernat.

(72)

To address concerns related to opacity and complexity of certain AI systems and help deployers to fulfil their obligations under this Regulation, transparency should be required for high-risk AI systems before they are placed on the market or put it into service. High-risk AI systems should be designed in a manner to enable deployers to understand how the AI system works, evaluate its functionality, and comprehend its strengths and limitations. High-risk AI systems should be accompanied by appropriate information in the form of instructions of use. Such information should include the characteristics, capabilities and limitations of performance of the AI system. Those would cover information on possible known and foreseeable circumstances related to the use of the high-risk AI system, including deployer action that may influence system behaviour and performance, under which the AI system can lead to risks to health, safety, and fundamental rights, on the changes that have been pre-determined and assessed for conformity by the provider and on the relevant human oversight measures, including the measures to facilitate the interpretation of the outputs of the AI system by the deployers. Transparency, including the accompanying instructions for use, should assist deployers in the use of the system and support informed decision making by them. Deployers should, inter alia, be in a better position to make the correct choice of the system that they intend to use in light of the obligations applicable to them, be educated about the intended and precluded uses, and use the AI system correctly and as appropriate. In order to enhance legibility and accessibility of the information included in the instructions of use, where appropriate, illustrative examples, for instance on the limitations and on the intended and precluded uses of the AI system, should be included. Providers should ensure that all documentation, including the instructions for use, contains meaningful, comprehensive, accessible and understandable information, taking into account the needs and foreseeable knowledge of the target deployers. Instructions for use should be made available in a language which can be easily understood by target deployers, as determined by the Member State concerned.

(73)

Jenħtieġ li s-sistemi tal-IA b'riskju għoli jitfasslu u jiġu żviluppati b'tali mod li l-persuni fiżiċi jkunu jistgħu jissorveljaw il-funzjonament tagħhom, jiżguraw li jintużaw kif maħsub u li l-impatti tagħhom jiġu indirizzati matul iċ-ċiklu tal-ħajja tas-sistema. Għal dak il-għan, jenħtieġ li l-fornitur tas-sistema jidentifika miżuri xierqa ta' sorveljanza mill-bniedem qabel ma tiġi introdotta fis-suq jew imqiegħda fis-servizz. B'mod partikolari, meta xieraq, jenħtieġ li dawn il-miżuri jkunu jiggarantixxu li s-sistema tkun soġġetta għal restrizzjonijiet operazzjonali inkorporati li ma jistgħux jitwarrbu mis-sistema nnifisha u li tkun tirreaġixxi għall-operatur uman, u li l-persuni fiżiċi li lilhom tkun ġiet assenjata sorveljanza mill-bniedem jkollhom il-kompetenza, it-taħriġ u l-awtorità meħtieġa biex jaqdu dak ir-rwol. Huwa essenzjali wkoll, kif xieraq, li jiġi żgurat li s-sistemi tal-IA b'riskju għoli jinkludu mekkaniżmi li jiggwidaw u jinfurmaw lil persuna fiżika li lilha tkun ġiet assenjata s-sorveljanza mill-bniedem biex tieħu deċiżjonijiet infurmati dwar jekk, meta u kif għandha tintervjeni biex jiġu evitati konsegwenzi jew riskji negattivi, jew biex titwaqqaf is-sistema jekk ma taħdimx kif maħsub. Meta jitqiesu l-konsegwenzi sinifikanti għall-persuni fil-każ ta' tqabbil mhux korrett minn ċerti sistemi ta’ identifikazzjoni bijometrika, huwa xieraq li jiġi previst rekwiżit imtejjeb ta' sorveljanza mill-bniedem għal dawk is-sistemi sabiex ma tittieħed l-ebda azzjoni jew deċiżjoni mill-implimentatur abbażi tal-identifikazzjoni li tirriżulta mis-sistema sakemm dan ma jkunx ġie vverifikat u kkonfermat separatament minn mill-inqas żewġ persuni fiżiċi. Dawk il-persuni jistgħu jkunu minn entità waħda jew aktar u jinkludu l-persuna li topera jew li tuża s-sistema. Jenħtieġ li dan ir-rekwiżit ma joħloqx piż jew dewmien bla bżonn u jista' jkun biżżejjed li l-verifiki separati mill-persuni differenti jiġu rreġistrati awtomatikament fir-reġistri ġġenerati mis-sistema. Minħabba l-ispeċifiċitajiet tal-oqsma tal-infurzar tal-liġi, il-migrazzjoni, il-kontroll tal-fruntieri u l-ażil, jenħtieġ li dan ir-rekwiżit ma japplikax fejn il-liġi tal-Unjoni jew dik nazzjonali tqis li l-applikazzjoni ta' dak ir-rekwiżit hija sproporzjonata.

(73)

High-risk AI systems should be designed and developed in such a way that natural persons can oversee their functioning, ensure that they are used as intended and that their impacts are addressed over the system’s lifecycle. To that end, appropriate human oversight measures should be identified by the provider of the system before its placing on the market or putting into service. In particular, where appropriate, such measures should guarantee that the system is subject to in-built operational constraints that cannot be overridden by the system itself and is responsive to the human operator, and that the natural persons to whom human oversight has been assigned have the necessary competence, training and authority to carry out that role. It is also essential, as appropriate, to ensure that high-risk AI systems include mechanisms to guide and inform a natural person to whom human oversight has been assigned to make informed decisions if, when and how to intervene in order to avoid negative consequences or risks, or stop the system if it does not perform as intended. Considering the significant consequences for persons in the case of an incorrect match by certain biometric identification systems, it is appropriate to provide for an enhanced human oversight requirement for those systems so that no action or decision may be taken by the deployer on the basis of the identification resulting from the system unless this has been separately verified and confirmed by at least two natural persons. Those persons could be from one or more entities and include the person operating or using the system. This requirement should not pose unnecessary burden or delays and it could be sufficient that the separate verifications by the different persons are automatically recorded in the logs generated by the system. Given the specificities of the areas of law enforcement, migration, border control and asylum, this requirement should not apply where Union or national law considers the application of that requirement to be disproportionate.

(74)

Jenħtieġ li s-sistemi tal-IA b'riskju għoli jaħdmu b'mod konsistenti tul iċ-ċiklu tal-ħajja tagħhom u jissodisfaw livell xieraq ta' akkuratezza, robustezza u ċibersigurtà, fid-dawl tal-għan maħsub tagħhom u f'konformità mal-ogħla livell ta' żvilupp tekniku rikonoxxut b'mod ġenerali. Il-Kummissjoni u l-organizzazzjonijiet u l-partijiet ikkonċernati rilevanti huma mħeġġa jqisu kif xieraq il-mitigazzjoni tar-riskji u l-impatti negattivi tas-sistema tal-IA. Jenħtieġ li l-livell mistenni tal-metriċi tal-prestazzjoni jiġi ddikjarat fl-istruzzjonijiet tal-użu li jakkumpanjawhom. Il-fornituri huma mħeġġa jikkomunikaw dik l-informazzjoni lill-implimentaturi b'mod ċar u li jinftiehem faċilment, mingħajr nuqqas ta' fehim jew dikjarazzjonijiet qarrieqa. Il-liġi tal-Unjoni dwar il-metroloġija legali, inkluż id-Direttivi 2014/31/UE (35) u 2014/32/UE (36) tal-Parlament Ewropew u tal-Kunsill, għandha l-għan li tiżgura l-akkuratezza tal-kejl u li tgħin it-trasparenza u l-ġustizzja tat-tranżazzjonijiet kummerċjali. F'dak il-kuntest, f'kooperazzjoni mal-partijiet ikkonċernati u l-organizzazzjoni rilevanti, bħall-awtoritajiet tal-metroloġija u tal-valutazzjoni komparattiva, jenħtieġ li l-Kummissjoni tħeġġeġ, kif xieraq, l-iżvilupp ta' parametri referenzjarji u metodoloġiji ta' kejl għas-sistemi tal-IA. Meta tagħmel dan, jenħtieġ li l-Kummissjoni tieħu nota u tikkollabora mas-sħab internazzjonali li jaħdmu fuq il-metroloġija u l-indikaturi tal-kejl rilevanti relatati mal-IA.

(74)

High-risk AI systems should perform consistently throughout their lifecycle and meet an appropriate level of accuracy, robustness and cybersecurity, in light of their intended purpose and in accordance with the generally acknowledged state of the art. The Commission and relevant organisations and stakeholders are encouraged to take due consideration of the mitigation of risks and the negative impacts of the AI system. The expected level of performance metrics should be declared in the accompanying instructions of use. Providers are urged to communicate that information to deployers in a clear and easily understandable way, free of misunderstandings or misleading statements. Union law on legal metrology, including Directives 2014/31/EU (35) and 2014/32/EU (36) of the European Parliament and of the Council, aims to ensure the accuracy of measurements and to help the transparency and fairness of commercial transactions. In that context, in cooperation with relevant stakeholders and organisation, such as metrology and benchmarking authorities, the Commission should encourage, as appropriate, the development of benchmarks and measurement methodologies for AI systems. In doing so, the Commission should take note and collaborate with international partners working on metrology and relevant measurement indicators relating to AI.

(75)

Ir-robustezza teknika hi rekwiżit ewlieni għas-sistemi tal-IA b'riskju għoli. Jenħtieġ li dawn ikunu reżiljenti fir-rigward ta' mġiba li tagħmel ħsara jew li mhux mixtieqa b'xi mod ieħor li tista' tirriżulta minn limitazzjonijiet fis-sistemi jew fl-ambjent li fih joperaw is-sistemi (eż. żbalji, ħsarat, inkonsistenzi, sitwazzjonijiet mhux mistennija). Għalhekk, jenħtieġ li jittieħdu miżuri tekniċi u organizzattivi biex tiġi żgurata r-robustezza tas-sistemi tal-IA b'riskju għoli, pereżempju billi jitfasslu u jiġu żviluppati soluzzjonijiet tekniċi xierqa biex tiġi evitata jew minimizzata mġiba ta' ħsara jew fi kwalunkwe każ, mhux mixtieqa. Dawk is-soluzzjonijiet tekniċi jistgħu jinkludu pereżempju mekkaniżmi li jippermettu lis-sistema tinterrompi b'mod sikur l-operat tagħha (pjanijiet sikuri) fil-preżenza ta' ċerti anomaliji jew meta l-operazzjoni sseħħ barra minn ċerti limiti predeterminati. In-nuqqas ta' protezzjoni kontra dawn ir-riskji jista' jwassal għal impatti fuq is-sikurezza jew jaffettwa ħażin id-drittijiet fundamentali, pereżempju minħabba deċiżjonijiet żbaljati jew outputs ħżiena jew preġudikati ġġenerati mis-sistema tal-IA.

(75)

Technical robustness is a key requirement for high-risk AI systems. They should be resilient in relation to harmful or otherwise undesirable behaviour that may result from limitations within the systems or the environment in which the systems operate (e.g. errors, faults, inconsistencies, unexpected situations). Therefore, technical and organisational measures should be taken to ensure robustness of high-risk AI systems, for example by designing and developing appropriate technical solutions to prevent or minimise harmful or otherwise undesirable behaviour. Those technical solution may include for instance mechanisms enabling the system to safely interrupt its operation (fail-safe plans) in the presence of certain anomalies or when operation takes place outside certain predetermined boundaries. Failure to protect against these risks could lead to safety impacts or negatively affect the fundamental rights, for example due to erroneous decisions or wrong or biased outputs generated by the AI system.

(76)

Iċ-ċibersigurtà taqdi rwol kruċjali biex ikunu żgurati sistemi tal-IA reżiljenti kontra tentattivi biex jinbidlu l-użu, l-imġiba jew il-prestazzjoni tal-proprjetajiet tas-sigurtà tagħhom jew li dawn il-proprjetajiet jiġu kompromessi minn partijiet terzi malizzjużi li jisfruttaw il-vulnerabbiltajiet tas-sistema. Iċ-ċiberattakki kontra s-sistemi tal-IA jistgħu jisfruttaw assi speċifiċi għall-IA, bħal settijiet tad-data għat-taħriġ (eż. avvelenament tad-data) jew mudelli mħarrġin (eż. attakki kontradittorji jew inferenza ta' sħubija), jew jisfruttaw vulnerabbiltajiet fl-assi diġitali tas-sistema tal-IA jew fl-infrastruttura sottostanti tal-ICT. Għalhekk, biex ikun żgurat livell ta' ċibersigurtà xieraq għar-riskji, jenħtieġ li l-fornituri tas-sistemi tal-IA b'riskju għoli jieħdu l-miżuri adegwati, bħal kontrolli ta' sigurtà, filwaqt li jqisu wkoll kif xieraq l-infrastruttura sottostanti tal-ICT.

(76)

Cybersecurity plays a crucial role in ensuring that AI systems are resilient against attempts to alter their use, behaviour, performance or compromise their security properties by malicious third parties exploiting the system’s vulnerabilities. Cyberattacks against AI systems can leverage AI specific assets, such as training data sets (e.g. data poisoning) or trained models (e.g. adversarial attacks or membership inference), or exploit vulnerabilities in the AI system’s digital assets or the underlying ICT infrastructure. To ensure a level of cybersecurity appropriate to the risks, suitable measures, such as security controls, should therefore be taken by the providers of high-risk AI systems, also taking into account as appropriate the underlying ICT infrastructure.

(77)

Mingħajr preġudizzju għar-rekwiżiti relatati mar-robustezza u l-akkuratezza stipulati f'dan ir-Regolament, is-sistemi tal-IA b'riskju għoli li jaqgħu fil-kamp ta' applikazzjoni ta’ Regolament tal-Parlament Ewropew u tal-Kunsill dwar ir-rekwiżiti orizzontali taċ-ċibersigurtà għall-prodotti b'elementi diġitali, f'konformità ma' dak ir-regolament jistgħu juru konformità mar-rekwiżiti taċ-ċibersigurtà ta' dan ir-Regolament billi jissodisfaw ir-rekwiżiti essenzjali taċ-ċibersigurtà stipulati f’ dak ir-regolament. Meta s-sistemi tal-IA b'riskju għoli jissodisfaw ir-rekwiżiti essenzjali ta’ regolament tal-Parlament Ewropew u tal-Kunsill dwar ir-rekwiżiti orizzontali taċ-ċibersigurtà għall-prodotti b'elementi diġitali, jenħtieġ li jitqiesu bħala konformi mar-rekwiżiti taċ-ċibersigurtà stipulati f'dan ir-Regolament sa fejn il-kisba ta' dawk ir-rekwiżiti tintwera fid-dikjarazzjoni ta' konformità tal-UE jew partijiet minnha maħruġa skont dak ir-regolament. Għal dak il-għan, jenħtieġ li l-valutazzjoni tar-riskji taċ-ċibersigurtà, assoċjati ma' prodott b'elementi diġitali kklassifikati bħala sistema tal-IA b'riskju għoli skont dan ir-Regolament, imwettqa skont regolament tal-Parlament Ewropew u tal-Kunsill dwar ir-rekwiżiti orizzontali taċ-ċibersigurtà għall-prodotti b'elementi diġitali, tqis ir-riskji għar-reżiljenza ċibernetika ta' sistema tal-IA fir-rigward ta' tentattivi minn partijiet terzi mhux awtorizzati biex ibiddlu l-użu, l-imġiba jew il-prestazzjoni tagħha, inkluż vulnerabbiltajiet speċifiċi għall-IA bħall-avvelenament tad-data jew attakki kontradittorji, kif ukoll, kif rilevanti, riskji għad-drittijiet fundamentali kif meħtieġ minn dan ir-Regolament.

(77)

Without prejudice to the requirements related to robustness and accuracy set out in this Regulation, high-risk AI systems which fall within the scope of a regulation of the European Parliament and of the Council on horizontal cybersecurity requirements for products with digital elements, in accordance with that regulation may demonstrate compliance with the cybersecurity requirements of this Regulation by fulfilling the essential cybersecurity requirements set out in that regulation. When high-risk AI systems fulfil the essential requirements of a regulation of the European Parliament and of the Council on horizontal cybersecurity requirements for products with digital elements, they should be deemed compliant with the cybersecurity requirements set out in this Regulation in so far as the achievement of those requirements is demonstrated in the EU declaration of conformity or parts thereof issued under that regulation. To that end, the assessment of the cybersecurity risks, associated to a product with digital elements classified as high-risk AI system according to this Regulation, carried out under a regulation of the European Parliament and of the Council on horizontal cybersecurity requirements for products with digital elements, should consider risks to the cyber resilience of an AI system as regards attempts by unauthorised third parties to alter its use, behaviour or performance, including AI specific vulnerabilities such as data poisoning or adversarial attacks, as well as, as relevant, risks to fundamental rights as required by this Regulation.

(78)

Jenħtieġ li l-proċedura ta' valutazzjoni tal-konformità prevista minn dan ir-Regolament tapplika fir-rigward tar-rekwiżiti essenzjali taċ-ċibersigurtà ta' prodott b'elementi diġitali kopert minn Regolament tal-Parlament Ewropew u tal-Kunsill dwar ir-rekwiżiti orizzontali taċ-ċibersigurtà għall-prodotti b'elementi diġitali u kklassifikat bħala sistema tal-IA b'riskju għoli skont dan ir-Regolament. Madankollu, jenħtieġ li din ir-regola ma tirriżultax fit-tnaqqis tal-livell meħtieġ ta' assigurazzjoni għal prodotti kritiċi b'elementi diġitali koperti minn Regolament tal-Parlament Ewropew u tal-Kunsill dwar ir-rekwiżiti orizzontali taċ-ċibersigurtà għall-prodotti b'elementi diġitali. Għalhekk, b'deroga minn din ir-regola, sistemi tal-IA b'riskju għoli li jaqgħu fil-kamp ta' applikazzjoni ta' dan ir-Regolament u li huma kkwalifikati wkoll bħala prodotti importanti u kritiċi b'elementi diġitali skont Regolament tal-Parlament Ewropew u tal-Kunsill dwar ir-rekwiżiti orizzontali taċ-ċibersigurtà għall-prodotti b'elementi diġitali u li għalihom tapplika l-proċedura ta' valutazzjoni tal-konformità bbażata fuq il-kontroll intern stipulata f'anness ta' dan ir-Regolament, huma soġġetti għad-dispożizzjonijiet dwar il-valutazzjoni tal-konformità ta’ Regolament tal-Parlament Ewropew u tal-Kunsill dwar ir-rekwiżiti orizzontali taċ-ċibersigurtà għall-prodotti b'elementi diġitali sa fejn ikunu kkonċernati r-rekwiżiti essenzjali taċ-ċibersigurtà ta' dak ir-Regolament. F'dan il-każ, jenħtieġ li għall-aspetti l-oħra kollha koperti minn dan ir-Regolament japplikaw id-dispożizzjonijiet rispettivi dwar il-valutazzjoni tal-konformità bbażata fuq il-kontroll intern stipulati f'anness ta' dan ir-Regolament. Filwaqt li tibni fuq l-għarfien u l-kompetenza esperta tal-ENISA dwar il-politika taċ-ċibersigurtà u l-kompiti assenjati lill-ENISA skont ir-Regolament (UE) 2019/881 tal-Parlament Ewropew u tal-Kunsill (37), jenħtieġ li l-Kummissjoni tikkoopera mal-ENISA dwar kwistjonijiet relatati maċ-ċibersigurtà tas-sistemi tal-IA.

(78)

The conformity assessment procedure provided by this Regulation should apply in relation to the essential cybersecurity requirements of a product with digital elements covered by a regulation of the European Parliament and of the Council on horizontal cybersecurity requirements for products with digital elements and classified as a high-risk AI system under this Regulation. However, this rule should not result in reducing the necessary level of assurance for critical products with digital elements covered by a regulation of the European Parliament and of the Council on horizontal cybersecurity requirements for products with digital elements. Therefore, by way of derogation from this rule, high-risk AI systems that fall within the scope of this Regulation and are also qualified as important and critical products with digital elements pursuant to a regulation of the European Parliament and of the Council on horizontal cybersecurity requirements for products with digital elements and to which the conformity assessment procedure based on internal control set out in an annex to this Regulation applies, are subject to the conformity assessment provisions of a regulation of the European Parliament and of the Council on horizontal cybersecurity requirements for products with digital elements insofar as the essential cybersecurity requirements of that regulation are concerned. In this case, for all the other aspects covered by this Regulation the respective provisions on conformity assessment based on internal control set out in an annex to this Regulation should apply. Building on the knowledge and expertise of ENISA on the cybersecurity policy and tasks assigned to ENISA under the Regulation (EU) 2019/881 of the European Parliament and of the Council (37), the Commission should cooperate with ENISA on issues related to cybersecurity of AI systems.

(79)

Huwa xieraq li persuna fiżika jew ġuridika speċifika, definita bħala l-fornitur, tieħu r-responsabbiltà għall-introduzzjoni fis-suq jew għat-tqegħid fis-servizz ta' sistema tal-IA b'riskju għoli, irrispettivament minn jekk dik il-persuna fiżika jew ġuridika tkunx il-persuna li fasslet jew żviluppat is-sistema.

(79)

It is appropriate that a specific natural or legal person, defined as the provider, takes responsibility for the placing on the market or the putting into service of a high-risk AI system, regardless of whether that natural or legal person is the person who designed or developed the system.

(80)

Bħala firmatarji tal-Konvenzjoni tan-Nazzjonijiet Uniti dwar id-Drittijiet ta' Persuni b'Diżabbiltà, l-Unjoni u l-Istati Membri huma legalment obbligati li jipproteġu lill-persuni b'diżabbiltà mid-diskriminazzjoni u li jippromwovu l-ugwaljanza tagħhom, li jiżguraw li l-persuni b'diżabbiltà jkollhom aċċess, fuq bażi ugwali ma' oħrajn, għat-teknoloġiji u s-sistemi tal-informazzjoni u tal-komunikazzjoni, u li jiżguraw ir-rispett għall-privatezza tal-persuni b'diżabbiltà. Minħabba l-importanza u l-użu dejjem akbar tas-sistemi tal-IA, l-applikazzjoni tal-prinċipji tad-disinn universali għat-teknoloġiji u s-servizzi l-ġodda kollha jenħtieġ li tiżgura aċċess sħiħ u ugwali għal kulħadd li potenzjalment jista' jiġi affettwat minn jew li juża teknoloġiji tal-IA, inkluż persuni b'diżabbiltà, b'mod li jqis bis-sħiħ id-dinjità u d-diversità inerenti tagħhom. Għalhekk huwa essenzjali li l-fornituri jiżguraw konformità sħiħa mar-rekwiżiti ta' aċċessibbiltà, inkluż id-Direttiva (UE) 2016/2102 tal-Parlament Ewropew u tal-Kunsill (38) u d-Direttiva (UE) 2019/882. Jenħtieġ li l-fornituri jiżguraw il-konformità ma' dawn ir-rekwiżiti mid-disinn. Għalhekk, jenħtieġ li l-miżuri meħtieġa jiġu integrati kemm jista' jkun fid-disinn tas-sistema tal-IA b'riskju għoli.

(80)

As signatories to the United Nations Convention on the Rights of Persons with Disabilities, the Union and the Member States are legally obliged to protect persons with disabilities from discrimination and promote their equality, to ensure that persons with disabilities have access, on an equal basis with others, to information and communications technologies and systems, and to ensure respect for privacy for persons with disabilities. Given the growing importance and use of AI systems, the application of universal design principles to all new technologies and services should ensure full and equal access for everyone potentially affected by or using AI technologies, including persons with disabilities, in a way that takes full account of their inherent dignity and diversity. It is therefore essential that providers ensure full compliance with accessibility requirements, including Directive (EU) 2016/2102 of the European Parliament and of the Council (38) and Directive (EU) 2019/882. Providers should ensure compliance with these requirements by design. Therefore, the necessary measures should be integrated as much as possible into the design of the high-risk AI system.

(81)

Jenħtieġ li l-fornitur jistabbilixxi sistema tajba ta' ġestjoni tal-kwalità, jiżgura t-twettiq tal-proċedura mitluba għal valutazzjoni tal-konformità, ifassal id-dokumentazzjoni rilevanti u jistabbilixxi sistema robusta ta' sorveljanza ta' wara t-tqegħid fis-suq. Jenħtieġ li l-fornituri tas-sistemi tal-IA b'riskju għoli li huma soġġetti għal obbligi rigward is-sistemi ta' ġestjoni tal-kwalità skont il-liġi settorjali rilevanti tal-Unjoni jkollhom il-possibbiltà li jinkludu l-elementi tas-sistema ta' ġestjoni tal-kwalità previsti f'dan ir-Regolament bħala parti mis-sistema eżistenti ta' ġestjoni tal-kwalità prevista f'dik il-liġi settorjali l-oħra tal-Unjoni. Jenħtieġ li l-komplementarjetà bejn dan ir-Regolament u l-liġi settorjali eżistenti tal-Unjoni titqies ukoll fl-attivitajiet ta' standardizzazzjoni jew ta' gwida futuri adottati mill-Kummissjoni. L-awtoritajiet pubbliċi li jqiegħdu fis-servizz sistemi tal-IA b'riskju għoli għall-użu tagħhom stess jistgħu jadottaw u jimplimentaw ir-regoli għas-sistema ta' ġestjoni tal-kwalità bħala parti mis-sistema ta' ġestjoni tal-kwalità adottata fil-livell nazzjonali jew reġjonali, kif xieraq, filwaqt li jqisu l-ispeċifiċitajiet tas-settur u l-kompetenzi u l-organizzazzjoni tal-awtorità pubblika kkonċernata.

(81)

The provider should establish a sound quality management system, ensure the accomplishment of the required conformity assessment procedure, draw up the relevant documentation and establish a robust post-market monitoring system. Providers of high-risk AI systems that are subject to obligations regarding quality management systems under relevant sectoral Union law should have the possibility to include the elements of the quality management system provided for in this Regulation as part of the existing quality management system provided for in that other sectoral Union law. The complementarity between this Regulation and existing sectoral Union law should also be taken into account in future standardisation activities or guidance adopted by the Commission. Public authorities which put into service high-risk AI systems for their own use may adopt and implement the rules for the quality management system as part of the quality management system adopted at a national or regional level, as appropriate, taking into account the specificities of the sector and the competences and organisation of the public authority concerned.

(82)

Biex jiġi ffaċilitat l-infurzar ta' dan ir-Regolament u jinħolqu kundizzjonijiet ekwi għall-operaturi, u filwaqt li jitqiesu l-forom differenti ta' tqegħid għad-dispożizzjoni tal-prodotti diġitali, hu importanti li jkun żgurat li, f'kull ċirkostanza, persuna stabbilita fl-Unjoni tkun tista' tipprovdi l-informazzjoni kollha meħtieġa lill-awtoritajiet dwar il-konformità tas-sistema tal-IA. Għalhekk, qabel ma jagħmlu s-sistemi tal-IA tagħhom disponibbli fl-Unjoni, il-fornituri stabbiliti f'pajjiżi terzi jenħtieġ li jaħtru, b'mandat bil-miktub, rappreżentant awtorizzat stabbilit fl-Unjoni. Dan ir-rappreżentant awtorizzat għandu rwol kruċjali biex jiżgura l-konformità tas-sistemi tal-IA b'riskju għoli introdotti fis-suq jew imqiegħda fis-servizz fl-Unjoni minn dawk il-fornituri li mhumiex stabbiliti fl-Unjoni, u biex iservi bħala l-persuna ta' kuntatt tagħhom stabbilit fl-Unjoni.

(82)

To enable enforcement of this Regulation and create a level playing field for operators, and, taking into account the different forms of making available of digital products, it is important to ensure that, under all circumstances, a person established in the Union can provide authorities with all the necessary information on the compliance of an AI system. Therefore, prior to making their AI systems available in the Union, providers established in third countries should, by written mandate, appoint an authorised representative established in the Union. This authorised representative plays a pivotal role in ensuring the compliance of the high-risk AI systems placed on the market or put into service in the Union by those providers who are not established in the Union and in serving as their contact person established in the Union.

(83)

Fid-dawl tan-natura u l-kumplessità tal-katina tal-valur għas-sistemi tal-IA u f'konformità mal-Qafas Leġiżlattiv Ġdid, huwa essenzjali li tiġi żgurata ċ-ċertezza legali u tiġi ffaċilitata l-konformità ma' dan ir-Regolament. Għalhekk, jeħtieġ li jiġu ċċarati r-rwol u l-obbligi speċifiċi tal-operaturi rilevanti tul dik il-katina tal-valur, bħall-importaturi u d-distributuri li jistgħu jikkontribwixxu għall-iżvilupp tas-sistemi tal-IA. F'ċerti sitwazzjonijiet, dawk l-operaturi jistgħu jaġixxu f'aktar minn rwol wieħed fl-istess ħin u għalhekk jenħtieġ li jissodisfaw b'mod kumulattiv l-obbligi rilevanti kollha assoċjati ma' dawk ir-rwoli. Pereżempju, operatur jista' jaġixxi bħala distributur u importatur fl-istess ħin.

(83)

In light of the nature and complexity of the value chain for AI systems and in line with the New Legislative Framework, it is essential to ensure legal certainty and facilitate the compliance with this Regulation. Therefore, it is necessary to clarify the role and the specific obligations of relevant operators along that value chain, such as importers and distributors who may contribute to the development of AI systems. In certain situations those operators could act in more than one role at the same time and should therefore fulfil cumulatively all relevant obligations associated with those roles. For example, an operator could act as a distributor and an importer at the same time.

(84)

Biex tiġi żgurata ċ-ċertezza legali, jeħtieġ li jiġi ċċarat li, taħt ċerti kundizzjonijiet speċifiċi, jenħtieġ li kwalunkwe distributur, importatur, implimentatur jew parti terza oħra titqies bħala fornitur ta' sistema ġdida tal-IA b'riskju għoli u għalhekk tassumi l-obbligi rilevanti kollha. Dan ikun il-każ jekk dik il-parti tqiegħed isimha jew it-trademark tagħha fuq sistema tal-IA b'riskju għoli diġà introdotta fis-suq jew imqiegħda fis-servizz, mingħajr preġudizzju għall-arranġamenti kuntrattwali li jistipulaw li l-obbligi jiġu allokati mod ieħor. Dan ikun ukoll il-każ jekk dik il-parti tagħmel modifika sostanzjali f'sistema tal-IA b'riskju għoli li tkun diġà introdotta fis-suq jew diġà tqiegħdet fis-servizz b'mod li tibqa' sistema tal-IA b'riskju għoli f'konformità ma' dan ir-Regolament, jew jekk timmodifika l-għan maħsub ta' sistema tal-IA, inkluż sistema tal-IA bi skop ġenerali, li ma tkunx ġiet ikklassifikata bħala b'riskju għoli u li tkun diġà introdotta fis-suq jew imqiegħda fis-servizz, b'mod li s-sistema tal-IA ssir sistema tal-IA b'riskju għoli f'konformità ma' dan ir-Regolament. Jenħtieġ li dawk id-dispożizzjonijiet japplikaw mingħajr preġudizzju għal dispożizzjonijiet aktar speċifiċi stabbiliti f'ċerti leġiżlazzjoni tal-Unjoni dwar l-armonizzazzjoni bbażata fuq il-Qafas Leġiżlattiv Ġdid, li flimkien miegħu għandu japplika dan ir-Regolament. Pereżempju, jenħtieġ li l-Artikolu 16(2), tar-Regolament (UE) 2017/745, li jistabbilixxi li ċerti bidliet m'għandhomx jitqiesu bħala modifiki ta' apparat li jistgħu jaffettwaw il-konformità tiegħu mar-rekwiżiti applikabbli, ikompli japplika għal sistemi tal-IA b'riskju għoli li huma apparati mediċi skont it-tifsira ta' dak ir-Regolament.

(84)

To ensure legal certainty, it is necessary to clarify that, under certain specific conditions, any distributor, importer, deployer or other third-party should be considered to be a provider of a high-risk AI system and therefore assume all the relevant obligations. This would be the case if that party puts its name or trademark on a high-risk AI system already placed on the market or put into service, without prejudice to contractual arrangements stipulating that the obligations are allocated otherwise. This would also be the case if that party makes a substantial modification to a high-risk AI system that has already been placed on the market or has already been put into service in a way that it remains a high-risk AI system in accordance with this Regulation, or if it modifies the intended purpose of an AI system, including a general-purpose AI system, which has not been classified as high-risk and has already been placed on the market or put into service, in a way that the AI system becomes a high-risk AI system in accordance with this Regulation. Those provisions should apply without prejudice to more specific provisions established in certain Union harmonisation legislation based on the New Legislative Framework, together with which this Regulation should apply. For example, Article 16(2) of Regulation (EU) 2017/745, establishing that certain changes should not be considered to be modifications of a device that could affect its compliance with the applicable requirements, should continue to apply to high-risk AI systems that are medical devices within the meaning of that Regulation.

(85)

Sistemi tal-IA bi skop ġenerali jistgħu jintużaw bħala sistemi tal-IA b'riskju għoli waħedhom jew ikunu komponenti ta' sistemi oħra tal-IA b'riskju għoli. Għaldaqstant, minħabba n-natura partikolari tagħhom u sabiex jiġi żgurat tqassim ġust tar-responsabbiltajiet tul il-katina ta' valur tal-IA, jenħtieġ li l-fornituri ta' tali sistemi, irrispettivament minn jekk jistgħux jintużaw bħala sistemi tal-IA b'riskju għoli bħala tali minn fornituri oħra jew bħala komponenti ta' sistemi tal-IA b'riskju għoli u dment li ma jkunx previst mod ieħor skont dan ir-Regolament, jikkooperaw mill-qrib mal-fornituri tas-sistemi tal-IA b'riskju għoli rilevanti biex jiffaċilitaw il-konformità tagħhom mal-obbligi rilevanti skont dan ir-Regolament u mal-awtoritajiet kompetenti stabbiliti skont dan ir-Regolament.

(85)

General-purpose AI systems may be used as high-risk AI systems by themselves or be components of other high-risk AI systems. Therefore, due to their particular nature and in order to ensure a fair sharing of responsibilities along the AI value chain, the providers of such systems should, irrespective of whether they may be used as high-risk AI systems as such by other providers or as components of high-risk AI systems and unless provided otherwise under this Regulation, closely cooperate with the providers of the relevant high-risk AI systems to enable their compliance with the relevant obligations under this Regulation and with the competent authorities established under this Regulation.

(86)

Meta, skont il-kundizzjonijiet stabbiliti f'dan ir-Regolament, jenħtieġ li l-fornitur li inizjalment ikun introduċa s-sistema tal-IA fis-suq jew qiegħdha fis-servizz ma jibqax jitqies bħala l-fornitur għall-finijiet ta' dan ir-Regolament, u meta dak il-fornitur ma jkunx eskluda espressament il-bidla tas-sistema tal-IA f'sistema tal-IA b'riskju għoli, jenħtieġ li dan il-fornitur preċedenti madankollu jikkoopera mill-qrib u jagħmel disponibbli l-informazzjoni meħtieġa u jipprovdi l-aċċess tekniku raġonevolment mistenni u assistenza oħra meħtieġa għat-twettiq tal-obbligi stipulati f'dan ir-Regolament, b'mod partikolari fir-rigward tar-rispett tal-valutazzjoni tal-konformità tas-sistemi tal-IA b'riskju għoli.

(86)

Where, under the conditions laid down in this Regulation, the provider that initially placed the AI system on the market or put it into service should no longer be considered to be the provider for the purposes of this Regulation, and when that provider has not expressly excluded the change of the AI system into a high-risk AI system, the former provider should nonetheless closely cooperate and make available the necessary information and provide the reasonably expected technical access and other assistance that are required for the fulfilment of the obligations set out in this Regulation, in particular regarding the compliance with the conformity assessment of high-risk AI systems.

(87)

Barra minn hekk, meta sistema tal-IA b'riskju għoli li tkun komponent tas-sikurezza ta' prodott li jaqa' fil-kamp ta' applikazzjoni tal-leġiżlazzjoni tal-Unjoni dwar l-armonizzazzjoni bbażata fuq il-Qafas Leġiżlattiv Ġdid ma tkunx introdotta fis-suq jew ma titqiegħedx fis-servizz indipendentement mill-prodott, jenħtieġ li l-manifattur tal-prodott definit f'dik il-leġiżlazzjoni jikkonforma mal-obbligi tal-fornitur stabbilit f'dan ir-Regolament u jenħtieġ li, b'mod partikolari, jiżgura li s-sistema tal-IA inkorporata fil-prodott finali tikkonforma mar-rekwiżiti ta' dan ir-Regolament.

(87)

In addition, where a high-risk AI system that is a safety component of a product which falls within the scope of Union harmonisation legislation based on the New Legislative Framework is not placed on the market or put into service independently from the product, the product manufacturer defined in that legislation should comply with the obligations of the provider established in this Regulation and should, in particular, ensure that the AI system embedded in the final product complies with the requirements of this Regulation.

(88)

Tul il-katina tal-valur tal-IA diversi partijiet spiss jipprovdu sistemi tal-IA, għodod u servizzi iżda wkoll komponenti jew proċessi li jiġu inkorporati mill-fornitur fis-sistema tal-IA, b'diversi objettivi inkluż it-taħriġ tal-mudell, it-taħriġ mill-ġdid tal-mudell, l-ittestjar u l-evalwazzjoni tal-mudell, l-integrazzjoni fis-software, jew aspetti oħra tal-iżvilupp tal-mudell. Dawk il-partijiet għandhom rwol importanti fil-katina tal-valur għall-fornitur tas-sistema tal-IA b'riskju għoli li fiha jiġu integrati s-sistemi, l-għodod, is-servizzi, il-komponenti jew il-proċessi tal-IA tagħhom, u jenħtieġ li jipprovdu, permezz ta' ftehim bil-miktub lil dan il-fornitur, l-informazzjoni, il-kapaċitajiet, l-aċċess tekniku u assistenza oħra meħtieġa abbażi tal-ogħla livell ta' żvilupp tekniku rikonoxxut b'mod ġenerali, sabiex il-fornitur ikun jista' jikkonforma bis-sħiħ mal-obbligi stipulati f'dan ir-Regolament, mingħajr ma jikkompromettu d-drittijiet tal-proprjetà intellettwali jew is-sigrieti kummerċjali tagħhom stess.

(88)

Along the AI value chain multiple parties often supply AI systems, tools and services but also components or processes that are incorporated by the provider into the AI system with various objectives, including the model training, model retraining, model testing and evaluation, integration into software, or other aspects of model development. Those parties have an important role to play in the value chain towards the provider of the high-risk AI system into which their AI systems, tools, services, components or processes are integrated, and should provide by written agreement this provider with the necessary information, capabilities, technical access and other assistance based on the generally acknowledged state of the art, in order to enable the provider to fully comply with the obligations set out in this Regulation, without compromising their own intellectual property rights or trade secrets.

(89)

Partijiet terzi li jagħmlu aċċessibbli għall-pubbliku l-għodod, is-servizzi, il-proċessi, jew il-komponenti tal-IA għajr il-mudelli tal-IA bi skop ġenerali, jenħtieġ li ma jingħatawx il-mandat li jikkonformaw mar-rekwiżiti mmirati lejn ir-responsabbiltajiet tul il-katina tal-valur tal-IA, b'mod partikolari lejn il-fornitur li jkun użahom jew integrahom, meta dawk l-għodod, servizzi, proċessi, jew komponenti tal-IA jsiru aċċessibbli b'liċenzja libera u b’sors miftuħ. Jenħtieġ li l-iżviluppaturi ta' għodod, servizzi, proċessi jew komponenti tal-IA liberi u b'sors miftuħ jitħeġġu jimplimentaw prattiki ta' dokumentazzjoni adottati b'mod wiesa', bħal kards mudell u skedi tad-data, bħala mod biex titħaffef il-kondiviżjoni tal-informazzjoni tul il-katina tal-valur tal-IA, u dan jippermetti l-promozzjoni ta' sistemi tal-IA affidabbli fl-Unjoni.

(89)

Third parties making accessible to the public tools, services, processes, or AI components other than general-purpose AI models, should not be mandated to comply with requirements targeting the responsibilities along the AI value chain, in particular towards the provider that has used or integrated them, when those tools, services, processes, or AI components are made accessible under a free and open-source licence. Developers of free and open-source tools, services, processes, or AI components other than general-purpose AI models should be encouraged to implement widely adopted documentation practices, such as model cards and data sheets, as a way to accelerate information sharing along the AI value chain, allowing the promotion of trustworthy AI systems in the Union.

(90)

Il-Kummissjoni tista' tiżviluppa u tirrakkomanda mudelli volontarji ta' termini kuntrattwali bejn il-fornituri ta' sistemi tal-IA b'riskju għoli u l-partijiet terzi li jipprovdu għodod, servizzi, komponenti jew proċessi li jintużaw jew jiġu integrati f'sistemi tal-IA b'riskju għoli, biex tiġi ffaċilitata l-kooperazzjoni tul il-katina tal-valur. Meta tiżviluppa mudelli volontarji ta' termini kuntrattwali, jenħtieġ li l-Kummissjoni qis ir-rekwiżiti kuntrattwali possibbli applikabbli f'setturi jew każijiet ta' negozju speċifiċi.

(90)

The Commission could develop and recommend voluntary model contractual terms between providers of high-risk AI systems and third parties that supply tools, services, components or processes that are used or integrated in high-risk AI systems, to facilitate the cooperation along the value chain. When developing voluntary model contractual terms, the Commission should also take into account possible contractual requirements applicable in specific sectors or business cases.

(91)

Minħabba n-natura tas-sistemi tal-IA u r-riskji għas-sikurezza u għad-drittijiet fundamentali possibbilment assoċjati mal-użu tagħhom, inkluż fir-rigward tal-ħtieġa li jkun żgurat monitoraġġ xieraq tal-prestazzjoni tas-sistema tal-IA f'ambjent tal-ħajja reali, jixraq jiġu stabbiliti responsabbiltajiet speċifiċi għall-implimentaturi. Jenħtieġ li l-implimentaturi, b'mod partikolari, jieħdu miżuri tekniċi u organizzattivi biex jiżguraw li jużaw sistemi tal-IA b'riskju għoli f'konformità mal-istruzzjonijiet tal-użu u jenħtieġ li jiġu previsti ċerti obbligi oħra fir-rigward tal-monitoraġġ tal-funzjonament tas-sistemi tal-IA u fir-rigward taż-żamma tar-rekords, kif xieraq. Barra minn hekk, jenħtieġ li l-implimentaturi jiżguraw li l-persuni assenjati biex jimplimentaw l-istruzzjonijiet għall-użu u għas-sorveljanza mill-bniedem kif stipulat f'dan ir-Regolament ikollhom il-kompetenza meħtieġa, b'mod partikolari livell adegwat ta' litteriżmu, taħriġ u awtorità fir-rigward tal-IA biex iwettqu dawk il-kompiti kif suppost. Jenħtieġ li dawk l-obbligi jkunu mingħajr preġudizzju għal obbligi oħra tal-implimentatur fir-rigward tas-sistemi tal-IA b'riskju għoli skont il-liġi tal-Unjoni jew dik nazzjonali.

(91)

Given the nature of AI systems and the risks to safety and fundamental rights possibly associated with their use, including as regards the need to ensure proper monitoring of the performance of an AI system in a real-life setting, it is appropriate to set specific responsibilities for deployers. Deployers should in particular take appropriate technical and organisational measures to ensure they use high-risk AI systems in accordance with the instructions of use and certain other obligations should be provided for with regard to monitoring of the functioning of the AI systems and with regard to record-keeping, as appropriate. Furthermore, deployers should ensure that the persons assigned to implement the instructions for use and human oversight as set out in this Regulation have the necessary competence, in particular an adequate level of AI literacy, training and authority to properly fulfil those tasks. Those obligations should be without prejudice to other deployer obligations in relation to high-risk AI systems under Union or national law.

(92)

Dan ir-Regolament huwa mingħajr preġudizzju għall-obbligi għall-impjegaturi li jinfurmaw jew jinfurmaw u jikkonsultaw lill-ħaddiema jew lir-rappreżentanti tagħhom skont id-dritt u l-prattika tal-Unjoni jew nazzjonali, inkluż id-Direttiva 2002/14/KE tal-Parlament Ewropew u tal-Kunsill (39), dwar deċiżjonijiet biex jitqiegħdu fis-servizz jew jintużaw sistemi tal-IA. Jibqa' meħtieġ li tiġi żgurata l-informazzjoni tal-ħaddiema u tar-rappreżentanti tagħhom dwar l-użu ppjanat ta' sistemi tal-IA b'riskju għoli fuq il-post tax-xogħol fejn il-kundizzjonijiet għal dawk l-obbligi ta' informazzjoni jew ta' informazzjoni u konsultazzjoni fi strumenti legali oħra ma jkunux issodisfati. Barra minn hekk, tali dritt għall-informazzjoni huwa anċillari u meħtieġ għall-objettiv tal-protezzjoni tad-drittijiet fundamentali li huwa l-bażi ta' dan ir-Regolament. Għalhekk, jenħtieġ li jiġi stabbilit rekwiżit ta' informazzjoni għal dak l-għan f'dan ir-Regolament, mingħajr ma jiġi affettwat l-ebda dritt eżistenti tal-ħaddiema.

(92)

This Regulation is without prejudice to obligations for employers to inform or to inform and consult workers or their representatives under Union or national law and practice, including Directive 2002/14/EC of the European Parliament and of the Council (39), on decisions to put into service or use AI systems. It remains necessary to ensure information of workers and their representatives on the planned deployment of high-risk AI systems at the workplace where the conditions for those information or information and consultation obligations in other legal instruments are not fulfilled. Moreover, such information right is ancillary and necessary to the objective of protecting fundamental rights that underlies this Regulation. Therefore, an information requirement to that effect should be laid down in this Regulation, without affecting any existing rights of workers.

(93)

Filwaqt li r-riskji relatati mas-sistemi tal-IA jistgħu jirriżultaw mill-mod kif jiġu ddisinjati sistemi bħal dawn, ir-riskji jistgħu jinħolqu wkoll minn kif jintużaw sistemi tal-IA bħal dawn. L-implimentaturi ta' sistema tal-IA b'riskju għoli għaldaqstant għandhom rwol kritiku fl-iżgurar li jiġu protetti d-drittijiet fundamentali, filwaqt li jikkomplementaw l-obbligi tal-fornitur meta jiżviluppa s-sistema tal-IA. L-implimentaturi jinsabu fl-aħjar pożizzjoni biex jifhmu kif is-sistema tal-IA b'riskju għoli ser tintuża b'mod konkret u għalhekk jistgħu jidentifikaw riskji sinfikanti potenzjali li ma kinux previsti fil-fażi tal-iżvilupp, minħabba għarfien aktar preċiż tal-kuntest tal-użu, tal-persuni jew tal-gruppi ta' persuni li x'aktarx jiġu affettwati, inkluż gruppi vulnerabbli. L-implimentaturi ta' sistemi tal-IA b'riskju għoli elenkati f'anness ta' dan ir-Regolament ukoll għandhom rwol kruċjali li jinfurmaw lil persuni fiżiċi u, meta jieħdu deċiżjonijiet jew jassistu fit-teħid ta' deċiżjonijiet relatati mal-persuni fiżiċi, jenħtieġ li fejn applikabbli jinfurmaw lill-persuni fiżiċi li huma soġġetti għall-użu ta' sistema tal-IA b'riskju għoli. Jenħtieġ li din l-informazzjoni tinkludi l-għan maħsub u t-tip ta' deċiżjonijiet li tieħu. Jenħtieġ li l-implimentatur jinforma wkoll lill-persuni fiżiċi dwar id-dritt tagħhom għal spjegazzjoni pprovdut skont dan ir-Regolament. Fir-rigward tas-sistemi tal-IA b'riskju għoli użati għall-finijiet tal-infurzar tal-liġi, jenħtieġ li dak l-obbligu jiġi implimentat f'konformità mal-Artikolu 13 tad-Direttiva (UE) 2016/680.

(93)

Whilst risks related to AI systems can result from the way such systems are designed, risks can as well stem from how such AI systems are used. Deployers of high-risk AI system therefore play a critical role in ensuring that fundamental rights are protected, complementing the obligations of the provider when developing the AI system. Deployers are best placed to understand how the high-risk AI system will be used concretely and can therefore identify potential significant risks that were not foreseen in the development phase, due to a more precise knowledge of the context of use, the persons or groups of persons likely to be affected, including vulnerable groups. Deployers of high-risk AI systems listed in an annex to this Regulation also play a critical role in informing natural persons and should, when they make decisions or assist in making decisions related to natural persons, where applicable, inform the natural persons that they are subject to the use of the high-risk AI system. This information should include the intended purpose and the type of decisions it makes. The deployer should also inform the natural persons about their right to an explanation provided under this Regulation. With regard to high-risk AI systems used for law enforcement purposes, that obligation should be implemented in accordance with Article 13 of Directive (EU) 2016/680.

(94)

Jenħtieġ li kwalunkwe pproċessar ta' data bijometrika involut fl-użu tas-sistemi tal-IA għall-identifikazzjoni bijometrika għall-fini ta' infurzar tal-liġi jikkonforma mal-Artikolu 10 tad-Direttiva (UE) 2016/680, li jippermetti dan l-ipproċessar biss meta strettament meħtieġ, soġġett għal salvagwardji xierqa għad-drittijiet u l-libertajiet tas-suġġett tad-data, u meta awtorizzat mil-liġi tal-Unjoni jew ta' Stat Membru. Tali użu, meta awtorizzat, għandu jirrispetta wkoll il-prinċipji stabbiliti fl-Artikolu 4(1) tad-Direttiva (UE) 2016/680 inkluż il-legalità, il-ġustizzja u t-trasparenza, il-limitazzjoni tal-iskop, il-preċiżjoni, l-akkuratezza u l-limitazzjoni tal-ħżin.

(94)

Any processing of biometric data involved in the use of AI systems for biometric identification for the purpose of law enforcement needs to comply with Article 10 of Directive (EU) 2016/680, that allows such processing only where strictly necessary, subject to appropriate safeguards for the rights and freedoms of the data subject, and where authorised by Union or Member State law. Such use, when authorised, also needs to respect the principles laid down in Article 4 (1) of Directive (EU) 2016/680 including lawfulness, fairness and transparency, purpose limitation, accuracy and storage limitation.

(95)

Mingħajr preġudizzju għal-liġi applikabbli tal-Unjoni, b'mod partikolari r-Regolament (UE) 2016/679 u d-Direttiva (UE) 2016/680, meta titqies in-natura intrużiva tas-sistemi ta’ identifikazzjoni bijometrika remota “f'ħin aktar tard”, l-użu ta' sistemi ta’ identifikazzjoni bijometrika remota “f'ħin aktar tard” jenħtieġ li jkun soġġett għal salvagwardji. Jenħtieġ li s-sistemi ta’ identifikazzjoni bijometrika remota “f'ħin aktar tard” dejjem jintużaw b'mod li jkun proporzjonat, leġittimu u strettament meħtieġ, u għalhekk immirat, fir-rigward tal-individwi li għandhom jiġu identifikati, il-post, il-kamp ta' applikazzjoni temporali u abbażi ta' sett ta' data magħluq ta' filmati miksuba legalment. Fi kwalunkwe każ, jenħtieġ li s-sistemi ta’ identifikazzjoni bijometrika remota “f'ħin aktar tard” ma jintużawx fil-qafas tal-infurzar tal-liġi biex iwasslu għal sorveljanza indiskriminata. Fi kwalunkwe każ jenħtieġ li l-kundizzjonijiet għall-identifikazzjoni bijometrika remota “f'ħin aktar tard” ma jipprovdux bażi biex jiġu evitati l-kundizzjonijiet tal-projbizzjoni u l-eċċezzjonijiet stretti għall-identifikazzjoni bijometrika remota f'ħin reali.

(95)

Without prejudice to applicable Union law, in particular Regulation (EU) 2016/679 and Directive (EU) 2016/680, considering the intrusive nature of post-remote biometric identification systems, the use of post-remote biometric identification systems should be subject to safeguards. Post-remote biometric identification systems should always be used in a way that is proportionate, legitimate and strictly necessary, and thus targeted, in terms of the individuals to be identified, the location, temporal scope and based on a closed data set of legally acquired video footage. In any case, post-remote biometric identification systems should not be used in the framework of law enforcement to lead to indiscriminate surveillance. The conditions for post-remote biometric identification should in any case not provide a basis to circumvent the conditions of the prohibition and strict exceptions for real time remote biometric identification.

(96)

Biex ikun żgurat b'mod effiċjenti li d-drittijiet fundamentali jiġu protetti, jenħtieġ li l-implimentaturi ta' sistemi tal-IA b'riskju għoli li huma korpi rregolati mil-liġi pubblika, jew entitajiet privati li jipprovdu servizzi pubbliċi u implimentaturi ta’ ċerti sistemi tal-IA b'riskju għoli elenkati f'anness ta' dan ir-Regolament, bħal entitajiet bankarji jew tal-assigurazzjoni, iwettqu valutazzjoni tal-impatt fuq id-drittijiet fundamentali qabel ma jibdew jużawha. Servizzi importanti għal individwi li huma ta' natura pubblika jistgħu jiġu pprovduti wkoll minn entitajiet privati. L-entitajiet privati li jipprovdu tali servizzi pubbliċi huma marbuta ma' kompiti fl-interess pubbliku bħal fl-oqsma tal-edukazzjoni, il-kura tas-saħħa, is-servizzi soċjali, l-akkomodazzjoni, l-amministrazzjoni tal-ġustizzja. L-għan tal-valutazzjoni tal-impatt fuq id-drittijiet fundamentali huwa li l-implimentatur jidentifika r-riskji speċifiċi għad-drittijiet tal-individwi jew tal-gruppi ta' individwi li x'aktarx jiġu affettwati u jidentifika l-miżuri li għandhom jittieħdu fil-każ li dawk ir-riskji jimmaterjalizzaw. Jenħtieġ li l-valutazzjoni tal-impatt titwettaq qabel l-użu tas-sistema tal-IA b'riskju għoli, u jenħtieġ li tiġi aġġornata meta l-implimentatur iqis li jkun inbidel xi wieħed mill-fatturi rilevanti. Jenħtieġ li l-valutazzjoni tal-impatt tidentifika l-proċessi rilevanti tal-implimentatur li fihom ser tintuża s-sistema tal-IA b'riskju għoli f'konformità mal-għan maħsub tagħha, u jenħtieġ li tinkludi deskrizzjoni tal-perjodu ta' żmien u l-frekwenza li fihom is-sistema tkun maħsuba li tintuża kif ukoll ta' kategoriji speċifiċi ta' persuni fiżiċi u gruppi li x'aktarx jiġu affettwati fil-kuntest speċifiku tal-użu. Jenħtieġ li l-valutazzjoni tinkludi wkoll l-identifikazzjoni ta' riskji speċifiċi ta' ħsara li x'aktarx ikollhom impatt fuq id-drittijiet fundamentali ta' dawk il-persuni jew gruppi. Meta jwettaq din il-valutazzjoni, jenħtieġ li l-implimentatur iqis l-informazzjoni rilevanti għal valutazzjoni xierqa tal-impatt, inkluż iżda mhux biss, l-informazzjoni mogħtija mill-fornitur tas-sistema tal-IA b'riskju għoli fl-istruzzjonijiet għall-użu. Fid-dawl tar-riskji identifikati, jenħtieġ li l-implimentaturi jiddeterminaw il-miżuri li għandhom jittieħdu f'każ tal-materjalizzazzjoni ta' dawk ir-riskji, inkluż pereżempju arranġamenti ta' governanza f'dak il-kuntest speċifiku tal-użu, bħal arranġamenti għas-sorveljanza mill-bniedem skont l-istruzzjonijiet tal-użu jew, it-trattament tal-ilmenti u l-proċeduri ta' rimedju, peress li dawn jistgħu jkunu strumentali fil-mitigazzjoni tar-riskji għad-drittijiet fundamentali f'każijiet konkreti ta' użu. Wara li jwettaq dik il-valutazzjoni tal-impatt, jenħtieġ li l-implimentatur jinnotifika lill-awtorità tas-sorveljanza tas-suq rilevanti. Meta xieraq, biex tinġabar l-informazzjoni rilevanti meħtieġa biex titwettaq il-valutazzjoni tal-impatt, l-implimentaturi tas-sistema tal-IA b'riskju għoli, b'mod partikolari meta jintużaw sistemi tal-IA fis-settur pubbliku, jistgħu jinvolvu lill-partijiet ikkonċernati rilevanti, inkluż ir-rappreżentanti ta' gruppi ta' persuni li x'aktarx ikunu affettwati mis-sistema tal-IA, esperti indipendenti, u organizzazzjonijiet tas-soċjetà ċivili fit-twettiq ta' dawn il-valutazzjonijiet tal-impatt u fit-tfassil tal-miżuri li għandhom jittieħdu fil-każ tal-materjalizzazzjoni tar-riskji. Jenħtieġ li l-Uffiċċju Ewropew għall-Intelliġenza Artifiċjali (l-Uffiċċju għall-IA) jiżviluppa mudell għal kwestjonarju sabiex jiffaċilita l-konformità u jnaqqas il-piż amministrattiv għall-amministraturi.

(96)

In order to efficiently ensure that fundamental rights are protected, deployers of high-risk AI systems that are bodies governed by public law, or private entities providing public services and deployers of certain high-risk AI systems listed in an annex to this Regulation, such as banking or insurance entities, should carry out a fundamental rights impact assessment prior to putting it into use. Services important for individuals that are of public nature may also be provided by private entities. Private entities providing such public services are linked to tasks in the public interest such as in the areas of education, healthcare, social services, housing, administration of justice. The aim of the fundamental rights impact assessment is for the deployer to identify the specific risks to the rights of individuals or groups of individuals likely to be affected, identify measures to be taken in the case of a materialisation of those risks. The impact assessment should be performed prior to deploying the high-risk AI system, and should be updated when the deployer considers that any of the relevant factors have changed. The impact assessment should identify the deployer’s relevant processes in which the high-risk AI system will be used in line with its intended purpose, and should include a description of the period of time and frequency in which the system is intended to be used as well as of specific categories of natural persons and groups who are likely to be affected in the specific context of use. The assessment should also include the identification of specific risks of harm likely to have an impact on the fundamental rights of those persons or groups. While performing this assessment, the deployer should take into account information relevant to a proper assessment of the impact, including but not limited to the information given by the provider of the high-risk AI system in the instructions for use. In light of the risks identified, deployers should determine measures to be taken in the case of a materialisation of those risks, including for example governance arrangements in that specific context of use, such as arrangements for human oversight according to the instructions of use or, complaint handling and redress procedures, as they could be instrumental in mitigating risks to fundamental rights in concrete use-cases. After performing that impact assessment, the deployer should notify the relevant market surveillance authority. Where appropriate, to collect relevant information necessary to perform the impact assessment, deployers of high-risk AI system, in particular when AI systems are used in the public sector, could involve relevant stakeholders, including the representatives of groups of persons likely to be affected by the AI system, independent experts, and civil society organisations in conducting such impact assessments and designing measures to be taken in the case of materialisation of the risks. The European Artificial Intelligence Office (AI Office) should develop a template for a questionnaire in order to facilitate compliance and reduce the administrative burden for deployers.

(97)

Jenħtieġ li l-kunċett ta' mudelli tal-IA bi skop ġenerali jiġi ddefinit b'mod ċar u jkun distint mill-kunċett ta' sistemi tal-IA biex ikun hemm ċertezza legali. Jenħtieġ li d-definizzjoni tkun ibbażata fuq il-karatteristiċi funzjonali ewlenin ta' mudell tal-IA bi skop ġenerali, b'mod partikolari l-ġeneralità u l-kapaċità li jwettaq b'mod kompetenti firxa wiesgħa ta' kompiti distinti. Dawn il-mudelli huma tipikament imħarrġa fuq ammonti kbar ta' data, permezz ta' diversi metodi, bħal tagħlim awtosorveljat, mhux sorveljat jew rinforzat. Il-mudelli tal-IA bi skop ġenerali jistgħu jiġu introdotti fis-suq b'diversi modi, inkluż permezz ta' libreriji, interfaċċi għall-ipprogrammar tal-applikazzjonijiet (APIs), bħala tniżżil dirett, jew bħala kopja fiżika. Dawn il-mudelli jistgħu jiġu mmodifikati jew irfinati aktar f'mudelli ġodda. Għalkemm il-mudelli tal-IA huma komponenti essenzjali tas-sistemi tal-IA, waħedhom ma jikkostitwixxux sistemi tal-IA. Il-mudelli tal-IA jeħtieġu ż-żieda ta' komponenti ulterjuri, bħal pereżempju interfaċċa tal-utent, biex isiru sistemi tal-IA. Il-mudelli tal-IA tipikament jiġu integrati fis-sistemi tal-IA u jiffurmaw parti minnhom. Dan ir-Regolament jipprevedi regoli speċifiċi għal mudelli tal-IA bi skop ġenerali u għal mudelli tal-IA bi skop ġenerali li joħolqu riskji sistemiċi, li jenħtieġ li japplikaw ukoll meta dawn il-mudelli jkunu integrati jew jiffurmaw parti minn sistema tal-IA. Jenħtieġ li jinftiehem li l-obbligi għall-fornituri ta' mudelli tal-IA bi skop ġenerali jenħtieġ li japplikaw ladarba l-mudelli tal-IA bi skop ġenerali jiġu introdotti fis-suq. Meta l-fornitur ta' mudell tal-IA bi skop ġenerali jintegra mudell proprju fis-sistema tal-IA tiegħu stess li jiġi introdott fis-suq jew jitqiegħed fis-servizz, jenħtieġ li dak il-mudell jitqies li ġie introdott fis-suq u, għalhekk, jenħtieġ li l-obbligi f'dan ir-Regolament għall-mudelli jkomplu japplikaw flimkien ma' dawk għas-sistemi tal-IA. Fi kwalunkwe każ jenħtieġ li l-obbligi stabbiliti għall-mudelli ma japplikawx meta mudell proprju jintuża għal proċessi purament interni li ma jkunux essenzjali għall-forniment ta' prodott jew servizz lil partijiet terzi u d-drittijiet tal-persuni fiżiċi ma jiġux affettwati. Meta jitqiesu l-effetti negattivi sinifikanti potenzjali tagħhom, jenħtieġ li l-mudelli tal-IA bi skop ġenerali b'riskju sistemiku dejjem ikunu soġġetti għall-obbligi rilevanti skont dan ir-Regolament. Jenħtieġ li d-definizzjoni ma tkoprix il-mudelli tal-IA użati qabel l-introduzzjoni tagħhom fis-suq għall-iskop uniku ta' attivitajiet ta' riċerka, żvilupp u ħolqien ta' prototipi. Dan huwa mingħajr preġudizzju għall-obbligu ta' konformità ma' dan ir-Regolament meta, wara tali attivitajiet, mudell jiġi introdott fis-suq.

(97)

The notion of general-purpose AI models should be clearly defined and set apart from the notion of AI systems to enable legal certainty. The definition should be based on the key functional characteristics of a general-purpose AI model, in particular the generality and the capability to competently perform a wide range of distinct tasks. These models are typically trained on large amounts of data, through various methods, such as self-supervised, unsupervised or reinforcement learning. General-purpose AI models may be placed on the market in various ways, including through libraries, application programming interfaces (APIs), as direct download, or as physical copy. These models may be further modified or fine-tuned into new models. Although AI models are essential components of AI systems, they do not constitute AI systems on their own. AI models require the addition of further components, such as for example a user interface, to become AI systems. AI models are typically integrated into and form part of AI systems. This Regulation provides specific rules for general-purpose AI models and for general-purpose AI models that pose systemic risks, which should apply also when these models are integrated or form part of an AI system. It should be understood that the obligations for the providers of general-purpose AI models should apply once the general-purpose AI models are placed on the market. When the provider of a general-purpose AI model integrates an own model into its own AI system that is made available on the market or put into service, that model should be considered to be placed on the market and, therefore, the obligations in this Regulation for models should continue to apply in addition to those for AI systems. The obligations laid down for models should in any case not apply when an own model is used for purely internal processes that are not essential for providing a product or a service to third parties and the rights of natural persons are not affected. Considering their potential significantly negative effects, the general-purpose AI models with systemic risk should always be subject to the relevant obligations under this Regulation. The definition should not cover AI models used before their placing on the market for the sole purpose of research, development and prototyping activities. This is without prejudice to the obligation to comply with this Regulation when, following such activities, a model is placed on the market.

(98)

Filwaqt li l-ġeneralità ta' mudell tista', fost kriterji oħra, tiġi ddeterminata wkoll minn għadd ta' parametri, jenħtieġ li l-mudelli b'mill-inqas biljun parametru u mħarrġa b'ammont kbir ta' data bl-użu ta' awtosuperviżjoni fuq skala kbira jitqiesu li juru ġeneralità sinifikanti u li jwettqu b'mod kompetenti firxa wiesgħa ta' kompiti distintivi.

(98)

Whereas the generality of a model could, inter alia, also be determined by a number of parameters, models with at least a billion of parameters and trained with a large amount of data using self-supervision at scale should be considered to display significant generality and to competently perform a wide range of distinctive tasks.

(99)

Il-mudelli ġenerattivi kbar tal-IA huma eżempju tipiku għal mudell tal-IA bi skop ġenerali, peress li jippermettu ġenerazzjoni flessibbli ta' kontenut, bħal fil-forma ta' test, awdjo, immaġnijiet jew vidjo, li jista' jakkomoda faċilment firxa wiesgħa ta' kompiti distintivi.

(99)

Large generative AI models are a typical example for a general-purpose AI model, given that they allow for flexible generation of content, such as in the form of text, audio, images or video, that can readily accommodate a wide range of distinctive tasks.

(100)

Meta mudell tal-IA bi skop ġenerali jiġi integrat f'sistema tal-IA jew jifforma parti minnha, jenħtieġ li din is-sistema titqies bħala sistema tal-IA bi skop ġenerali meta, minħabba din l-integrazzjoni, din is-sistema jkollha l-kapaċità li taqdi varjetà ta' skopijiet. Sistema tal-IA bi skop ġenerali tista' tintuża direttament, jew tista' tkun integrata f'sistemi oħra tal-IA.

(100)

When a general-purpose AI model is integrated into or forms part of an AI system, this system should be considered to be general-purpose AI system when, due to this integration, this system has the capability to serve a variety of purposes. A general-purpose AI system can be used directly, or it may be integrated into other AI systems.

(101)

Il-fornituri ta' mudelli tal-IA bi skop ġenerali għandhom rwol u responsabbiltà partikolari tul il-katina tal-valur tal-IA, peress li l-mudelli li jipprovdu jistgħu jiffurmaw il-bażi għal firxa ta' sistemi downstream, spiss ipprovduti minn fornituri downstream li jeħtieġu għarfien tajjeb tal-mudelli u tal-kapaċitajiet tagħhom, kemm biex jippermettu l-integrazzjoni ta' mudelli bħal dawn fil-prodotti tagħhom, kif ukoll biex jissodisfaw l-obbligi tagħhom skont dan ir-regolament jew skont regolamenti oħra. Għalhekk, jenħtieġ li jiġu stabbiliti miżuri proporzjonati ta' trasparenza, inkluż it-tfassil u ż-żamma aġġornata tad-dokumentazzjoni, u l-għoti ta' informazzjoni dwar il-mudell tal-IA bi skop ġenerali għall-użu tiegħu mill-fornituri downstream. Jenħtieġ li d-dokumentazzjoni teknika titħejja u tinżamm aġġornata mill-fornitur tal-mudell tal-IA bi skop ġenerali bl-għan li ssir disponibbli, fuq talba, għall-Uffiċċju għall-IA u għall-awtoritajiet nazzjonali kompetenti. Jenħtieġ li s-sett minimu ta' elementi li għandhom jiġu inklużi f'tali dokumentazzjoni jiġi stipulat fl-annessi speċifiċi ta' dan ir-Regolament. Jenħtieġ li l-Kummissjoni tingħata s-setgħa li temenda dawk l-annessi permezz ta' atti delegati fid-dawl tal-iżviluppi teknoloġiċi li qed jevolvu.

(101)

Providers of general-purpose AI models have a particular role and responsibility along the AI value chain, as the models they provide may form the basis for a range of downstream systems, often provided by downstream providers that necessitate a good understanding of the models and their capabilities, both to enable the integration of such models into their products, and to fulfil their obligations under this or other regulations. Therefore, proportionate transparency measures should be laid down, including the drawing up and keeping up to date of documentation, and the provision of information on the general-purpose AI model for its usage by the downstream providers. Technical documentation should be prepared and kept up to date by the general-purpose AI model provider for the purpose of making it available, upon request, to the AI Office and the national competent authorities. The minimal set of elements to be included in such documentation should be set out in specific annexes to this Regulation. The Commission should be empowered to amend those annexes by means of delegated acts in light of evolving technological developments.

(102)

Software u data, inkluż mudelli, rilaxxati taħt liċenzja libera u b'sors miftuħ li tippermettilhom jiġu kondiviżi b'mod miftuħ u fejn l-utenti jistgħu jaċċessaw, jużaw, jimmodifikaw u jiddistribwixxu mill-ġdid liberament il-verżjonijiet tagħhom jew il-verżjonijiet modifikati tagħhom, jistgħu jikkontribwixxu għar-riċerka u l-innovazzjoni fis-suq u jistgħu jipprovdu opportunitajiet sinifikanti ta' tkabbir għall-ekonomija tal-Unjoni. Jenħtieġ li jiġu kkunsidrati mudelli tal-IA bi skop ġenerali rilaxxati b'liċenzji liberi u b'sors miftuħ biex jiġu żgurati livelli għoljin ta' trasparenza u ftuħ jekk il-parametri tagħhom, inkluż il-piżijiet, l-informazzjoni dwar l-arkitettura tal-mudell, u l-informazzjoni dwar l-użu tal-mudell ikunu disponibbli għall-pubbliku. Jenħtieġ li l-liċenzja titqies b'liċenzja libera u b'sors miftuħ anke meta tippermetti lill-utenti jaħdmu, jikkupjaw, jiddistribwixxu, jistudjaw, jibdlu u jtejbu s-software u d-data, inkluż mudelli bil-kundizzjoni li l-fornitur oriġinali tal-mudell jiġi kkreditat u li jiġu rrispettati t-termini identiċi jew komparabbli tad-distribuzzjoni.

(102)

Software and data, including models, released under a free and open-source licence that allows them to be openly shared and where users can freely access, use, modify and redistribute them or modified versions thereof, can contribute to research and innovation in the market and can provide significant growth opportunities for the Union economy. General-purpose AI models released under free and open-source licences should be considered to ensure high levels of transparency and openness if their parameters, including the weights, the information on the model architecture, and the information on model usage are made publicly available. The licence should be considered to be free and open-source also when it allows users to run, copy, distribute, study, change and improve software and data, including models under the condition that the original provider of the model is credited, the identical or comparable terms of distribution are respected.

(103)

Komponenti tal-IA b'liċenzja libera u b'sors miftuħ ikopru s-software u d-data, inkluż mudelli u mudelli, għodod, servizzi jew proċessi tal-IA bi skop ġenerali ta' sistema tal-IA. Komponenti tal-IA b'liċenzja libera u b'sors miftuħ jistgħu jiġu pprovduti permezz ta' kanali differenti, inkluż l-iżvilupp tagħhom f'repożitorji miftuħa. Għall-finijiet ta' dan ir-Regolament, jenħtieġ li l-komponenti tal-IA li jiġu pprovduti bi ħlas jew monetizzati b'xi mod ieħor, inkluż bil-forniment ta' appoġġ tekniku jew servizzi oħra, fosthom permezz ta' pjattaforma tas-software, relatati mal-komponent tal-IA, jew l-użu ta' data personali għal raġunijiet għajr esklużivament għat-titjib tas-sigurtà, il-kompatibbiltà jew l-interoperabbiltà tas-software, bl-eċċezzjoni ta' tranżazzjonijiet bejn mikroimpriżi, ma jibbenefikawx mill-eċċezzjonijiet ipprovduti għall-komponenti tal-IA b'liċenzja libera u b'sors miftuħ. Jenħtieġ li fih innifsu, il-fatt li l-komponenti tal-IA jsiru disponibbli permezz ta' repożitorji miftuħa ma jikkostitwixxix monetizzazzjoni.

(103)

Free and open-source AI components covers the software and data, including models and general-purpose AI models, tools, services or processes of an AI system. Free and open-source AI components can be provided through different channels, including their development on open repositories. For the purposes of this Regulation, AI components that are provided against a price or otherwise monetised, including through the provision of technical support or other services, including through a software platform, related to the AI component, or the use of personal data for reasons other than exclusively for improving the security, compatibility or interoperability of the software, with the exception of transactions between microenterprises, should not benefit from the exceptions provided to free and open-source AI components. The fact of making AI components available through open repositories should not, in itself, constitute a monetisation.

(104)

Il-fornituri ta' mudelli tal-IA bi skop ġenerali li jiġu rilaxxati b'liċenzja libera u b'sors miftuħ, u li l-parametri tagħhom, inkluż il-piżijiet, l-informazzjoni dwar l-arkitettura tal-mudell, u l-informazzjoni dwar l-użu tal-mudell, isiru disponibbli għall-pubbliku, jenħtieġ li jkunu soġġetti għal eċċezzjonijiet fir-rigward tar-rekwiżiti relatati mat-trasparenza imposti fuq il-mudelli tal-IA bi skop ġenerali, sakemm ma jkunux jistgħu jitqiesu li jippreżentaw riskju sistemiku, f'liema każ iċ-ċirkostanza li l-mudell ikun trasparenti u akkumpanjat minn liċenzja b'sors miftuħ jenħtieġ li ma titqiesx bħala raġuni suffiċjenti biex tiġi eskluża l-konformità mal-obbligi skont dan ir-Regolament. Fi kwalunkwe każ, minħabba li r-rilaxx ta' mudelli tal-IA bi skop ġenerali b'liċenzja libera u b'sors miftuħ mhux neċessarjament jiżvela informazzjoni sostanzjali dwar is-sett tad-data użat għat-taħriġ jew għall-irfinar tal-mudell u dwar kif b'hekk ġiet żgurata l-konformità mal-liġi dwar id-drittijiet tal-awtur, jenħtieġ li l-eċċezzjoni prevista għall-mudelli tal-IA bi skop ġenerali mill-konformità mar-rekwiżiti relatati mat-trasparenza ma tikkonċernax l-obbligu li jingħata sommarju dwar il-kontenut użat għat-taħriġ tal-mudell u l-obbligu li tiġi stabbilita politika ta' konformità mal-liġi tal-Unjoni dwar id-drittijiet tal-awtur, b'mod partikolari biex tiġi identifikata u konformi mar-riżerva tad-drittijiet skont l-Artikolu 4(3) tad-Direttiva (UE) 2019/790 tal-Parlament Ewropew u tal-Kunsill (40).

(104)

The providers of general-purpose AI models that are released under a free and open-source licence, and whose parameters, including the weights, the information on the model architecture, and the information on model usage, are made publicly available should be subject to exceptions as regards the transparency-related requirements imposed on general-purpose AI models, unless they can be considered to present a systemic risk, in which case the circumstance that the model is transparent and accompanied by an open-source license should not be considered to be a sufficient reason to exclude compliance with the obligations under this Regulation. In any case, given that the release of general-purpose AI models under free and open-source licence does not necessarily reveal substantial information on the data set used for the training or fine-tuning of the model and on how compliance of copyright law was thereby ensured, the exception provided for general-purpose AI models from compliance with the transparency-related requirements should not concern the obligation to produce a summary about the content used for model training and the obligation to put in place a policy to comply with Union copyright law, in particular to identify and comply with the reservation of rights pursuant to Article 4(3) of Directive (EU) 2019/790 of the European Parliament and of the Council (40).

(105)

Il-mudelli tal-IA bi skop ġenerali, b'mod partikolari mudelli tal-IA ġenerattivi kbar, li kapaċi jiġġeneraw test, immaġnijiet, u kontenut ieħor, jippreżentaw opportunitajiet uniċi ta' innovazzjoni iżda wkoll sfidi għall-artisti, l-awturi, u kreaturi oħra u l-mod kif il-kontenut kreattiv tagħhom jinħoloq, jitqassam, jintuża u jiġi kkunsmat. L-iżvilupp u t-taħriġ ta' mudelli bħal dawn jeħtieġu aċċess għal ammonti kbar ta' testi, immaġnijiet, vidjows, u data oħra. It-tekniki tal-estrazzjoni tat-test u tad-data jistgħu jintużaw b'mod estensiv f'dan il-kuntest għall-irkupru u l-analiżi ta' tali kontenut, li jista' jiġi protett bid-drittijiet tal-awtur u bi drittijiet relatati. Kwalunkwe użu ta' kontenut protett bid-drittijiet tal-awtur jeħtieġ l-awtorizzazzjoni tad-detentur tad-drittijiet ikkonċernat sakemm ma japplikawx eċċezzjonijiet u limitazzjonijiet rilevanti tad-drittijiet tal-awtur. Id-Direttiva (UE) 2019/790 introduċiet eċċezzjonijiet u limitazzjonijiet li jippermettu r-riproduzzjonijiet u l-estrazzjonijiet ta' xogħlijiet jew materjal ieħor, għall-fini tal-estrazzjoni tat-test u tad-data, taħt ċerti kundizzjonijiet. Skont dawn ir-regoli, id-detenturi tad-drittijiet jistgħu jagħżlu li jirriżervaw id-drittijiet tagħhom fuq ix-xogħlijiet jew materjal ieħor tagħhom biex jipprevjenu l-estrazzjoni tat-test u tad-data, sakemm dan ma jsirx għall-finijiet ta' riċerka xjentifika. Meta d-drittijiet ta' nonparteċipazzjoni jkunu ġew espressament riżervati b'mod xieraq, il-fornituri ta' mudelli tal-IA bi skop ġenerali jeħtieġ li jiksbu awtorizzazzjoni mid-detenturi tad-drittijiet jekk ikunu jridu jwettqu estrazzjoni tat-test u tad-data fuq tali xogħlijiet.

(105)

General-purpose AI models, in particular large generative AI models, capable of generating text, images, and other content, present unique innovation opportunities but also challenges to artists, authors, and other creators and the way their creative content is created, distributed, used and consumed. The development and training of such models require access to vast amounts of text, images, videos and other data. Text and data mining techniques may be used extensively in this context for the retrieval and analysis of such content, which may be protected by copyright and related rights. Any use of copyright protected content requires the authorisation of the rightsholder concerned unless relevant copyright exceptions and limitations apply. Directive (EU) 2019/790 introduced exceptions and limitations allowing reproductions and extractions of works or other subject matter, for the purpose of text and data mining, under certain conditions. Under these rules, rightsholders may choose to reserve their rights over their works or other subject matter to prevent text and data mining, unless this is done for the purposes of scientific research. Where the rights to opt out has been expressly reserved in an appropriate manner, providers of general-purpose AI models need to obtain an authorisation from rightsholders if they want to carry out text and data mining over such works.

(106)

Jenħtieġ li l-fornituri li jintroduċu mudelli tal-IA bi skop ġenerali fis-suq tal-Unjoni jiżguraw il-konformità mal-obbligi rilevanti f'dan ir-Regolament. Għal dak l-għan, jenħtieġ li l-fornituri ta' mudelli tal-IA bi skop ġenerali jistabbilixxu politika biex jikkonformaw mal-liġi tal-Unjoni dwar id-drittijiet tal-awtur u drittijiet relatati, b'mod partikolari biex jidentifikaw u jikkonformaw mar-riżerva tad-drittijiet espressa mid-detenturi tad-drittijiet skont l-Artikolu 4(3) tad-Direttiva (UE) 2019/790. Jenħtieġ li kwalunkwe fornitur li jintroduċi mudell tal-IA bi skop ġenerali fis-suq tal-Unjoni jikkonforma ma' dan l-obbligu, irrispettivament mill-ġuriżdizzjoni li fiha jseħħu l-atti rilevanti għad-drittijiet tal-awtur li jirfdu t-taħriġ ta' dawk il-mudelli tal-IA bi skop ġenerali. Dan huwa meħtieġ biex jiġu żgurati kundizzjonijiet ekwi fost il-fornituri ta' mudelli tal-IA bi skop ġenerali meta l-ebda fornitur ma jkun jista' jikseb vantaġġ kompetittiv fis-suq tal-Unjoni billi japplika standards tad-drittijiet tal-awtur aktar baxxi minn dawk ipprovduti fl-Unjoni.

(106)

Providers that place general-purpose AI models on the Union market should ensure compliance with the relevant obligations in this Regulation. To that end, providers of general-purpose AI models should put in place a policy to comply with Union law on copyright and related rights, in particular to identify and comply with the reservation of rights expressed by rightsholders pursuant to Article 4(3) of Directive (EU) 2019/790. Any provider placing a general-purpose AI model on the Union market should comply with this obligation, regardless of the jurisdiction in which the copyright-relevant acts underpinning the training of those general-purpose AI models take place. This is necessary to ensure a level playing field among providers of general-purpose AI models where no provider should be able to gain a competitive advantage in the Union market by applying lower copyright standards than those provided in the Union.

(107)

Sabiex tiżdied it-trasparenza dwar id-data li tintuża fit-taħriġ minn qabel u fit-taħriġ ta' mudelli tal-IA bi skop ġenerali, inkluż it-test u d-data protetti mil-liġi dwar id-drittijiet tal-awtur, huwa xieraq li l-fornituri ta' tali mudelli jfasslu u jagħmlu disponibbli għall-pubbliku sommarju dettaljat biżżejjed tal-kontenut użat għat-taħriġ tal-mudell tal-IA bi skop ġenerali. Filwaqt li titqies kif xieraq il-ħtieġa li jiġu protetti s-sigrieti kummerċjali u l-informazzjoni kummerċjali kunfidenzjali, jenħtieġ li dan is-sommarju jkun ġeneralment komprensiv fil-kamp ta' applikazzjoni tiegħu minflok ma jkun teknikament dettaljat biex jiffaċilita lill-partijiet b'interessi leġittimi, inkluż id-detenturi tad-drittijiet tal-awtur, biex jeżerċitaw u jinfurzaw id-drittijiet tagħhom skont il-liġi tal-Unjoni, pereżempju billi jelenka l-ġabriet jew is-settijiet ewlenin tad-data li jkunu ħarrġu l-mudell, bħal bażijiet tad-data privati jew pubbliċi kbar jew arkivji tad-data, u billi jipprovdi spjegazzjoni narrattiva dwar sorsi oħra ta' data użati. Huwa xieraq li l-Uffiċċju għall-IA jipprovdi mudell għas-sommarju, li jenħtieġ li jkun sempliċi, effettiv, u jippermetti lill-fornitur jipprovdi s-sommarju meħtieġ f'forma narrattiva.

(107)

In order to increase transparency on the data that is used in the pre-training and training of general-purpose AI models, including text and data protected by copyright law, it is adequate that providers of such models draw up and make publicly available a sufficiently detailed summary of the content used for training the general-purpose AI model. While taking into due account the need to protect trade secrets and confidential business information, this summary should be generally comprehensive in its scope instead of technically detailed to facilitate parties with legitimate interests, including copyright holders, to exercise and enforce their rights under Union law, for example by listing the main data collections or sets that went into training the model, such as large private or public databases or data archives, and by providing a narrative explanation about other data sources used. It is appropriate for the AI Office to provide a template for the summary, which should be simple, effective, and allow the provider to provide the required summary in narrative form.

(108)

Fir-rigward tal-obbligi imposti fuq il-fornituri ta' mudelli tal-IA bi skop ġenerali biex jistabbilixxu politika biex jikkonformaw mal-liġi tal-Unjoni dwar id-drittijiet tal-awtur u jagħmlu disponibbli għall-pubbliku sommarju tal-kontenut użat għat-taħriġ, jenħtieġ li l-Uffiċċju għall-IA jimmonitorja jekk il-fornitur ikunx issodisfa dawk l-obbligi mingħajr ma jivverifika jew jipproċedi biex jivvaluta wieħed wieħed kull xogħol tad-data tat-taħriġ fir-rigward tal-konformità mad-drittijiet tal-awtur. Dan ir-Regolament ma jaffettwax l-infurzar tar-regoli dwar id-drittijiet tal-awtur kif previst fil-liġi tal-Unjoni.

(108)

With regard to the obligations imposed on providers of general-purpose AI models to put in place a policy to comply with Union copyright law and make publicly available a summary of the content used for the training, the AI Office should monitor whether the provider has fulfilled those obligations without verifying or proceeding to a work-by-work assessment of the training data in terms of copyright compliance. This Regulation does not affect the enforcement of copyright rules as provided for under Union law.

(109)

Jenħtieġ li l-konformità mal-obbligi applikabbli għall-fornituri tal-mudelli tal-IA bi skop ġenerali tkun proporzjonata għat-tip ta' fornitur tal-mudell, bl-esklużjoni tal-ħtieġa ta' konformità għall-persuni li jiżviluppaw jew jużaw mudelli għal skopijiet ta' riċerka mhux professjonali jew xjentifika, li madankollu jenħtieġ li jiġu mħeġġa jikkonformaw b'mod volontarju ma' dawn ir-rekwiżiti. Mingħajr preġudizzju għal-liġi tal-Unjoni dwar id-drittijiet tal-awtur, jenħtieġ li l-konformità ma' dawk l-obbligi tqis kif xieraq id-daqs tal-fornitur u tippermetti modi simplifikati ta' konformità għall-SMEs inkluż in-negozji ġodda, li jenħtieġ li ma jirrappreżentawx kost eċċessiv u ma jiskoraġġixxux l-użu ta' tali mudelli. Fil-każ ta' modifika jew irfinar ta' mudell, jenħtieġ li l-obbligi għall-fornituri ta’ mudelli tal-IA bi skop ġenerali jkunu limitati għal dik il-modifika jew irfinar, pereżempju billi d-dokumentazzjoni teknika diġà eżistenti tiġi kkomplementata b'informazzjoni dwar il-modifiki, inkluż sorsi ġodda ta' data tat-taħriġ, bħala mezz biex jikkonformaw mal-obbligi tal-katina tal-valur previsti f'dan ir-Regolament.

(109)

Compliance with the obligations applicable to the providers of general-purpose AI models should be commensurate and proportionate to the type of model provider, excluding the need for compliance for persons who develop or use models for non-professional or scientific research purposes, who should nevertheless be encouraged to voluntarily comply with these requirements. Without prejudice to Union copyright law, compliance with those obligations should take due account of the size of the provider and allow simplified ways of compliance for SMEs, including start-ups, that should not represent an excessive cost and not discourage the use of such models. In the case of a modification or fine-tuning of a model, the obligations for providers of general-purpose AI models should be limited to that modification or fine-tuning, for example by complementing the already existing technical documentation with information on the modifications, including new training data sources, as a means to comply with the value chain obligations provided in this Regulation.

(110)

Il-mudelli tal-IA bi skop ġenerali jistgħu joħolqu riskji sistemiċi li jinkludu, iżda mhumiex limitati għal, kwalunkwe effett negattiv reali jew raġonevolment prevedibbli fir-rigward ta' aċċidenti kbar, tfixkil ta' setturi kritiċi u konsegwenzi serji għas-saħħa u s-sikurezza pubblika; kwalunkwe effett negattiv attwali jew raġonevolment prevedibbli fuq il-proċessi demokratiċi, is-sigurtà pubblika u ekonomika; id-disseminazzjoni ta' kontenut illegali, falz jew diskriminatorju. Ir-riskji sistemiċi jenħtieġ li jinftiehmu li jiżdiedu bil-kapaċitajiet tal-mudell u l-kopertura tal-mudell, jistgħu jinħolqu tul iċ-ċiklu tal-ħajja kollu tal-mudell, u huma influwenzati minn kundizzjonijiet ta' użu ħażin, l-affidabbiltà tal-mudell, l-imparzjalità tal-mudell u sigurtà tal-mudell, il-livell ta' awtonomija tal-mudell, l-aċċess tiegħu għal għodod, modalitajiet ġodda jew ikkombinati, strateġiji ta' rilaxx u distribuzzjoni, il-potenzjal li jitneħħew il-konfini u fatturi oħra. B'mod partikolari, l-approċċi internazzjonali s'issa identifikaw il-ħtieġa li tingħata attenzjoni għar-riskji minn użu ħażin intenzjonat potenzjali jew kwistjonijiet mhux intenzjonati ta' kontroll relatati mal-allinjament mal-intenzjoni tal-bniedem; riskji kimiċi, bijoloġiċi, radjoloġiċi u nukleari, bħall-modi li bihom jistgħu jitnaqqsu l-ostakli għad-dħul, inkluż għall-iżvilupp, l-akkwist tad-disinn, jew l-użu tal-armi; kapaċitajiet ċibernetiċi offensivi, bħall-modi ta' skoperta tal-vulnerabbiltà, l-isfruttament, jew l-użu operazzjonali jistgħu jiġu attivati; l-effetti tal-interazzjoni u l-użu tal-għodda, inkluż pereżempju l-kapaċità li jiġu kkontrollati s-sistemi fiżiċi u ssir interferenza mal-infrastruttura kritika; riskji minn mudelli li jipproduċu kopji tagħhom infushom jew li jagħmlu “awtoreplikazzjoni” jew iħarrġu mudelli oħrajn; il-modi li bihom il-mudelli jistgħu jwasslu għal preġudizzju ta' ħsara u diskriminazzjoni b'riskji għall-individwi, il-komunitajiet jew is-soċjetajiet; il-faċilitazzjoni tad-diżinformazzjoni jew il-ħsara lill-privatezza b'theddid għall-valuri demokratiċi u d-drittijiet tal-bniedem; riskju li avveniment partikolari jista' jwassal għal reazzjoni katina b'effetti negattivi konsiderevoli li jistgħu jaffettwaw sa belt sħiħa, attività ta' dominju sħiħ jew komunità sħiħa.

(110)

General-purpose AI models could pose systemic risks which include, but are not limited to, any actual or reasonably foreseeable negative effects in relation to major accidents, disruptions of critical sectors and serious consequences to public health and safety; any actual or reasonably foreseeable negative effects on democratic processes, public and economic security; the dissemination of illegal, false, or discriminatory content. Systemic risks should be understood to increase with model capabilities and model reach, can arise along the entire lifecycle of the model, and are influenced by conditions of misuse, model reliability, model fairness and model security, the level of autonomy of the model, its access to tools, novel or combined modalities, release and distribution strategies, the potential to remove guardrails and other factors. In particular, international approaches have so far identified the need to pay attention to risks from potential intentional misuse or unintended issues of control relating to alignment with human intent; chemical, biological, radiological, and nuclear risks, such as the ways in which barriers to entry can be lowered, including for weapons development, design acquisition, or use; offensive cyber capabilities, such as the ways in vulnerability discovery, exploitation, or operational use can be enabled; the effects of interaction and tool use, including for example the capacity to control physical systems and interfere with critical infrastructure; risks from models of making copies of themselves or ‘self-replicating’ or training other models; the ways in which models can give rise to harmful bias and discrimination with risks to individuals, communities or societies; the facilitation of disinformation or harming privacy with threats to democratic values and human rights; risk that a particular event could lead to a chain reaction with considerable negative effects that could affect up to an entire city, an entire domain activity or an entire community.

(111)

Huwa xieraq li tiġi stabbilita metodoloġija għall-klassifikazzjoni tal-mudelli tal-IA bi skop ġenerali bħala mudelli tal-IA bi skop ġenerali b'riskji sistemiċi. Peress li r-riskji sistemiċi jirriżultaw minn kapaċitajiet partikolarment għoljin, jenħtieġ li l-mudell tal-IA bi skop ġenerali jitqies li jippreżenta riskji sistemiċi jekk ikollu kapaċitajiet b'impatt għoli, evalwati abbażi ta' għodod u metodoloġiji tekniċi xierqa, jew impatt sinifikanti fuq is-suq intern minħabba l-kopertura tiegħu. Kapaċitajiet b'impatt kbir f'mudelli tal-IA bi skop ġenerali tfisser kapaċitajiet li jaqblu mal-kapaċitajiet irreġistrati fl-aktar mudelli avvanzati tal-IA bi skop ġenerali jew jaqbżuhom. Il-firxa sħiħa ta' kapaċitajiet f'mudell tista' tinftiehem aħjar wara l-introduzzjoni tiegħu fis-suq jew meta l-implimentaturi jinteraġixxu mal-mudell. Skont l-ogħla livell ta' żvilupp tekniku fil-mument tad-dħul fis-seħħ ta' dan ir-Regolament, l-ammont kumulattiv ta' komputazzjoni użat għat-taħriġ tal-mudell tal-IA bi skop ġenerali mkejjel f'operazzjonijiet b'punt varjabbli huwa wieħed mill-approssimazzjonijiet rilevanti għall-kapaċitajiet tal-mudell. L-ammont kumulattiv ta’ komputazzjoni użat għat-taħriġ jinkludi l-komputazzjoni użata fl-attivitajiet u l-metodi kollha li huma maħsuba biex itejbu l-kapaċitajiet tal-mudell qabel l-implimentazzjoni, bħal taħriġ minn qabel, ġenerazzjoni ta' data sintetika u rfinar. Għalhekk, jenħtieġ li jiġi stabbilit limitu inizjali tal-operazzjonijiet b'punt varjabbli, li, jekk jiġi ssodisfat minn mudell tal-IA bi skop ġenerali, iwassal għal preżunzjoni li l-mudell huwa mudell tal-IA bi skop ġenerali b'riskji sistemiċi. Jenħtieġ li dan il-limitu jiġi aġġustat maż-żmien biex jirrifletti l-bidliet teknoloġiċi u industrijali, bħat-titjib algoritmiku jew żieda fl-effiċjenza tal-hardware, u jenħtieġ li jiġi ssupplimentat b'parametri referenzjarji u indikaturi għall-kapaċità tal-mudell. Biex jikkontribwixxi għal dan, jenħtieġ li l-Uffiċċju għall-IA jinvolvi ruħu mal-komunità xjentifika, l-industrija, is-soċjetà ċivili u esperti oħra. Jenħtieġ li l-limiti, kif ukoll l-għodod u l-parametri referenzjarji għall-valutazzjoni ta' kapaċitajiet b'impatt għoli, ikunu jistgħu jbassru sew il-ġeneralità, il-kapaċitajiet u r-riskju sistemiku assoċjat ta' mudelli tal-IA bi skop ġenerali, u jistgħu jqisu l-mod kif il-mudell ser jiġi introdott fis-suq jew l-għadd ta' utenti li jista' jaffettwa. Biex tikkomplementa din is-sistema, jenħtieġ ikun hemm il-possibbiltà li l-Kummissjoni tieħu deċiżjonijiet individwali li jiddeżinjaw mudell tal-IA bi skop ġenerali bħala mudell tal-IA bi skop ġenerali b'riskju sistemiku jekk jinstab li tali mudell għandu kapaċitajiet jew impatt ekwivalenti għal dawk koperti mil-livell limitu stabbilit. Jenħtieġ li dik id-deċiżjoni tittieħed abbażi ta' valutazzjoni ġenerali tal-kriterji għad-deżinjazzjoni ta' mudell tal-IA bi skop ġenerali b'riskju sistemiku stipulat f'anness ta' dan ir-Regolament, bħall-kwalità jew id-daqs tas-sett tad-data tat-taħriġ, l-għadd ta' negozji u utenti finali, il-modalitajiet tal-input u tal-output tiegħu, il-livell ta' awtonomija u skalabbiltà tiegħu, jew l-għodod li għandu aċċess għalihom. Fuq talba motivata ta' fornitur li l-mudell tiegħu jkun ġie ddeżinjat bħala mudell tal-IA bi skop ġenerali b'riskju sistemiku, jenħtieġ li l-Kummissjoni tqis it-talba u tista' tiddeċiedi li tivvaluta mill-ġdid jekk il-mudell tal-IA bi skop ġenerali għadux jista' jitqies li jippreżenta riskji sistemiċi.

(111)

It is appropriate to establish a methodology for the classification of general-purpose AI models as general-purpose AI model with systemic risks. Since systemic risks result from particularly high capabilities, a general-purpose AI model should be considered to present systemic risks if it has high-impact capabilities, evaluated on the basis of appropriate technical tools and methodologies, or significant impact on the internal market due to its reach. High-impact capabilities in general-purpose AI models means capabilities that match or exceed the capabilities recorded in the most advanced general-purpose AI models. The full range of capabilities in a model could be better understood after its placing on the market or when deployers interact with the model. According to the state of the art at the time of entry into force of this Regulation, the cumulative amount of computation used for the training of the general-purpose AI model measured in floating point operations is one of the relevant approximations for model capabilities. The cumulative amount of computation used for training includes the computation used across the activities and methods that are intended to enhance the capabilities of the model prior to deployment, such as pre-training, synthetic data generation and fine-tuning. Therefore, an initial threshold of floating point operations should be set, which, if met by a general-purpose AI model, leads to a presumption that the model is a general-purpose AI model with systemic risks. This threshold should be adjusted over time to reflect technological and industrial changes, such as algorithmic improvements or increased hardware efficiency, and should be supplemented with benchmarks and indicators for model capability. To inform this, the AI Office should engage with the scientific community, industry, civil society and other experts. Thresholds, as well as tools and benchmarks for the assessment of high-impact capabilities, should be strong predictors of generality, its capabilities and associated systemic risk of general-purpose AI models, and could take into account the way the model will be placed on the market or the number of users it may affect. To complement this system, there should be a possibility for the Commission to take individual decisions designating a general-purpose AI model as a general-purpose AI model with systemic risk if it is found that such model has capabilities or an impact equivalent to those captured by the set threshold. That decision should be taken on the basis of an overall assessment of the criteria for the designation of a general-purpose AI model with systemic risk set out in an annex to this Regulation, such as quality or size of the training data set, number of business and end users, its input and output modalities, its level of autonomy and scalability, or the tools it has access to. Upon a reasoned request of a provider whose model has been designated as a general-purpose AI model with systemic risk, the Commission should take the request into account and may decide to reassess whether the general-purpose AI model can still be considered to present systemic risks.

(112)

Jeħtieġ ukoll li tiġi ċċarata proċedura għall-klassifikazzjoni ta' mudell tal-IA bi skop ġenerali b'riskji sistemiċi. Jenħtieġ li mudell tal-IA bi skop ġenerali li jissodisfa l-limitu applikabbli għal kapaċitajiet b'impatt għoli jitqies li huwa mudell tal-IA bi skop ġenerali b'riskju sistemiku. Jenħtieġ li l-fornitur jinnotifika lill-Uffiċċju għall-IA mhux aktar tard minn ġimagħtejn wara li jiġu ssodisfati r-rekwiżiti jew isir magħruf li mudell tal-IA bi skop ġenerali ser jissodisfa r-rekwiżiti li jwasslu għall-preżunzjoni. Dan huwa partikolarment rilevanti fir-rigward tal-limitu tal-operazzjonijiet b'punt varjabbli minħabba li t-taħriġ ta' mudelli tal-IA bi skop ġenerali jirrikjedi ippjanar konsiderevoli li jinkludi l-allokazzjoni bil-quddiem tar-riżorsi tal-komputazzjoni u, għalhekk, il-fornituri ta' mudelli tal-IA bi skop ġenerali jistgħu jkunu jafu jekk il-mudell tagħhom jilħaqx il-limitu qabel ma jitlesta t-taħriġ. Fil-kuntest ta' dik in-notifika, jenħtieġ li l-fornitur ikun jista' juri li minħabba l-karatteristiċi speċifiċi tiegħu, mudell tal-IA bi skop ġenerali b'mod eċċezzjonali ma jippreżentax riskji sistemiċi, u li għalhekk jenħtieġ li ma jiġix ikklassifikat bħala mudell tal-IA bi skop ġenerali b'riskji sistemiċi. Dik l-informazzjoni hija siewja għall-Uffiċċju għall-IA biex jantiċipa l-introduzzjoni fis-suq ta' mudelli tal-IA bi skop ġenerali b'riskji sistemiċi u l-fornituri jistgħu jibdew jinvolvu ruħhom mal-Uffiċċju għall-IA minn kmieni. Dik l-informazzjoni hija partikolarment importanti fir-rigward tal-mudelli tal-IA bi skop ġenerali li huma ppjanati li jiġu rilaxxati bħala sors miftuħ, minħabba li, wara r-rilaxx tal-mudell b'sors miftuħ, il-miżuri meħtieġa biex tiġi żgurata l-konformità mal-obbligi skont dan ir-Regolament jistgħu jkunu aktar diffiċli biex jiġu implimentati.

(112)

It is also necessary to clarify a procedure for the classification of a general-purpose AI model with systemic risks. A general-purpose AI model that meets the applicable threshold for high-impact capabilities should be presumed to be a general-purpose AI models with systemic risk. The provider should notify the AI Office at the latest two weeks after the requirements are met or it becomes known that a general-purpose AI model will meet the requirements that lead to the presumption. This is especially relevant in relation to the threshold of floating point operations because training of general-purpose AI models takes considerable planning which includes the upfront allocation of compute resources and, therefore, providers of general-purpose AI models are able to know if their model would meet the threshold before the training is completed. In the context of that notification, the provider should be able to demonstrate that, because of its specific characteristics, a general-purpose AI model exceptionally does not present systemic risks, and that it thus should not be classified as a general-purpose AI model with systemic risks. That information is valuable for the AI Office to anticipate the placing on the market of general-purpose AI models with systemic risks and the providers can start to engage with the AI Office early on. That information is especially important with regard to general-purpose AI models that are planned to be released as open-source, given that, after the open-source model release, necessary measures to ensure compliance with the obligations under this Regulation may be more difficult to implement.

(113)

Jekk il-Kummissjoni ssir taf bil-fatt li mudell tal-IA bi skop ġenerali jissodisfa r-rekwiżiti biex jiġi kklassifikat bħala mudell tal-IA bi skop ġenerali b'riskju sistemiku, li qabel jew ma kienx magħruf jew li l-fornitur rilevanti naqas milli jinnotifika lill-Kummissjoni, jenħtieġ li l-Kummissjoni tingħata s-setgħa li tiddeżinjah bħala tali. Jenħtieġ li jkun hemm sistema ta' allerti kwalifikati li tiżgura li l-Uffiċċju għall-IA jiġi mgħarraf mill-bord b'mudelli tal-IA bi skop ġenerali li x'aktarx għandhom jiġu kklassifikati bħala mudelli tal-IA bi skop ġenerali b'riskju sistemiku, minbarra l-attivitajiet ta' monitoraġġ tal-Uffiċċju għall-IA.

(113)

If the Commission becomes aware of the fact that a general-purpose AI model meets the requirements to classify as a general-purpose AI model with systemic risk, which previously had either not been known or of which the relevant provider has failed to notify the Commission, the Commission should be empowered to designate it so. A system of qualified alerts should ensure that the AI Office is made aware by the scientific panel of general-purpose AI models that should possibly be classified as general-purpose AI models with systemic risk, in addition to the monitoring activities of the AI Office.

(114)

Jenħtieġ li l-fornituri ta' mudelli tal-IA bi skop ġenerali li jippreżentaw riskji sistemiċi jkunu soġġetti, minbarra l-obbligi previsti għall-fornituri ta' mudelli tal-IA bi skop ġenerali, għal obbligi mmirati lejn l-identifikazzjoni u l-mitigazzjoni ta' dawk ir-riskji u l-iżgurar ta' livell adegwat ta' protezzjoni taċ-ċibersigurtà, irrispettivament minn jekk jiġix ipprovdut bħala mudell awtonomu jew inkorporat f'sistema tal-IA jew fi prodott. Sabiex jintlaħqu dawk l-objettivi, jenħtieġ li dan ir-Regolament jirrikjedi li l-fornituri jwettqu l-evalwazzjonijiet tal-mudell meħtieġa, b'mod partikolari qabel l-ewwel introduzzjoni tiegħu fis-suq, inkluż it-twettiq u d-dokumentazzjoni tal-ittestjar kontradittorju tal-mudelli, anke, kif xieraq, permezz ta' ttestjar intern jew indipendenti estern. Barra minn hekk, jenħtieġ li l-fornituri ta' mudelli tal-IA bi skop ġenerali b'riskji sistemiċi jivvalutaw u jimmitigaw kontinwament ir-riskji sistemiċi, inkluż pereżempju billi jistabbilixxu politiki ta' ġestjoni tar-riskju, bħal proċessi ta' responsabbiltà u governanza, jimplimentaw sorveljanza ta' wara l-introduzzjoni fis-suq, jieħdu miżuri xierqa tul iċ-ċiklu tal-ħajja kollu tal-mudell u jikkooperaw ma' atturi rilevanti tul il-katina tal-valur tal-IA.

(114)

The providers of general-purpose AI models presenting systemic risks should be subject, in addition to the obligations provided for providers of general-purpose AI models, to obligations aimed at identifying and mitigating those risks and ensuring an adequate level of cybersecurity protection, regardless of whether it is provided as a standalone model or embedded in an AI system or a product. To achieve those objectives, this Regulation should require providers to perform the necessary model evaluations, in particular prior to its first placing on the market, including conducting and documenting adversarial testing of models, also, as appropriate, through internal or independent external testing. In addition, providers of general-purpose AI models with systemic risks should continuously assess and mitigate systemic risks, including for example by putting in place risk-management policies, such as accountability and governance processes, implementing post-market monitoring, taking appropriate measures along the entire model’s lifecycle and cooperating with relevant actors along the AI value chain.

(115)

Jenħtieġ li l-fornituri ta' mudelli tal-IA bi skop ġenerali b'riskji sistemiċi jivvalutaw u jimmitigaw ir-riskji sistemiċi possibbli. Jekk, minkejja l-isforzi biex jiġu identifikati u evitati riskji relatati ma' mudell tal-IA bi skop ġenerali li jista' jippreżenta riskji sistemiċi, l-iżvilupp jew l-użu tal-mudell jikkawża inċident serju, jenħtieġ li l-fornitur tal-mudell tal-IA bi skop ġenerali mingħajr dewmien żejjed iżomm rekord tal-inċident u jirrapporta kwalunkwe informazzjoni rilevanti u miżuri korrettiva possibbli lill-Kummissjoni u lill-awtoritajiet nazzjonali kompetenti. Barra minn hekk, jenħtieġ li l-fornituri jiżguraw livell adegwat ta' protezzjoni taċ-ċibersigurtà għall-mudell u l-infrastruttura fiżika tiegħu, jekk ikun xieraq, tul iċ-ċiklu tal-ħajja kollu tal-mudell. Jenħtieġ li l-protezzjoni taċ-ċibersigurtà relatata mar-riskji sistemiċi assoċjati mal-użu malizzjuż ta' mudell jew attakki tqis kif xieraq ir-rilaxx aċċidentali minn mudell, ir-rilaxxi mhux awtorizzati, iċ-ċirkomvenzjoni tal-miżuri ta' sikurezza, u d-difiża kontra l-attakki ċibernetiċi, l-aċċess mhux awtorizzat jew is-serq tal-mudell. Dik il-protezzjoni tista' tiġi ffaċilitata billi jiġu żgurati piżijiet tal-mudell, algoritmi, servers, u settijiet ta' data, pereżempju permezz ta' miżuri ta' sigurtà operazzjonali għas-sigurtà tal-informazzjoni, politiki speċifiċi dwar iċ-ċibersigurtà, soluzzjonijiet tekniċi u stabbiliti adegwati, u kontrolli tal-aċċess ċibernetiku u fiżiku, adattati għaċ-ċirkostanzi rilevanti u r-riskji involuti.

(115)

Providers of general-purpose AI models with systemic risks should assess and mitigate possible systemic risks. If, despite efforts to identify and prevent risks related to a general-purpose AI model that may present systemic risks, the development or use of the model causes a serious incident, the general-purpose AI model provider should without undue delay keep track of the incident and report any relevant information and possible corrective measures to the Commission and national competent authorities. Furthermore, providers should ensure an adequate level of cybersecurity protection for the model and its physical infrastructure, if appropriate, along the entire model lifecycle. Cybersecurity protection related to systemic risks associated with malicious use or attacks should duly consider accidental model leakage, unauthorised releases, circumvention of safety measures, and defence against cyberattacks, unauthorised access or model theft. That protection could be facilitated by securing model weights, algorithms, servers, and data sets, such as through operational security measures for information security, specific cybersecurity policies, adequate technical and established solutions, and cyber and physical access controls, appropriate to the relevant circumstances and the risks involved.

(116)

Jenħtieġ li l-Uffiċċju għall-IA jħeġġeġ u jiffaċilita t-tfassil, ir-rieżami u l-adattament tal-kodiċijiet ta' prattika, filwaqt li jqis l-approċċi internazzjonali. Il-fornituri kollha ta' mudelli tal-IA bi skop ġenerali jistgħu jiġu mistiedna jipparteċipaw. Biex jiġi żgurat li l-kodiċijiet ta' prattika jirriflettu l-ogħla livell ta' żvilupp tekniku u jqisu kif xieraq sett varjat ta' perspettivi, jenħtieġ li l-Uffiċċju għall-IA jikkollabora mal-awtoritajiet nazzjonali kompetenti rilevanti, u jista', fejn xieraq, jikkonsulta mal-organizzazzjonijiet tas-soċjetà ċivili u partijiet ikkonċernati u esperti rilevanti oħra, inkluż il-bord, għat-tfassil ta' tali kodiċijiet. Jenħtieġ li l-kodiċijiet ta' prattika jkopru l-obbligi għall-fornituri ta' mudelli tal-IA bi skop ġenerali u ta' mudelli tal-IA bi skop ġenerali li jippreżentaw riskji sistemiċi. Barra minn hekk, fir-rigward tar-riskji sistemiċi, jenħtieġ li l-kodiċijiet ta' prattika jgħinu biex tiġi stabbilita tassonomija tar-riskju tat-tip u n-natura tar-riskji sistemiċi fil-livell tal-Unjoni, inkluż is-sorsi tagħhom. Jenħtieġ li l-Kodiċijiet ta' Prattika jkunu ffukati wkoll fuq valutazzjoni tar-riskju speċifika u miżuri ta' mitigazzjoni.

(116)

The AI Office should encourage and facilitate the drawing up, review and adaptation of codes of practice, taking into account international approaches. All providers of general-purpose AI models could be invited to participate. To ensure that the codes of practice reflect the state of the art and duly take into account a diverse set of perspectives, the AI Office should collaborate with relevant national competent authorities, and could, where appropriate, consult with civil society organisations and other relevant stakeholders and experts, including the Scientific Panel, for the drawing up of such codes. Codes of practice should cover obligations for providers of general-purpose AI models and of general-purpose AI models presenting systemic risks. In addition, as regards systemic risks, codes of practice should help to establish a risk taxonomy of the type and nature of the systemic risks at Union level, including their sources. Codes of practice should also be focused on specific risk assessment and mitigation measures.

(117)

Jenħtieġ li l-kodiċijiet ta' prattika jirrappreżentaw għodda ċentrali għall-konformità xierqa mal-obbligi previsti skont dan ir-Regolament għall-fornituri ta' mudelli tal-IA bi skop ġenerali. Jenħtieġ li l-fornituri jkunu jistgħu jiddependu fuq kodiċijiet ta' prattika biex juru l-konformità mal-obbligi. Permezz ta' atti ta' implimentazzjoni, il-Kummissjoni tista' tiddeċiedi li tapprova kodiċi ta' prattika u tagħtih validità ġenerali fl-Unjoni, jew, alternattivament, li tipprovdi regoli komuni għall-implimentazzjoni tal-obbligi rilevanti, jekk, sa meta dan ir-Regolament isir applikabbli, kodiċi ta' prattika ma jkunx jista' jiġi ffinalizzat jew ma jitqiesx adegwat mill-Uffiċċju għall-IA. Ladarba standard armonizzat jiġi ppubblikat u vvalutat bħala xieraq biex ikopri l-obbligi rilevanti mill-Uffiċċju għall-IA, jenħtieġ li l-konformità ma' standard armonizzat Ewropew tagħti lill-fornituri l-preżunzjoni tal-konformità. Barra minn hekk, jenħtieġ li l-fornituri ta' mudelli tal-IA bi skop ġenerali jkunu jistgħu juru l-konformità bl-użu ta' mezzi adegwati alternattivi, jekk il-kodiċijiet ta' prattika jew l-istandards armonizzati ma jkunux disponibbli, jew jagħżlu li ma jiddependux fuqhom.

(117)

The codes of practice should represent a central tool for the proper compliance with the obligations provided for under this Regulation for providers of general-purpose AI models. Providers should be able to rely on codes of practice to demonstrate compliance with the obligations. By means of implementing acts, the Commission may decide to approve a code of practice and give it a general validity within the Union, or, alternatively, to provide common rules for the implementation of the relevant obligations, if, by the time this Regulation becomes applicable, a code of practice cannot be finalised or is not deemed adequate by the AI Office. Once a harmonised standard is published and assessed as suitable to cover the relevant obligations by the AI Office, compliance with a European harmonised standard should grant providers the presumption of conformity. Providers of general-purpose AI models should furthermore be able to demonstrate compliance using alternative adequate means, if codes of practice or harmonised standards are not available, or they choose not to rely on those.

(118)

Dan ir-Regolament jirregola s-sistemi tal-IA u l-mudelli tal-IA billi jimponi ċerti rekwiżiti u obbligi għall-atturi rilevanti tas-suq li qed jintroduċuhom fis-suq, iqegħduhom fis-servizz jew fl-użu fl-Unjoni, u b'hekk jikkomplementa l-obbligi għall-fornituri tas-servizzi intermedjarji li jinkorporaw tali sistemi jew mudelli fis-servizzi tagħhom irregolati bir-Regolament (UE) 2022/2065. Sal-punt li tali sistemi jew mudelli jkunu inkorporati fi pjattaformi online kbar ħafna ddeżinjati jew f'magni tat-tiftix online kbar ħafna, dawn ikunu soġġetti għall-qafas ta' ġestjoni tar-riskju previst fir-Regolament (UE) 2022/2065. Konsegwentement, jenħtieġ li l-obbligi korrispondenti ta' dan ir-Regolament jiġu preżunti li ġew issodisfati, dment li ma jitfaċċawx riskji sistemiċi sinifikanti mhux koperti mir-Regolament (UE) 2022/2065 u jiġu identifikati f'tali mudelli. F'dan il-qafas, il-fornituri tal-pjattaformi online kbar ħafna u tal-magni tat-tiftix online kbar ħafna huma obbligati jivvalutaw ir-riskji sistemiċi potenzjali li jirriżultaw mid-disinn, il-funzjonament u l-użu tas-servizzi tagħhom, inkluż kif id-disinn tas-sistemi algoritmiċi użati fis-servizz jista' jikkontribwixxi għal tali riskji, kif ukoll riskji sistemiċi li jirriżultaw minn użi ħżiena potenzjali. Dawk il-fornituri huma obbligati wkoll li jieħdu miżuri ta' mitigazzjoni xierqa b'rispett għad-drittijiet fundamentali.

(118)

This Regulation regulates AI systems and AI models by imposing certain requirements and obligations for relevant market actors that are placing them on the market, putting into service or use in the Union, thereby complementing obligations for providers of intermediary services that embed such systems or models into their services regulated by Regulation (EU) 2022/2065. To the extent that such systems or models are embedded into designated very large online platforms or very large online search engines, they are subject to the risk-management framework provided for in Regulation (EU) 2022/2065. Consequently, the corresponding obligations of this Regulation should be presumed to be fulfilled, unless significant systemic risks not covered by Regulation (EU) 2022/2065 emerge and are identified in such models. Within this framework, providers of very large online platforms and very large online search engines are obliged to assess potential systemic risks stemming from the design, functioning and use of their services, including how the design of algorithmic systems used in the service may contribute to such risks, as well as systemic risks stemming from potential misuses. Those providers are also obliged to take appropriate mitigating measures in observance of fundamental rights.

(119)

Meta wieħed iqis il-pass mgħaġġel tal-innovazzjoni u l-evoluzzjoni teknoloġika tas-servizzi diġitali fil-kamp ta' applikazzjoni ta' strumenti differenti tad-dritt tal-Unjoni b'mod partikolari meta wieħed iżomm f'moħħu l-użu u l-perċezzjoni tar-riċevituri tagħhom, is-sistemi tal-IA soġġetti għal dan ir-Regolament jistgħu jiġu previsti bħala servizzi intermedjarji jew partijiet minnhom skont it-tifsira tar-Regolament (UE) 2022/2065, li jenħtieġ li jiġi interpretat b'mod teknoloġikament newtrali. Pereżempju, is-sistemi tal-IA jistgħu jintużaw biex jipprovdu magni tat-tiftix online, b'mod partikolari, sal-punt li sistema tal-IA bħal chatbot online twettaq tfittxijiet, fil-prinċipju, tas-siti web kollha, imbagħad tinkorpora r-riżultati fl-għarfien eżistenti tagħha u tuża l-għarfien aġġornat biex tiġġenera output uniku li jikkombina sorsi differenti ta' informazzjoni.

(119)

Considering the quick pace of innovation and the technological evolution of digital services in scope of different instruments of Union law in particular having in mind the usage and the perception of their recipients, the AI systems subject to this Regulation may be provided as intermediary services or parts thereof within the meaning of Regulation (EU) 2022/2065, which should be interpreted in a technology-neutral manner. For example, AI systems may be used to provide online search engines, in particular, to the extent that an AI system such as an online chatbot performs searches of, in principle, all websites, then incorporates the results into its existing knowledge and uses the updated knowledge to generate a single output that combines different sources of information.

(120)

Barra minn hekk, l-obbligi imposti fuq il-fornituri u l-implimentaturi ta' ċerti sistemi tal-IA f'dan ir-Regolament biex jippermettu l-kxif u d-divulgazzjoni li l-outputs ta' dawk is-sistemi jiġu ġġenerati jew immanipulati b'mod artifiċjali huma partikolarment rilevanti biex tiġi ffaċilitata l-implimentazzjoni effettiva tar-Regolament (UE) 2022/2065. Dan japplika b'mod partikolari fir-rigward tal-obbligi tal-fornituri ta' pjattaformi online kbar ħafna jew ta' magni tat-tiftix online kbar ħafna biex jidentifikaw u jimmitigaw ir-riskji sistemiċi li jistgħu jirriżultaw mid-disseminazzjoni ta' kontenut li jkun ġie ġġenerat jew immanipulat b'mod artifiċjali, b'mod partikolari r-riskju tal-effetti negattivi reali jew prevedibbli fuq il-proċessi demokratiċi, id-diskors ċiviku u l-proċessi elettorali, inkluż permezz tad-diżinformazzjoni.

(120)

Furthermore, obligations placed on providers and deployers of certain AI systems in this Regulation to enable the detection and disclosure that the outputs of those systems are artificially generated or manipulated are particularly relevant to facilitate the effective implementation of Regulation (EU) 2022/2065. This applies in particular as regards the obligations of providers of very large online platforms or very large online search engines to identify and mitigate systemic risks that may arise from the dissemination of content that has been artificially generated or manipulated, in particular risk of the actual or foreseeable negative effects on democratic processes, civic discourse and electoral processes, including through disinformation.

(121)

Jenħtieġ li l-istandardizzazzjoni taqdi rwol ewlieni biex tipprovdi soluzzjonijiet tekniċi lill-fornituri ħalli tkun żgurata l-konformità ma' dan ir-Regolament, f'konformità mal-ogħla livell ta' żvilupp tekniku, biex tippromwovi l-innovazzjoni kif ukoll il-kompetittività u t-tkabbir fis-suq uniku. Jenħtieġ li l-konformità mal-istandards armonizzati kif definiti fl-Artikolu 2, il-punt (1)(c) tar-Regolament (UE) Nru 1025/2012 tal-Parlament Ewropew u tal-Kunsill (41), li normalment mistennija jirriflettu l-ogħla livell ta' żvilupp tekniku, tkun mezz biex il-fornituri juru l-konformità mar-rekwiżiti ta' dan ir-Regolament. Għalhekk jenħtieġ li titħeġġeġ rappreżentazzjoni bilanċjata tal-interessi li tinvolvi l-partijiet ikkonċernati rilevanti kollha fl-iżvilupp tal-istandards, b'mod partikolari l-SMEs, l-organizzazzjonijiet tal-konsumaturi u l-partijiet ikkonċernati fil-qasam tal-ambjent u dak soċjali f'konformità mal-Artikoli 5 u 6 tar-Regolament (UE) Nru 1025/2012. Sabiex tiġi ffaċilitata l-konformità, jenħtieġ li t-talbiet ta' standardizzazzjoni jinħarġu mill-Kummissjoni mingħajr dewmien żejjed. Meta tkun qed tħejji t-talba ta' standardizzazzjoni, jenħtieġ li l-Kummissjoni tikkonsulta lill-forum konsultattiv u lill-Bord sabiex tiġbor l-kompetenza esperta rilevanti. Madankollu, fin-nuqqas ta' referenzi rilevanti għal standards armonizzati, jenħtieġ li l-Kummissjoni tkun tista' tistabbilixxi, permezz ta' atti ta' implimentazzjoni, u wara konsultazzjoni mal-forum konsultattiv, speċifikazzjonijiet komuni għal ċerti rekwiżiti skont dan ir-Regolament. Jenħtieġ li l-ispeċifikazzjoni komuni tkun soluzzjoni ta' riżerva eċċezzjonali biex jiġi ffaċilitat l-obbligu tal-fornitur li jikkonforma mar-rekwiżiti ta' dan ir-Regolament, meta t-talba ta' standardizzazzjoni ma tkunx ġiet aċċettata minn xi waħda mill-organizzazzjonijiet Ewropej tal-istandardizzazzjoni, jew meta l-istandards armonizzati rilevanti ma jindirizzawx biżżejjed it-tħassib dwar id-drittijiet fundamentali, jew meta l-istandards armonizzati ma jikkonformawx mat-talba, jew meta jkun hemm dewmien fl-adozzjoni ta' standard armonizzat xieraq. Fejn tali dewmien fl-adozzjoni ta' standard armonizzat ikun dovut għall-kumplessità teknika ta' dak l-istandard, jenħtieġ li dan jiġi kkunsidrat mill-Kummissjoni qabel ma jiġi maħsub l-istabbiliment ta' speċifikazzjonijiet komuni. Meta tiżviluppa speċifikazzjonijiet komuni, il-Kummissjoni hija mħeġġa tikkoopera mas-sħab internazzjonali u mal-korpi internazzjonali tal-istandardizzazzjoni.

(121)

Standardisation should play a key role to provide technical solutions to providers to ensure compliance with this Regulation, in line with the state of the art, to promote innovation as well as competitiveness and growth in the single market. Compliance with harmonised standards as defined in Article 2, point (1)(c), of Regulation (EU) No 1025/2012 of the European Parliament and of the Council (41), which are normally expected to reflect the state of the art, should be a means for providers to demonstrate conformity with the requirements of this Regulation. A balanced representation of interests involving all relevant stakeholders in the development of standards, in particular SMEs, consumer organisations and environmental and social stakeholders in accordance with Articles 5 and 6 of Regulation (EU) No 1025/2012 should therefore be encouraged. In order to facilitate compliance, the standardisation requests should be issued by the Commission without undue delay. When preparing the standardisation request, the Commission should consult the advisory forum and the Board in order to collect relevant expertise. However, in the absence of relevant references to harmonised standards, the Commission should be able to establish, via implementing acts, and after consultation of the advisory forum, common specifications for certain requirements under this Regulation. The common specification should be an exceptional fall back solution to facilitate the provider’s obligation to comply with the requirements of this Regulation, when the standardisation request has not been accepted by any of the European standardisation organisations, or when the relevant harmonised standards insufficiently address fundamental rights concerns, or when the harmonised standards do not comply with the request, or when there are delays in the adoption of an appropriate harmonised standard. Where such a delay in the adoption of a harmonised standard is due to the technical complexity of that standard, this should be considered by the Commission before contemplating the establishment of common specifications. When developing common specifications, the Commission is encouraged to cooperate with international partners and international standardisation bodies.

(122)

Jixraq li, mingħajr preġudizzju għall-użu ta' standards armonizzati u speċifikazzjonijiet komuni, ikun jenħtieġ li l-fornituri tas-sistema tal-IA b'riskju għoli li tkun ġiet imħarrġa u ttestjata fuq data li tirrifletti l-issettjar ġeografiku, komportamentali, kuntestwali jew funzjonali speċifiku li fih tkun maħsuba li tintuża s-sistema tal-IA, jiġu preżunti li jikkonformaw mal-miżura rilevanti prevista fir-rekwiżit dwar il-governanza tad-data stipulata f'dan ir-Regolament. Mingħajr preġudizzju għar-rekwiżiti relatati mar-robustezza u l-akkuratezza stipulati f'dan ir-Regolament, f'konformità mal-Artikolu 54(3) tar-Regolament (UE) 2019/881, jenħtieġ li s-sistemi tal-IA b'riskju għoli li jkunu ġew iċċertifikati jew li għalihom tkun inħarġet dikjarazzjoni ta' konformità taħt skema taċ-ċibersigurtà skont dak ir-Regolament u li r-referenzi tagħhom ikunu ġew ippubblikati f'Il-Ġurnal Uffiċjali tal-Unjoni Ewropea, jiġu preżunti li jikkonformaw mar-rekwiżit taċ-ċibersigurtà ta' dan ir-Regolament dment li ċ-ċertifikat taċ-ċibersigurtà jew id-dikjarazzjoni tal-konformità jew partijiet minnha jkopru r-rekwiżit taċ-ċibersigurtà ta' dan ir-Regolament. Dan jibqa' mingħajr preġudizzju għan-natura volontarja ta' dik l-iskema ta' ċibersigurtà.

(122)

It is appropriate that, without prejudice to the use of harmonised standards and common specifications, providers of a high-risk AI system that has been trained and tested on data reflecting the specific geographical, behavioural, contextual or functional setting within which the AI system is intended to be used, should be presumed to comply with the relevant measure provided for under the requirement on data governance set out in this Regulation. Without prejudice to the requirements related to robustness and accuracy set out in this Regulation, in accordance with Article 54(3) of Regulation (EU) 2019/881, high-risk AI systems that have been certified or for which a statement of conformity has been issued under a cybersecurity scheme pursuant to that Regulation and the references of which have been published in the Official Journal of the European Union should be presumed to comply with the cybersecurity requirement of this Regulation in so far as the cybersecurity certificate or statement of conformity or parts thereof cover the cybersecurity requirement of this Regulation. This remains without prejudice to the voluntary nature of that cybersecurity scheme.

(123)

Biex ikun żgurat livell għoli ta' affidabbiltà tas-sistemi tal-IA b'riskju għoli, jenħtieġ li dawk is-sistemi jkunu soġġetti għal valutazzjoni tal-konformità qabel ma jiġu introdotti fis-suq jew imqiegħda fis-servizz.

(123)

In order to ensure a high level of trustworthiness of high-risk AI systems, those systems should be subject to a conformity assessment prior to their placing on the market or putting into service.

(124)

Jixraq li, biex jitnaqqas kemm jista' jkun il-piż fuq l-operaturi u tkun evitata kwalunkwe duplikazzjoni possibbli, għas-sistemi tal-IA b'riskju għoli relatati ma' prodotti koperti bil-leġiżlazzjoni eżistenti tal-Unjoni dwar l-armonizzazzjoni bbażata fuq il-Qafas Leġiżlattiv Ġdid, jenħtieġ li l-konformità ta' dawk is-sistemi tal-IA mar-rekwiżiti ta' dan ir-Regolament tiġi vvalutata bħala parti mill-valutazzjoni tal-konformità diġà prevista f'dik il-liġi. Għalhekk, jenħtieġ li l-applikabbiltà tar-rekwiżiti ta' dan ir-Regolament ma taffettwax il-loġika, il-metodoloġija jew l-istruttura ġenerali speċifiċi ta' valutazzjoni tal-konformità skont il-leġiżlazzjoni tal-Unjoni dwar l-armonizzazzjoni.

(124)

It is appropriate that, in order to minimise the burden on operators and avoid any possible duplication, for high-risk AI systems related to products which are covered by existing Union harmonisation legislation based on the New Legislative Framework, the compliance of those AI systems with the requirements of this Regulation should be assessed as part of the conformity assessment already provided for in that law. The applicability of the requirements of this Regulation should thus not affect the specific logic, methodology or general structure of conformity assessment under the relevant Union harmonisation legislation.

(125)

Minħabba l-kumplessità tas-sistemi tal-IA b'risku għoli u r-riskji li huma assoċjati magħhom, huwa importanti li tiġi żviluppata proċedura adegwata ta' valutazzjoni tal-konformità għal sistemi tal-IA b'risku għoli li jinvolvu korpi notifikati, l-hekk imsejħa valutazzjoni tal-konformità minn parti terza. Madankollu, minħabba l-esperjenza attwali ta' ċertifikaturi professjonali ta' qabel l-introduzzjoni fis-suq fil-qasam tas-sikurezza tal-prodotti u n-natura differenti tar-riskji involuti, jixraq li l-kamp ta' applikazzjoni tal-valutazzjoni tal-konformità minn parti terza jiġi limitat, mill-inqas f'fażi inizjali tal-applikazzjoni ta' dan ir-Regolament għas-sistemi tal-IA b'riskju għoli għajr dawk relatati mal-prodotti. Għalhekk, jenħtieġ li l-valutazzjoni tal-konformità ta' sistemi bħal dawn titwettaq bħala regola ġenerali mill-fornitur taħt ir-responsabbiltà tiegħu stess, bl-unika eċċezzjoni tas-sistemi tal-IA maħsuba biex jintużaw għall-bijometrija.

(125)

Given the complexity of high-risk AI systems and the risks that are associated with them, it is important to develop an adequate conformity assessment procedure for high-risk AI systems involving notified bodies, so-called third party conformity assessment. However, given the current experience of professional pre-market certifiers in the field of product safety and the different nature of risks involved, it is appropriate to limit, at least in an initial phase of application of this Regulation, the scope of application of third-party conformity assessment for high-risk AI systems other than those related to products. Therefore, the conformity assessment of such systems should be carried out as a general rule by the provider under its own responsibility, with the only exception of AI systems intended to be used for biometrics.

(126)

Biex issir valutazzjoni tal-konformità minn parti terza meta dan ikun meħtieġ, jenħtieġ li l-korpi notifikati jiġu nnotifikati skont dan ir-Regolament mill-awtoritajiet kompetenti nazzjonali, dment li dawn jikkonformaw ma' sett ta' rekwiżiti, b'mod partikolari dwar l-indipendenza, il-kompetenza u n-nuqqas ta' kunflitti ta' interess u rekwiżiti ta' ċibersigurtà adegwati. Jenħtieġ li n-notifika ta' dawk il-korpi tintbagħat mill-awtoritajiet nazzjonali kompetenti lill-Kummissjoni u lill-Istati Membri l-oħra permezz tal-għodda elettronika ta' notifika żviluppata u ġestita mill-Kummissjoni skont l-Artikolu R23 tal-Anness I tad-Deċiżjoni Nru 768/2008/KE.

(126)

In order to carry out third-party conformity assessments when so required, notified bodies should be notified under this Regulation by the national competent authorities, provided that they comply with a set of requirements, in particular on independence, competence, absence of conflicts of interests and suitable cybersecurity requirements. Notification of those bodies should be sent by national competent authorities to the Commission and the other Member States by means of the electronic notification tool developed and managed by the Commission pursuant to Article R23 of Annex I to Decision No 768/2008/EC.

(127)

F'konformità mal-impenji tal-Unjoni skont il-Ftehim tal-Organizzazzjoni Dinjija tal-Kummerċ dwar l-Ostakli Tekniċi għall-Kummerċ, huwa xieraq li jiġi ffaċilitat ir-rikonoxximent reċiproku tar-riżultati tal-valutazzjoni tal-konformità prodotti minn korpi kompetenti tal-valutazzjoni tal-konformità, indipendenti mit-territorju li fih ikunu stabbiliti, dment li dawk il-korpi ta' valutazzjoni tal-konformità stabbiliti skont il-liġi ta' pajjiż terz jissodisfaw ir-rekwiżiti applikabbli ta' dan ir-Regolament u l-Unjoni tkun ikkonkludiet ftehim skont dan. F'dan il-kuntest, jenħtieġ li l-Kummissjoni tesplora b'mod attiv strumenti internazzjonali possibbli għal dak l-għan u b'mod partikolari tfittex il-konklużjoni ta' ftehimiet ta' rikonoxximent reċiproku ma' pajjiżi terzi.

(127)

In line with Union commitments under the World Trade Organization Agreement on Technical Barriers to Trade, it is adequate to facilitate the mutual recognition of conformity assessment results produced by competent conformity assessment bodies, independent of the territory in which they are established, provided that those conformity assessment bodies established under the law of a third country meet the applicable requirements of this Regulation and the Union has concluded an agreement to that extent. In this context, the Commission should actively explore possible international instruments for that purpose and in particular pursue the conclusion of mutual recognition agreements with third countries.

(128)

F'konformità mal-kunċett stabbilit b'mod komuni ta' modifika sostanzjali għall-prodotti regolati mil-leġiżlazzjoni tal-Unjoni dwar l-armonizzazzjoni, huwa xieraq li kull meta sseħħ bidla li tista' taffettwa l-konformità ta' sistema tal-IA b'riskju għoli ma' dan ir-Regolament (eż. bidla fis-sistema operattiva jew fl-arkitettura tas-software), jew meta jinbidel l-għan maħsub tas-sistema, jenħtieġ li dik is-sistema tal-IA titqies bħala sistema ġdida tal-IA li jenħtieġ li ssirilha valutazzjoni tal-konformità ġdida. Madankollu, il-bidliet li jseħħu fl-algoritmu u l-prestazzjoni tas-sistemi tal-IA li jkomplu “jitgħallmu” wara li jiġu introdotti fis-suq jew jitqiegħdu fis-servizz, jiġifieri l-adattament awtomatiku ta' kif jitwettqu l-funzjonijiet, jenħtieġ li ma jikkostitwixxux modifika sostanzjali, dment li dawk il-bidliet ikunu ġew iddeterminati minn qabel mill-fornitur u vvalutati fil-mument tal-valutazzjoni tal-konformità.

(128)

In line with the commonly established notion of substantial modification for products regulated by Union harmonisation legislation, it is appropriate that whenever a change occurs which may affect the compliance of a high-risk AI system with this Regulation (e.g. change of operating system or software architecture), or when the intended purpose of the system changes, that AI system should be considered to be a new AI system which should undergo a new conformity assessment. However, changes occurring to the algorithm and the performance of AI systems which continue to ‘learn’ after being placed on the market or put into service, namely automatically adapting how functions are carried out, should not constitute a substantial modification, provided that those changes have been pre-determined by the provider and assessed at the moment of the conformity assessment.

(129)

Jenħtieġ li s-sistemi tal-IA b'riskju għoli jkollhom il-markatura CE biex jindikaw il-konformità tagħhom ma' dan ir-Regolament b'tali mod li jkunu jistgħu jiċċaqilqu liberament fis-suq intern. Għal sistemi tal-IA b'risku għoli inkorporati fi prodott, jenħtieġ li titwaħħal markatura CE fiżika, u tista' tiġi kkomplementata minn markatura CE diġitali. Għas-sistemi tal-IA b'risku għoli pprovduti biss b'mod diġitali, jenħtieġ li tintuża markatura CE diġitali. Jenħtieġ li l-Istati Membri ma joħolqux xkiel mhux ġustifikat għall-introduzzjoni fis-suq jew għat-tqegħid fis-servizz ta' sistemi tal-IA b'riskju għoli li jikkonformaw mar-rekwiżiti stabbiliti f'dan ir-Regolament u jkollhom il-markatura CE.

(129)

High-risk AI systems should bear the CE marking to indicate their conformity with this Regulation so that they can move freely within the internal market. For high-risk AI systems embedded in a product, a physical CE marking should be affixed, and may be complemented by a digital CE marking. For high-risk AI systems only provided digitally, a digital CE marking should be used. Member States should not create unjustified obstacles to the placing on the market or the putting into service of high-risk AI systems that comply with the requirements laid down in this Regulation and bear the CE marking.

(130)

F'ċerti kundizzjonijiet, id-disponibbiltà rapida ta' teknoloġiji innovattivi tista' tkun kruċjali għas-saħħa u s-sikurezza tal-persuni, il-protezzjoni tal-ambjent u t-tibdil fil-klima u għas-soċjetà kollha kemm hi. Għalhekk jixraq li, għal raġunijiet eċċezzjonali ta' sigurtà pubblika jew ta' protezzjoni tal-ħajja u tas-saħħa tal-persuni fiżiċi, il-ħarsien tal-ambjent u l-protezzjoni ta' assi prinċipali industrijali u tal-infrastruttura, l-awtoritajiet tas-sorveljanza tas-suq jkunu jistgħu jawtorizzaw l-introduzzjoni fis-suq jew it-tqegħid fis-servizz ta' sistemi tal-IA li ma tkunx saritilhom valutazzjoni tal-konformità. F'sitwazzjonijiet debitament ġustifikati kif previst f’ dan ir-Regolament, l-awtoritajiet tal-infurzar tal-liġi jew l-awtoritajiet tal-protezzjoni ċivili jistgħu jqiegħdu fis-servizz sistema speċifika tal-IA b'risku għoli mingħajr l-awtorizzazzjoni tal-awtorità tas-sorveljanza tas-suq, dment li tali awtorizzazzjoni tintalab matul jew wara l-użu mingħajr dewmien żejjed.

(130)

Under certain conditions, rapid availability of innovative technologies may be crucial for health and safety of persons, the protection of the environment and climate change and for society as a whole. It is thus appropriate that under exceptional reasons of public security or protection of life and health of natural persons, environmental protection and the protection of key industrial and infrastructural assets, market surveillance authorities could authorise the placing on the market or the putting into service of AI systems which have not undergone a conformity assessment. In duly justified situations, as provided for in this Regulation, law enforcement authorities or civil protection authorities may put a specific high-risk AI system into service without the authorisation of the market surveillance authority, provided that such authorisation is requested during or after the use without undue delay.

(131)

Sabiex tiġi ffaċilitata l-ħidma tal-Kummissjoni u tal-Istati Membri fil-qasam tal-IA u biex tiżdied it-trasparenza lejn il-pubbliku, jenħtieġ li l-fornituri tas-sistemi tal-IA b'riskju għoli għajr dawk relatati ma' prodotti li jaqgħu fil-kamp ta' applikazzjoni tal-leġiżlazzjoni eżistenti rilevanti tal-Unjoni dwar l-armonizzazzjoni, kif ukoll fornituri li jqisu li sistema tal-IA elenkata fil-każijiet ta’ użu b'riskju għoli f'anness ta' dan ir-Regolament mhix ta' riskju għoli abbażi ta' deroga, ikunu mitluba jirreġistraw lilhom infushom u l-informazzjoni dwar is-sistema tal-IA tagħhom f'bażi tad-data tal-UE, li trid tiġi stabbilita u ġestita mill-Kummissjoni. Qabel ma jużaw sistema tal-IA elenkata fil-każijiet ta’ użu b'riskju għoli f’anness ta’ dan ir-Regolament, jenħtieġ li l-implimentaturi ta' sistemi tal-IA b'riskju għoli li jkunu awtoritajiet, aġenziji jew korpi pubbliċi, jirreġistraw lilhom infushom f'tali bażi tad-data tal-UE u jagħżlu s-sistema li beħsiebhom jużaw. Jenħtieġ li implimentaturi oħra jkunu intitolati li jagħmlu dan b'mod volontarju. Jenħtieġ li din it-taqsima tal-bażi tad-data tal-UE tkun aċċessibbli għall-pubbliku, mingħajr ħlas, u jenħtieġ li l-informazzjoni tkun faċilment navigabbli, tinftiehem u tinqara mill-magni. Jenħtieġ li l-bażi tad-data tkun faċli għall-utent ukoll, pereżempju billi tipprovdi funzjonalitajiet ta' tiftix, inkluż permezz ta' keywords, li jippermettu lill-pubbliku ġenerali jsib informazzjoni rilevanti li trid tiġi ppreżentata mar-reġistrazzjoni tas-sistemi tal-IA b'riskju għoli u dwar il-każ ta’ użu tas-sistemi tal-IA b'riskju għoli, stipulati f’anness ta' dan ir-Regolament, li għalihom jikkorrispondu s-sistemi tal-IA b'riskju għoli. Jenħtieġ li kwalunkwe modifika sostanzjali tas-sistemi tal-IA b'riskju għoli tiġi rreġistrata wkoll fil-bażi tad-data tal-UE. Għal sistemi tal-IA b'riskju għoli fil-qasam tal-infurzar tal-liġi, tal-migrazzjoni, tal-ażil u tal-ġestjoni tal-kontroll fil-fruntieri, jenħtieġ li l-obbligi ta' reġistrazzjoni jiġu ssodisfati f'taqsima sigura mhux pubblika tal-bażi tad-data tal-UE. Jenħtieġ li l-aċċess għat-taqsima sigura mhux pubblika jkun strettament limitat għall-Kummissjoni kif ukoll għall-awtoritajiet tas-sorveljanza tas-suq fir-rigward tat-taqsima nazzjonali tagħhom ta’ dik il-bażi tad-data. Jenħtieġ li s-sistemi tal-IA b’riskju għoli fil-qasam tal-infrastruttura kritika jiġu rreġistrati biss fil-livell nazzjonali. Jenħtieġ li l-Kummissjoni tkun il-kontrollur tal-bażi tad-data tal-UE, f’konformità mar-Regolament (UE) 2018/1725. Sabiex tiġi żgurata l-funzjonalità sħiħa tal-bażi tad-data tal-UE, meta tiġi implimentata, jenħtieġ li l-proċedura għall-istabbiliment tal-bażi tad-data tinkludi l-iżvilupp ta' speċifikazzjonijiet funzjonali mill-Kummissjoni u rapport tal-awditjar indipendenti. Jenħtieġ li l-Kummissjoni tqis ir-riskji taċ-ċibersigurtà meta twettaq il-kompiti tagħha bħala kontrollur tad-data fil-bażi tad-data tal-UE. Sabiex jiġu mmassimizzati d-disponibbiltà u l-użu tal-bażi tad-data tal-UE mill-pubbliku, il-bażi tad-data tal-UE, inkluż l-informazzjoni disponibbli permezz tagħha, jenħtieġ li tikkonforma mar-rekwiżiti skont id-Direttiva (UE) 2019/882.

(131)

In order to facilitate the work of the Commission and the Member States in the AI field as well as to increase the transparency towards the public, providers of high-risk AI systems other than those related to products falling within the scope of relevant existing Union harmonisation legislation, as well as providers who consider that an AI system listed in the high-risk use cases in an annex to this Regulation is not high-risk on the basis of a derogation, should be required to register themselves and information about their AI system in an EU database, to be established and managed by the Commission. Before using an AI system listed in the high-risk use cases in an annex to this Regulation, deployers of high-risk AI systems that are public authorities, agencies or bodies, should register themselves in such database and select the system that they envisage to use. Other deployers should be entitled to do so voluntarily. This section of the EU database should be publicly accessible, free of charge, the information should be easily navigable, understandable and machine-readable. The EU database should also be user-friendly, for example by providing search functionalities, including through keywords, allowing the general public to find relevant information to be submitted upon the registration of high-risk AI systems and on the use case of high-risk AI systems, set out in an annex to this Regulation, to which the high-risk AI systems correspond. Any substantial modification of high-risk AI systems should also be registered in the EU database. For high-risk AI systems in the area of law enforcement, migration, asylum and border control management, the registration obligations should be fulfilled in a secure non-public section of the EU database. Access to the secure non-public section should be strictly limited to the Commission as well as to market surveillance authorities with regard to their national section of that database. High-risk AI systems in the area of critical infrastructure should only be registered at national level. The Commission should be the controller of the EU database, in accordance with Regulation (EU) 2018/1725. In order to ensure the full functionality of the EU database, when deployed, the procedure for setting the database should include the development of functional specifications by the Commission and an independent audit report. The Commission should take into account cybersecurity risks when carrying out its tasks as data controller on the EU database. In order to maximise the availability and use of the EU database by the public, the EU database, including the information made available through it, should comply with requirements under the Directive (EU) 2019/882.

(132)

Ċerti sistemi tal-IA maħsuba biex jinteraġixxu ma' persuni fiżiċi jew biex jiġġeneraw kontenut jistgħu joħolqu riskji speċifiċi ta' personifikazzjoni jew qerq irrispettivament minn jekk dawn jikkwalifikawx li għandhom riskju għoli jew le. Għalhekk, f'ċerti ċirkostanzi, jenħtieġ li l-użu ta' dawn is-sistemi jkun soġġett għal obbligi speċifiċi tat-trasparenza mingħajr preġudizzju għar-rekwiżiti u l-obbligi tas-sistemi tal-IA b'riskju għoli u soġġett għal eċċezzjonijiet immirati biex jittieħed kont tal-ħtieġa speċjali tal-infurzar tal-liġi. B'mod partikolari, jenħtieġ li l-persuni fiżiċi jiġu nnotifikati li qed jinteraġixxu ma' sistema tal-IA, sakemm dan ma jkunx ovvju mill-perspettiva ta' persuna fiżika li tkun raġonevolment infurmata tajjeb, osservanti u prudenti, filwaqt li jitqiesu ċ-ċirkostanzi u l-kuntest tal-użu. Meta jiġi implimentat dak l-obbligu, jenħtieġ li jitqiesu l-karatteristiċi tal-persuni fiżiċi li jagħmlu parti minn gruppi vulnerabbli minħabba l-età jew id-diżabbiltà tagħhom sal-punt li s-sistema tal-IA tkun maħsuba biex tinteraġixxi ma' dawk il-gruppi wkoll. Barra minn hekk, jenħtieġ li l-persuni fiżiċi jiġu nnotifikati meta jkunu esposti għal sistemi tal-IA li, bl-ipproċessar tad-data bijometrika tagħhom, jistgħu jidentifikaw jew jinferixxu l-emozzjonijiet jew l-intenzjonijiet ta' dawk il-persuni jew jassenjawhom għal kategoriji speċifiċi. Tali kategoriji speċifiċi jistgħu jkunu relatati ma' aspetti bħas-sess, l-età, il-kulur tax-xagħar, il-kulur tal-għajnejn, tatwaġġi, karatteristiċi personali, l-oriġini etnika, il-preferenzi u l-interessi personali. Jenħtieġ li din l-informazzjoni u n-notifiki jiġu pprovduti b'formati aċċessibbli għall-persuni b'diżabbiltà.

(132)

Certain AI systems intended to interact with natural persons or to generate content may pose specific risks of impersonation or deception irrespective of whether they qualify as high-risk or not. In certain circumstances, the use of these systems should therefore be subject to specific transparency obligations without prejudice to the requirements and obligations for high-risk AI systems and subject to targeted exceptions to take into account the special need of law enforcement. In particular, natural persons should be notified that they are interacting with an AI system, unless this is obvious from the point of view of a natural person who is reasonably well-informed, observant and circumspect taking into account the circumstances and the context of use. When implementing that obligation, the characteristics of natural persons belonging to vulnerable groups due to their age or disability should be taken into account to the extent the AI system is intended to interact with those groups as well. Moreover, natural persons should be notified when they are exposed to AI systems that, by processing their biometric data, can identify or infer the emotions or intentions of those persons or assign them to specific categories. Such specific categories can relate to aspects such as sex, age, hair colour, eye colour, tattoos, personal traits, ethnic origin, personal preferences and interests. Such information and notifications should be provided in accessible formats for persons with disabilities.

(133)

Diversi sistemi tal-IA jistgħu jiġġeneraw kwantitajiet kbar ta' kontenut sintetiku li jsir dejjem aktar diffiċli għall-bnedmin biex jiddistingwu minn kontenut iġġenerat mill-bniedem u kontenut awtentiku. Id-disponibbiltà wiesgħa u l-kapaċitajiet dejjem akbar ta' dawk is-sistemi għandhom impatt sinifikanti fuq l-integrità u l-fiduċja fl-ekosistema tal-informazzjoni, filwaqt li jżidu riskji ġodda ta' miżinformazzjoni u manipulazzjoni fuq skala kbira, frodi, personifikazzjoni u qerq tal-konsumatur. Fid-dawl ta' dawk l-impatti, il-pass teknoloġiku mgħaġġel u l-ħtieġa ta' metodi u tekniki ġodda biex tiġi traċċata l-oriġini tal-informazzjoni, jixraq li l-fornituri ta' dawk is-sistemi jinkorporaw soluzzjonijiet tekniċi li jippermettu l-immarkar f'format li jinqara mill-magni u l-kxif li l-output ikun ġie ġġenerat jew immanipulat minn sistema tal-IA u mhux minn bniedem. Jenħtieġ li tali tekniki u metodi jkunu affidabbli, interoperabbli, effettivi u robusti biżżejjed sa fejn dan ikun teknikament fattibbli, filwaqt li jitqiesu t-tekniki disponibbli jew taħlita ta' tali tekniki, bħal marki tal-ilma, identifikazzjonijiet tal-metadata, metodi kriptografiċi biex jiġu ppruvati l-provenjenza u l-awtentiċità tal-kontenut, il-metodi ta' reġistrazzjoni, il-marki tas-swaba' jew tekniki oħra, skont kif ikun xieraq. Meta jimplimentaw dan l-obbligu, jenħtieġ li l-fornituri jqisu wkoll l-ispeċifiċitajiet u l-limitazzjonijiet tat-tipi differenti ta' kontenut u l-iżviluppi teknoloġiċi u tas-suq rilevanti f'dan il-qasam, kif rifless fl-ogħla livell ta' żvilupp tekniku rikonoxxut b'mod ġenerali. Tali tekniki u metodi jistgħu jiġu implimentati fil-livell tas-sistema tal-IA jew fil-livell tal-mudell tal-IA, inkluż mudelli tal-IA bi skop ġenerali li jiġġeneraw kontenut, u b'hekk jiġi ffaċilitat it-twettiq ta' dan l-obbligu mill-fornitur downstream tas-sistema tal-IA. Biex jibqa' proporzjonat, huwa xieraq li jiġi previst li dan l-obbligu tal-immarkar jenħtieġ li ma jkoprix sistemi tal-IA li primarjament iwettqu funzjoni ta' assistenza għall-editjar standard jew għas-sistemi tal-IA li ma jbiddlux b'mod sostanzjali d-data tal-input ipprovduta mill-implimentatur jew is-semantika tagħha.

(133)

A variety of AI systems can generate large quantities of synthetic content that becomes increasingly hard for humans to distinguish from human-generated and authentic content. The wide availability and increasing capabilities of those systems have a significant impact on the integrity and trust in the information ecosystem, raising new risks of misinformation and manipulation at scale, fraud, impersonation and consumer deception. In light of those impacts, the fast technological pace and the need for new methods and techniques to trace origin of information, it is appropriate to require providers of those systems to embed technical solutions that enable marking in a machine readable format and detection that the output has been generated or manipulated by an AI system and not a human. Such techniques and methods should be sufficiently reliable, interoperable, effective and robust as far as this is technically feasible, taking into account available techniques or a combination of such techniques, such as watermarks, metadata identifications, cryptographic methods for proving provenance and authenticity of content, logging methods, fingerprints or other techniques, as may be appropriate. When implementing this obligation, providers should also take into account the specificities and the limitations of the different types of content and the relevant technological and market developments in the field, as reflected in the generally acknowledged state of the art. Such techniques and methods can be implemented at the level of the AI system or at the level of the AI model, including general-purpose AI models generating content, thereby facilitating fulfilment of this obligation by the downstream provider of the AI system. To remain proportionate, it is appropriate to envisage that this marking obligation should not cover AI systems performing primarily an assistive function for standard editing or AI systems not substantially altering the input data provided by the deployer or the semantics thereof.

(134)

Minbarra s-soluzzjonijiet tekniċi użati mill-fornituri tas-sistema tal-IA, l-implimentaturi li jużaw sistema tal-IA biex jiġġeneraw jew jimmanipulaw kontenut ta' immaġni, awdjo jew vidjo li jixbah b'mod sinifikattiv lil persuni, oġġetti, postijiet, entitajiet jew avvenimenti eżistenti u li jidher b'mod falz li persuna tkun awtentika jew veritiera (deep fakes), jenħtieġ li jiddivulgaw ukoll b'mod ċar u distint li l-kontenut inħoloq jew ġie mmanipulat b'mod artifiċjali billi jittikkettaw l-output tal-intelliġenza artifiċjali kif xieraq u jiddivulgaw l-oriġini artifiċjali tiegħu. Jenħtieġ li l-konformità ma' dan l-obbligu ta' trasparenza ma tiġix interpretata bħala li tindika li l-użu tas-sistema tal-IA jew tal-output tagħha jimpedixxi d-dritt għal-libertà tal-espressjoni u d-dritt għal-libertà tal-arti u x-xjenzi ggarantiti fil-Karta, b'mod partikolari fejn il-kontenut ikun parti minn ħidma jew programm evidentement kreattiv, satiriku, artistiku, fittizju jew analoġu, soġġett għal salvagwardji xierqa għad-drittijiet u l-libertajiet ta' partijiet terzi. F'dawk il-każijiet, l-obbligu ta' trasparenza għal deep fakes stipulat f'dan ir-Regolament huwa limitat għad-divulgazzjoni tal-eżistenza ta' tali kontenut iġġenerat jew manipulat b'mod xieraq li ma jfixkilx il-wiri jew it-tgawdija tax-xogħol, inkluż l-isfruttament u l-użu normali tiegħu, filwaqt li jinżammu l-utilità u l-kwalità tax-xogħol. Barra minn hekk, huwa xieraq ukoll li jiġi previst obbligu ta' divulgazzjoni simili fir-rigward ta' test iġġenerat mill-IA jew manipulat sal-punt li jiġi ppubblikat bl-għan li l-pubbliku jiġi infurmat dwar kwistjonijiet ta' interess pubbliku sakemm il-kontenut iġġenerat mill-IA ma jkunx għadda minn proċess ta' rieżami mill-bniedem jew kontroll editorjali u persuna fiżika jew ġuridika jkollha r-responsabbiltà editorjali għall-pubblikazzjoni tal-kontenut.

(134)

Further to the technical solutions employed by the providers of the AI system, deployers who use an AI system to generate or manipulate image, audio or video content that appreciably resembles existing persons, objects, places, entities or events and would falsely appear to a person to be authentic or truthful (deep fakes), should also clearly and distinguishably disclose that the content has been artificially created or manipulated by labelling the AI output accordingly and disclosing its artificial origin. Compliance with this transparency obligation should not be interpreted as indicating that the use of the AI system or its output impedes the right to freedom of expression and the right to freedom of the arts and sciences guaranteed in the Charter, in particular where the content is part of an evidently creative, satirical, artistic, fictional or analogous work or programme, subject to appropriate safeguards for the rights and freedoms of third parties. In those cases, the transparency obligation for deep fakes set out in this Regulation is limited to disclosure of the existence of such generated or manipulated content in an appropriate manner that does not hamper the display or enjoyment of the work, including its normal exploitation and use, while maintaining the utility and quality of the work. In addition, it is also appropriate to envisage a similar disclosure obligation in relation to AI-generated or manipulated text to the extent it is published with the purpose of informing the public on matters of public interest unless the AI-generated content has undergone a process of human review or editorial control and a natural or legal person holds editorial responsibility for the publication of the content.

(135)

Mingħajr preġudizzju għan-natura obbligatorja u l-applikabbiltà sħiħa tal-obbligi ta' trasparenza, il-Kummissjoni tista' tħeġġeġ u tiffaċilita wkoll it-tfassil ta' kodiċijiet ta' prattika fil-livell tal-Unjoni biex tiffaċilita l-implimentazzjoni effettiva tal-obbligi rigward il-kxif u t-tikkettar ta' kontenut iġġenerat jew immanipulat b'mod artifiċjali, inkluż biex tappoġġa arranġamenti prattiċi biex, kif xieraq, il-mekkaniżmi ta' kxif isiru aċċessibbli u tiġi ffaċilitata l-kooperazzjoni ma' atturi oħra tul il-katina tal-valur, id-disseminazzjoni tal-kontenut jew il-verifika tal-awtentiċità u l-provenjenza tiegħu biex il-pubbliku jkun jista' jiddistingwi b'mod effettiv il-kontenut iġġenerat mill-IA.

(135)

Without prejudice to the mandatory nature and full applicability of the transparency obligations, the Commission may also encourage and facilitate the drawing up of codes of practice at Union level to facilitate the effective implementation of the obligations regarding the detection and labelling of artificially generated or manipulated content, including to support practical arrangements for making, as appropriate, the detection mechanisms accessible and facilitating cooperation with other actors along the value chain, disseminating content or checking its authenticity and provenance to enable the public to effectively distinguish AI-generated content.

(136)

L-obbligi imposti fuq il-fornituri u l-implimentaturi ta' ċerti sistemi tal-IA f'dan ir-Regolament biex jippermettu l-kxif u d-divulgazzjoni li l-outputs ta' dawk is-sistemi jiġu ġġenerati jew immanipulati b'mod artifiċjali huma partikolarment rilevanti biex tiġi ffaċilitata l-implimentazzjoni effettiva tar-Regolament (UE) 2022/2065. Dan japplika b'mod partikolari fir-rigward tal-obbligi tal-fornituri ta' pjattaformi online kbar ħafna jew ta' magni tat-tiftix online kbar ħafna biex jidentifikaw u jimmitigaw ir-riskji sistemiċi li jistgħu jirriżultaw mid-disseminazzjoni ta' kontenut li jkun ġie ġġenerat jew immanipulat b'mod artifiċjali, b'mod partikolari r-riskju tal-effetti negattivi reali jew prevedibbli fuq il-proċessi demokratiċi, id-diskors ċiviku u l-proċessi elettorali, inkluż permezz tad-diżinformazzjoni. Ir-rekwiżit li jiġi ttikkettat il-kontenut iġġenerat mis-sistemi tal-IA skont dan ir-Regolament huwa mingħajr preġudizzju għall-obbligu fl-Artikolu 16(6) tar-Regolament (UE) 2022/2065 għall-fornituri ta' servizzi ta' hosting li joħorġu avviżi dwar kontenut illegali riċevut skont l-Artikolu 16(1) ta' dak ir-Regolament u jenħtieġ li ma jinfluwenzax il-valutazzjoni u d-deċiżjoni dwar l-illegalità tal-kontenut speċifiku. Jenħtieġ li din l-evalwazzjoni ssir biss b'riferiment għar-regoli li jirregolaw il-legalità tal-kontenut.

(136)

The obligations placed on providers and deployers of certain AI systems in this Regulation to enable the detection and disclosure that the outputs of those systems are artificially generated or manipulated are particularly relevant to facilitate the effective implementation of Regulation (EU) 2022/2065. This applies in particular as regards the obligations of providers of very large online platforms or very large online search engines to identify and mitigate systemic risks that may arise from the dissemination of content that has been artificially generated or manipulated, in particular the risk of the actual or foreseeable negative effects on democratic processes, civic discourse and electoral processes, including through disinformation. The requirement to label content generated by AI systems under this Regulation is without prejudice to the obligation in Article 16(6) of Regulation (EU) 2022/2065 for providers of hosting services to process notices on illegal content received pursuant to Article 16(1) of that Regulation and should not influence the assessment and the decision on the illegality of the specific content. That assessment should be performed solely with reference to the rules governing the legality of the content.

(137)

Jenħtieġ li l-konformità mal-obbligi tat-trasparenza għas-sistemi tal-IA koperti minn dan ir-Regolament ma tiġix interpretata li tindika li l-użu tas-sistema tal-IA jew tal-output tagħha huwa legali skont dan ir-Regolament jew dritt ieħor tal-Unjoni u tal-Istati Membri u jenħtieġ li tkun mingħajr preġudizzju għal obbligi oħra ta' trasparenza għall-implimentaturi tas-sistemi tal-IA stabbiliti fil-liġi tal-Unjoni jew dik nazzjonali.

(137)

Compliance with the transparency obligations for the AI systems covered by this Regulation should not be interpreted as indicating that the use of the AI system or its output is lawful under this Regulation or other Union and Member State law and should be without prejudice to other transparency obligations for deployers of AI systems laid down in Union or national law.

(138)

L-IA hija familja ta' teknoloġiji li qed tiżviluppa b'mod rapidu li tirrikjedi sorveljanza regolatorja u spazju sikur u kkontrollat għall-esperimentazzjoni, filwaqt li tiżgura innovazzjoni u integrazzjoni responsabbli ta' salvagwardji u miżuri ta' mitigazzjoni tar-riskju xierqa. Sabiex jiġi żgurat qafas legali li jippromwovi l-innovazzjoni, jibqa' validu fil-futur u jkun reżiljenti għat-tfixkil, jenħtieġ li l-Istati Membri jiżguraw li l-awtoritajiet kompetenti nazzjonali tagħhom jistabbilixxu mill-inqas ambjent wieħed ta' esperimentazzjoni regolatorja għall-IA fil-livell nazzjonali biex jiffaċilitaw l-iżvilupp u l-ittestjar ta' sistemi innovattivi tal-IA taħt sorveljanza regolatorja stretta qabel ma dawn is-sistemi jiġu introdotti fis-suq jew inkella jitqiegħdu fis-servizz. L-Istati Membri jistgħu jissodisfaw ukoll dan l-obbligu billi jipparteċipaw f'ambjenti ta' esperimentazzjoni regolatorji diġà eżistenti jew jistabbilixxu b'mod konġunt ambjent ta' esperimentazzjoni ma' awtorità kompetenti waħda jew aktar tal-Istati Membri, dment li din il-parteċipazzjoni tipprovdi livell ekwivalenti ta' kopertura nazzjonali għall-Istati Membri parteċipanti. Ambjenti ta' esperimentazzjoni regolatorja għall-IA jistgħu jiġu stabbiliti f'forma fiżika, diġitali jew ibrida u jistgħu jakkomodaw prodotti fiżiċi kif ukoll diġitali. Jenħtieġ li l-awtoritajiet kostitwenti jiżguraw ukoll li l-ambjenti ta' esperimentazzjoni regolatorja għall-IA jkollhom ir-riżorsi adegwati għall-funzjonament tagħhom, inkluż ir-riżorsi finanzjarji u umani.

(138)

AI is a rapidly developing family of technologies that requires regulatory oversight and a safe and controlled space for experimentation, while ensuring responsible innovation and integration of appropriate safeguards and risk mitigation measures. To ensure a legal framework that promotes innovation, is future-proof and resilient to disruption, Member States should ensure that their national competent authorities establish at least one AI regulatory sandbox at national level to facilitate the development and testing of innovative AI systems under strict regulatory oversight before these systems are placed on the market or otherwise put into service. Member States could also fulfil this obligation through participating in already existing regulatory sandboxes or establishing jointly a sandbox with one or more Member States’ competent authorities, insofar as this participation provides equivalent level of national coverage for the participating Member States. AI regulatory sandboxes could be established in physical, digital or hybrid form and may accommodate physical as well as digital products. Establishing authorities should also ensure that the AI regulatory sandboxes have the adequate resources for their functioning, including financial and human resources.

(139)

Jenħtieġ li l-objettivi tal-ambjenti ta' esperimentazzjoni regolatorja għall-IA jkunu li jrawmu l-innovazzjoni tal-IA billi jistabbilixxu ambjent ikkontrollat ta' esperimentazzjoni u ttestjar fil-fażi tal-iżvilupp u ta' qabel il-kummerċjalizzazzjoni biex jiżguraw il-konformità tas-sistemi innovattivi tal-IA ma' dan ir-Regolament u ma' liġijiet tal-Unjoni jew nazzjonali oħra rilevanti. Barra minn hekk, l-ambjenti ta' esperimentazzjoni regolatorja għall-IA jenħtieġ li jimmiraw li jsaħħu ċ-ċertezza legali għall-innovaturi u s-sorveljanza u l-fehim mill-awtoritajiet kompetenti tal-opportunitajiet, tar-riskji emerġenti u tal-impatti tal-użu tal-IA, biex jiġi ffaċilitat it-tagħlim regolatorju għall-awtoritajiet u għall-intrapriżi, inkluż bil-ħsieb ta' adattamenti futuri tal-qafas legali, biex jiġu appoġġati l-kooperazzjoni u l-kondiviżjoni tal-aħjar prattiki mal-awtoritajiet involuti fl-ambjent ta' esperimentazzjoni regolatorja għall-IA, u biex jitħaffef l-aċċess għas-swieq, inkluż billi jitneħħew l-ostakli għall-SMEs, inkluż in-negozji ġodda. Jenħtieġ li l-ambjenti ta' esperimentazzjoni regolatorja għall-IA jkunu disponibbli b'mod wiesa' madwar l-Unjoni, u jenħtieġ li tingħata attenzjoni partikolari lill-aċċessibbiltà tagħhom għall-SMEs, inkluż in-negozji ġodda. Jenħtieġ li l-parteċipazzjoni fl-ambjent ta' esperimentazzjoni regolatorja għall-IA tiffoka fuq kwistjonijiet li jqajmu inċertezza legali għall-fornituri u l-fornituri prospettivi biex jinnovaw, jesperimentaw bl-IA fl-Unjoni u jikkontribwixxu għal tagħlim regolatorju bbażat fuq l-evidenza. Għalhekk, jenħtieġ li s-superviżjoni tas-sistemi tal-IA fl-ambjent ta' esperimentazzjoni regolatorja għall-IA tkopri l-iżvilupp, it-taħriġ, l-ittestjar u l-validazzjoni tagħhom qabel ma s-sistemi jiġu introdotti fis-suq jew imqiegħda fis-servizz, kif ukoll il-kunċett u l-okkorrenza ta' modifika sostanzjali li tista' tirrikjedi proċedura ġdida ta' valutazzjoni tal-konformità. Kwalunkwe riskju sinifikanti identifikat matul l-iżvilupp u l-ittestjar ta' tali sistemi tal-IA jenħtieġ li jirriżulta f'mitigazzjoni adegwata u, fin-nuqqas ta' din, fis-sospensjoni tal-proċess tal-iżvilupp u tal-ittestjar. Fejn xieraq, jenħtieġ li l-awtoritajiet nazzjonali kompetenti li jkunu qed jistabbilixxu ambjenti ta' esperimentazzjoni regolatorja għall-IA jikkooperaw ma' awtoritajiet rilevanti oħra, inkluż dawk li jissorveljaw il-protezzjoni tad-drittijiet fundamentali, u jistgħu jagħtu lok għall-involviment ta' atturi oħra fl-ekosistema tal-IA bħal organizzazzjonijiet nazzjonali jew Ewropej tal-istandardizzazzjoni, korpi notifikati, faċilitajiet tal-ittestjar u tal-esperimentazzjoni, laboratorji tar-riċerka u tal-esperimentazzjoni, Ċentri Ewropej tal-Innovazzjoni Diġitali u organizzazzjonijiet rilevanti tal-partijiet ikkonċernati u tas-soċjetà ċivili. Biex ikunu żgurati implimentazzjoni uniformi madwar l-Unjoni u l-ekonomiji ta' skala, jixraq jiġu stabbiliti regoli komuni għall-implimentazzjoni tal-ambjenti ta' esperimentazzjoni regolatorja għall-IA u qafas għall-kooperazzjoni bejn l-awtoritajiet rilevanti involuti fis-superviżjoni tal-ambjenti ta' esperimentazzjoni. Jenħtieġ li l-ambjenti ta' esperimentazzjoni regolatorja għall-IA stabbiliti skont dan ir-Regolament ikunu mingħajr preġudizzju għal liġijiet oħra li jippermettu l-istabbiliment ta' ambjenti ta' esperimentazzjoni oħra bil-għan li jiżguraw il-konformità ma' liġijiet għajr dan ir-Regolament. Meta xieraq, jenħtieġ li l-awtoritajiet kompetenti rilevanti inkarigati minn dawk l-ambjenti ta' esperimentazzjoni regolatorja l-oħra jikkunsidraw il-benefiċċji tal-użu ta' dawk l-ambjenti ta' esperimentazzjoni anki għall-fini li jiżguraw il-konformità tas-sistemi tal-IA ma' dan ir-Regolament. Bi qbil bejn l-awtoritajiet nazzjonali kompetenti u l-parteċipanti fl-ambjent ta' esperimentazzjoni regolatorja għall-IA, l-ittestjar fil-kundizzjonijiet tad-dinja reali jista' jsir u jiġi ssorveljat ukoll fil-qafas tal-ambjent ta' esperimentazzjoni regolatorja għall-IA.

(139)

The objectives of the AI regulatory sandboxes should be to foster AI innovation by establishing a controlled experimentation and testing environment in the development and pre-marketing phase with a view to ensuring compliance of the innovative AI systems with this Regulation and other relevant Union and national law. Moreover, the AI regulatory sandboxes should aim to enhance legal certainty for innovators and the competent authorities’ oversight and understanding of the opportunities, emerging risks and the impacts of AI use, to facilitate regulatory learning for authorities and undertakings, including with a view to future adaptions of the legal framework, to support cooperation and the sharing of best practices with the authorities involved in the AI regulatory sandbox, and to accelerate access to markets, including by removing barriers for SMEs, including start-ups. AI regulatory sandboxes should be widely available throughout the Union, and particular attention should be given to their accessibility for SMEs, including start-ups. The participation in the AI regulatory sandbox should focus on issues that raise legal uncertainty for providers and prospective providers to innovate, experiment with AI in the Union and contribute to evidence-based regulatory learning. The supervision of the AI systems in the AI regulatory sandbox should therefore cover their development, training, testing and validation before the systems are placed on the market or put into service, as well as the notion and occurrence of substantial modification that may require a new conformity assessment procedure. Any significant risks identified during the development and testing of such AI systems should result in adequate mitigation and, failing that, in the suspension of the development and testing process. Where appropriate, national competent authorities establishing AI regulatory sandboxes should cooperate with other relevant authorities, including those supervising the protection of fundamental rights, and could allow for the involvement of other actors within the AI ecosystem such as national or European standardisation organisations, notified bodies, testing and experimentation facilities, research and experimentation labs, European Digital Innovation Hubs and relevant stakeholder and civil society organisations. To ensure uniform implementation across the Union and economies of scale, it is appropriate to establish common rules for the AI regulatory sandboxes’ implementation and a framework for cooperation between the relevant authorities involved in the supervision of the sandboxes. AI regulatory sandboxes established under this Regulation should be without prejudice to other law allowing for the establishment of other sandboxes aiming to ensure compliance with law other than this Regulation. Where appropriate, relevant competent authorities in charge of those other regulatory sandboxes should consider the benefits of using those sandboxes also for the purpose of ensuring compliance of AI systems with this Regulation. Upon agreement between the national competent authorities and the participants in the AI regulatory sandbox, testing in real world conditions may also be operated and supervised in the framework of the AI regulatory sandbox.

(140)

Jenħtieġ li dan ir-Regolament jipprovdi l-bażi legali għall-fornituri u l-fornituri prospettivi fl-ambjent ta' esperimentazzjoni regolatorja għall-IA biex jużaw id-data personali miġbura għal finijiet oħra għall-iżvilupp ta' ċerti sistemi tal-IA fl-interess pubbliku fi ħdan l-ambjent ta' esperimentazzjoni regolatorja għall-IA, f'kundizzjonijiet speċifiċi biss, f'konformità mal-Artikolu 6(4) u l-Artikolu 9(2), il-punt (g) tar-Regolament (UE) 2016/679, u mal-Artikoli 5, 6 u 10 tar-Regolament (UE) 2018/1725, u mingħajr preġudizzju għall-Artikolu 4(2) u l-Artikolu 10 tad-Direttiva (UE) 2016/680. L-obbligi l-oħra kollha tal-kontrolluri tad-data u d-drittijiet tas-suġġetti tad-data skont ir-Regolamenti (UE) 2016/679 u (UE) 2018/1725 u d-Direttiva (UE) 2016/680 jibqgħu applikabbli. B'mod partikolari, jenħtieġ li dan ir-Regolament ma jipprovdix bażi legali skont it-tifsira tal-Artikolu 22(2), il-punt (b) tar-Regolament (UE) 2016/679 u l-Artikolu 24(2), il-punt (b) tar-Regolament (UE) 2018/1725. Jenħtieġ li l-fornituri u l-fornituri prospettivi fl-ambjent ta' esperimentazzjoni regolatorja tal-IA jiżguraw salvagwardji xierqa u jikkooperaw mal-awtoritajiet kompetenti, inkluż billi jimxu mal-gwida tagħhom u jaġixxu malajr u b'bona fide biex jimmitigaw b'mod adegwat kwalunkwe riskju identifikat għas-sikurezza, is-saħħa u għad-drittijiet fundamentali li jista' jinqala' waqt l-iżvilupp, l-ittestjar, u l-esperimentazzjoni f’dak l-ambjent ta' esperimentazzjoni.

(140)

This Regulation should provide the legal basis for the providers and prospective providers in the AI regulatory sandbox to use personal data collected for other purposes for developing certain AI systems in the public interest within the AI regulatory sandbox, only under specified conditions, in accordance with Article 6(4) and Article 9(2), point (g), of Regulation (EU) 2016/679, and Articles 5, 6 and 10 of Regulation (EU) 2018/1725, and without prejudice to Article 4(2) and Article 10 of Directive (EU) 2016/680. All other obligations of data controllers and rights of data subjects under Regulations (EU) 2016/679 and (EU) 2018/1725 and Directive (EU) 2016/680 remain applicable. In particular, this Regulation should not provide a legal basis in the meaning of Article 22(2), point (b) of Regulation (EU) 2016/679 and Article 24(2), point (b) of Regulation (EU) 2018/1725. Providers and prospective providers in the AI regulatory sandbox should ensure appropriate safeguards and cooperate with the competent authorities, including by following their guidance and acting expeditiously and in good faith to adequately mitigate any identified significant risks to safety, health, and fundamental rights that may arise during the development, testing and experimentation in that sandbox.

(141)

Biex jitħaffef il-proċess tal-iżvilupp u l-introduzzjoni fis-suq tas-sistemi tal-IA b'riskju għoli elenkati f' anness ta' dan ir-Regolament, huwa importanti li l-fornituri jew il-fornituri prospettivi ta' dawn is-sistemi jkunu jistgħu jibbenefikaw ukoll minn reġim speċifiku għall-ittestjar ta' dawk is-sistemi f'kundizzjonijiet tad-dinja reali, mingħajr ma jieħdu sehem f'ambjent ta' esperimentazzjoni regolatorja għall-IA. Madankollu, f'każijiet bħal dawn, filwaqt li jitqiesu l-konsegwenzi possibbli ta' tali ttestjar fuq individwi, jenħtieġ li jiġi żgurat li dan ir-Regolament jintroduċi garanziji u kundizzjonijiet xierqa u suffiċjenti għall-fornituri jew il-fornituri prospettivi. Jenħtieġ li tali garanziji jinkludu, fost l-oħrajn, talba għal kunsens infurmat ta' persuni fiżiċi biex jieħdu sehem fl-ittestjar fil-kundizzjonijiet tad-dinja reali, bl-eċċezzjoni tal-infurzar tal-liġi fejn it-tiftix ta' kunsens infurmat jipprevjeni s-sistema tal-IA milli tiġi ttestjata. Il-kunsens tas-suġġetti biex jieħdu sehem f'tali ttestjar skont dan ir-Regolament huwa distint minn u mingħajr preġudizzju għall-kunsens tas-suġġetti tad-data għall-ipproċessar tad-data personali tagħhom skont il-liġi rilevanti dwar il-protezzjoni tad-data. Huwa importanti wkoll li jiġu minimizzati r-riskji u li tkun tista' ssir sorveljanza mill-awtoritajiet kompetenti u għalhekk ikun meħtieġ li l-fornituri prospettivi jkollhom pjan ta' ttestjar fid-dinja reali sottomess lill-awtorità kompetenti tas-sorveljanza tas-suq, jirreġistraw l-ittestjar f'taqsimiet iddedikati fil-bażi tad-data għall-UE soġġett għal xi eċċezzjonijiet limitati, jistabbilixxu limitazzjonijiet fuq il-perjodu li għalih jista' jsir l-ittestjar u jirrikjedu salvagwardji addizzjonali għal persuni vulnerabbli li jagħmlu parti minn ċerti gruppi vulnerabbli, kif ukoll ftehim bil-miktub li jiddefinixxi r-rwoli u r-responsabbiltajiet tal-fornituri u l-implimentaturi prospettivi u sorveljanza effettiva mill-persunal kompetenti involut fl-ittestjar fid-dinja reali. Barra minn hekk, huwa xieraq li jiġu previsti salvagwardji addizzjonali biex jiġi żgurat li t-tbassir, ir-rakkomandazzjonijiet jew id-deċiżjonijiet tas-sistema tal-IA jkunu jistgħu jitreġġgħu lura u jiġu injorati b'mod effettiv u li d-data personali tiġi protetta u titħassar meta s-suġġetti jkunu rtiraw il-kunsens tagħhom biex jipparteċipaw fl-ittestjar mingħajr preġudizzju għad-drittijiet tagħhom bħala suġġetti tad-data skont il-liġi tal-Unjoni dwar il-protezzjoni tad-data. Fir-rigward tat-trasferiment tad-data, huwa xieraq ukoll li jiġi previst li d-data miġbura u pproċessata għall-fini tal-ittestjar fil-kundizzjonijiet tad-dinja reali jenħtieġ li tiġi ttrasferita lil pajjiżi terzi biss fejn jiġu implimentati salvagwardji xierqa u applikabbli skont il-liġi tal-Unjoni, b'mod partikolari f'konformità mal-bażijiet għat-trasferiment ta' data personali skont il-liġi tal-Unjoni dwar il-protezzjoni tad-data, filwaqt li għad-data mhux personali jiġu stabbiliti salvagwardji xierqa f'konformità mal-liġi tal-Unjoni, bħar-Regolamenti (UE) 2022/868 (42) u (UE) 2023/2854 (43) tal-Parlament Ewropew u tal-Kunsill.

(141)

In order to accelerate the process of development and the placing on the market of the high-risk AI systems listed in an annex to this Regulation, it is important that providers or prospective providers of such systems may also benefit from a specific regime for testing those systems in real world conditions, without participating in an AI regulatory sandbox. However, in such cases, taking into account the possible consequences of such testing on individuals, it should be ensured that appropriate and sufficient guarantees and conditions are introduced by this Regulation for providers or prospective providers. Such guarantees should include, inter alia, requesting informed consent of natural persons to participate in testing in real world conditions, with the exception of law enforcement where the seeking of informed consent would prevent the AI system from being tested. Consent of subjects to participate in such testing under this Regulation is distinct from, and without prejudice to, consent of data subjects for the processing of their personal data under the relevant data protection law. It is also important to minimise the risks and enable oversight by competent authorities and therefore require prospective providers to have a real-world testing plan submitted to competent market surveillance authority, register the testing in dedicated sections in the EU database subject to some limited exceptions, set limitations on the period for which the testing can be done and require additional safeguards for persons belonging to certain vulnerable groups, as well as a written agreement defining the roles and responsibilities of prospective providers and deployers and effective oversight by competent personnel involved in the real world testing. Furthermore, it is appropriate to envisage additional safeguards to ensure that the predictions, recommendations or decisions of the AI system can be effectively reversed and disregarded and that personal data is protected and is deleted when the subjects have withdrawn their consent to participate in the testing without prejudice to their rights as data subjects under the Union data protection law. As regards transfer of data, it is also appropriate to envisage that data collected and processed for the purpose of testing in real-world conditions should be transferred to third countries only where appropriate and applicable safeguards under Union law are implemented, in particular in accordance with bases for transfer of personal data under Union law on data protection, while for non-personal data appropriate safeguards are put in place in accordance with Union law, such as Regulations (EU) 2022/868 (42) and (EU) 2023/2854 (43) of the European Parliament and of the Council.

(142)

Biex jiġi żgurat li l-IA twassal għal eżiti ta' benefiċċju soċjali u ambjentali, l-Istati Membri huma mħeġġa jappoġġaw u jippromwovu r-riċerka u l-iżvilupp ta' soluzzjonijiet tal-IA li jappoġġaw eżiti ta' benefiċċju soċjali u ambjentali, bħal soluzzjonijiet ibbażati fuq l-IA biex tiżdied l-aċċessibbiltà għall-persuni b'diżabbiltà, jiġu indirizzati l-inugwaljanzi soċjoekonomiċi jew biex jintlaħqu miri ambjentali, billi jallokaw ir-riżorsi suffiċjenti, inkluż finanzjament pubbliku u tal-Unjoni, u, fejn xieraq u dment li l-kriterji tal-eliġibbiltà u tal-għażla jiġu ssodisfati, b'kunsiderazzjoni partikolari għal proġetti li għandhom tali objettivi. Jenħtieġ li proġetti bħal dawn ikunu bbażati fuq il-prinċipju ta' kooperazzjoni interdixxiplinari bejn l-iżviluppaturi tal-IA, l-esperti dwar l-inugwaljanza u n-nondiskriminazzjoni, l-aċċessibbiltà, il-konsumatur, id-drittijiet ambjentali u diġitali, kif ukoll l-akkademiċi.

(142)

To ensure that AI leads to socially and environmentally beneficial outcomes, Member States are encouraged to support and promote research and development of AI solutions in support of socially and environmentally beneficial outcomes, such as AI-based solutions to increase accessibility for persons with disabilities, tackle socio-economic inequalities, or meet environmental targets, by allocating sufficient resources, including public and Union funding, and, where appropriate and provided that the eligibility and selection criteria are fulfilled, considering in particular projects which pursue such objectives. Such projects should be based on the principle of interdisciplinary cooperation between AI developers, experts on inequality and non-discrimination, accessibility, consumer, environmental, and digital rights, as well as academics.

(143)

Sabiex tiġi promossa u protetta l-innovazzjoni, huwa importanti li jitqiesu b'mod partikolari l-interessi tal-SMEs, inkluż in-negozji ġodda, li huma fornituri jew implimentaturi ta' sistemi tal-IA. Għal dak il-għan, jenħtieġ li l-Istati Membri jiżviluppaw inizjattivi, immirati lejn dawk l-operaturi, inkluż għas-sensibilizzazzjoni u l-komunikazzjoni tal-informazzjoni. L-Istati Membri jenħtieġ li jipprovdu lill-SMEs, inkluż in-negozji ġodda, li jkollhom uffiċċju reġistrat jew fergħa fl-Unjoni, aċċess prijoritarju għal ambjenti ta' esperimentazzjoni regolatorja għall-IA dment li jissodisfaw il-kundizzjonijiet tal-eliġibbiltà u l-kriterji tal-għażla u mingħajr ma jipprekludu lil fornituri u fornituri prospettivi oħra milli jaċċessaw l-ambjenti regolatorji dment li l-istess kundizzjonijiet u kriterji jiġu ssodisfati. L-Istati Membri jenħtieġ li jużaw il-mezzi eżistenti u, meta xieraq, jistabbilixxu mezzi ddedikati ġodda għall-komunikazzjoni mal-SMEs, inkluż man-negozji ġodda, mal-implimentaturi, ma' innovaturi oħrajn, u kif xieraq, mal-awtoritajiet pubbliċi lokali, biex jappoġġaw lill-SMEs fil-perkors kollu tal-iżvilupp tagħhom billi jipprovdu gwida u jwieġbu domandi dwar l-implimentazzjoni ta' dan ir-Regolament. Meta xieraq, dawn il-mezzi jenħtieġ li jaħdmu flimkien biex joħolqu sinerġiji u jiżguraw l-omoġeneità fil-gwida tagħhom lill-SMEs, inkluż in-negozji ġodda, u l-implimentaturi. Jenħtieġ li l-Istati Membri jiffaċilitaw ukoll il-parteċipazzjoni tal-SMEs u ta' partijiet ikkonċernati rilevanti oħra fil-proċess tal-iżvilupp tal-istandardizzazzjoni. Barra minn hekk, meta l-korpi notifikati jistabbilixxu tariffi għall-valutazzjoni tal-konformità, jenħtieġ li jitqiesu l-interessi u l-ħtiġijiet speċifiċi tal-fornituri li huma SMEs, inkluż negozji ġodda. Jenħtieġ li l-Kummissjoni tevalwa b'mod regolari l-kostijiet ta' ċertifikazzjoni u konformità għall-SMEs inkluż għan-negozji ġodda, permezz ta' konsultazzjonijiet trasparenti u jenħtieġ li taħdem mal-Istati Membri biex tnaqqas dawn il-kostijiet. Pereżempju, il-kostijiet tat-traduzzjoni relatata mad-dokumentazzjoni obbligatorja u l-komunikazzjoni mal-awtoritajiet jistgħu jikkostitwixxu kost sinifikanti għall-fornituri u għal operaturi oħra, b'mod partikolari għal dawk fuq skala iżgħar. Jenħtieġ li l-Istati Membri possibbilment jiżguraw li waħda mil-lingwi determinati u aċċettati minnhom għad-dokumentazzjoni tal-fornituri rilevanti u għall-komunikazzjoni mal-operaturi tkun waħda li tinftiehem b'mod wiesa' mill-akbar għadd ta' implimentaturi transfruntieri possibbli. Sabiex jiġu indirizzati l-ħtiġijiet speċifiċi tal-SMEs inkluż tan-negozji ġodda, jenħtieġ li l-Kummissjoni tipprovdi mudelli standardizzati għall-oqsma koperti minn dan ir-Regolament fuq talba tal-Bord. Barra minn hekk, jenħtieġ li l-Kummissjoni tikkomplementa l-isforzi tal-Istati Membri billi tipprovdi pjattaforma ta' informazzjoni unika b'informazzjoni faċli biex tintuża fir-rigward ta' dan ir-Regolament għall-fornituri u l-implimentaturi kollha, billi torganizza kampanji ta' komunikazzjoni adatti biex tqajjem kuxjenza dwar l-obbligi li jirriżultaw minn dan ir-Regolament, u billi tevalwa u tippromwovi l-konverġenza tal-aħjar prattiki fil-proċeduri tal-akkwist pubbliku fir-rigward tas-sistemi tal-IA. Jenħtieġ li l-intrapriżi ta' daqs medju li sa reċentement kienu jikkwalifikaw bħala intrapriżi żgħar skont it-tifsira tal-Anness tar-Rakkomandazzjoni tal-Kummissjoni 2003/361/KE (44) jkollhom aċċess għal dawk il-miżuri ta' appoġġ peress li dawk l-intrapriżi ġodda ta' daqs medju ġodda xi drabi jistgħu ma jkollhomx ir-riżorsi legali u t-taħriġ meħtieġa biex jiżguraw fehim xieraq ta' dan ir-Regolament u konformità miegħu.

(143)

In order to promote and protect innovation, it is important that the interests of SMEs, including start-ups, that are providers or deployers of AI systems are taken into particular account. To that end, Member States should develop initiatives, which are targeted at those operators, including on awareness raising and information communication. Member States should provide SMEs, including start-ups, that have a registered office or a branch in the Union, with priority access to the AI regulatory sandboxes provided that they fulfil the eligibility conditions and selection criteria and without precluding other providers and prospective providers to access the sandboxes provided the same conditions and criteria are fulfilled. Member States should utilise existing channels and where appropriate, establish new dedicated channels for communication with SMEs, including start-ups, deployers, other innovators and, as appropriate, local public authorities, to support SMEs throughout their development path by providing guidance and responding to queries about the implementation of this Regulation. Where appropriate, these channels should work together to create synergies and ensure homogeneity in their guidance to SMEs, including start-ups, and deployers. Additionally, Member States should facilitate the participation of SMEs and other relevant stakeholders in the standardisation development processes. Moreover, the specific interests and needs of providers that are SMEs, including start-ups, should be taken into account when notified bodies set conformity assessment fees. The Commission should regularly assess the certification and compliance costs for SMEs, including start-ups, through transparent consultations and should work with Member States to lower such costs. For example, translation costs related to mandatory documentation and communication with authorities may constitute a significant cost for providers and other operators, in particular those of a smaller scale. Member States should possibly ensure that one of the languages determined and accepted by them for relevant providers’ documentation and for communication with operators is one which is broadly understood by the largest possible number of cross-border deployers. In order to address the specific needs of SMEs, including start-ups, the Commission should provide standardised templates for the areas covered by this Regulation, upon request of the Board. Additionally, the Commission should complement Member States’ efforts by providing a single information platform with easy-to-use information with regards to this Regulation for all providers and deployers, by organising appropriate communication campaigns to raise awareness about the obligations arising from this Regulation, and by evaluating and promoting the convergence of best practices in public procurement procedures in relation to AI systems. Medium-sized enterprises which until recently qualified as small enterprises within the meaning of the Annex to Commission Recommendation 2003/361/EC (44) should have access to those support measures, as those new medium-sized enterprises may sometimes lack the legal resources and training necessary to ensure proper understanding of, and compliance with, this Regulation.

(144)

Sabiex tiġi promossa u protetta l-innovazzjoni, jenħtieġ li l-pjattaforma tal-IA fuq talba, il-programmi u l-proġetti ta' finanzjament rilevanti kollha tal-Unjoni, bħall-Programm Ewropa Diġitali, Orizzont Ewropa, implimentati mill-Kummissjoni u mill-Istati Membri fil-livell tal-Unjoni jew nazzjonali, jikkontribwixxu, kif xieraq, għall-kisba tal-objettivi ta' dan ir-Regolament.

(144)

In order to promote and protect innovation, the AI-on-demand platform, all relevant Union funding programmes and projects, such as Digital Europe Programme, Horizon Europe, implemented by the Commission and the Member States at Union or national level should, as appropriate, contribute to the achievement of the objectives of this Regulation.

(145)

Sabiex jiġu minimizzati r-riskji għall-implimentazzjoni li jirriżultaw minn nuqqas ta' għarfien u kompetenza esperta fis-suq kif ukoll biex tiġi ffaċilitata l-konformità tal-fornituri, b'mod partikolari l-SMEs, inkluż in-negozji ġodda, u l-korpi notifikati mal-obbligi tagħhom skont dan ir-Regolament, jenħtieġ li l-pjattaforma tal-IA fuq talba, iċ-Ċentri Ewropej tal-Innovazzjoni Diġitali u l-Faċilitajiet tal-ittestjar u tal-esperimentazzjoni stabbiliti mill-Kummissjoni u mill-Istati Membri fil-livell tal-Unjoni jew nazzjonali jikkontribwixxu għall-implimentazzjoni ta' dan ir-Regolament. Fil-missjonijiet u l-oqsma ta' kompetenza rispettivi tagħhom, il-pjattaforma tal-IA fuq talba, iċ-Ċentri Ewropej tal-Innovazzjoni Diġitali u l-Faċilitajiet tal-ittestjar u tal-esperimentazzjoni jistgħu jipprovdu b'mod partikolari appoġġ tekniku u xjentifiku lill-fornituri u lill-korpi notifikati.

(145)

In order to minimise the risks to implementation resulting from lack of knowledge and expertise in the market as well as to facilitate compliance of providers, in particular SMEs, including start-ups, and notified bodies with their obligations under this Regulation, the AI-on-demand platform, the European Digital Innovation Hubs and the testing and experimentation facilities established by the Commission and the Member States at Union or national level should contribute to the implementation of this Regulation. Within their respective mission and fields of competence, the AI-on-demand platform, the European Digital Innovation Hubs and the testing and experimentation Facilities are able to provide in particular technical and scientific support to providers and notified bodies.

(146)

Barra minn hekk, fid-dawl tad-daqs żgħir ħafna ta' xi operaturi u sabiex tiġi żgurata l-proporzjonalità fir-rigward tal-kostijiet tal-innovazzjoni, jixraq li l-mikrointrapriżi jitħallew jissodisfaw wieħed mill-aktar obbligi għaljin, jiġifieri l-istabbiliment ta' sistema ta' ġestjoni tal-kwalità, b'mod simplifikat li tnaqqas il-piż amministrattiv u l-kostijiet għal dawk l-intrapriżi mingħajr ma jiġi affettwat il-livell ta' protezzjoni u l-ħtieġa ta' konformità mar-rekwiżiti għas-sistemi tal-IA b'riskju għoli. Jenħtieġ li l-Kummissjoni tiżviluppa linji gwida biex tispeċifika l-elementi tas-sistema ta' ġestjoni tal-kwalità li għandhom jiġu ssodisfati b'dan il-mod simplifikat mill-mikrointrapriżi.

(146)

Moreover, in light of the very small size of some operators and in order to ensure proportionality regarding costs of innovation, it is appropriate to allow microenterprises to fulfil one of the most costly obligations, namely to establish a quality management system, in a simplified manner which would reduce the administrative burden and the costs for those enterprises without affecting the level of protection and the need for compliance with the requirements for high-risk AI systems. The Commission should develop guidelines to specify the elements of the quality management system to be fulfilled in this simplified manner by microenterprises.

(147)

Jixraq li l-Kummissjoni tiffaċilita, sa fejn ikun possibbli, l-aċċess għall-faċilitajiet tal-ittestjar u tal-esperimentazzjoni għall-korpi, il-gruppi jew il-laboratorji stabbiliti jew akkreditati skont kwalunkwe leġiżlazzjoni rilevanti tal-Unjoni dwar l-armonizzazzjoni u li jissodisfaw kompiti fil-kuntest ta' valutazzjoni tal-konformità ta' prodotti jew ta' apparati koperti minn dik il-leġiżlazzjoni tal-Unjoni dwar l-armonizzazzjoni. Dan hu partikolarment il-każ fir-rigward tal-gruppi ta' esperti, il-laboratorji esperti u l-laboratorji ta' referenza fil-qasam tal-apparati mediċi skont ir-Regolamenti (UE) 2017/745 u (UE) 2017/746.

(147)

It is appropriate that the Commission facilitates, to the extent possible, access to testing and experimentation facilities to bodies, groups or laboratories established or accredited pursuant to any relevant Union harmonisation legislation and which fulfil tasks in the context of conformity assessment of products or devices covered by that Union harmonisation legislation. This is, in particular, the case as regards expert panels, expert laboratories and reference laboratories in the field of medical devices pursuant to Regulations (EU) 2017/745 and (EU) 2017/746.

(148)

Jenħtieġ li dan ir-Regolament jistabbilixxi qafas ta' governanza li jippermetti kemm il-koordinazzjoni u l-appoġġ tal-applikazzjoni ta' dan ir-Regolament fil-livell nazzjonali, kif ukoll it-tisħiħ tal-kapaċitajiet fil-livell tal-Unjoni u l-integrazzjoni tal-partijiet ikkonċernati fil-qasam tal-IA. L-implimentazzjoni u l-infurzar effettivi ta' dan ir-Regolament jirrikjedu qafas ta' governanza li jippermetti l-koordinazzjoni u l-bini ta' kompetenza esperta ċentrali fil-livell tal-Unjoni. L-Uffiċċju għall-IA ġie stabbilit b'Deċiżjoni tal-Kummissjoni (45) u għandu bħala l-missjoni tiegħu li jiżviluppa l-għarfien espert u l-kapaċitajiet tal-Unjoni fil-qasam tal-IA u li jikkontribwixxi għall-implimentazzjoni tal-liġi tal-Unjoni dwar l-IA. Jenħtieġ li l-Istati Membri jiffaċilitaw il-kompiti tal-Uffiċċju għall-IA bil-ħsieb li jiġi appoġġat l-iżvilupp tal-kompetenza esperta u l-kapaċitajiet tal-Unjoni fil-livell tal-Unjoni u li jissaħħaħ il-funzjonament tas-suq uniku diġitali. Barra minn hekk, jenħtieġ li jiġi stabbilit Bord magħmul minn rappreżentanti tal-Istati Membri, bord għall-integrazzjoni tal-komunità xjentifika u forum konsultattiv biex jikkontribwixxi l-kontribut tal-partijiet ikkonċernati għall-implimentazzjoni ta' dan ir-Regolament, fil-livell tal-Unjoni u dak nazzjonali. Jenħtieġ li l-iżvilupp tal-kompetenza esperta u tal-kapaċitajiet tal-Unjoni jinkludi wkoll l-użu tar-riżorsi u l-kompetenza esperta eżistenti, b'mod partikolari permezz ta' sinerġiji ma' strutturi mibnija fil-kuntest tal-infurzar fil-livell tal-Unjoni ta' liġijiet u sinerġiji oħra ma' inizjattivi relatati fil-livell tal-Unjoni, bħall-Impriża Konġunta EuroHPC u l-faċilitajiet tal-ittestjar u tal-esperimentazzjoni tal-IA taħt il-Programm Ewropa Diġitali.

(148)

This Regulation should establish a governance framework that both allows to coordinate and support the application of this Regulation at national level, as well as build capabilities at Union level and integrate stakeholders in the field of AI. The effective implementation and enforcement of this Regulation require a governance framework that allows to coordinate and build up central expertise at Union level. The AI Office was established by Commission Decision (45) and has as its mission to develop Union expertise and capabilities in the field of AI and to contribute to the implementation of Union law on AI. Member States should facilitate the tasks of the AI Office with a view to support the development of Union expertise and capabilities at Union level and to strengthen the functioning of the digital single market. Furthermore, a Board composed of representatives of the Member States, a scientific panel to integrate the scientific community and an advisory forum to contribute stakeholder input to the implementation of this Regulation, at Union and national level, should be established. The development of Union expertise and capabilities should also include making use of existing resources and expertise, in particular through synergies with structures built up in the context of the Union level enforcement of other law and synergies with related initiatives at Union level, such as the EuroHPC Joint Undertaking and the AI testing and experimentation facilities under the Digital Europe Programme.

(149)

Sabiex tiġi ffaċilitata implimentazzjoni bla xkiel, effettiva u armonizzata ta' dan ir-Regolament, jenħtieġ jiġi stabbilit Bord. Jenħtieġ li l-Bord jirrifletti d-diversi interessi tal-ekosistema tal-IA u jkun magħmul minn rappreżentanti tal-Istati Membri. Jenħtieġ li l-Bord ikun responsabbli għal għadd ta' kompiti konsultattivi, inkluż l-għoti ta' opinjonijiet, rakkomandazzjonijiet, pariri jew kontribut għall-gwida dwar kwistjonijiet relatati mal-implimentazzjoni ta' dan ir-Regolament, inkluż dwar kwistjonijiet ta' infurzar, speċifikazzjonijiet tekniċi jew standards eżistenti rigward ir-rekwiżiti stipulati f'dan ir-Regolament u l-għoti ta' pariri lill-Kummissjoni u lill-Istati Membri u l-awtoritajiet nazzjonali kompetenti tagħhom dwar kwistjonijiet speċifiċi relatati mal-IA. Sabiex tingħata xi flessibbiltà lill-Istati Membri fid-deżinjazzjoni tar-rappreżentanti tagħhom fil-Bord, tali rappreżentanti jistgħu jkunu kwalunkwe persuna li tappartjeni għal entitajiet pubbliċi li jenħtieġ li jkollha l-kompetenzi u s-setgħat rilevanti biex tiffaċilita l-koordinazzjoni fil-livell nazzjonali u tikkontribwixxi għall-kisba tal-kompiti tal-Bord. Jenħtieġ li l-Bord jistabbilixxi żewġ sottogruppi permanenti biex tiġi pprovduta pjattaforma għall-kooperazzjoni u l-iskambju fost l-awtoritajiet tas-sorveljanza tas-suq u l-awtoritajiet tan-notifika dwar kwistjonijiet relatati rispettivament mas-sorveljanza tas-suq u l-korpi notifikati. Jenħtieġ li s-sottogrupp permanenti għas-sorveljanza tas-suq jaġixxi bħala l-grupp ta' kooperazzjoni amministrattiva (ADCO) għal dan ir-Regolament skont it-tifsira tal-Artikolu 30 tar-Regolament (UE) 2019/1020. F'konformità mal-Artikolu 33 ta' dak ir-Regolament, jenħtieġ li l-Kummissjoni tappoġġa l-attivitajiet tas-sottogrupp permanenti għas-sorveljanza tas-suq billi twettaq evalwazzjonijiet jew studji tas-suq, partikolarment bil-ħsieb li tidentifika aspetti ta' dan ir-Regolament li jirrikjedu koordinazzjoni speċifika u urġenti fost l-awtoritajiet tas-sorveljanza tas-suq. Il-Bord jista' jistabbilixxi sottogruppi permanenti jew temporanji oħra kif xieraq għall-fini tal-eżaminazzjoni ta' kwistjonijiet speċifiċi. Jenħtieġ li l-Bord jikkoopera wkoll, kif xieraq, mal-korpi, il-gruppi ta' esperti u n-networks rilevanti tal-Unjoni attivi fil-kuntest tal-liġijiet rilevanti tal-Unjoni, inkluż b'mod partikolari dawk attivi skont il-liġijiet rilevanti tal-Unjoni dwar id-data, il-prodotti u s-servizzi diġitali.

(149)

In order to facilitate a smooth, effective and harmonised implementation of this Regulation a Board should be established. The Board should reflect the various interests of the AI eco-system and be composed of representatives of the Member States. The Board should be responsible for a number of advisory tasks, including issuing opinions, recommendations, advice or contributing to guidance on matters related to the implementation of this Regulation, including on enforcement matters, technical specifications or existing standards regarding the requirements established in this Regulation and providing advice to the Commission and the Member States and their national competent authorities on specific questions related to AI. In order to give some flexibility to Member States in the designation of their representatives in the Board, such representatives may be any persons belonging to public entities who should have the relevant competences and powers to facilitate coordination at national level and contribute to the achievement of the Board’s tasks. The Board should establish two standing sub-groups to provide a platform for cooperation and exchange among market surveillance authorities and notifying authorities on issues related, respectively, to market surveillance and notified bodies. The standing subgroup for market surveillance should act as the administrative cooperation group (ADCO) for this Regulation within the meaning of Article 30 of Regulation (EU) 2019/1020. In accordance with Article 33 of that Regulation, the Commission should support the activities of the standing subgroup for market surveillance by undertaking market evaluations or studies, in particular with a view to identifying aspects of this Regulation requiring specific and urgent coordination among market surveillance authorities. The Board may establish other standing or temporary sub-groups as appropriate for the purpose of examining specific issues. The Board should also cooperate, as appropriate, with relevant Union bodies, experts groups and networks active in the context of relevant Union law, including in particular those active under relevant Union law on data, digital products and services.

(150)

Bil-ħsieb li jiġi żgurat l-involviment tal-partijiet ikkonċernati fl-implimentazzjoni u l-applikazzjoni ta' dan ir-Regolament, jenħtieġ li jiġi stabbilit forum konsultattiv biex jagħti pariri u jipprovdi kompetenza esperta teknika lill-Bord u lill-Kummissjoni. Sabiex tiġi żgurata rappreżentanza varjata u bbilanċjata tal-partijiet ikkonċernati bejn l-interess kummerċjali u dak mhux kummerċjali u, fil-kategorija tal-interessi kummerċjali, fir-rigward tal-SMEs u impriżi oħra, jenħtieġ li l-forum konsultattiv jinkludi, fost l-oħrajn, l-industrija, in-negozji ġodda, l-SMEs, id-dinja akkademika, is-soċjetà ċivili, inkluż is-sħab soċjali, kif ukoll l-Aġenzija għad-Drittijiet Fundamentali, l-ENISA, il-Kumitat Ewropew għall-Istandardizzazzjoni (CEN), il-Kumitat Ewropew għall-Istandardizzazzjoni Elettroteknika (CENELEC) u l-Istitut Ewropew tal-Istandards tat-Telekomunikazzjoni (ETSI).

(150)

With a view to ensuring the involvement of stakeholders in the implementation and application of this Regulation, an advisory forum should be established to advise and provide technical expertise to the Board and the Commission. To ensure a varied and balanced stakeholder representation between commercial and non-commercial interest and, within the category of commercial interests, with regards to SMEs and other undertakings, the advisory forum should comprise inter alia industry, start-ups, SMEs, academia, civil society, including the social partners, as well as the Fundamental Rights Agency, ENISA, the European Committee for Standardization (CEN), the European Committee for Electrotechnical Standardization (CENELEC) and the European Telecommunications Standards Institute (ETSI).

(151)

Jenħtieġ li jiġi stabbilit bord ta' esperti indipendenti biex jiġu appoġġati l-implimentazzjoni u l-infurzar ta' dan ir-Regolament, b'mod partikolari l-attivitajiet ta' monitoraġġ tal-Uffiċċju għall-IA fir-rigward tal-mudelli tal-IA bi skop ġenerali. Jenħtieġ li l-esperti indipendenti li jikkostitwixxu l-bord jintgħażlu abbażi ta' kompetenza esperta xjentifika jew teknika aġġornata fil-qasam tal-IA u għandhom iwettqu l-kompiti tagħhom b'imparzjalità u oġġettività u jiżguraw il-kunfidenzjalità tal-informazzjoni u tad-data miksuba fit-twettiq tal-kompiti u l-attivitajiet tagħhom. Sabiex ikun possibli t-tisħiħ tal-kapaċitajiet nazzjonali meħtieġa għall-infurzar effettiv ta' dan ir-Regolament, jenħtieġ li l-Istati Membri jkunu jistgħu jitolbu appoġġ mill-grupp ta' esperti li jikkostitwixxu l-bord għall-attivitajiet ta' infurzar tagħhom.

(151)

To support the implementation and enforcement of this Regulation, in particular the monitoring activities of the AI Office as regards general-purpose AI models, a scientific panel of independent experts should be established. The independent experts constituting the scientific panel should be selected on the basis of up-to-date scientific or technical expertise in the field of AI and should perform their tasks with impartiality, objectivity and ensure the confidentiality of information and data obtained in carrying out their tasks and activities. To allow the reinforcement of national capacities necessary for the effective enforcement of this Regulation, Member States should be able to request support from the pool of experts constituting the scientific panel for their enforcement activities.

(152)

Jenħtieġ li jiġu stabbiliti u mqiegħda għad-dispożizzjoni tal-Istati Membri, strutturi ta' appoġġ tal-Unjoni għall-ittestjar tal-IA sabiex jiġi appoġġat l-infurzar adegwat fir-rigward tas-sistemi tal-IA u jissaħħu l-kapaċitajiet tal-Istati Membri.

(152)

In order to support adequate enforcement as regards AI systems and reinforce the capacities of the Member States, Union AI testing support structures should be established and made available to the Member States.

(153)

L-Istati Membri jaqdu rwol ewlieni fl-applikazzjoni u fl-infurzar ta' dan ir-Regolament. F'dak ir-rigward, jenħtieġ li kull Stat Membru jiddeżinja minn tal-inqas awtorità tan-notifika waħda u minn tal-inqas awtorità tas-sorveljanza tas-suq waħda bħala awtoritajiet kompetenti nazzjonali bil-għan li jiġu ssorveljati l-applikazzjoni u l-implimentazzjoni ta' dan ir-Regolament. L-Istati Membri jistgħu jiddeċiedu li jaħtru kwalunkwe tip ta' entità pubblika biex twettaq il-kompiti tal-awtoritajiet kompetenti nazzjonali skont it-tifsira ta' dan ir-Regolament, f'konformità mal-karatteristiċi u l-ħtiġijiet organizzattivi nazzjonali speċifiċi tagħhom. Sabiex tiżdied l-effiċjenza tal-organizzazzjoni fuq in-naħa tal-Istati Membri u biex jiġi stabbilit punt uniku ta' kuntatt għall-pubbliku u għal kontropartijiet oħra fil-livell tal-Istati Membri u f'dak tal-Unjoni, jenħtieġ li kull Stat Membru jiddeżinja awtorità tas-sorveljanza tas-suq biex taġixxi bħala punt uniku ta' kuntatt.

(153)

Member States hold a key role in the application and enforcement of this Regulation. In that respect, each Member State should designate at least one notifying authority and at least one market surveillance authority as national competent authorities for the purpose of supervising the application and implementation of this Regulation. Member States may decide to appoint any kind of public entity to perform the tasks of the national competent authorities within the meaning of this Regulation, in accordance with their specific national organisational characteristics and needs. In order to increase organisation efficiency on the side of Member States and to set a single point of contact vis-à-vis the public and other counterparts at Member State and Union levels, each Member State should designate a market surveillance authority to act as a single point of contact.

(154)

Jenħtieġ li l-awtoritajiet kompetenti nazzjonali jeżerċitaw is-setgħat tagħhom b'mod indipendenti, imparzjali u mingħajr preġudizzju sabiex jissalvagwardaw il-prinċipji tal-oġġettività tal-attivitajiet u l-kompiti tagħhom u biex jiżguraw l-applikazzjoni u l-implimentazzjoni ta' dan ir-Regolament. Jenħtieġ li l-membri ta' dawn l-awtoritajiet joqogħdu lura minn kwalunkwe azzjoni inkompatibbli mad-dmirijiet tagħhom u jenħtieġ li jkunu soġġetti għal regoli ta' kunfidenzjalità skont dan ir-Regolament.

(154)

The national competent authorities should exercise their powers independently, impartially and without bias, so as to safeguard the principles of objectivity of their activities and tasks and to ensure the application and implementation of this Regulation. The members of these authorities should refrain from any action incompatible with their duties and should be subject to confidentiality rules under this Regulation.

(155)

Sabiex ikun żgurat li l-fornituri tas-sistemi tal-IA b'riskju għoli jkunu jistgħu jqisu l-esperjenza bl-użu tas-sistemi tal-IA b'riskju għoli għat-titjib tas-sistemi tagħhom u tal-proċess tad-disinn u l-iżvilupp, jew ikunu jistgħu jieħdu xi azzjoni korrettiva possibbli fil-ħin, jenħtieġ li l-fornituri kollha jkollhom fis-seħħ sistema ta' sorveljanza ta' wara t-tqegħid fis-suq. Meta jkun rilevanti, jenħtieġ li s-sorveljanza ta' wara t-tqegħid fis-suq tinkludi analiżi tal-interazzjoni ma' sistemi oħra tal-IA inkluż apparati u software ieħor. Jenħtieġ li s-sorveljanza ta' wara t-tqegħid fis-suq ma tkoprix data operazzjonali sensittiva ta' implimentaturi li huma awtoritajiet tal-infurzar tal-liġi. Din is-sistema hi kruċjali wkoll biex ikun żgurat li r-riskji possibbli li jirriżultaw mis-sistemi tal-IA li jkomplu “jitgħallmu” wara li jiġu introdotti fis-suq jew jitqiegħdu fis-servizz ikunu jistgħu jiġu indirizzati b'mod aktar effiċjenti u fil-ħin. F'dan il-kuntest, jenħtieġ li l-fornituri jkunu wkoll meħtieġa jkollhom fis-seħħ sistema biex jirrapportaw lura lill-awtoritajiet rilevanti kwalunkwe inċident serju li jirriżulta mill-użu tas-sistemi tal-IA tagħhom, jiġifieri inċident jew funzjonament ħażin li jwassal għal mewt jew ħsara serja għas-saħħa, tfixkil serju u irriversibbli tal-ġestjoni u tal-operat ta' infrastruttura kritika, ksur tal-obbligi skont liġijiet tal-Unjoni maħsuba biex jipproteġu d-drittijiet fundamentali jew dannu serju lill-proprjetà jew lill-ambjent.

(155)

In order to ensure that providers of high-risk AI systems can take into account the experience on the use of high-risk AI systems for improving their systems and the design and development process or can take any possible corrective action in a timely manner, all providers should have a post-market monitoring system in place. Where relevant, post-market monitoring should include an analysis of the interaction with other AI systems including other devices and software. Post-market monitoring should not cover sensitive operational data of deployers which are law enforcement authorities. This system is also key to ensure that the possible risks emerging from AI systems which continue to ‘learn’ after being placed on the market or put into service can be more efficiently and timely addressed. In this context, providers should also be required to have a system in place to report to the relevant authorities any serious incidents resulting from the use of their AI systems, meaning incident or malfunctioning leading to death or serious damage to health, serious and irreversible disruption of the management and operation of critical infrastructure, infringements of obligations under Union law intended to protect fundamental rights or serious damage to property or the environment.

(156)

Sabiex ikun żgurat infurzar xieraq u effettiv tar-rekwiżiti u l-obbligi stipulati b'dan ir-Regolament, li huwa leġiżlazzjoni tal-Unjoni dwar l-armonizzazzjoni, jenħtieġ li s-sistema tas-sorveljanza tas-suq u tal-konformità tal-prodotti stabbilita bir-Regolament (UE) 2019/1020 tapplika fl-intier tagħha. Jenħtieġ li l-awtoritajiet tas-sorveljanza tas-suq deżinjati skont dan ir-Regolament ikollhom is-setgħat kollha ta' infurzar stabbiliti f'dan ir-Regolament u fir-Regolament (UE) 2019/1020 u jenħtieġ li jeżerċitaw is-setgħat tagħhom u jwettqu dmirijiethom b'mod indipendenti, imparzjali u mingħajr preġudizzju. Minkejja li l-maġġoranza tas-sistemi tal-IA mhumiex soġġetti għal rekwiżiti u obbligi speċifiċi skont dan ir-Regolament, l-awtoritajiet tas-sorveljanza tas-suq jistgħu jieħdu miżuri fir-rigward tas-sistemi kollha tal-IA meta jippreżentaw riskju f'konformità ma' dan ir-Regolament. Minħabba n-natura speċifika tal-istituzzjonijiet, l-aġenziji u l-korpi tal-Unjoni li jaqgħu fil-kamp ta' applikazzjoni ta' dan ir-Regolament, huwa xieraq li l-Kontrollur Ewropew għall-Protezzjoni tad-Data jiġi deżinjat bħala awtorità kompetenti tas-sorveljanza tas-suq għalihom. Jenħtieġ li dan ikun mingħajr preġudizzju għad-deżinjazzjoni tal-awtoritajiet nazzjonali kompetenti mill-Istati Membri. Jenħtieġ li l-attivitajiet ta' sorveljanza tas-suq ma jaffettwawx il-kapaċità tal-entitajiet taħt superviżjoni li jwettqu l-kompiti tagħhom b'mod indipendenti, meta tali indipendenza tkun meħtieġa mil-liġi tal-Unjoni.

(156)

In order to ensure an appropriate and effective enforcement of the requirements and obligations set out by this Regulation, which is Union harmonisation legislation, the system of market surveillance and compliance of products established by Regulation (EU) 2019/1020 should apply in its entirety. Market surveillance authorities designated pursuant to this Regulation should have all enforcement powers laid down in this Regulation and in Regulation (EU) 2019/1020 and should exercise their powers and carry out their duties independently, impartially and without bias. Although the majority of AI systems are not subject to specific requirements and obligations under this Regulation, market surveillance authorities may take measures in relation to all AI systems when they present a risk in accordance with this Regulation. Due to the specific nature of Union institutions, agencies and bodies falling within the scope of this Regulation, it is appropriate to designate the European Data Protection Supervisor as a competent market surveillance authority for them. This should be without prejudice to the designation of national competent authorities by the Member States. Market surveillance activities should not affect the ability of the supervised entities to carry out their tasks independently, when such independence is required by Union law.

(157)

Dan ir-Regolament huwa mingħajr preġudizzju għall-kompetenzi, il-kompiti, is-setgħat u l-indipendenza tal-awtoritajiet jew il-korpi pubbliċi nazzjonali rilevanti li jissorveljaw l-applikazzjoni tal-liġi tal-Unjoni li tipproteġi d-drittijiet fundamentali, inkluż il-korpi tal-ugwaljanza u l-awtoritajiet tal-protezzjoni tad-data. Fejn meħtieġ għall-mandat tagħhom, jenħtieġ li dawk l-awtoritajiet jew il-korpi pubbliċi jkollhom aċċess ukoll għal kwalunkwe dokumentazzjoni maħluqa skont dan ir-Regolament. Jenħtieġ li tiġi stabbilita proċedura ta' salvagwardja speċifika biex jiġi żgurat infurzar adegwat u f'waqtu kontra s-sistemi tal-IA li jippreżentaw riskju għas-saħħa, is-sikurezza u d-drittijiet fundamentali. Jenħtieġ li l-proċedura għal tali sistemi tal-IA li jippreżentaw riskju tiġi applikata għas-sistemi tal-IA b'riskju għoli li jippreżentaw riskju, għas-sistemi pprojbiti li ġew introdotti fis-suq, tqiegħdu fis-servizz jew ntużaw bi ksur tal-prattiki pprojbiti stabbiliti f'dan ir-Regolament u għas-sistemi tal-IA li saru disponibbli bi ksur tar-rekwiżiti ta' trasparenza stabbiliti f'dan ir-Regolament u li jippreżentaw riskju.

(157)

This Regulation is without prejudice to the competences, tasks, powers and independence of relevant national public authorities or bodies which supervise the application of Union law protecting fundamental rights, including equality bodies and data protection authorities. Where necessary for their mandate, those national public authorities or bodies should also have access to any documentation created under this Regulation. A specific safeguard procedure should be set for ensuring adequate and timely enforcement against AI systems presenting a risk to health, safety and fundamental rights. The procedure for such AI systems presenting a risk should be applied to high-risk AI systems presenting a risk, prohibited systems which have been placed on the market, put into service or used in violation of the prohibited practices laid down in this Regulation and AI systems which have been made available in violation of the transparency requirements laid down in this Regulation and present a risk.

(158)

Il-liġi tal-Unjoni dwar is-servizzi finanzjarji tinkludi regoli u rekwiżiti interni dwar il-governanza u l-ġestjoni tar-riskju li huma applikabbli għall-istituzzjonijiet finanzjarji regolati waqt il-forniment ta' dawk is-servizzi, inkluż meta jużaw is-sistemi tal-IA. Sabiex ikunu żgurati applikazzjoni u infurzar koerenti tal-obbligi skont dan ir-Regolament u tar-regoli u r-rekwiżiti rilevanti tal-atti legali tal-Unjoni dwar is-servizzi finanzjarji, jenħtieġ li l-awtoritajiet kompetenti għas-superviżjoni u l-infurzar ta' dawk l-atti legali, b'mod partikolari l-awtoritajiet kompetenti kif definiti fir-Regolament (UE) Nru 575/2013 tal-Parlament Ewropew u tal-Kunsill (46) u d-Direttivi 2008/48/KE (47), 2009/138/KE (48), 2013/36/UE (49), 2014/17/UE (50) u (UE) 2016/97 (51) tal-Parlament Ewropew u tal-Kunsill, jiġu ddeżinjati, fil-kompetenzi rispettivi tagħhom, bħala awtoritajiet kompetenti għall-fini tas-superviżjoni tal-implimentazzjoni ta' dan ir-Regolament, inkluż għal attivitajiet ta' sorveljanza tas-suq, fir-rigward tas-sistemi tal-IA pprovduti jew użati minn istituzzjonijiet finanzjarji regolati u sorveljati sakemm l-Istati Membri ma jiddeċidux li jiddeżinjaw awtorità oħra biex twettaq dawn il-kompiti ta' sorveljanza tas-suq. Jenħtieġ li dawk l-awtoritajiet kompetenti jkollhom is-setgħat kollha skont dan ir-Regolament u r-Regolament (UE) 2019/1020 biex jinfurzaw ir-rekwiżiti u l-obbligi ta' dan ir-Regolament, inkluż is-setgħat li jwettqu l-attivitajiet ta' sorveljanza tas-suq ex post li jistgħu jiġu integrati, kif xieraq, fil-mekkaniżmi u l-proċeduri superviżorji eżistenti tagħhom skont il-liġi rilevanti tal-Unjoni dwar is-servizzi finanzjarji. Huwa xieraq li jiġi previst li jenħtieġ li, meta jaġixxu bħala awtoritajiet tas-sorveljanza tas-suq skont dan ir-Regolament, l-awtoritajiet nazzjonali responsabbli għas-superviżjoni tal-istituzzjonijiet ta' kreditu regolati skont id-Direttiva 2013/36/UE, li jkunu qed jipparteċipaw fil-Mekkaniżmu Superviżorju Uniku stabbilit bir-Regolament tal-Kunsill (UE) Nru 1024/2013 (52), jirrappurtaw, mingħajr dewmien, lill-Bank Ċentrali Ewropew kwalunkwe informazzjoni identifikata matul l-attivitajiet tagħhom ta' sorveljanza tas-suq li tista' tkun ta' interess potenzjali għall-kompiti superviżorji prudenzjali tal-Bank Ċentrali Ewropew kif speċifikat f'dak ir-Regolament. Biex tkompli tissaħħaħ il-konsistenza bejn dan ir-Regolament u r-regoli applikabbli għall-istituzzjonijiet ta' kreditu rregolati skont id-Direttiva 2013/36/UE, jixraq ukoll li xi wħud mill-obbligi proċedurali tal-fornituri fir-rigward tal-ġestjoni tar-riskju, il-monitoraġġ ta' wara t-tqegħid fis-suq u tad-dokumentazzjoni jiġu integrati fl-obbligi u l-proċeduri eżistenti skont id-Direttiva 2013/36/UE. Sabiex ikun evitat it-trikkib, jenħtieġ li jiġu previsti wkoll derogi limitati fir-rigward tas-sistema ta' ġestjoni tal-kwalità tal-fornituri u l-obbligu ta' monitoraġġ impost fuq l-implimentaturi ta' sistemi tal-IA b'riskju għoli sa fejn dawn ikunu japplikaw għall-istituzzjonijiet ta' kreditu regolati bid-Direttiva 2013/36/UE. Jenħtieġ li l-istess reġim japplika għall-impriżi tal-assigurazzjoni u tar-riassigurazzjoni u l-kumpaniji azzjonarji tal-assigurazzjoni skont id-Direttiva 2009/138/KE u l-intermedjarji tal-assigurazzjoni skont id-Direttiva (UE) 2016/97 u tipi oħra ta' istituzzjonijiet finanzjarji soġġetti għal rekwiżiti rigward il-governanza interna, l-arranġamenti jew il-proċessi stabbiliti skont il-liġi rilevanti tal-Unjoni dwar is-servizzi finanzjarji biex jiġu żgurati l-konsistenza u t-trattament ugwali fis-settur finanzjarju.

(158)

Union financial services law includes internal governance and risk-management rules and requirements which are applicable to regulated financial institutions in the course of provision of those services, including when they make use of AI systems. In order to ensure coherent application and enforcement of the obligations under this Regulation and relevant rules and requirements of the Union financial services legal acts, the competent authorities for the supervision and enforcement of those legal acts, in particular competent authorities as defined in Regulation (EU) No 575/2013 of the European Parliament and of the Council (46) and Directives 2008/48/EC (47), 2009/138/EC (48), 2013/36/EU (49), 2014/17/EU (50) and (EU) 2016/97 (51) of the European Parliament and of the Council, should be designated, within their respective competences, as competent authorities for the purpose of supervising the implementation of this Regulation, including for market surveillance activities, as regards AI systems provided or used by regulated and supervised financial institutions unless Member States decide to designate another authority to fulfil these market surveillance tasks. Those competent authorities should have all powers under this Regulation and Regulation (EU) 2019/1020 to enforce the requirements and obligations of this Regulation, including powers to carry our ex post market surveillance activities that can be integrated, as appropriate, into their existing supervisory mechanisms and procedures under the relevant Union financial services law. It is appropriate to envisage that, when acting as market surveillance authorities under this Regulation, the national authorities responsible for the supervision of credit institutions regulated under Directive 2013/36/EU, which are participating in the Single Supervisory Mechanism established by Council Regulation (EU) No 1024/2013 (52), should report, without delay, to the European Central Bank any information identified in the course of their market surveillance activities that may be of potential interest for the European Central Bank’s prudential supervisory tasks as specified in that Regulation. To further enhance the consistency between this Regulation and the rules applicable to credit institutions regulated under Directive 2013/36/EU, it is also appropriate to integrate some of the providers’ procedural obligations in relation to risk management, post marketing monitoring and documentation into the existing obligations and procedures under Directive 2013/36/EU. In order to avoid overlaps, limited derogations should also be envisaged in relation to the quality management system of providers and the monitoring obligation placed on deployers of high-risk AI systems to the extent that these apply to credit institutions regulated by Directive 2013/36/EU. The same regime should apply to insurance and re-insurance undertakings and insurance holding companies under Directive 2009/138/EC and the insurance intermediaries under Directive (EU) 2016/97 and other types of financial institutions subject to requirements regarding internal governance, arrangements or processes established pursuant to the relevant Union financial services law to ensure consistency and equal treatment in the financial sector.

(159)

Jenħtieġ li kull awtorità tas-sorveljanza tas-suq għal sistemi tal-IA b'riskju għoli fil-qasam tal-bijometrika, kif elenkati f'anness ta' dan ir-Regolament sakemm dawk is-sistemi jintużaw għall-finijiet tal-infurzar tal-liġi, il-migrazzjoni, l-ażil u l-ġestjoni tal-kontroll fil-fruntieri, jew tal-amministrazzjoni tal-ġustizzja u tal-proċessi demokratiċi, ikollha setgħat investigattivi u korrettivi effettivi, inkluż mill-inqas is-setgħa li tikseb aċċess għad-data personali kollha li tkun qed tiġi pproċessata u għall-informazzjoni kollha meħtieġa għat-twettiq tal-kompiti tagħha. Jenħtieġ li l-awtoritajiet tas-sorveljanza tas-suq ikunu jistgħu jeżerċitaw is-setgħat tagħhom billi jaġixxu b'indipendenza sħiħa. Jenħtieġ li kwalunkwe limitazzjoni tal-aċċess tagħhom għal data operazzjonali sensittiva skont dan ir-Regolament tkun mingħajr preġudizzju għas-setgħat mogħtija lilhom mid-Direttiva (UE) 2016/680. Jenħtieġ li l-ebda esklużjoni fuq id-divulgazzjoni tad-data lill-awtoritajiet tal-protezzjoni tad-data nazzjonali skont dan ir-Regolament ma taffettwa s-setgħat attwali jew futuri ta' dawk l-awtoritajiet lil hinn mill-kamp ta' applikazzjoni ta' dan ir-Regolament.

(159)

Each market surveillance authority for high-risk AI systems in the area of biometrics, as listed in an annex to this Regulation insofar as those systems are used for the purposes of law enforcement, migration, asylum and border control management, or the administration of justice and democratic processes, should have effective investigative and corrective powers, including at least the power to obtain access to all personal data that are being processed and to all information necessary for the performance of its tasks. The market surveillance authorities should be able to exercise their powers by acting with complete independence. Any limitations of their access to sensitive operational data under this Regulation should be without prejudice to the powers conferred to them by Directive (EU) 2016/680. No exclusion on disclosing data to national data protection authorities under this Regulation should affect the current or future powers of those authorities beyond the scope of this Regulation.

(160)

Jenħtieġ li l-awtoritajiet tas-sorveljanza tas-suq u l-Kummissjoni jkunu jistgħu jipproponu attivitajiet konġunti, inkluż investigazzjonijiet konġunti, li għandhom jitwettqu mill-awtoritajiet tas-sorveljanza tas-suq jew mill-awtoritajiet tas-sorveljanza tas-suq b'mod konġunt mal-Kummissjoni, li jkollhom l-għan li jippromwovu l-konformità, jidentifikaw in-nonkonformità, iqajmu kuxjenza u jipprovdu gwida fir-rigward ta' dan ir-Regolament b'rabta ma' kategoriji speċifiċi ta' sistemi tal-IA b'riskju għoli li jinstabu li jippreżentaw riskju serju f'żewġ Stati Membri jew aktar. Jenħtieġ li l-attivitajiet konġunti għall-promozzjoni tal-konformità jitwettqu f'konformità mal-Artikolu 9 tar-Regolament (UE)2019/1020. Jenħtieġ li l-Uffiċċju għall-IA jipprovdi appoġġ ta' koordinazzjoni għall-investigazzjonijiet konġunti.

(160)

The market surveillance authorities and the Commission should be able to propose joint activities, including joint investigations, to be conducted by market surveillance authorities or market surveillance authorities jointly with the Commission, that have the aim of promoting compliance, identifying non-compliance, raising awareness and providing guidance in relation to this Regulation with respect to specific categories of high-risk AI systems that are found to present a serious risk across two or more Member States. Joint activities to promote compliance should be carried out in accordance with Article 9 of Regulation (EU) 2019/1020. The AI Office should provide coordination support for joint investigations.

(161)

Jenħtieġ li jiġu ċċarati r-responsabbiltajiet u l-kompetenzi fil-livell tal-Unjoni u dak nazzjonali fir-rigward tas-sistemi tal-IA li huma mibnija fuq mudelli tal-IA bi skop ġenerali. Biex jiġu evitati kompetenzi duplikati, meta sistema tal-IA tkun ibbażata fuq mudell tal-IA bi skop ġenerali u l-mudell u s-sistema jiġu pprovduti mill-istess fornitur, jenħtieġ li s-superviżjoni ssir fil-livell tal-Unjoni permezz tal-Uffiċċju għall-IA, li għandu jkollu s-setgħat ta' awtorità tas-sorveljanza tas-suq skont it-tifsira tar-Regolament (UE) 2019/1020 għal dan il-għan. Fil-każijiet l-oħra kollha, l-awtoritajiet tas-sorveljanza tas-suq nazzjonali jibqgħu responsabbli għas-superviżjoni tas-sistemi tal-IA. Madankollu, għal sistemi tal-IA bi skop ġenerali li jistgħu jintużaw direttament mill-implimentaturi għal mill-inqas skop wieħed li huwa kklassifikat bħala b'riskju għoli, jenħtieġ li l-awtoritajiet tas-sorveljanza tas-suq jikkooperaw mal-Uffiċċju għall-IA biex iwettqu evalwazzjonijiet tal-konformità u jinfurmaw lill-Bord u lill-awtoritajiet tas-sorveljanza tas-suq l-oħra skont il-każ. Barra minn hekk, meta l-awtorità tas-sorveljanza tas-suq ma tkunx tista' tikkonkludi investigazzjoni dwar sistema tal-IA b'riskju għoli minħabba li ma jkollhiex aċċess għal ċerta informazzjoni relatata mal-mudell tal-IA bi skop ġenerali li fuqu tkun mibnija s-sistema tal-IA b'riskju għoli, jenħtieġ li l-awtoritajiet tas-sorveljanza tas-suq ikunu jistgħu jitolbu għajnuna mill-Uffiċċju għall-IA. F'każijiet bħal dawn, jenħtieġ li tapplika mutatis mutandis il-proċedura rigward l-assistenza reċiproka f'każijiet transfruntieri fil-Kapitolu VI tar-Regolament (UE) 2019/1020.

(161)

It is necessary to clarify the responsibilities and competences at Union and national level as regards AI systems that are built on general-purpose AI models. To avoid overlapping competences, where an AI system is based on a general-purpose AI model and the model and system are provided by the same provider, the supervision should take place at Union level through the AI Office, which should have the powers of a market surveillance authority within the meaning of Regulation (EU) 2019/1020 for this purpose. In all other cases, national market surveillance authorities remain responsible for the supervision of AI systems. However, for general-purpose AI systems that can be used directly by deployers for at least one purpose that is classified as high-risk, market surveillance authorities should cooperate with the AI Office to carry out evaluations of compliance and inform the Board and other market surveillance authorities accordingly. Furthermore, market surveillance authorities should be able to request assistance from the AI Office where the market surveillance authority is unable to conclude an investigation on a high-risk AI system because of its inability to access certain information related to the general-purpose AI model on which the high-risk AI system is built. In such cases, the procedure regarding mutual assistance in cross-border cases in Chapter VI of Regulation (EU) 2019/1020 should apply mutatis mutandis.

(162)

Biex isir l-aħjar użu mill-kompetenza esperta u s-sinerġiji ċentralizzati tal-Unjoni fil-livell tal-Unjoni, jenħtieġ li s-setgħat ta' superviżjoni u infurzar tal-obbligi fuq il-fornituri ta' mudelli tal-IA bi skop ġenerali jkunu kompetenza tal-Kummissjoni. Jenħtieġ li l-Uffiċċju għall-IA jkun jista' jwettaq l-azzjonijiet kollha meħtieġa biex jissorvelja l-implimentazzjoni effettiva ta' dan ir-Regolament fir-rigward tal-mudelli tal-IA bi skop ġenerali. Jenħtieġ li jkun jista' jinvestiga ksur possibbli tar-regoli dwar il-fornituri ta' mudelli tal-IA bi skop ġenerali kemm fuq inizjattiva tiegħu stess, b'segwitu għar-riżultati tal-attivitajiet ta' monitoraġġ tiegħu, kif ukoll fuq talba mill-awtoritajiet tas-sorveljanza tas-suq f'konformità mal-kundizzjonijiet stipulati f'dan ir-Regolament. Jenħtieġ li, biex tappoġġa l-monitoraġġ effettiv tal-Uffiċċju għall-IA, tipprevedi l-possibbiltà li l-fornituri downstream iressqu lmenti dwar ksur possibbli tar-regoli dwar il-fornituri ta' sistemi tal-IA u ta’ mudelli tal-IA bi skop ġenerali.

(162)

To make best use of the centralised Union expertise and synergies at Union level, the powers of supervision and enforcement of the obligations on providers of general-purpose AI models should be a competence of the Commission. The AI Office should be able to carry out all necessary actions to monitor the effective implementation of this Regulation as regards general-purpose AI models. It should be able to investigate possible infringements of the rules on providers of general-purpose AI models both on its own initiative, following the results of its monitoring activities, or upon request from market surveillance authorities in line with the conditions set out in this Regulation. To support effective monitoring of the AI Office, it should provide for the possibility that downstream providers lodge complaints about possible infringements of the rules on providers of general-purpose AI models and systems.

(163)

Bil-ħsieb li jikkomplementa s-sistemi ta' governanza għall-mudelli tal-IA bi skop ġenerali, jenħtieġ li l-bord jappoġġa l-attivitajiet ta' monitoraġġ tal-Uffiċċju għall-IA u jista', f'ċerti każijiet, jipprovdi allerti kwalifikati lill-Uffiċċju għall-IA li jiskattaw segwitu bħal investigazzjonijiet. Dan jenħtieġ li jkun il-każ meta l-bord ikollu raġuni biex jissuspetta li mudell tal-IA bi skop ġenerali joħloq riskju konkret u identifikabbli fil-livell tal-Unjoni. Barra minn hekk, dan jenħtieġ li jkun il-każ meta l-bord ikollu raġuni biex jissuspetta li mudell tal-IA bi skop ġenerali jissodisfa l-kriterji li jwasslu għal klassifikazzjoni bħala mudell tal-IA bi skop ġenerali b'riskju sistemiku. Sabiex il-bord ikollu l-informazzjoni meħtieġa għat-twettiq ta' dawk il-kompiti, jenħtieġ li jkun hemm mekkaniżmu li permezz tiegħu l-bord ikun jista' jitlob lill-Kummissjoni titlob dokumentazzjoni jew informazzjoni mingħand fornitur.

(163)

With a view to complementing the governance systems for general-purpose AI models, the scientific panel should support the monitoring activities of the AI Office and may, in certain cases, provide qualified alerts to the AI Office which trigger follow-ups, such as investigations. This should be the case where the scientific panel has reason to suspect that a general-purpose AI model poses a concrete and identifiable risk at Union level. Furthermore, this should be the case where the scientific panel has reason to suspect that a general-purpose AI model meets the criteria that would lead to a classification as general-purpose AI model with systemic risk. To equip the scientific panel with the information necessary for the performance of those tasks, there should be a mechanism whereby the scientific panel can request the Commission to require documentation or information from a provider.

(164)

Jenħtieġ li l-Uffiċċju għall-IA jkun jista' jieħu l-azzjonijiet meħtieġa biex jimmonitorja l-implimentazzjoni effettiva u l-konformità mal-obbligi għall-fornituri ta' mudelli tal-IA bi skop ġenerali stabbiliti f'dan ir-Regolament. Jenħtieġ li l-Uffiċċju għall-IA jkun jista' jinvestiga ksur possibbli f'konformità mas-setgħat previsti f'dan ir-Regolament, inkluż billi jitlob dokumentazzjoni u informazzjoni, billi jwettaq evalwazzjonijiet, kif ukoll billi jitlob miżuri mill-fornituri ta' mudelli tal-IA bi skop ġenerali. Meta jwettaq l-evalwazzjonijiet, sabiex isir użu minn kompetenza esperta indipendenti, jenħtieġ li l-Uffiċċju għall-IA jkun jista' jinvolvi esperti indipendenti biex iwettqu l-evalwazzjonijiet f'ismu. Jenħtieġ li l-konformità mal-obbligi tkun infurzabbli, fost l-oħrajn, permezz ta' talbiet biex jittieħdu miżuri xierqa, inkluż miżuri ta' mitigazzjoni tar-riskju fil-każ ta' riskji sistemiċi identifikati kif ukoll ir-restrizzjoni tad-disponibbiltà fis-suq, l-irtirar jew is-sejħa lura tal-mudell. Bħala salvagwardja, fejn meħtieġ lil hinn mid-drittijiet proċedurali previsti f'dan ir-Regolament, jenħtieġ li l-fornituri ta' mudelli tal-IA bi skop ġenerali jkollhom id-drittijiet proċedurali previsti fl-Artikolu 18 tar-Regolament (UE) 2019/1020, li għandhom japplikaw mutatis mutandis, mingħajr preġudizzju għal drittijiet proċedurali aktar speċifiċi previsti minn dan ir-Regolament.

(164)

The AI Office should be able to take the necessary actions to monitor the effective implementation of and compliance with the obligations for providers of general-purpose AI models laid down in this Regulation. The AI Office should be able to investigate possible infringements in accordance with the powers provided for in this Regulation, including by requesting documentation and information, by conducting evaluations, as well as by requesting measures from providers of general-purpose AI models. When conducting evaluations, in order to make use of independent expertise, the AI Office should be able to involve independent experts to carry out the evaluations on its behalf. Compliance with the obligations should be enforceable, inter alia, through requests to take appropriate measures, including risk mitigation measures in the case of identified systemic risks as well as restricting the making available on the market, withdrawing or recalling the model. As a safeguard, where needed beyond the procedural rights provided for in this Regulation, providers of general-purpose AI models should have the procedural rights provided for in Article 18 of Regulation (EU) 2019/1020, which should apply mutatis mutandis, without prejudice to more specific procedural rights provided for by this Regulation.

(165)

L-iżvilupp ta' sistemi tal-IA minbarra sistemi tal-IA b'riskju għoli f'konformità mar-rekwiżiti ta' dan ir-Regolament, jista' jwassal għal użu akbar ta' IA etika u affidabbli fl-Unjoni. Jenħtieġ li l-fornituri ta' sistemi tal-IA li mhumiex b'riskju għoli jiġu mħeġġa joħolqu kodiċijiet tal-kondotta, inkluż mekkaniżmi ta' governanza relatati, maħsuba biex irawmu l-applikazzjoni volontarja ta' xi wħud mir-rekwiżiti obbligatorji jew tar-rekwiżiti kollha applikabbli għas-sistemi tal-IA b'riskju għoli, adattati fid-dawl tal-għan maħsub tas-sistemi u r-riskju aktar baxx involut u filwaqt li jitqiesu s-soluzzjonijiet tekniċi disponibbli u l-aħjar prattiki tal-industrija bħal kards mudell u kards tad-data. Jenħtieġ li l-fornituri u, kif xieraq, l-implimentaturi tas-sistemi kollha tal-IA, b'riskju għoli jew le, u l-mudelli tal-IA jiġu wkoll mħeġġa japplikaw fuq bażi volontarja rekwiżiti addizzjonali relatati, pereżempju, mal-elementi tal-Linji Gwida tal-Unjoni dwar l-Etika għal IA Affidabbli, sostenibbiltà ambjentali, miżuri ta' litteriżmu fl-IA, disinn u żvilupp inklużivi u diversi tas-sistemi tal-IA, inkluż l-attenzjoni għall-persuni vulnerabbli u l-aċċessibbiltà għall-persuni b'diżabbiltà, il-parteċipazzjoni tal-partijiet ikkonċernati bl-involviment kif xieraq, tal-partijiet ikkonċernati rilevanti bħall-organizzazzjonijiet tan-negozju u tas-soċjetà ċivili, id-dinja akkademika, l-organizzazzjonijiet tar-riċerka, it-trade unions u l-organizzazzjonijiet tal-protezzjoni tal-konsumatur fid-disinn u l-iżvilupp tas-sistemi tal-IA, u d-diversità tat-timijiet tal-iżvilupp, inkluż il-bilanċ bejn il-ġeneri. Sabiex jiġi żgurat li l-kodiċijiet ta' kondotta volontarji jkunu effettivi, jenħtieġ li jkunu bbażati fuq objettivi ċari u indikaturi ewlenin tal-prestazzjoni biex titkejjel il-kisba ta' dawk l-objettivi. Jenħtieġ li dawn jiġu żviluppati wkoll b'mod inklużiv, kif xieraq, bl-involviment tal-partijiet ikkonċernati rilevanti bħall-organizzazzjonijiet tan-negozju u tas-soċjetà ċivili, id-dinja akkademika, l-organizzazzjonijiet tar-riċerka, it-trade unions u l-organizzazzjonijiet tal-protezzjoni tal-konsumatur. Il-Kummissjoni tista' tiżviluppa inizjattivi, inkluż ta' natura settorjali, biex tiffaċilita t-tnaqqis tax-xkiel tekniku li jfixkel l-iskambju transfruntier tad-data għall-iżvilupp tal-IA, inkluż dwar l-infrastruttura tal-aċċess għad-data, u l-interoperabbiltà semantika u teknika ta' tipi differenti ta' data.

(165)

The development of AI systems other than high-risk AI systems in accordance with the requirements of this Regulation may lead to a larger uptake of ethical and trustworthy AI in the Union. Providers of AI systems that are not high-risk should be encouraged to create codes of conduct, including related governance mechanisms, intended to foster the voluntary application of some or all of the mandatory requirements applicable to high-risk AI systems, adapted in light of the intended purpose of the systems and the lower risk involved and taking into account the available technical solutions and industry best practices such as model and data cards. Providers and, as appropriate, deployers of all AI systems, high-risk or not, and AI models should also be encouraged to apply on a voluntary basis additional requirements related, for example, to the elements of the Union’s Ethics Guidelines for Trustworthy AI, environmental sustainability, AI literacy measures, inclusive and diverse design and development of AI systems, including attention to vulnerable persons and accessibility to persons with disability, stakeholders’ participation with the involvement, as appropriate, of relevant stakeholders such as business and civil society organisations, academia, research organisations, trade unions and consumer protection organisations in the design and development of AI systems, and diversity of the development teams, including gender balance. To ensure that the voluntary codes of conduct are effective, they should be based on clear objectives and key performance indicators to measure the achievement of those objectives. They should also be developed in an inclusive way, as appropriate, with the involvement of relevant stakeholders such as business and civil society organisations, academia, research organisations, trade unions and consumer protection organisation. The Commission may develop initiatives, including of a sectoral nature, to facilitate the lowering of technical barriers hindering cross-border exchange of data for AI development, including on data access infrastructure, semantic and technical interoperability of different types of data.

(166)

Hu importanti li s-sistemi tal-IA relatati ma' prodotti li mhumiex b'riskju għoli f'konformità ma' dan ir-Regolament, u għalhekk ma għandhomx għalfejn jikkonformaw mar-rekwiżiti stipulati għal sistemi tal-IA b'riskju għoli, xorta waħda jkunu sikuri meta jiġu introdotti fis-suq jew meta jitqiegħdu fis-servizz. B'kontribut għal dan l-objettiv, ir-Regolament (UE) 2023/988 tal-Parlament Ewropew u tal-Kunsill (53) japplika bħala xibka ta' sikurezza.

(166)

It is important that AI systems related to products that are not high-risk in accordance with this Regulation and thus are not required to comply with the requirements set out for high-risk AI systems are nevertheless safe when placed on the market or put into service. To contribute to this objective, Regulation (EU) 2023/988 of the European Parliament and of the Council (53) would apply as a safety net.

(167)

Sabiex tkun żgurata kooperazzjoni fiduċjuża u kostruttiva tal-awtoritajiet kompetenti fil-livell tal-Unjoni u dak nazzjonali, jenħtieġ li l-partijiet kollha involuti fl-applikazzjoni ta' dan ir-Regolament jirrispettaw il-kunfidenzjalità tal-informazzjoni u tad-data miksuba fit-twettiq tal-kompiti tagħhom, f'konformità mal-liġi tal-Unjoni jew il-liġi nazzjonali. Jenħtieġ li jwettqu l-kompiti u l-attivitajiet tagħhom b'tali mod li jipproteġu, b'mod partikolari, id-drittijiet tal-proprjetà intellettwali, l-informazzjoni kummerċjali kunfidenzjali u s-sigrieti kummerċjali, l-implimentazzjoni effettiva ta' dan ir-Regolament, l-interessi tas-sigurtà pubblika u nazzjonali, l-integrità tal-proċedimenti kriminali u amministrattivi, u l-integrità tal-informazzjoni klassifikata.

(167)

In order to ensure trustful and constructive cooperation of competent authorities on Union and national level, all parties involved in the application of this Regulation should respect the confidentiality of information and data obtained in carrying out their tasks, in accordance with Union or national law. They should carry out their tasks and activities in such a manner as to protect, in particular, intellectual property rights, confidential business information and trade secrets, the effective implementation of this Regulation, public and national security interests, the integrity of criminal and administrative proceedings, and the integrity of classified information.

(168)

Għalhekk jenħtieġ li l-konformità ma' dan ir-Regolament tkun infurzabbli permezz tal-impożizzjoni ta' penali u miżuri ta' infurzar oħra. Jenħtieġ li l-Istati Membri jieħdu l-miżuri meħtieġa kollha biex jiżguraw li d-dispożizzjonijiet ta' dan ir-Regolament jiġu implimentati, inkluż billi jistabbilixxu penali effettivi, proporzjonati u dissważivi għall-ksur tagħhom, u biex jiġi rrispettat il-prinċipju ta' ne bis in idem. Sabiex jissaħħu u jiġu armonizzati l-penali amministrattivi għall-ksur ta' dan ir-Regolament, jenħtieġ li jiġu stabbiliti l-limiti massimi għall-istabbiliment tal-multi amministrattivi għal ċertu ksur speċifiku. Meta jivvalutaw l-ammont tal-multi, jenħtieġ li l-Istati Membri, f'kull każ individwali, iqisu ċ-ċirkostanzi rilevanti kollha tas-sitwazzjoni speċifika, b'kunsiderazzjoni xierqa b'mod partikolari għan-natura, il-gravità u d-durata tal-ksur u tal-konsegwenzi tiegħu u għad-daqs tal-fornitur, b'mod partikolari jekk il-fornitur ikun SME jew negozju ġdid. Jenħtieġ li l-Kontrollur Ewropew għall-Protezzjoni tad-Data jkollu s-setgħa jimponi multi fuq l-istituzzjonijiet, l-aġenziji u l-korpi tal-Unjoni li jaqgħu fil-kamp ta' applikazzjoni ta' dan ir-Regolament.

(168)

Compliance with this Regulation should be enforceable by means of the imposition of penalties and other enforcement measures. Member States should take all necessary measures to ensure that the provisions of this Regulation are implemented, including by laying down effective, proportionate and dissuasive penalties for their infringement, and to respect the ne bis in idem principle. In order to strengthen and harmonise administrative penalties for infringement of this Regulation, the upper limits for setting the administrative fines for certain specific infringements should be laid down. When assessing the amount of the fines, Member States should, in each individual case, take into account all relevant circumstances of the specific situation, with due regard in particular to the nature, gravity and duration of the infringement and of its consequences and to the size of the provider, in particular if the provider is an SME, including a start-up. The European Data Protection Supervisor should have the power to impose fines on Union institutions, agencies and bodies falling within the scope of this Regulation.

(169)

Jenħtieġ li l-konformità mal-obbligi fuq il-fornituri ta' mudelli tal-IA bi skop ġenerali imposti skont dan ir-Regolament tkun infurzabbli, fost l-oħrajn, permezz ta' multi. Għal dak l-għan, jenħtieġ li jiġu stabbiliti wkoll livelli xierqa ta' multi għall-ksur ta' dawk l-obbligi, inkluż in-nuqqas ta' konformità mal-miżuri mitluba mill-Kummissjoni f'konformità ma' dan ir-Regolament, soġġett għal perjodi ta' limitazzjoni xierqa f'konformità mal-prinċipju tal-proporzjonalità. Id-deċiżjonijiet kollha meħuda mill-Kummissjoni skont dan ir-Regolament huma soġġetti għal rieżami mill-Qorti tal-Ġustizzja tal-Unjoni Ewropea f'konformità mat-TFUE, inkluża l-ġuriżdizzjoni illimitata tal-Qorti tal-Ġustizzja fir-rigward tal-penali skontl-Artikolu 261 TFUE.

(169)

Compliance with the obligations on providers of general-purpose AI models imposed under this Regulation should be enforceable, inter alia, by means of fines. To that end, appropriate levels of fines should also be laid down for infringement of those obligations, including the failure to comply with measures requested by the Commission in accordance with this Regulation, subject to appropriate limitation periods in accordance with the principle of proportionality. All decisions taken by the Commission under this Regulation are subject to review by the Court of Justice of the European Union in accordance with the TFEU, including the unlimited jurisdiction of the Court of Justice with regard to penalties pursuant to Article 261 TFEU.

(170)

Il-liġi tal-Unjoni u l-liġi nazzjonali diġà jipprovdu rimedji effettivi għall-persuni fiżiċi u ġuridiċi li d-drittijiet u l-libertajiet tagħhom jiġu affettwati b'mod negattiv mill-użu tas-sistemi tal-IA. Mingħajr preġudizzju għal dawk ir-rimedji, jenħtieġ li kwalunkwe persuna fiżika jew ġuridika li jkollha raġunijiet biex tqis li kien hemm ksur ta' dan ir-Regolament tkun intitolata tressaq ilment lill-awtorità tas-sorveljanza tas-suq rilevanti.

(170)

Union and national law already provide effective remedies to natural and legal persons whose rights and freedoms are adversely affected by the use of AI systems. Without prejudice to those remedies, any natural or legal person that has grounds to consider that there has been an infringement of this Regulation should be entitled to lodge a complaint to the relevant market surveillance authority.

(171)

Jenħtieġ li l-persuni affettwati jkollhom id-dritt li jiksbu spjegazzjoni meta deċiżjoni tal-implimentatur tkun ibbażata prinċipalment fuq l-output minn ċerti sistemi tal-IA b'riskju għoli li jaqgħu fil-kamp ta' applikazzjoni ta' dan ir-Regolament u meta dik id-deċiżjoni tipproduċi effetti legali jew taffettwa b'mod sinifikanti b'mod simili lil dawk il-persuni b'mod li jqisu li għandu impatt negattiv fuq is-saħħa, is-sikurezza jew id-drittijiet fundamentali tagħhom. Jenħtieġ li dik l-ispjegazzjoni tkun ċara u sinifikanti u jenħtieġ li tipprovdi bażi li fuqha l-persuni affettwati jkunu jistgħu jeżerċitaw id-drittijiet tagħhom. Jenħtieġ li d-dritt li tinkiseb spjegazzjoni ma japplikax għall-użu ta' sistemi tal-IA li fir-rigward tagħhom joħorġu eċċezzjonijiet jew restrizzjonijiet mil-liġi tal-Unjoni jew dik nazzjonali u jenħtieġ li japplika biss sa fejn dan id-dritt ma jkunx diġà previst fil-liġi tal-Unjoni.

(171)

Affected persons should have the right to obtain an explanation where a deployer’s decision is based mainly upon the output from certain high-risk AI systems that fall within the scope of this Regulation and where that decision produces legal effects or similarly significantly affects those persons in a way that they consider to have an adverse impact on their health, safety or fundamental rights. That explanation should be clear and meaningful and should provide a basis on which the affected persons are able to exercise their rights. The right to obtain an explanation should not apply to the use of AI systems for which exceptions or restrictions follow from Union or national law and should apply only to the extent this right is not already provided for under Union law.

(172)

Jenħtieġ li l-persuni li jaġixxu bħala informaturi dwar il-ksur ta' dan ir-Regolament jiġu protetti skont il-liġi tal-Unjoni. Għalhekk, jenħtieġ li d-Direttiva (UE) 2019/1937 tal-Parlament Ewropew u tal-Kunsill (54) tapplika għar-rappurtar ta' ksur ta' dan ir-Regolament u għall-protezzjoni tal-persuni li jirrappurtaw tali ksur.

(172)

Persons acting as whistleblowers on the infringements of this Regulation should be protected under the Union law. Directive (EU) 2019/1937 of the European Parliament and of the Council (54) should therefore apply to the reporting of infringements of this Regulation and the protection of persons reporting such infringements.

(173)

Sabiex ikun żgurat li l-qafas regolatorju jista' jiġi adattat fejn meħtieġ, jenħtieġ li s-setgħa li jiġu adottati atti f'konformità mal-Artikolu 290 TFUE tiġi ddelegata lill-Kummissjoni biex temenda l-kundizzjonijiet li taħthom sistema tal-IA ma titqiesx li tkun ta' riskju għoli, il-lista tas-sistemi tal-IA b'riskju għoli, id-dispożizzjonijiet dwar id-dokumentazzjoni teknika, il-kontenut tad-dikjarazzjoni ta' konformità tal-UE, id-dispożizzjonijiet dwar il-proċeduri ta' valutazzjoni tal-konformità, id-dispożizzjonijiet li jistabbilixxu s-sistemi tal-IA b'riskju għoli li għalihom jenħtieġ tapplika l-proċedura ta' valutazzjoni tal-konformità bbażata fuq il-valutazzjoni tas-sistema ta' ġestjoni tal-kwalità u fuq il-valutazzjoni tad-dokumentazzjoni teknika, il-limitu massimu, il-paramentri referenzjarji u l-indikaturi, inkluż billi jiġu ssupplimentati dawk il-paramentri referenzjarji u l-indikaturi fir-regoli għall-klassifikazzjoni ta' mudelli tal-IA bi skop ġenerali b'riskju sistemiku, il-kriterji għad-deżinjazzjoni ta' mudelli tal-IA bi skop ġenerali b'riskju sistemiku, id-dokumentazzjoni teknika għall-fornituri ta' mudelli tal-IA bi skop ġenerali u t-trasparenza tal-informazzjoni għall-fornituri ta' mudelli tal-IA bi skop ġenerali. Hu partikolarment importanti li tul il-ħidma preparatorja tagħha, il-Kummissjoni twettaq konsultazzjonijiet xierqa, inkluż fil-livell ta' esperti, u li dawk il-konsultazzjonijiet isiru f'konformità mal-prinċipji stabbiliti fil-Ftehim Interistituzzjonali tat-13 ta' April 2016 dwar it-Tfassil Aħjar tal-Liġijiet (55). B'mod partikolari, biex tiġi żgurata parteċipazzjoni ugwali fit-tħejjija tal-atti delegati, il-Parlament Ewropew u l-Kunsill jirċievu d-dokumenti kollha fl-istess ħin li jirċevuhom l-esperti tal-Istati Membri, u l-esperti tagħhom sistematikament ikollhom aċċess għal-laqgħat tal-gruppi ta' esperti tal-Kummissjoni li jittrattaw it-tħejjija ta' atti delegati.

(173)

In order to ensure that the regulatory framework can be adapted where necessary, the power to adopt acts in accordance with Article 290 TFEU should be delegated to the Commission to amend the conditions under which an AI system is not to be considered to be high-risk, the list of high-risk AI systems, the provisions regarding technical documentation, the content of the EU declaration of conformity the provisions regarding the conformity assessment procedures, the provisions establishing the high-risk AI systems to which the conformity assessment procedure based on assessment of the quality management system and assessment of the technical documentation should apply, the threshold, benchmarks and indicators, including by supplementing those benchmarks and indicators, in the rules for the classification of general-purpose AI models with systemic risk, the criteria for the designation of general-purpose AI models with systemic risk, the technical documentation for providers of general-purpose AI models and the transparency information for providers of general-purpose AI models. It is of particular importance that the Commission carry out appropriate consultations during its preparatory work, including at expert level, and that those consultations be conducted in accordance with the principles laid down in the Interinstitutional Agreement of 13 April 2016 on Better Law-Making (55). In particular, to ensure equal participation in the preparation of delegated acts, the European Parliament and the Council receive all documents at the same time as Member States’ experts, and their experts systematically have access to meetings of Commission expert groups dealing with the preparation of delegated acts.

(174)

Minħabba l-iżviluppi teknoloġiċi rapidi u l-kompetenza esperta teknika meħtieġa biex dan ir-Regolament jiġi implimentat b’mod effettiv, jenħtieġ li l-Kummissjoni tevalwa u tirrieżamina dan ir-Regolament sat-2 ta’ Awwissu 2029 u kull erba' snin minn hemm 'il quddiem u tirrapporta lura lill-Parlament Ewropew u lill-Kunsill. Barra minn hekk, filwaqt li tqis l-implikazzjonijiet għall-kamp ta' applikazzjoni ta' dan ir-Regolament, jenħtieġ li l-Kummissjoni twettaq valutazzjoni tal-ħtieġa li darba fis-sena jiġu emendati l-lista tas-sistemi tal-IA b'riskju għoli u l-lista ta' prattiki pprojbiti. Barra minn hekk, sat-2 ta’ Awwissu 2028 u kull erba' snin wara dan, jenħtieġ li l-Kummissjoni tevalwa u tirrapporta lura lill-Parlament Ewropew u lill-Kunsill dwar il-ħtieġa li jiġu emendati l-lista tal-intestaturi ta’ oqsma b'riskju għoli fl-anness ta' dan ir-Regolament, is-sistemi tal-IA fil-kamp ta' applikazzjoni tal-obbligi tat-trasparenza, l-effettività tas-sistema tas-superviżjoni u tal-governanza u l-progress fl-iżvilupp ta' strumenti ta' standardizzazzjoni dwar l-iżvilupp effiċjenti fl-użu tal-enerġija ta' mudelli tal-IA bi skop ġenerali, inkluż il-ħtieġa għal aktar miżuri jew azzjonijiet. Fl-aħħar nett, sat-2 ta’ Awwissu 2028 u kull tliet snin minn hemm 'il quddiem, jenħtieġ li l-Kummissjoni tevalwa l-impatt u l-effettività tal-kodiċijiet tal-kondotta volontarji biex trawwem l-applikazzjoni tar-rekwiżiti previsti għas-sistemi tal-IA b'riskju għoli fil-każ ta' sistemi tal-IA għajr sistemi tal-IA b'riskju għoli u possibbilment rekwiżiti addizzjonali oħra għal tali sistemi tal-IA.

(174)

Given the rapid technological developments and the technical expertise required to effectively apply this Regulation, the Commission should evaluate and review this Regulation by 2 August 2029 and every four years thereafter and report to the European Parliament and the Council. In addition, taking into account the implications for the scope of this Regulation, the Commission should carry out an assessment of the need to amend the list of high-risk AI systems and the list of prohibited practices once a year. Moreover, by 2 August 2028 and every four years thereafter, the Commission should evaluate and report to the European Parliament and to the Council on the need to amend the list of high-risk areas headings in the annex to this Regulation, the AI systems within the scope of the transparency obligations, the effectiveness of the supervision and governance system and the progress on the development of standardisation deliverables on energy efficient development of general-purpose AI models, including the need for further measures or actions. Finally, by 2 August 2028 and every three years thereafter, the Commission should evaluate the impact and effectiveness of voluntary codes of conduct to foster the application of the requirements provided for high-risk AI systems in the case of AI systems other than high-risk AI systems and possibly other additional requirements for such AI systems.

(175)

Sabiex ikunu żgurati kundizzjonijiet uniformi għall-implimentazzjoni ta' dan ir-Regolament, jenħtieġ li l-Kummissjoni tingħata setgħat ta' implimentazzjoni. Jenħtieġ li dawk is-setgħat ikunu eżerċitati f'konformità mar-Regolament (UE) Nru 182/2011 tal-Parlament Ewropew u tal-Kunsill (56).

(175)

In order to ensure uniform conditions for the implementation of this Regulation, implementing powers should be conferred on the Commission. Those powers should be exercised in accordance with Regulation (EU) No 182/2011 of the European Parliament and of the Council (56).

(176)

Minħabba li l-objettiv ta' dan ir-Regolament, jiġifieri li jtejjeb il-funzjonament tas-suq intern u jippromwovi l-adozzjoni ta' IA ċċentrata fuq il-bniedem u affidabbli, filwaqt li jiżgura livell għoli ta' protezzjoni tas-saħħa, tas-sikurezza u tad-drittijiet fundamentali minquxa fil-Karta, inkluż id-demokrazija, l-istat tad-dritt u l-protezzjoni ambjentali kontra l-effetti ta' ħsara tas-sistemi tal-IA fl-Unjoni u jappoġġa l-innovazzjoni, ma jistax jinkiseb b'mod suffiċjenti mill-Istati Membri u jista' pjuttost, minħabba l-iskala jew l-effetti tal-azzjoni, jinkiseb aħjar fil-livell tal-Unjoni, l-Unjoni tista' tadotta miżuri f'konformità mal-prinċipju ta’ sussidjarjetà kif stabbilit fl-Artikolu 5 TUE. F'konformità mal-prinċipju ta’ proporzjonalità, kif stabbilit f'dak l-Artikolu, dan ir-Regolament ma jmurx lil hinn minn dak meħtieġ sabiex jinkiseb dak l-objettiv.

(176)

Since the objective of this Regulation, namely to improve the functioning of the internal market and to promote the uptake of human centric and trustworthy AI, while ensuring a high level of protection of health, safety, fundamental rights enshrined in the Charter, including democracy, the rule of law and environmental protection against harmful effects of AI systems in the Union and supporting innovation, cannot be sufficiently achieved by the Member States and can rather, by reason of the scale or effects of the action, be better achieved at Union level, the Union may adopt measures in accordance with the principle of subsidiarity as set out in Article 5 TEU. In accordance with the principle of proportionality as set out in that Article, this Regulation does not go beyond what is necessary in order to achieve that objective.

(177)

sabiex tiġi żgurata ċ-ċertezza legali, jiġi żgurat perjodu ta' adattament xieraq għall-operaturi u jiġi evitat tfixkil fis-suq, inkluż billi tiġi żgurata l-kontinwità tal-użu tas-sistemi tal-IA, jixraq li dan ir-Regolament japplika għas-sistemi tal-IA b'riskju għoli li jkunu ġew introdotti fis-suq jew tqiegħdu fis-servizz qabel id-data ġenerali tal-applikazzjoni tagħhom, biss jekk, minn dik id-data, dawk is-sistemi jkunu soġġetti għal bidliet sinifikanti fid-disinn jew fl-għan maħsub tagħhom. Jixraq li jiġi ċċarat li, f'dan ir-rigward, il-kunċett ta' bidla sinifikanti jenħtieġ li jinftiehem bħala ekwivalenti fis-sustanza għall-kunċett ta' modifika sostanzjali, li jintuża biss fir-rigward tas-sistemi tal-IA b'riskju għoli skont dan ir-Regolament. Fuq bażi eċċezzjonali u fid-dawl tal-obbligu ta' responsabbiltà pubblika, jenħtieġ li l-operaturi ta' sistemi tal-IA li huma komponenti tas-sistemi tal-IT fuq skala kbira stabbiliti bl-atti legali elenkati f'anness ta' dan ir-Regolament u l-operaturi tas-sistemi tal-IA b'riskju għoli li huma maħsuba biex jintużaw mill-awtoritajiet pubbliċi jieħdu l-passi meħtieġa, rispettivament, biex jikkonformaw mar-rekwiżiti ta' dan ir-Regolament sa tmiem l-2030 u sat-2 ta’ Awwissu 2030.

(177)

In order to ensure legal certainty, ensure an appropriate adaptation period for operators and avoid disruption to the market, including by ensuring continuity of the use of AI systems, it is appropriate that this Regulation applies to the high-risk AI systems that have been placed on the market or put into service before the general date of application thereof, only if, from that date, those systems are subject to significant changes in their design or intended purpose. It is appropriate to clarify that, in this respect, the concept of significant change should be understood as equivalent in substance to the notion of substantial modification, which is used with regard only to high-risk AI systems pursuant to this Regulation. On an exceptional basis and in light of public accountability, operators of AI systems which are components of the large-scale IT systems established by the legal acts listed in an annex to this Regulation and operators of high-risk AI systems that are intended to be used by public authorities should, respectively, take the necessary steps to comply with the requirements of this Regulation by end of 2030 and by 2 August 2030.

(178)

Il-fornituri ta' sistemi tal-IA b'riskju għoli huma mħeġġa biex matul il-perjodu tranżitorju jibdew diġà jikkonformaw, fuq bażi volontarja, mal-obbligi rilevanti ta' dan ir-Regolament.

(178)

Providers of high-risk AI systems are encouraged to start to comply, on a voluntary basis, with the relevant obligations of this Regulation already during the transitional period.

(179)

Jenħtieġ li dan ir-Regolament japplika mit-2 ta’ Awwissu 2026. Madankollu, b'kunsiderazzjoni għar-riskju inaċċettabbli assoċjat mal-użu tal-IA b'ċerti modi, jenħtieġ li l-projbizzjonijiet kif ukoll id-dispożizzjonijiet ġenerali ta’ dan ir-Regolament japplikaw diġà mit-2 ta’ Frar 2025. Filwaqt li l-effett sħiħ ta' dawk il-projbizzjonijiet isegwi bl-istabbiliment tal-governanza u l-infurzar ta' dan ir-Regolament, l-antiċipazzjoni tal-applikazzjoni tal-projbizzjonijiet hija importanti biex jitqiesu r-riskji inaċċettabbli u biex ikollha effett fuq proċeduri oħra, bħal fid-dritt ċivili. Barra minn hekk, jenħtieġ li l-infrastruttura relatata mal-governanza u mas-sistema tal-valutazzjoni tal-konformità tkun operattiva qabel it-2 ta’ Awwissu 2026, u għalhekk jenħtieġ li d-dispożizzjonijiet dwar il-korpi notifikati u l-istruttura ta' governanza japplikaw mit-2 ta’ Awwissu 2025. Minħabba l-pass mgħaġġel tal-avvanzi teknoloġiċi u l-adozzjoni ta' mudelli tal-IA bi skop ġenerali, jenħtieġ li l-obbligi għall-fornituri ta' mudelli tal-IA bi skop ġenerali japplikaw mit-2 ta’ Awwissu 2025. Jenħtieġ li l-kodiċijiet ta' prattika jkunu lesti sat-2 ta’ Mejju 2025 bil-ħsieb li l-fornituri jkunu jistgħu juru l-konformità fil-ħin. Jenħtieġ li l-Uffiċċju għall-IA jiżgura li r-regoli u l-proċeduri ta' klassifikazzjoni jkunu aġġornati fid-dawl tal-iżviluppi teknoloġiċi. Barra minn hekk, jenħtieġ li l-Istati Membri jistabbilixxu u jinnotifikaw lill-Kummissjoni r-regoli dwar il-penali, inkluż il-multi amministrattivi, u jiżguraw li dawn jiġu implimentati sew u b'mod effettiv sad-data tal-applikazzjoni ta' dan ir-Regolament. Għalhekk jenħtieġ li d-dispożizzjonijiet dwar il-penali japplikaw mit-2 ta’ Awwissu 2025.

(179)

This Regulation should apply from 2 August 2026. However, taking into account the unacceptable risk associated with the use of AI in certain ways, the prohibitions as well as the general provisions of this Regulation should already apply from 2 February 2025. While the full effect of those prohibitions follows with the establishment of the governance and enforcement of this Regulation, anticipating the application of the prohibitions is important to take account of unacceptable risks and to have an effect on other procedures, such as in civil law. Moreover, the infrastructure related to the governance and the conformity assessment system should be operational before 2 August 2026, therefore the provisions on notified bodies and governance structure should apply from 2 August 2025. Given the rapid pace of technological advancements and adoption of general-purpose AI models, obligations for providers of general-purpose AI models should apply from 2 August 2025. Codes of practice should be ready by 2 May 2025 in view of enabling providers to demonstrate compliance on time. The AI Office should ensure that classification rules and procedures are up to date in light of technological developments. In addition, Member States should lay down and notify to the Commission the rules on penalties, including administrative fines, and ensure that they are properly and effectively implemented by the date of application of this Regulation. Therefore the provisions on penalties should apply from 2 August 2025.

(180)

Il-Kontrollur Ewropew għall-Protezzjoni tad-Data u l-Bord Ewropew għall-Protezzjoni tad-Data ġew ikkonsultati f'konformità mal-Artikolu 42(1) u (2) tar-Regolament (UE) 2018/1725 u taw l-opinjoni konġunta tagħhom fit-18 ta' Ġunju 2021,

(180)

The European Data Protection Supervisor and the European Data Protection Board were consulted in accordance with Article 42(1) and (2) of Regulation (EU) 2018/1725 and delivered their joint opinion on 18 June 2021,

(a)

regoli armonizzati għall-introduzzjoni fis-suq, għat-tqegħid fis-servizz u għall-użu ta' sistemi tal-IA fl-Unjoni;

(a)

harmonised rules for the placing on the market, the putting into service, and the use of AI systems in the Union;

(b)

projbizzjonijiet ta' ċerti prattiki tal-IA;

(b)

prohibitions of certain AI practices;

(c)

rekwiżiti speċifiċi għas-sistemi tal-IA b'riskju għoli u obbligi għall-operaturi ta' dawn is-sistemi;

(c)

specific requirements for high-risk AI systems and obligations for operators of such systems;

(d)

regoli ta' trasparenza armonizzati għal ċerti sistemi tal-IA;

(d)

harmonised transparency rules for certain AI systems;

(e)

regoli armonizzati għall-introduzzjoni fis-suq ta' mudelli tal-IA bi skop ġenerali;

(e)

harmonised rules for the placing on the market of general-purpose AI models;

(f)

regoli dwar il-monitoraġġ tas-suq, il-governanza tas-sorveljanza tas-suq u l-infurzar;

(f)

rules on market monitoring, market surveillance, governance and enforcement;

(g)

miżuri b'appoġġ għall-innovazzjoni b'enfasi partikolari fuq l-SMEs, inkluż in-negozji ġodda.

(g)

measures to support innovation, with a particular focus on SMEs, including start-ups.

(a)

il-fornituri li jintroduċu fis-suq jew li jqiegħdu fis-servizz sistemi tal-IA jew li jintroduċu fis-suq mudelli tal-IA bi skop ġenerali fl-Unjoni, irrispettivament minn jekk dawk il-fornituri jkunux stabbiliti jew ikunux jinsabu fl-Unjoni jew f'pajjiż terz;

(a)

providers placing on the market or putting into service AI systems or placing on the market general-purpose AI models in the Union, irrespective of whether those providers are established or located within the Union or in a third country;

(b)

l-implimentaturi ta' sistemi tal-IA li għandhom il-post ta' stabbiliment tagħhom fl-Unjoni jew li jinsabu fiha;

(b)

deployers of AI systems that have their place of establishment or are located within the Union;

(c)

il-fornituri u l-implimentaturi ta' sistemi tal-IA li għandhom il-post ta' stabbiliment f'pajjiż terz jew li jinsabu f'pajjiż terz, meta l-output prodott mis-sistema tal-IA jintuża fl-Unjoni;

(c)

providers and deployers of AI systems that have their place of establishment or are located in a third country, where the output produced by the AI system is used in the Union;

(d)

l-importaturi u d-distributuri ta' sistemi tal-IA;

(d)

importers and distributors of AI systems;

(e)

il-manifatturi tal-prodotti li jintroduċu fis-suq jew li jqiegħdu fis-servizz sistema tal-IA flimkien mal-prodott tagħhom u taħt isimhom jew bit-trademark tagħhom stess;

(e)

product manufacturers placing on the market or putting into service an AI system together with their product and under their own name or trademark;

(f)

ir-rappreżentanti awtorizzati tal-fornituri, li mhumiex stabbiliti fl-Unjoni;

(f)

authorised representatives of providers, which are not established in the Union;

(g)

il-persuni affettwati li jinsabu fl-Unjoni.

(g)

affected persons that are located in the Union.

(1)

“sistema tal-IA” tfisser sistema bbażata fuq magna li hija mfassla biex topera b'livelli differenti ta' awtonomija u li tista' turi adattabbiltà wara l-implimentazzjoni, u li, għal objettivi espliċiti jew impliċiti, tinferixxi, mill-input li tirċievi, kif tiġġenera outputs bħal previżjonijiet, kontenut, rakkomandazzjonijiet jew deċiżjonijiet li jistgħu jinfluwenzaw ambjenti fiżiċi jew virtwali;

(1)

‘AI system’ means a machine-based system that is designed to operate with varying levels of autonomy and that may exhibit adaptiveness after deployment, and that, for explicit or implicit objectives, infers, from the input it receives, how to generate outputs such as predictions, content, recommendations, or decisions that can influence physical or virtual environments;

(2)

“riskju” tfisser il-kombinazzjoni tal-probabbiltà li sseħħ ħsara u s-severità ta' dik il-ħsara;

(2)

‘risk’ means the combination of the probability of an occurrence of harm and the severity of that harm;

(3)

“fornitur” tfisser persuna fiżika jew ġuridika, awtorità pubblika, aġenzija jew korp ieħor li jiżviluppa sistema tal-IA jew mudell tal-IA bi skop ġenerali jew li jikkummissjona l-iżvilupp ta' sistema tal-IA jew mudell tal-IA bi skop ġenerali u jintroduċih fis-suq jew iqiegħed is-sistema tal-IA fis-servizz taħt ismu jew bit-trademark tiegħu stess, kemm jekk bi ħlas kif ukoll jekk mingħajr ħlas;

(3)

‘provider’ means a natural or legal person, public authority, agency or other body that develops an AI system or a general-purpose AI model or that has an AI system or a general-purpose AI model developed and places it on the market or puts the AI system into service under its own name or trademark, whether for payment or free of charge;

(4)

“implimentatur” tfisser persuna fiżika jew ġuridika, awtorità pubblika, aġenzija jew korp ieħor li juża' sistema tal-IA taħt l-awtorità tiegħu stess ħlief meta s-sistema tal-IA tintuża waqt attività personali mhux professjonali;

(4)

‘deployer’ means a natural or legal person, public authority, agency or other body using an AI system under its authority except where the AI system is used in the course of a personal non-professional activity;

(5)

“rappreżentant awtorizzat” tfisser persuna fiżika jew ġuridika li tkun tinsab jew li hija stabbilita fl-Unjoni li tkun irċeviet u aċċettat mandat bil-miktub mingħand fornitur ta' sistema tal-IA jew ta' mudell tal-IA bi skop ġenerali biex, rispettivament, teżegwixxi u twettaq f'ismu l-obbligi u l-proċeduri stabbiliti minn dan ir-Regolament;

(5)

‘authorised representative’ means a natural or legal person located or established in the Union who has received and accepted a written mandate from a provider of an AI system or a general-purpose AI model to, respectively, perform and carry out on its behalf the obligations and procedures established by this Regulation;

(6)

“importatur” tfisser persuna fiżika jew ġuridika li tkun tinsab jew li hija stabbilita fl-Unjoni li tintroduċi fis-suq sistema tal-IA li jkollha l-isem jew it-trademark ta' persuna fiżika jew ġuridika stabbilita f'pajjiż terz;

(6)

‘importer’ means a natural or legal person located or established in the Union that places on the market an AI system that bears the name or trademark of a natural or legal person established in a third country;

(7)

“distributur” tfisser persuna fiżika jew ġuridika fil-katina tal-provvista, għajr il-fornitur jew l-importatur, li tqiegħed is-sistema tal-IA disponibbli fis-suq tal-Unjoni;

(7)

‘distributor’ means a natural or legal person in the supply chain, other than the provider or the importer, that makes an AI system available on the Union market;

(8)

“operatur” tfisser fornitur, manifattur tal-prodott, implimentatur, rappreżentant awtorizzat, importatur jew distributur;

(8)

‘operator’ means a provider, product manufacturer, deployer, authorised representative, importer or distributor;

(9)

“introduzzjoni fis-suq” tfisser l-ewwel darba li sistema tal-IA jew mudell tal-IA bi skop ġenerali ssir disponibbli fis-suq tal-Unjoni;

(9)

‘placing on the market’ means the first making available of an AI system or a general-purpose AI model on the Union market;

(10)

“tqegħid għad-dispożizzjoni fis-suq” tfisser il-forniment ta' sistema tal-IA jew ta' mudell tal-IA bi skop ġenerali għad-distribuzzjoni jew għall-użu fis-suq tal-Unjoni waqt attività kummerċjali, kemm jekk bi ħlas kif ukoll jekk mingħajr ħlas;

(10)

‘making available on the market’ means the supply of an AI system or a general-purpose AI model for distribution or use on the Union market in the course of a commercial activity, whether in return for payment or free of charge;

(11)

“tqegħid fis-servizz” tfisser il-forniment ta' sistema tal-IA għall-ewwel użu direttament lill-implimentatur jew għall-użu proprju fl-Unjoni għall-għan maħsub tagħha;

(11)

‘putting into service’ means the supply of an AI system for first use directly to the deployer or for own use in the Union for its intended purpose;

(12)

“għan maħsub” tfisser l-użu li għalih sistema tal-IA tkun maħsuba mill-fornitur, inkluż il-kuntest speċifiku u l-kundizzjonijiet tal-użu, kif speċifikati fl-informazzjoni pprovduta mill-fornitur fl-istruzzjonijiet għall-użu, fil-materjali u fid-dikjarazzjonijiet promozzjonali jew tal-bejgħ, kif ukoll fid-dokumentazzjoni teknika;

(12)

‘intended purpose’ means the use for which an AI system is intended by the provider, including the specific context and conditions of use, as specified in the information supplied by the provider in the instructions for use, promotional or sales materials and statements, as well as in the technical documentation;

(13)

“użu ħażin raġonevolment prevedibbli” tfisser l-użu ta' sistema tal-IA b'mod li ma jkunx f'konformità mal-għan maħsub tagħha, iżda li jista' jirriżulta minn imġiba tal-bniedem jew interazzjoni ma' sistemi oħra, inkluż sistemi oħra tal-IA, raġonevolment prevedibbli;

(13)

‘reasonably foreseeable misuse’ means the use of an AI system in a way that is not in accordance with its intended purpose, but which may result from reasonably foreseeable human behaviour or interaction with other systems, including other AI systems;

(14)

“komponent tas-sikurezza” tfisser komponent ta' prodott jew ta' sistema tal-IA li jaqdi funzjoni tas-sikurezza għal dak il-prodott jew għal dik is-sistema tal-IA, jew li l-falliment jew il-funzjonament ħażin tiegħu jipperikola s-saħħa u s-sikurezza tal-persuni jew ta' proprjetà;

(14)

‘safety component’ means a component of a product or of an AI system which fulfils a safety function for that product or AI system, or the failure or malfunctioning of which endangers the health and safety of persons or property;

(15)

“struzzjonijiet għall-użu” tfisser l-informazzjoni pprovduta mill-fornitur biex jinforma lill-implimentatur, b’mod partikolari, dwar l-għan maħsub u l-użu xieraq ta' sistema tal-IA;

(15)

‘instructions for use’ means the information provided by the provider to inform the deployer of, in particular, an AI system’s intended purpose and proper use;

(16)

“sejħa lura ta' sistema tal-IA” tfisser kwalunkwe miżura mmirata lejn il-kisba tar-ritorn lill-fornitur jew it-tneħħija mis-servizz jew id-diżattivazzjoni tal-użu ta' sistema tal-IA mqiegħda għad-dispożizzjoni tal-implimentaturi;

(16)

‘recall of an AI system’ means any measure aiming to achieve the return to the provider or taking out of service or disabling the use of an AI system made available to deployers;

(17)

“irtirar ta' sistema tal-IA” tfisser kwalunkwe miżura maħsuba biex iżżomm sistema tal-IA fil-katina tal-provvista milli ssir disponibbli fis-suq;

(17)

‘withdrawal of an AI system’ means any measure aiming to prevent an AI system in the supply chain being made available on the market;

(18)

“prestazzjoni ta' sistema tal-IA” tfisser il-kapaċità ta' sistema tal-IA li tilħaq l-għan maħsub tagħha;

(18)

‘performance of an AI system’ means the ability of an AI system to achieve its intended purpose;

(19)

“awtorità tan-notifika” tfisser l-awtorità nazzjonali responsabbli għall-istabbiliment u t-twettiq tal-proċeduri meħtieġa għall-valutazzjoni, id-deżinjazzjoni u n-notifika tal-korpi ta' valutazzjoni tal-konformità u għall-monitoraġġ tagħhom;

(19)

‘notifying authority’ means the national authority responsible for setting up and carrying out the necessary procedures for the assessment, designation and notification of conformity assessment bodies and for their monitoring;

(20)

“valutazzjoni tal-konformità” tfisser il-proċess biex jintwera jekk ir-rekwiżiti stipulati fil-Kapitolu III, it-Taqsima 2 relatati ma' sistema tal-IA b'riskju għoli ġewx issodisfati;

(20)

‘conformity assessment’ means the process of demonstrating whether the requirements set out in Chapter III, Section 2 relating to a high-risk AI system have been fulfilled;

(21)

“korp ta' valutazzjoni tal-konformità” tfisser korp li jwettaq attivitajiet ta' valutazzjoni tal-konformità ta' parti terza, inkluż l-ittestjar, iċ-ċertifikazzjoni u l-ispezzjoni;

(21)

‘conformity assessment body’ means a body that performs third-party conformity assessment activities, including testing, certification and inspection;

(22)

“korp notifikat” tfisser korp ta' valutazzjoni tal-konformità notifikat f'konformità ma' dan ir-Regolament u ma' leġiżlazzjoni rilevanti oħra tal-Unjoni dwar l-armonizzazzjoni;

(22)

‘notified body’ means a conformity assessment body notified in accordance with this Regulation and other relevant Union harmonisation legislation;

(23)

“modifika sostanzjali” tfisser bidla f'sistema tal-IA wara l-introduzzjoni tagħha fis-suq jew it-tqegħid tagħha fis-servizz li ma tkunx prevista jew ippjanata fil-valutazzjoni tal-konformità inizjali li tkun saret mill-fornitur u li b'riżultat tagħha tiġi affettwata l-konformità tas-sistema tal-IA mar-rekwiżiti stipulati fil-Kapitolu III, it-Taqsima 2, jew li tirriżulta f'modifika fl-għan maħsub li għalih tkun ġiet ivvalutata s-sistema tal-IA;

(23)

‘substantial modification’ means a change to an AI system after its placing on the market or putting into service which is not foreseen or planned in the initial conformity assessment carried out by the provider and as a result of which the compliance of the AI system with the requirements set out in Chapter III, Section 2 is affected or results in a modification to the intended purpose for which the AI system has been assessed;

(24)

“markatura CE” tfisser marka li permezz tagħha fornitur jindika li sistema tal-IA hi konformi mar-rekwiżiti stipulati fil-Kapitolu III, it-Taqsima 2 u ma' leġiżlazzjoni applikabbli oħra tal-Unjoni dwar l-armonizzazzjoni, li tipprevedi t-twaħħil tagħha;

(24)

‘CE marking’ means a marking by which a provider indicates that an AI system is in conformity with the requirements set out in Chapter III, Section 2 and other applicable Union harmonisation legislation providing for its affixing;

(25)

“sistema ta' sorveljanza ta' wara t-tqegħid fis-suq” tfisser l-attivitajiet kollha mwettqa mill-fornituri tas-sistemi tal-IA biex jiġbru u jirrieżaminaw l-esperjenza miksuba mill-użu tas-sistemi tal-IA li jintroduċu fis-suq jew iqiegħdu fis-servizz bl-għan li jidentifikaw xi ħtieġa li japplikaw minnufih azzjoni korrettiva jew preventiva meħtieġa;

(25)

‘post-market monitoring system’ means all activities carried out by providers of AI systems to collect and review experience gained from the use of AI systems they place on the market or put into service for the purpose of identifying any need to immediately apply any necessary corrective or preventive actions;

(26)

“awtorità tas-sorveljanza tas-suq” tfisser l-awtorità nazzjonali li twettaq l-attivitajiet u li tieħu l-miżuri skont ir-Regolament (UE) 2019/1020;

(26)

‘market surveillance authority’ means the national authority carrying out the activities and taking the measures pursuant to Regulation (EU) 2019/1020;

(27)

“standard armonizzat” tfisser standard Ewropew kif definit fl-Artikolu 2(1), il-punt (c) tar-Regolament (UE) Nru 1025/2012;

(27)

‘harmonised standard’ means a harmonised standard as defined in Article 2(1), point (c), of Regulation (EU) No 1025/2012;

(28)

“speċifikazzjoni komuni” tfisser sett ta' speċifikazzjonijiet tekniċi, kif definit fl-Artikolu 2, il-punt (4) tar-Regolament (UE) Nru 1025/2012, li tipprovdi mezz biex jiġu ssodisfati ċerti rekwiżiti stabbiliti taħt dan ir-Regolament;

(28)

‘common specification’ means a set of technical specifications as defined in Article 2, point (4) of Regulation (EU) No 1025/2012, providing means to comply with certain requirements established under this Regulation;

(29)

“data għat-taħriġ” tfisser data użata għat-taħriġ ta' sistema tal-IA bl-attrezzar tal-parametri tagħha li jistgħu jiġu mgħallma;

(29)

‘training data’ means data used for training an AI system through fitting its learnable parameters;

(30)

“data għall-validazzjoni” tfisser data użata biex tiġi provduta evalwazzjoni tas-sistema tal-IA mħarrġa u għall-irfinar tal-parametri tagħha li ma jistgħux jiġu mgħallma u tal-proċess tat-tagħlim tagħha, sabiex, fost affarijiet oħra, jiġi evitat attrezzar insuffiċjenti jew attrezzar żejjed;

(30)

‘validation data’ means data used for providing an evaluation of the trained AI system and for tuning its non-learnable parameters and its learning process in order, inter alia, to prevent underfitting or overfitting;

(31)

“sett ta' data ta' validazzjoni” tfisser sett ta' data separat jew parti mis-sett ta' data dwar it-taħriġ, bħala qsim fissa jew varjabbli;

(31)

‘validation data set’ means a separate data set or part of the training data set, either as a fixed or variable split;

(32)

“data għall-ittestjar” tfisser data użata biex tiġi pprovduta evalwazzjoni indipendenti tas-sistema tal-IA sabiex tiġi kkonfermata l-prestazzjoni mistennija ta' dik is-sistema qabel ma tiġi introdotta fis-suq jew imqiegħda fis-servizz;

(32)

‘testing data’ means data used for providing an independent evaluation of the AI system in order to confirm the expected performance of that system before its placing on the market or putting into service;

(33)

“data tal-input” tfisser data pprovduta lil sistema tal-IA jew akkwistata direttament minnha li, abbażi tagħha, is-sistema tipproduċi output;

(33)

‘input data’ means data provided to or directly acquired by an AI system on the basis of which the system produces an output;

(34)

“data bijometrika” tfisser data personali li tirriżulta mill-ipproċessar tekniku speċifiku relatat mal-karatteristiċi fiżiċi, fiżjoloġiċi jew komportamentali ta' persuna fiżika, bħal immaġnijiet tal-wiċċ jew data dattiloskopika;

(34)

‘biometric data’ means personal data resulting from specific technical processing relating to the physical, physiological or behavioural characteristics of a natural person, such as facial images or dactyloscopic data;

(35)

“identifikazzjoni bijometrika” tfisser ir-rikonoxximent awtomatizzat ta' karatteristiċi fiżiċi, fiżjoloġiċi, komportamentali jew psikoloġiċi tal-bniedem għall-fini li tiġi stabbilita l-identità ta' persuna fiżika permezz tat-tqabbil tad-data bijometrika ta' dak l-individwu mad-data bijometrika ta' individwi maħżuna f'bażi tad-data;

(35)

‘biometric identification’ means the automated recognition of physical, physiological, behavioural, or psychological human features for the purpose of establishing the identity of a natural person by comparing biometric data of that individual to biometric data of individuals stored in a database;

(36)

“verifika bijometrika” tfisser il-verifika awtomatizzata, “one-to-one”, inkluż l-awtentikazzjoni, tal-identità tal-persuni fiżiċi permezz tat-tqabbil tad-data bijometrika tagħhom mad-data bijometrika pprovduta preċedentement;

(36)

‘biometric verification’ means the automated, one-to-one verification, including authentication, of the identity of natural persons by comparing their biometric data to previously provided biometric data;

(37)

“kategoriji speċjali ta' data personali” tfisser il-kategoriji ta' data personali msemmija fl-Artikolu 9(1) tar-Regolament (UE) 2016/679, l-Artikolu 10 tad-Direttiva (UE) 2016/680 u l-Artikolu 10(1) tar-Regolament (UE) 2018/1725;

(37)

‘special categories of personal data’ means the categories of personal data referred to in Article 9(1) of Regulation (EU) 2016/679, Article 10 of Directive (EU) 2016/680 and Article 10(1) of Regulation (EU) 2018/1725;

(38)

“data operazzjonali sensittiva” tfisser data operazzjonali relatata ma' attivitajiet ta' prevenzjoni, kxif, investigazzjoni jew prosekuzzjoni ta' reati kriminali, li d-divulgazzjoni tagħha tista' tipperikola l-integrità tal-proċedimenti kriminali;

(38)

‘sensitive operational data’ means operational data related to activities of prevention, detection, investigation or prosecution of criminal offences, the disclosure of which could jeopardise the integrity of criminal proceedings;

(39)

“sistema ta' rikonoxximent tal-emozzjonijiet” tfisser sistema tal-IA għall-fini tal-identifikazzjoni jew tal-inferiment tal-emozzjonijiet jew tal-intenzjonijiet ta' persuni fiżiċi abbażi tad-data bijometrika tagħhom;

(39)

‘emotion recognition system’ means an AI system for the purpose of identifying or inferring emotions or intentions of natural persons on the basis of their biometric data;

(40)

“sistema ta' kategorizzazzjoni bijometrika” tfisser sistema tal-IA bil-għan li persuni fiżiċi jiġu assenjati f'kategoriji speċifiċi abbażi tad-data bijometrika tagħhom, dment li ma tkunx anċillari għal servizz kummerċjali ieħor u strettament meħtieġa għal raġunijiet tekniċi oġġettivi;

(40)

‘biometric categorisation system’ means an AI system for the purpose of assigning natural persons to specific categories on the basis of their biometric data, unless it is ancillary to another commercial service and strictly necessary for objective technical reasons;

(41)

“sistema ta' identifikazzjoni bijometrika remota” tfisser sistema tal-IA għall-fini tal-identifikazzjoni ta' persuni fiżiċi, mingħajr l-involviment attiv tagħhom, tipikament mill-bogħod permezz tat-tqabbil tad-data bijometrika ta' persuna mad-data bijometrika li tkun tinsab f'bażi ta' data ta' referenza;

(41)

‘remote biometric identification system’ means an AI system for the purpose of identifying natural persons, without their active involvement, typically at a distance through the comparison of a person’s biometric data with the biometric data contained in a reference database;

(42)

“sistema ta' identifikazzjoni bijometrika remota ‘fil-ħin reali’” tfisser sistema ta' identifikazzjoni bijometrika remota, li biha l-qbid tad-data bijometrika, it-tqabbil u l-identifikazzjoni kollha jseħħu mingħajr dewmien sinifikanti, li tinkludi mhux biss identifikazzjoni istantanja, iżda wkoll dewmien qasir limitat sabiex tiġi evitata ċ-ċirkomvenzjoni;

(42)

‘real-time remote biometric identification system’ means a remote biometric identification system, whereby the capturing of biometric data, the comparison and the identification all occur without a significant delay, comprising not only instant identification, but also limited short delays in order to avoid circumvention;

(43)

“sistema ta' identifikazzjoni bijometrika remota ‘f'ħin aktar tard’” tfisser sistema ta' identifikazzjoni bijometrika remota minbarra sistema ta' identifikazzjoni bijometrika remota “fil-ħin reali”;

(43)

‘post-remote biometric identification system’ means a remote biometric identification system other than a real-time remote biometric identification system;

(44)

“spazju aċċessibbli għall-pubbliku” tfisser kwalunkwe post fiżiku bi sjieda pubblika jew privata aċċessibbli għal għadd indeterminat ta' persuni fiżiċi, irrispettivament minn jekk japplikawx ċerti kundizzjonijiet għall-aċċess, u irrispettivament mir-restrizzjonijiet potenzjali fuq il-kapaċità;

(44)

‘publicly accessible space’ means any publicly or privately owned physical place accessible to an undetermined number of natural persons, regardless of whether certain conditions for access may apply, and regardless of the potential capacity restrictions;

(45)

“awtorità tal-infurzar tal-liġi” tfisser:

(45)

‘law enforcement authority’ means:

(a)

kwalunkwe awtorità pubblika kompetenti għall-prevenzjoni, l-investigazzjoni, il-kxif jew il-prosekuzzjoni ta' reati kriminali jew għall-eżekuzzjoni ta' pieni kriminali, inkluż is-salvagwardja kontra u l-prevenzjoni ta' theddidiet għas-sigurtà pubblika; jew

(a)

any public authority competent for the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, including the safeguarding against and the prevention of threats to public security; or

(b)

kwalunkwe korp jew entità oħra fdata bil-liġi ta' Stat Membru biex teżerċita awtorità pubblika u setgħat pubbliċi għall-finijiet tal-prevenzjoni, l-investigazzjoni, il-kxif jew il-prosekuzzjoni ta' reati kriminali jew tal-eżekuzzjoni ta' pieni kriminali, inkluż is-salvagwardja kontra u l-prevenzjoni ta' theddidiet għas-sigurtà pubblika;

(b)

any other body or entity entrusted by Member State law to exercise public authority and public powers for the purposes of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, including the safeguarding against and the prevention of threats to public security;

(46)

“infurzar tal-liġi” tfisser attivitajiet imwettqa mill-awtoritajiet tal-infurzar tal-liġi jew f'isimhom għall-prevenzjoni, l-investigazzjoni, il-kxif jew il-prosekuzzjoni ta' reati kriminali jew għall-eżekuzzjoni ta' pieni kriminali, inkluż is-salvagwardja kontra u l-prevenzjoni ta' theddidiet għas-sigurtà pubblika;

(46)

‘law enforcement’ means activities carried out by law enforcement authorities or on their behalf for the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, including safeguarding against and preventing threats to public security;

(47)

“Uffiċċju għall-IA” tfisser il-funzjoni tal-Kummissjoni li tikkontribwixxi għall-implimentazzjoni, il-monitoraġġ u s-superviżjoni tas-sistemi tal-IA u tal-mudelli tal-IA bi skop ġenerali, u l-governanza tal-IA, prevista fid-Deċiżjoni tal-Kummissjoni tal-24 ta’ Jannar 2024; ir-referenzi f'dan ir-Regolament għall-Uffiċċju għall-IA għandhom jinftiehmu bħala referenzi għall-Kummissjoni;

(47)

‘AI Office’ means the Commission’s function of contributing to the implementation, monitoring and supervision of AI systems and general-purpose AI models, and AI governance, provided for in Commission Decision of 24 January 2024; references in this Regulation to the AI Office shall be construed as references to the Commission;

(48)

“awtorità nazzjonali kompetenti” tfisser awtorità tan-notifika jew awtorità tas-sorveljanza tas-suq; fir-rigward tas-sistemi tal-IA mqiegħda fis-servizz jew użati mill-istituzzjonijiet, l-aġenziji, l-uffiċċji u l-korpi tal-Unjoni, ir-referenzi għall-awtoritajiet nazzjonali kompetenti jew għall-awtoritajiet tas-sorveljanza tas-suq f'dan ir-Regolament għandhom jitqiesu bħala refernzai għall-Kontrollur Ewropew għall-Protezzjoni tad-Data;

(48)

‘national competent authority’ means a notifying authority or a market surveillance authority; as regards AI systems put into service or used by Union institutions, agencies, offices and bodies, references to national competent authorities or market surveillance authorities in this Regulation shall be construed as references to the European Data Protection Supervisor;

(49)

“inċident serju” tfisser inċident jew ħsara ta' sistema tal-IA li direttament jew indirettament twassal għal wieħed jew waħda minn dawn:

(49)

‘serious incident’ means an incident or malfunctioning of an AI system that directly or indirectly leads to any of the following:

(a)

il-mewt ta' persuna jew ħsara serja għas-saħħa ta' persuna;

(a)

the death of a person, or serious harm to a person’s health;

(b)

tfixkil serju u irriversibbli fil-ġestjoni jew it-tħaddim ta' infrastruttura kritika.

(b)

a serious and irreversible disruption of the management or operation of critical infrastructure;

(c)

il-ksur ta' obbligi skont il-liġi tal-Unjoni maħsuba biex jipproteġu d-drittijiet fundamentali;

(c)

the infringement of obligations under Union law intended to protect fundamental rights;

(d)

ħsara serja lil proprjetà jew lill-ambjent;

(d)

serious harm to property or the environment;

(50)

“data personali” tfisser data kif definit fl-Artikolu 4, il-punt (1), tar-Regolament (UE) 2016/679;

(50)

‘personal data’ means personal data as defined in Article 4, point (1), of Regulation (EU) 2016/679;

(51)

“data mhux personali” tfisser data li mhijiex data personali, kif definita fl-Artikolu 4, punt (1) tar-Regolament (UE) 2016/679;

(51)

‘non-personal data’ means data other than personal data as defined in Article 4, point (1), of Regulation (EU) 2016/679;

(52)

“tfassil tal-profil” tfisser it-tfassil tal-profil kif definit fl-Artikolu 4, il-punt (4), tar-Regolament (UE) 2016/679;

(52)

‘profiling’ means profiling as defined in Article 4, point (4), of Regulation (EU) 2016/679;

(53)

“pjan ta' ttestjar fid-dinja reali” tfisser dokument li jiddeskrivi l-objettivi, il-metodoloġija, l-ambitu ġeografiku, tal-popolazzjoni u dak temporali, il-monitoraġġ, l-organizzazzjoni u t-twettiq tal-ittestjar f'kundizzjonijiet tad-dinja reali;

(53)

‘real-world testing plan’ means a document that describes the objectives, methodology, geographical, population and temporal scope, monitoring, organisation and conduct of testing in real-world conditions;

(54)

“pjan tal-ambjent ta' esperimentazzjoni” tfisser dokument maqbul bejn il-fornitur parteċipanti u l-awtorità kompetenti li jiddeskrivi l-objettivi, il-kundizzjonijiet, il-perjodu ta' żmien, il-metodoloġija u r-rekwiżiti għall-attivitajiet imwettqa fl-ambjent ta' esperimentazzjoni;

(54)

‘sandbox plan’ means a document agreed between the participating provider and the competent authority describing the objectives, conditions, timeframe, methodology and requirements for the activities carried out within the sandbox;

(55)

“ambjent ta' esperimentazzjoni regolatorja għall-IA” tfisser qafas ikontrollat stabbilit minn awtorità nazzjonali kompetenti li joffri lill-fornituri jew lil fornituri prospettivi ta' sistemi tal-IA l-possibbiltà li jiżviluppaw, iħarrġu, jivvalidaw u jittestjaw, meta xieraq fil-kundizzjonijiet tad-dinja reali, sistema innovattiva tal-IA, skont pjan ta' esperimentazzjoni għal żmien limitat taħt superviżjoni regolatorja;

(55)

‘AI regulatory sandbox’ means a controlled framework set up by a competent authority which offers providers or prospective providers of AI systems the possibility to develop, train, validate and test, where appropriate in real-world conditions, an innovative AI system, pursuant to a sandbox plan for a limited time under regulatory supervision;

(56)

“litteriżmu fl-IA” tfisser ħiliet, għarfien u fehim li jippermetti lill-fornituri, lill-implimentaturi u lill-persuni affettwati, b'kunsiderazzjoni għad-drittijiet u l-obbligi rispettivi tagħhom fil-kuntest ta' dan ir-Regolament, jagħmlu użu infurmat tas-sistemi tal-IA, kif ukoll jsiru konxji tal-opportunitajiet u r-riskji tal-IA u l-ħsara possibbli li tista' tikkawża;

(56)

‘AI literacy’ means skills, knowledge and understanding that allow providers, deployers and affected persons, taking into account their respective rights and obligations in the context of this Regulation, to make an informed deployment of AI systems, as well as to gain awareness about the opportunities and risks of AI and possible harm it can cause;

(57)

“ittestjar f'kundizzjonijiet tad-dinja reali” tfisser l-ittestjar temporanju ta' sistema tal-IA għall-għan maħsub tagħha f'kundizzjonijiet tad-dinja reali barra minn laboratorju jew ambjent simulat b'xi mod ieħor, bil-ħsieb li tinġabar data affidabbli u robusta u biex tiġi vvalutata u vverifikata l-konformità tas-sistema tal-IA mar-rekwiżiti ta' dan ir-Regolament u ma jikkwalifikax bħala li qed jintroduċi s-sistema tal-IA fis-suq jew fis-servizz skont it-tifsira ta' dan ir-Regolament, dment li jiġu ssodisfati l-kundizzjonijiet kollha stabbiliti fl-Artikolu 57 jew 60;

(57)

‘testing in real-world conditions’ means the temporary testing of an AI system for its intended purpose in real-world conditions outside a laboratory or otherwise simulated environment, with a view to gathering reliable and robust data and to assessing and verifying the conformity of the AI system with the requirements of this Regulation and it does not qualify as placing the AI system on the market or putting it into service within the meaning of this Regulation, provided that all the conditions laid down in Article 57 or 60 are fulfilled;

(58)

“suġġett” għall-fini tal-ittestjar fid-dinja reali tfisser persuna fiżika li tieħu sehem fl-ittestjar fil-kundizzjonijiet tad-dinja reali;

(58)

‘subject’, for the purpose of real-world testing, means a natural person who participates in testing in real-world conditions;

(59)

“kunsens infurmat” tfisser l-espressjoni mogħtija liberament, speċifika, mhux ambigwa u volontarja ta' suġġett tar-rieda tiegħu li jieħu sehem f'ittestjar partikolari fil-kundizzjonijiet tad-dinja reali, wara li jkun ġie infurmat dwar l-aspetti kollha tal-ittestjar li huma rilevanti għad-deċiżjoni tas-suġġett li jieħu sehem;

(59)

‘informed consent’ means a subject’s freely given, specific, unambiguous and voluntary expression of his or her willingness to participate in a particular testing in real-world conditions, after having been informed of all aspects of the testing that are relevant to the subject’s decision to participate;

(60)

“deepfake” tfisser immaġni, kontenut awdjo jew vidjo ġġenerat jew manipulat minn IA li jixbah lil persuni, oġġetti, postijiet, entitajiet jew avvenimenti oħra li jeżistu u li jidher li huwa awtentiku u veritier għall-persuna li tarah;

(60)

‘deep fake’ means AI-generated or manipulated image, audio or video content that resembles existing persons, objects, places, entities or events and would falsely appear to a person to be authentic or truthful;

(61)

“ksur mifrux” tfisser kwalunkwe att jew ommissjoni li jmur kontra d-dritt tal-Unjoni li jipproteġi l-interessi tal-individwi, li:

(61)

‘widespread infringement’ means any act or omission contrary to Union law protecting the interest of individuals, which:

(a)

ikun għamel ħsara jew li x'aktarx ser jagħmel ħsara lill-interessi kollettivi tal-individwi residenti f'mill-inqas żewġ Stat Membri minbarra l-Istat Membru, fejn:

(a)

has harmed or is likely to harm the collective interests of individuals residing in at least two Member States other than the Member State in which:

(i)

oriġina jew seħħ l-att jew l-ommissjoni;

(i)

the act or omission originated or took place;

(ii)

jinsab jew huwa stabbilit il-fornitur ikkonċernat, jew, meta applikabbli, ir-rappreżentant awtorizzat tiegħu; jew

(ii)

the provider concerned, or, where applicable, its authorised representative is located or established; or

(iii)

huwa stabbilit l-implimentatur, meta l-ksur jitwettaq mill-implimentatur;

(iii)

the deployer is established, when the infringement is committed by the deployer;

(b)

ikun ikkawża, jikkawża jew x'aktarx ser jikkawża ħsara lill-interessi kollettivi tal-individwi u għandu karatteristiċi komuni, inkluż l-istess prattika illegali, qed jikser l-istess interess u qed iseħħ fl-istess ħin, imwettaq mill-istess operatur, f'mill-inqas tliet Stati Membri;

(b)

has caused, causes or is likely to cause harm to the collective interests of individuals and has common features, including the same unlawful practice or the same interest being infringed, and is occurring concurrently, committed by the same operator, in at least three Member States;

(62)

“infrastruttura kritika” tfisser infrastruttura kritika kif definita fl-Artikolu 2, il-punt (4), tad-Direttiva (UE) 2022/2557;

(62)

‘critical infrastructure’ means critical infrastructure as defined in Article 2, point (4), of Directive (EU) 2022/2557;

(63)

“mudell tal-IA bi skop ġenerali” tfisser mudell tal-IA, inkluż meta tali mudell tal-IA jitħarreġ b'ammont kbir ta' data bl-użu ta' awtosuperviżjoni fuq skala kbira, li juri ġeneralità sinifikanti u li jkun kapaċi jwettaq b'mod kompetenti firxa wiesgħa ta' kompiti distinti rrispettivament mill-mod kif il-mudell jiġi introdott fis-suq u li jista' jiġi integrat f'varjetà ta' sistemi jew applikazzjonijiet downstream, ħlief mudelli tal-IA li jintużaw għal attivitajiet ta' riċerka, żvilupp jew prototipar qabel ma jiġu introdotti fis-suq;

(63)

‘general-purpose AI model’ means an AI model, including where such an AI model is trained with a large amount of data using self-supervision at scale, that displays significant generality and is capable of competently performing a wide range of distinct tasks regardless of the way the model is placed on the market and that can be integrated into a variety of downstream systems or applications, except AI models that are used for research, development or prototyping activities before they are placed on the market;

(64)

“kapaċitajiet b'impatt kbir” tfisser kapaċitajiet li jaqblu mal-kapaċitajiet irreġistrati fl-aktar mudelli avvanzati tal-IA bi skop ġenerali jew jaqbżuhom;

(64)

‘high-impact capabilities’ means capabilities that match or exceed the capabilities recorded in the most advanced general-purpose AI models;

(65)

“riskju sistemiku” tfisser riskju li huwa speċifiku għall-kapaċitajiet b'impatt kbir tal-mudelli tal-IA bi skop ġenerali, li jkollu impatt sinifikanti fuq is-suq tal-Unjoni minħabba l-firxa tiegħu, jew minħabba effetti negattivi reali jew raġonevolment prevedibbli fuq is-saħħa pubblika, is-sikurezza, is-sigurtà pubblika, id-drittijiet fundamentali jew is-soċjetà inġenerali, li jista' jiġi propogat fuq skala kbira tul il-katina tal-valur;

(65)

‘systemic risk’ means a risk that is specific to the high-impact capabilities of general-purpose AI models, having a significant impact on the Union market due to their reach, or due to actual or reasonably foreseeable negative effects on public health, safety, public security, fundamental rights, or the society as a whole, that can be propagated at scale across the value chain;

(66)

“sistema tal-IA bi skop ġenerali” tfisser sistema tal-IA li hija bbażata fuq mudell tal-IA bi skop ġenerali u li għandha l-kapaċità li taqdi varjetà ta' skopijiet, kemm għall-użu dirett kif ukoll għall-integrazzjoni f'sistemi tal-IA oħra;

(66)

‘general-purpose AI system’ means an AI system which is based on a general-purpose AI model and which has the capability to serve a variety of purposes, both for direct use as well as for integration in other AI systems;

(67)

“operazzjoni b'punt varjabbli” tfisser kwalunkwe operazzjoni jew assenjazzjoni matematika li tinvolvi numri b'punt varjabbli, li huma subsett tan-numri reali tipikament rappreżentati fuq il-kompjuters minn numru sħiħ ta' preċiżjoni fissa skalat minn esponent ta' numru sħiħ ta' bażi fissa;

(67)

‘floating-point operation’ means any mathematical operation or assignment involving floating-point numbers, which are a subset of the real numbers typically represented on computers by an integer of fixed precision scaled by an integer exponent of a fixed base;

(68)

“fornitur downstream” tfisser fornitur ta' sistema tal-IA, inkluż sistema tal-IA bi skop ġenerali, li tintegra mudell tal-IA, irrispettivament minn jekk il-mudell tal-IA jkunx provdut minnu stess u integrat vertikalment jew provdut minn entità oħra abbażi ta' relazzjonijiet kuntrattwali.

(68)

‘downstream provider’ means a provider of an AI system, including a general-purpose AI system, which integrates an AI model, regardless of whether the AI model is provided by themselves and vertically integrated or provided by another entity based on contractual relations.

(a)

l-introduzzjoni fis-suq, it-tqegħid fis-servizz jew l-użu ta' sistema tal-IA li tuża tekniki subliminali li persuna ma tkunx konxja tagħhom jew tekniki intenzjonalment manipulattivi jew qarrieqa, bil-għan jew bir-riżultat li materjalment ifixklu l-imġiba ta' persuna jew ta' grupp ta' persuni billi jdgħajfu b'mod sinifikanti l-abbiltà tagħha li tieħu deċiżjoni infurmata, u minħabba f'hekk huma jieħdudeċiżjoni li kieku ma kinux jieħdu b'mod li jikkawża jew li aktarx raġonevolament jikkawża ħsara sinifikanti lil dik il-persuna, lil persuna oħra jew lil grupp ta' persuni;

(a)

the placing on the market, the putting into service or the use of an AI system that deploys subliminal techniques beyond a person’s consciousness or purposefully manipulative or deceptive techniques, with the objective, or the effect of materially distorting the behaviour of a person or a group of persons by appreciably impairing their ability to make an informed decision, thereby causing them to take a decision that they would not have otherwise taken in a manner that causes or is reasonably likely to cause that person, another person or group of persons significant harm;

(b)

l-introduzzjoni fis-suq, it-tqegħid fis-servizz jew l-użu ta' sistema tal-IA li tisfrutta kwalunkwe waħda mill-vulnerabbiltajiet ta' persuna fiżika jew ta' grupp speċifiku ta' persuni minħabba l-età, diżabbiltà jew sitwazzjoni soċjali jew ekonomika speċifika, bl-għan jew bir-riżultat li tfixkel materjalment l-imġiba ta' dik il-persuna jew ta' persuna li tappartjeni għal dak il-grupp b'mod li jikkawża jew li raġonevolment aktarx jikkawża ħsara sinifikanti lil dik il-persuna jew lil persuna oħra;

(b)

the placing on the market, the putting into service or the use of an AI system that exploits any of the vulnerabilities of a natural person or a specific group of persons due to their age, disability or a specific social or economic situation, with the objective, or the effect, of materially distorting the behaviour of that person or a person belonging to that group in a manner that causes or is reasonably likely to cause that person or another person significant harm;

(c)

l-introduzzjoni fis-suq, it-tqegħid fis-servizz jew l-użu ta' sistemi tal-IA għall-evalwazzjoni jew il-klassifikazzjoni ta' persuni fiżiċi jew gruppi ta' persuni tul ċertu perjodu ta' żmien abbażi tal-imġiba soċjali tagħhom jew ta' karatteristiċi personali jew tal-personalità magħrufa, inferiti jew previsti, fejn il-punteġġ għaċ-ċittadini jwassal għal wieħed minn dawn li ġejjin jew għat-tnejn li huma:

(c)

the placing on the market, the putting into service or the use of AI systems for the evaluation or classification of natural persons or groups of persons over a certain period of time based on their social behaviour or known, inferred or predicted personal or personality characteristics, with the social score leading to either or both of the following:

(i)

trattament detrimentali jew mhux favorevoli ta' ċerti persuni fiżiċi jew ta' gruppi ta' persuni f'kuntesti soċjali li mhumiex relatati mal-kuntesti li fihom id-data kienet oriġinarjament iġġenerata jew miġbura;

(i)

detrimental or unfavourable treatment of certain natural persons or groups of persons in social contexts that are unrelated to the contexts in which the data was originally generated or collected;

(ii)

trattament detrimentali jew mhux favorevoli ta' ċerti persuni fiżiċi jew ta' gruppi ta' persuni li ma jkunx ġustifikat jew li jkun sproporzjonat għall-imġiba soċjali tagħhom jew għall-gravità tagħha;

(ii)

detrimental or unfavourable treatment of certain natural persons or groups of persons that is unjustified or disproportionate to their social behaviour or its gravity;

(d)

l-introduzzjoni fis-suq, it-tqegħid fis-servizz għal dan l-għan speċifiku, jew l-użu ta' sistema tal-IA biex isiru valutazzjonijiet tar-riskju ta' persuni fiżiċi sabiex jiġi vvalutat jew imbassar ir-riskju li persuna fiżika twettaq reat kriminali, abbażi biss tat-tfassil ta' profil ta' persuna fiżika jew fuq il-valutazzjoni tal-karatteristiċi tal-personalità tagħha; din il-projbizzjoni ma għandhiex tapplika għas-sistemi tal-IA użati biex jappoġġaw il-valutazzjoni mill-bniedem tal-involviment ta' persuna f'attività kriminali, li diġà hija bbażata fuq fatti oġġettivi u verifikabbli marbuta direttament ma' attività kriminali;

(d)

the placing on the market, the putting into service for this specific purpose, or the use of an AI system for making risk assessments of natural persons in order to assess or predict the risk of a natural person committing a criminal offence, based solely on the profiling of a natural person or on assessing their personality traits and characteristics; this prohibition shall not apply to AI systems used to support the human assessment of the involvement of a person in a criminal activity, which is already based on objective and verifiable facts directly linked to a criminal activity;

(e)

l-introduzzjoni fis-suq, it-tqegħid fis-servizz għal dan l-għan speċifiku, jew l-użu ta' sistemi tal-IA li joħolqu jew jespandu l-bażijiet tad-data tar-rikonoxximent tal-wiċċ permezz ta' scraping mhux immirat tal-immaġnijiet tal-wiċċ mill-internet jew minn filmati tas-CCTV;

(e)

the placing on the market, the putting into service for this specific purpose, or the use of AI systems that create or expand facial recognition databases through the untargeted scraping of facial images from the internet or CCTV footage;

(f)

l-introduzzjoni fis-suq, it-tqegħid fis-servizz għal dan l-għan speċifiku, jew l-użu ta' sistemi tal-IA biex jiġu inferiti l-emozzjonijiet ta' persuna fiżika fl-oqsma tal-post tax-xogħol u tal-istituzzjonijiet edukattivi ħlief fejn l-użu tas-sistema tal-IA jkun maħsub biex tiġi introdotta fis-suq jew mqiegħda fis-servizz għal raġunijiet mediċi jew ta' sikurezza;

(f)

the placing on the market, the putting into service for this specific purpose, or the use of AI systems to infer emotions of a natural person in the areas of workplace and education institutions, except where the use of the AI system is intended to be put in place or into the market for medical or safety reasons;

(g)

l-introduzzjoni fis-suq jew it-tqegħid fis-servizz għal dan l-iskop speċifiku, jew l-użu ta' sistemi ta' kategorizzazzjoni bijometrika li jikkategorizzaw individwalment lill-persuni fiżiċi abbażi tad-data bijometrika tagħhom biex jiddeduċu jew jinferixxu r-razza, l-opinjonijiet politiċi, is-sħubija fi trade union, it-twemmin reliġjuż jew filosofiku, il-ħajja sesswali jew l-orjentazzjoni sesswali tagħhom; din il-projbizzjoni ma tkopri l-ebda tikkettar jew iffiltrar ta' settijiet tad-data bijometrika miksuba legalment, bħal immaġnijiet, ibbażati fuq data bijometrika jew kategorizzazzjoni ta' data bijometrika fil-qasam tal-infurzar tal-liġi;

(g)

the placing on the market, the putting into service for this specific purpose, or the use of biometric categorisation systems that categorise individually natural persons based on their biometric data to deduce or infer their race, political opinions, trade union membership, religious or philosophical beliefs, sex life or sexual orientation; this prohibition does not cover any labelling or filtering of lawfully acquired biometric datasets, such as images, based on biometric data or categorizing of biometric data in the area of law enforcement;

(h)

l-użu ta' sistemi ta’ identifikazzjoni bijometrika remota “fil-ħin reali” f'żoni aċċessibbli għall-pubbliku għall-finijiet tal-infurzar tal-liġi, dment li u sakemm dan l-użu jkun strettament meħtieġ għal wieħed mill-objettivi li ġejjin:

(h)

the use of ‘real-time’ remote biometric identification systems in publicly accessible spaces for the purposes of law enforcement, unless and in so far as such use is strictly necessary for one of the following objectives:

(i)

it-tfittxija mmirata għal vittmi speċifiċi ta' ħtif, traffikar ta' bnedmin jew sfruttament sesswali ta' bnedmin kif ukoll it-tfittxija għal persuni neqsin;

(i)

the targeted search for specific victims of abduction, trafficking in human beings or sexual exploitation of human beings, as well as the search for missing persons;

(ii)

il-prevenzjoni ta' theddida speċifika, sostanzjali u imminenti għall-ħajja jew għas-sikurezza fiżika ta' persuni fiżiċi jew theddida ġenwina u preżenti jew ġenwina u prevedibbli ta' attakk terroristiku;

(ii)

the prevention of a specific, substantial and imminent threat to the life or physical safety of natural persons or a genuine and present or genuine and foreseeable threat of a terrorist attack;

(iii)

il-lokalizzazzjoni jew l-identifikazzjoni ta' persuna suspettata li wettqet reat kriminali, għall-fini tat-twettiq ta' investigazzjoni kriminali jew il-prosekuzzjoni jew l-eżekuzzjoni ta' piena kriminali għal reati, imsemmija fl-Anness II u punibbli fl-Istat Membru kkonċernat b'sentenza ta' kustodja jew ordni ta' detenzjoni għal perjodu massimu ta' mill-inqas erba' snin.

(iii)

the localisation or identification of a person suspected of having committed a criminal offence, for the purpose of conducting a criminal investigation or prosecution or executing a criminal penalty for offences referred to in Annex II and punishable in the Member State concerned by a custodial sentence or a detention order for a maximum period of at least four years.

(a)

in-natura tas-sitwazzjoni li twassal għall-użu possibbli, b'mod partikolari s-serjetà, il-probabbiltà u l-iskala tal-ħsara li kienet tiġi kkawżata kieku s-sistema ma ntużatx;

(a)

the nature of the situation giving rise to the possible use, in particular the seriousness, probability and scale of the harm that would be caused if the system were not used;

(b)

il-konsegwenzi tal-użu tas-sistema għad-drittijiet u l-libertajiet tal-persuni kollha kkonċernati, b'mod partikolari s-serjetà, il-probabbiltà u l-iskala ta' dawk il-konsegwenzi.

(b)

the consequences of the use of the system for the rights and freedoms of all persons concerned, in particular the seriousness, probability and scale of those consequences.

(a)

is-sistema tal-IA hija maħsuba biex tintuża bħala komponent tas-sikurezza ta' prodott, jew is-sistema tal-IA tkun hi stess prodott, kopert bil-leġiżlazzjoni tal-Unjoni dwar l-armonizzazzjoni elenkata fl-Anness I;

(a)

the AI system is intended to be used as a safety component of a product, or the AI system is itself a product, covered by the Union harmonisation legislation listed in Annex I;

(b)

il-prodott li l-komponent tas-sikurezza tiegħu skont il-punt (a) huwa s-sistema tal-IA, jew is-sistema tal-IA hi stess bħala prodott, jeħtieġ issirlu valutazzjoni tal-konformità minn parti terza, bil-ħsieb li dak il-prodott jiġi introdott fis-suq jew imqiegħed fis-servizz skont il-leġiżlazzjoni tal-Unjoni dwar l-armonizzazzjoni elenkata fl-Anness I.

(b)

the product whose safety component pursuant to point (a) is the AI system, or the AI system itself as a product, is required to undergo a third-party conformity assessment, with a view to the placing on the market or the putting into service of that product pursuant to the Union harmonisation legislation listed in Annex I.

(a)

is-sistema tal-IA hija maħsuba biex twettaq kompitu proċedurali ristrett;

(a)

the AI system is intended to perform a narrow procedural task;

(b)

is-sistema tal-IA hija maħsuba biex ittejjeb ir-riżultat ta' attività mill-bniedem li tkun tlestiet qabel;

(b)

the AI system is intended to improve the result of a previously completed human activity;

(c)

is-sistema tal-IA hija maħsuba biex tikxef xejriet ta' teħid ta' deċiżjonijiet jew devjazzjonijiet minn xejriet ta' teħid ta' deċiżjonijiet preċedenti u mhijiex maħsuba biex tissostitwixxi jew tinfluwenza l-valutazzjoni mill-bniedem li tkun tlestiet qabel, mingħajr rieżami xieraq mill-bniedem; jew

(c)

the AI system is intended to detect decision-making patterns or deviations from prior decision-making patterns and is not meant to replace or influence the previously completed human assessment, without proper human review; or

(d)

is-sistema tal-IA hija maħsuba biex twettaq kompitu preparatorju għal valutazzjoni rilevanti għall-finijiet tal-każijiet ta' użu elenkati fl-Anness III.

(d)

the AI system is intended to perform a preparatory task to an assessment relevant for the purposes of the use cases listed in Annex III.

(a)

is-sistemi tal-IA jkunu maħsuba biex jintużaw f'xi waħda miż-żoni elenkati fl-Anness III;

(a)

the AI systems are intended to be used in any of the areas listed in Annex III;

(b)

is-sistemi tal-IA joħolqu riskju ta' ħsara għas-saħħa u s-sikurezza, jew ta' impatt negattiv fuq id-drittijiet fundamentali, u dak ir-riskju huwa ekwivalenti jew akbar mir-riskju ta' ħsara jew ta' impatt negattiv maħluq mis-sistemi tal-IA b'riskju għoli diġà msemmija fl-Anness III.

(b)

the AI systems pose a risk of harm to health and safety, or an adverse impact on fundamental rights, and that risk is equivalent to, or greater than, the risk of harm or of adverse impact posed by the high-risk AI systems already referred to in Annex III.

(a)

l-għan maħsub tas-sistema tal-IA;

(a)

the intended purpose of the AI system;

(b)

il-punt sa fejn intużat jew aktarx tintuża sistema tal-IA;

(b)

the extent to which an AI system has been used or is likely to be used;

(c)

in-natura u l-ammont tad-data pproċessata u użata mis-sistema tal-IA, b'mod partikolari jekk jiġux ipproċessati kategoriji speċjali ta' data personali;

(c)

the nature and amount of the data processed and used by the AI system, in particular whether special categories of personal data are processed;

(d)

il-punt sa fejn is-sistema tal-IA taġixxi b'mod awtonomu u l-possibbiltà li bniedem jegħleb deċiżjoni jew rakkomandazzjonijiet li jistgħu jwasslu għal ħsara potenzjali;

(d)

the extent to which the AI system acts autonomously and the possibility for a human to override a decision or recommendations that may lead to potential harm;

(e)

il-punt sa fejn l-użu ta' sistema tal-IA diġà kkawża ħsara għas-saħħa u s-sikurezza, kellu impatt negattiv fuq id-drittijiet fundamentali jew wassal għal tħassib sinifikanti fir-rigward tal-materjalizzazzjoni ta' din il-ħsara jew l-impatt negattiv, kif muri, pereżempju, minn rapporti jew allegazzjonijiet dokumentati ppreżentati lill-awtoritajiet nazzjonali kompetenti jew minn rapporti oħra, skont il-każ;

(e)

the extent to which the use of an AI system has already caused harm to health and safety, has had an adverse impact on fundamental rights or has given rise to significant concerns in relation to the likelihood of such harm or adverse impact, as demonstrated, for example, by reports or documented allegations submitted to national competent authorities or by other reports, as appropriate;

(f)

il-firxa potenzjali ta' din il-ħsara jew ta' dan l-impatt negattiv, b'mod partikolari f'termini tal-intensità tiegħu u l-kapaċità tiegħu li jaffettwa diversi persuni jew li jaffettwa b'mod sproporzjonat grupp partikolari ta' persuni;

(f)

the potential extent of such harm or such adverse impact, in particular in terms of its intensity and its ability to affect multiple persons or to disproportionately affect a particular group of persons;

(g)

il-punt sa fejn il-persuni li potenzjalment issirilhom ħsara jew isofru impatt negattiv ikunu dipendenti fuq l-eżitu prodott b'sistema tal-IA, b'mod partikolari meta għal raġunijiet prattiċi jew legali ma jkunx raġonevolment possibbli li persuna tagħżel li teskludi lilha nnifisha minn dak l-eżitu;

(g)

the extent to which persons who are potentially harmed or suffer an adverse impact are dependent on the outcome produced with an AI system, in particular because for practical or legal reasons it is not reasonably possible to opt-out from that outcome;

(h)

il-punt sa fejn jeżisti żbilanċ ta' poter, jew il-persuni li potenzjalment issirilhom ħsara jew isofru impatt negattiv ikunu f'pożizzjoni vulnerabbli fir-rigward tal-implimentatur ta' sistema tal-IA, b'mod partikolari minħabba status, awtorità, għarfien, ċirkostanzi ekonomiċi jew soċjali, jew età;

(h)

the extent to which there is an imbalance of power, or the persons who are potentially harmed or suffer an adverse impact are in a vulnerable position in relation to the deployer of an AI system, in particular due to status, authority, knowledge, economic or social circumstances, or age;

(i)

il-punt sa fejn l-eżitu prodott bl-involviment ta' sistema tal-IA jista' faċilment jiġi kkoreġut jew imreġġa' lura, b'kunsiderazzjoni għas-soluzzjonijiet tekniċi disponibbli biex jiġi kkoreġut jew mreġġa' lura, fejn l-eżiti li jkollhom impatt negattiv fuq is-saħħa, is-sikurezza jew id-drittijiet fundamentali, ma għandhomx jitqiesu bħala li jistgħu jiġu kkoreġuti jew mreġġgħin lura faċilment;

(i)

the extent to which the outcome produced involving an AI system is easily corrigible or reversible, taking into account the technical solutions available to correct or reverse it, whereby outcomes having an adverse impact on health, safety or fundamental rights, shall not be considered to be easily corrigible or reversible;

(j)

il-kobor u l-probabbiltà tal-benefiċċju mill-implimentazzjoni tas-sistema tal-IA għal individwi, gruppi jew għas-soċjetà inġenerali, inkluż titjib possibbli fis-sikurezza tal-prodott;

(j)

the magnitude and likelihood of benefit of the deployment of the AI system for individuals, groups, or society at large, including possible improvements in product safety;

(k)

il-punt sa fejn il-liġi eżistenti tal-Unjoni tipprevedi:

(k)

the extent to which existing Union law provides for:

(i)

miżuri effettivi ta' rimedju fir-rigward tar-riskji maħluqa minn sistema tal-IA, bl-esklużjoni ta' pretensjonijiet għal danni;

(i)

effective measures of redress in relation to the risks posed by an AI system, with the exclusion of claims for damages;

(ii)

miżuri effettivi għall-prevenzjoni jew il-minimizzazzjoni sostanzjali ta' dawk ir-riskji.

(ii)

effective measures to prevent or substantially minimise those risks.

(a)

is-sistema tal-IA b'riskju għoli kkonċernata ma tibqax toħloq riskji sinifikanti għad-drittijiet fundamentali, għas-saħħa jew għas-sikurezza, b'kunsiderazzjoni għall-kriterji elenkati fil-paragrafu 2;

(a)

the high-risk AI system concerned no longer poses any significant risks to fundamental rights, health or safety, taking into account the criteria listed in paragraph 2;

(b)

it-tħassir ma jnaqqasx il-livell ġenerali ta' protezzjoni tas-saħħa, tas-sikurezza u tad-drittijiet fundamentali skont il-liġi tal-Unjoni.

(b)

the deletion does not decrease the overall level of protection of health, safety and fundamental rights under Union law.

(a)

l-identifikazzjoni u l-analiżi tar-riskji magħrufa u raġonevolment prevedibbli li s-sistema tal-IA b'riskju għoli tista' toħloq għas-saħħa, għas-sikurezza jew għad-drittijiet fundamentali meta s-sistema tal-IA b'riskju għoli tintuża f'konformità mal-għan maħsub tagħha;

(a)

the identification and analysis of the known and the reasonably foreseeable risks that the high-risk AI system can pose to health, safety or fundamental rights when the high-risk AI system is used in accordance with its intended purpose;

(b)

l-istima u l-evalwazzjoni tar-riskji li jistgħu jitfaċċaw meta s-sistema tal-IA b'riskju għoli tintuża f'konformità mal-għan maħsub tagħha u f'kundizzjonijiet ta' użu ħażin raġonevolment prevedibbli;

(b)

the estimation and evaluation of the risks that may emerge when the high-risk AI system is used in accordance with its intended purpose, and under conditions of reasonably foreseeable misuse;

(c)

l-evalwazzjoni ta' riskji oħra li jistgħu jinħolqu abbażi tal-analiżi tad-data miġbura mis-sistema ta' sorveljanza ta' wara t-tqegħid fis-suq imsemmija fl-Artikolu 72;

(c)

the evaluation of other risks possibly arising, based on the analysis of data gathered from the post-market monitoring system referred to in Article 72;

(d)

l-adozzjoni ta' miżuri ta' ġestjoni tar-riskju xierqa u mmirati mfassla biex jindirizzaw ir-riskji identifikati skont il-punt (a).

(d)

the adoption of appropriate and targeted risk management measures designed to address the risks identified pursuant to point (a).

(a)

l-eliminazzjoni jew it-tnaqqis tar-riskji identifikati u evalwati skont il-paragrafu 2 sa fejn hu teknikament possibbli permezz ta' disinn u żvilupp adegwati tas-sistema tal-IA b'riskju għoli;

(a)

elimination or reduction of risks identified and evaluated pursuant to paragraph 2 in as far as technically feasible through adequate design and development of the high-risk AI system;

(b)

meta xieraq, l-implimentazzjoni ta' miżuri adegwati ta' mitigazzjoni u ta' kontroll li jindirizzaw ir-riskji li ma jistgħux jiġu eliminati;

(b)

where appropriate, implementation of adequate mitigation and control measures addressing risks that cannot be eliminated;

(c)

l-għoti ta' informazzjoni meħtieġa skont l-Artikolu 13, u, meta xieraq, taħriġ lill-implimentaturi.

(c)

provision of information required pursuant to Article 13 and, where appropriate, training to deployers.

(a)

l-għażliet ta' disinn rilevanti;

(a)

the relevant design choices;

(b)

il-proċessi tal-ġbir tad-data u l-oriġini tad-data, u fil-każ ta' data personali, l-iskop oriġinali tal-ġbir tad-data;

(b)

data collection processes and the origin of data, and in the case of personal data, the original purpose of the data collection;

(c)

operazzjonijiet rilevanti ta' pproċessar ta' tħejjija tad-data, bħall-annotazzjoni, it-tikkettar, it-tindif, l-aġġornament, l-arrikkiment u l-aggregazzjoni;

(c)

relevant data-preparation processing operations, such as annotation, labelling, cleaning, updating, enrichment and aggregation;

(d)

il-formulazzjoni ta' suppożizzjonijiet, b'mod partikolari fir-rigward tal-informazzjoni li d-data suppost tkejjel u tirrappreżenta;

(d)

the formulation of assumptions, in particular with respect to the information that the data are supposed to measure and represent;

(e)

valutazzjoni tad-disponibbiltà, il-kwantità u l-adegwatezza tas-settijiet tad-data li huma meħtieġa;

(e)

an assessment of the availability, quantity and suitability of the data sets that are needed;

(f)

l-eżami fid-dawl ta' preġudizzji possibbli li x'aktarx jaffettwaw is-saħħa u s-sikurezza tal-persuni, ikollhom impatt negattiv fuq id-drittijiet fundamentali jew iwasslu għal diskriminazzjoni pprojbita skont il-liġi tal-Unjoni, speċjalment fejn l-outputs tad-data jinfluwenzaw l-inputs għal operazzjonijiet futuri;

(f)

examination in view of possible biases that are likely to affect the health and safety of persons, have a negative impact on fundamental rights or lead to discrimination prohibited under Union law, especially where data outputs influence inputs for future operations;

(g)

miżuri xierqa għall-kxif, il-prevenzjoni u l-mitigazzjoni tal-preġudizzji possibbli identifikati skont il-punt (f);

(g)

appropriate measures to detect, prevent and mitigate possible biases identified according to point (f);

(h)

l-identifikazzjoni ta' lakuni jew nuqqasijiet rilevanti fid-data li jfixklu l-konformità ma' dan ir-Regolament, u kif dawk il-lakuni u n-nuqqasijiet jistgħu jiġu indirizzati.

(h)

the identification of relevant data gaps or shortcomings that prevent compliance with this Regulation, and how those gaps and shortcomings can be addressed.

(a)

il-kxif u l-korrezzjoni ta' preġudizzju ma jistgħux jiġu ssodisfati b'mod effettiv bl-ipproċessar ta' data oħra, inkluż data sintetika jew anonimizzata;

(a)

the bias detection and correction cannot be effectively fulfilled by processing other data, including synthetic or anonymised data;

(b)

il-kategoriji speċjali ta' data personali huma soġġetti għal limitazzjonijiet tekniċi fuq l-użu mill-ġdid tad-data personali u miżuri ta' sigurtà u preservazzjoni tal-privatezza tal-ogħla livell ta' żvilupp tekniku, inkluża l-psewdonimizzazzjoni;

(b)

the special categories of personal data are subject to technical limitations on the re-use of the personal data, and state-of-the-art security and privacy-preserving measures, including pseudonymisation;

(c)

il-kategoriji speċjali ta' data personali huma soġġetti għal miżuri biex jiġi żgurat li d-data personali pproċessata tkun sigura, protetta, soġġetta għal salvagwardji xierqa, inkluż kontrolli stretti u dokumentazzjoni tal-aċċess, biex jiġi evitat l-użu ħażin u jiġi żgurat li persuni awtorizzati biss jkollhom aċċess għal dik id-data personali b'obbligi xierqa ta' kunfidenzjalità;

(c)

the special categories of personal data are subject to measures to ensure that the personal data processed are secured, protected, subject to suitable safeguards, including strict controls and documentation of the access, to avoid misuse and ensure that only authorised persons have access to those personal data with appropriate confidentiality obligations;

(d)

il-kategoriji speċjali ta' data personali ma għandhomx jiġu trażmessi, trasferiti jew aċċessati b'xi mod ieħor minn partijiet oħra;

(d)

the special categories of personal data are not to be transmitted, transferred or otherwise accessed by other parties;

(e)

il-kategoriji speċjali ta' data personali jitħassru ladarba l-preġudizzju jkun ġie kkoreġut jew id-data personali tkun laħqet tmiem il-perjodu ta' żamma tagħha, skont liema jiġi l-ewwel;

(e)

the special categories of personal data are deleted once the bias has been corrected or the personal data has reached the end of its retention period, whichever comes first;

(f)

ir-rekords tal-attivitajiet ta' pproċessar skont ir-Regolamenti (UE) 2016/679 u (UE) 2018/1725 u d-Direttiva (UE) 2016/680 jinkludu r-raġunijiet għaliex l-ipproċessar ta' kategoriji speċjali ta' data personali kien strettament meħtieġ biex jinkixfu u jiġu kkoreġuti l-preġudizzji u għaliex dak l-objettiv ma setax jintlaħaq bl-ipproċessar ta' data oħra.

(f)

the records of processing activities pursuant to Regulations (EU) 2016/679 and (EU) 2018/1725 and Directive (EU) 2016/680 include the reasons why the processing of special categories of personal data was strictly necessary to detect and correct biases, and why that objective could not be achieved by processing other data.

(a)

l-identifikazzjoni ta' sitwazzjonijiet li jistgħu jwasslu biex is-sistema tal-IA b'riskju għoli tippreżenta riskju skont it-tifsira tal-Artikolu 79(1) jew f'modifika sostanzjali;

(a)

identifying situations that may result in the high-risk AI system presenting a risk within the meaning of Article 79(1) or in a substantial modification;

(b)

il-faċilitazzjoni tas-sorveljanza ta' wara t-tqegħid fis-suq imsemmija fl-Artikolu 72; u

(b)

facilitating the post-market monitoring referred to in Article 72; and

(c)

il-monitoraġġ tat-tħaddim tas-sistemi tal-IA b'riskju għoli msemmija fl-Artikolu 26(5).

(c)

monitoring the operation of high-risk AI systems referred to in Article 26(5).

(a)

ir-reġistrazzjoni tal-perjodu ta' kull użu tas-sistema (id-data u l-ħin tal-bidu u d-data u l-ħin tat-tmiem ta' kull użu);

(a)

recording of the period of each use of the system (start date and time and end date and time of each use);

(b)

il-bażi ta' data ta' referenza li magħha tiġi vverifikata d-data tal-input mis-sistema;

(b)

the reference database against which input data has been checked by the system;

(c)

id-data tal-input li magħha t-tfittxija wasslet għal konkordanza;

(c)

the input data for which the search has led to a match;

(d)

l-identifikazzjoni tal-persuni fiżiċi involuti fil-verifika tar-riżultati, kif imsemmija fl-Artikolu 14(5).

(d)

the identification of the natural persons involved in the verification of the results, as referred to in Article 14(5).

(a)

l-identità u d-dettalji ta' kuntatt tal-fornitur u, meta applikabbli, tar-rappreżentant awtorizzat tiegħu;

(a)

the identity and the contact details of the provider and, where applicable, of its authorised representative;

(b)

il-karatteristiċi, il-kapaċitajiet u l-limitazzjonijiet tal-prestazzjoni tas-sistema tal-IA b'riskju għoli, inkluż:

(b)

the characteristics, capabilities and limitations of performance of the high-risk AI system, including:

(i)

l-għan maħsub tagħha;

(i)

its intended purpose;

(ii)

il-livell ta' akkuratezza, inkluż il-metrika, ir-robustezza u ċ-ċibersigurtà tagħha msemmija fl-Artikolu 15 li abbażi tiegħu tkun ġiet ittestjata u vvalidata s-sistema tal-IA b'riskju għoli u li jista' jkun mistenni, u kull ċirkostanza magħrufa u prevedibbli li tista' tħalli impatt fuq dak il-livell mistenni ta' akkuratezza, robustezza u ċibersigurtà;

(ii)

the level of accuracy, including its metrics, robustness and cybersecurity referred to in Article 15 against which the high-risk AI system has been tested and validated and which can be expected, and any known and foreseeable circumstances that may have an impact on that expected level of accuracy, robustness and cybersecurity;

(iii)

kwalunkwe ċirkostanza magħrufa jew prevedibbli, relatata mal-użu tas-sistema tal-IA b'riskju għoli f'konformità mal-għan maħsub tagħha jew f'kundizzjonijiet ta' użu ħażin raġonevolment prevedibbli, li tista' twassal għal riskji għas-saħħa u s-sikurezza jew għad-drittijiet fundamentali msemmija fl-Artikolu 9(2);

(iii)

any known or foreseeable circumstance, related to the use of the high-risk AI system in accordance with its intended purpose or under conditions of reasonably foreseeable misuse, which may lead to risks to the health and safety or fundamental rights referred to in Article 9(2);

(iv)

meta applikabbli, il-kapaċitajiet u l-karatteristiċi tekniċi tas-sistema tal-IA b'riskju għoli biex tkun provduta informazzjoni li tkun rilevanti biex tispjega l-output tagħha;

(iv)

where applicable, the technical capabilities and characteristics of the high-risk AI system to provide information that is relevant to explain its output;

(v)

fejn xieraq, il-prestazzjoni tagħha fir-rigward ta' persuni speċifiċi jew gruppi ta' persuni speċifiċi li s-sistema hi maħsuba li tintuża fuqhom;

(v)

when appropriate, its performance regarding specific persons or groups of persons on which the system is intended to be used;

(vi)

meta xieraq, l-ispeċifikazzjonijiet għad-data tal-input, jew kull informazzjoni rilevanti oħra f'termini tas-settijiet tad-data għal taħriġ, validazzjoni u ttestjar użati, filwaqt li jitqies l-għan maħsub tas-sistema tal-IA b'riskju għoli;

(vi)

when appropriate, specifications for the input data, or any other relevant information in terms of the training, validation and testing data sets used, taking into account the intended purpose of the high-risk AI system;

(vii)

fejn applikabbli, informazzjoni li tippermetti lill-implimentaturi jinterpretaw l-output tas-sistema tal-IA b'riskju għoli u jużawh b'mod xieraq;

(vii)

where applicable, information to enable deployers to interpret the output of the high-risk AI system and use it appropriately;

(c)

il-bidliet fis-sistema tal-IA b'riskju għoli u fil-prestazzjoni tagħha li jkunu ġew determinati minn qabel mill-fornitur fil-mument tal-valutazzjoni tal-konformità inizjali, jekk ikun hemm;

(c)

the changes to the high-risk AI system and its performance which have been pre-determined by the provider at the moment of the initial conformity assessment, if any;

(d)

il-miżuri ta' sorveljanza mill-bniedem msemmija fl-Artikolu 14, inkluż il-miżuri tekniċi stabbiliti biex jiffaċilitaw l-interpretazzjoni tal-outputs ta' sistemi tal-IA b'riskju għoli mill-implimentaturi;

(d)

the human oversight measures referred to in Article 14, including the technical measures put in place to facilitate the interpretation of the outputs of the high-risk AI systems by the deployers;

(e)

ir-riżorsi komputazzjonali u ta' hardware meħtieġa, il-ħajja mistennija tas-sistema tal-IA b'riskju għoli u kwalunkwe miżura ta' manutenzjoni u kura meħtieġa, inkluż il-frekwenza tagħhom, biex ikun żgurat il-funzjonament tajjeb ta' dik is-sistema tal-IA, inkluż fir-rigward tal-aġġornamenti tas-software;

(e)

the computational and hardware resources needed, the expected lifetime of the high-risk AI system and any necessary maintenance and care measures, including their frequency, to ensure the proper functioning of that AI system, including as regards software updates;

(f)

fejn ikun rilevanti, deskrizzjoni tal-mekkaniżmi inklużi fis-sistema tal-IA b'riskju għoli li tippermetti lill-implimentaturi jiġbru, jaħżnu u jinterpretaw tajjeb ir-reġistri f'konformità mal-Artikolu 12.

(f)

where relevant, a description of the mechanisms included within the high-risk AI system that allows deployers to properly collect, store and interpret the logs in accordance with Article 12.

(a)

miżuri identifikati u mibnija, meta teknikament fattibbli, fis-sistema tal-IA b'riskju għoli mill-fornitur qabel ma tiġi introdotta fis-suq jew titqiegħed fis-servizz;

(a)

measures identified and built, when technically feasible, into the high-risk AI system by the provider before it is placed on the market or put into service;

(b)

miżuri identifikati mill-fornitur qabel l-introduzzjoni tas-sistema tal-IA b'riskju għoli fis-suq jew titqiegħed fis-servizz u li huma xierqa biex jiġu implimentati mill-implimentatur.

(b)

measures identified by the provider before placing the high-risk AI system on the market or putting it into service and that are appropriate to be implemented by the deployer.

(a)

jifhmu sew il-kapaċitajiet u l-limitazzjonijiet rilevanti tas-sistema tal-IA b'riskju għoli u jkunu jistgħu jimmonitorjaw kif dovut l-operat tagħha, inkluż bil-ħsieb li jikxfu u jindirizzaw anomaliji, disfunzjonijiet u prestazzjoni mhux mistennija;

(a)

to properly understand the relevant capacities and limitations of the high-risk AI system and be able to duly monitor its operation, including in view of detecting and addressing anomalies, dysfunctions and unexpected performance;

(b)

jibqgħu konxji tat-tendenza possibbli li wieħed iserraħ awtomatikament jew li jserraħ wisq fuq l-output prodott minn sistema tal-IA b'riskju għoli (preġudizzju tal-awtomatizzazzjoni), b'mod partikolari għal sistemi tal-IA b'riskju għoli użati biex jipprovdu informazzjoni jew rakkomandazzjonijiet għal deċiżjonijiet li jridu jittieħdu minn persuni fiżiċi;

(b)

to remain aware of the possible tendency of automatically relying or over-relying on the output produced by a high-risk AI system (automation bias), in particular for high-risk AI systems used to provide information or recommendations for decisions to be taken by natural persons;

(c)

jinterpretaw b'mod korrett l-output tas-sistema IA b'riskju għoli, filwaqt li jqisu, pereżempju, l-għodod u l-metodi ta' interpretazzjoni disponibbli;

(c)

to correctly interpret the high-risk AI system’s output, taking into account, for example, the interpretation tools and methods available;

(d)

jiddeċiedu, fi kwalunkwe sitwazzjoni partikolari, li ma jużawx is-sistema tal-IA b'riskju għoli jew li jinjoraw, iwarrbu jew ireġġgħu lura l-output tas-sistema tal-IA b'riskju għoli;

(d)

to decide, in any particular situation, not to use the high-risk AI system or to otherwise disregard, override or reverse the output of the high-risk AI system;

(e)

jintervjenu fit-tħaddim tas-sistema tal-IA b'riskju għoli jew jinterrompuha permezz ta' buttuna “stop” jew proċedura simili li permezz tagħha s-sistema tkun tista' tieqaf mingħajr periklu.

(e)

to intervene in the operation of the high-risk AI system or interrupt the system through a ‘stop’ button or a similar procedure that allows the system to come to a halt in a safe state.

(a)

jiżguraw li s-sistemi tal-IA b'riskju għoli tagħhom ikunu konformi mar-rekwiżiti stipulati fit-Taqsima 2;

(a)

ensure that their high-risk AI systems are compliant with the requirements set out in Section 2;

(b)

jindikaw fuq is-sistema tal-IA b'riskju għoli jew, meta dan ma jkunx possibbli, fuq l-imballaġġ tagħha jew id-dokumentazzjoni ta' akkumpanjament tagħha, kif applikabbli, isimhom, l-isem kummerċjali rreġistrat jew it-trademark irreġistrata tagħhom, l-indirizz fejn jistgħu jiġu kkuntattjati;

(b)

indicate on the high-risk AI system or, where that is not possible, on its packaging or its accompanying documentation, as applicable, their name, registered trade name or registered trade mark, the address at which they can be contacted;

(c)

ikollhom fis-seħħ sistema ta' ġestjoni tal-kwalità li tikkonforma mal-Artikolu 17;

(c)

have a quality management system in place which complies with Article 17;

(d)

iżommu d-dokumentazzjoni teknika msemmija fl-Artikolu 18;

(d)

keep the documentation referred to in Article 18;

(e)

meta jkunu fil-kontroll tagħhom, iżommu r-reġistri ġġenerati awtomatikament mis-sistemi tal-IA b'riskju għoli tagħhom kif imsemmi fl-Artikolu 19;

(e)

when under their control, keep the logs automatically generated by their high-risk AI systems as referred to in Article 19;

(f)

jiżguraw li s-sistema tal-IA b'riskju għoli tgħaddi mill-proċedura rilevanti ta' valutazzjoni tal-konformità kif imsemmi fl-Artikolu 43, qabel ma tiġi introdotta fis-suq jew imqiegħda fis-servizz;

(f)

ensure that the high-risk AI system undergoes the relevant conformity assessment procedure as referred to in Article 43, prior to its being placed on the market or put into service;

(g)

ifasslu dikjarazzjoni tal-konformità tal-UE f'konformità mal-Artikolu 47;

(g)

draw up an EU declaration of conformity in accordance with Article 47;

(h)

iwaħħlu l-markatura CE mas-sistema tal-IA b'riskju għoli jew, meta dan ma jkunx possibbli, fuq l-imballaġġ tagħha jew id-dokumentazzjoni li takkumpanjaha, biex tindika l-konformità ma' dan ir-Regolament, f'konformità mal-Artikolu 48;

(h)

affix the CE marking to the high-risk AI system or, where that is not possible, on its packaging or its accompanying documentation, to indicate conformity with this Regulation, in accordance with Article 48;

(i)

jikkonformaw mal-obbligi tar-reġistrazzjoni msemmija fl-Artikolu 49(1);

(i)

comply with the registration obligations referred to in Article 49(1);

(j)

jieħdu l-azzjonijiet korrettivi meħtieġa u jipprovdu informazzjoni kif meħtieġ fl-Artikolu 20;

(j)

take the necessary corrective actions and provide information as required in Article 20;

(k)

fuq talba motivata ta' awtorità nazzjonali kompetenti, juru l-konformità tas-sistema tal-IA b'riskju għoli mar-rekwiżiti stipulati fit-Taqsima 2;

(k)

upon a reasoned request of a national competent authority, demonstrate the conformity of the high-risk AI system with the requirements set out in Section 2;

(l)

jiżguraw li s-sistema tal-IA b'riskju għoli tikkonforma mar-rekwiżiti ta' aċċessibbiltà f'konformità mad-Direttivi (UE) 2016/2102 u (UE) 2019/882.

(l)

ensure that the high-risk AI system complies with accessibility requirements in accordance with Directives (EU) 2016/2102 and (EU) 2019/882.

(a)

strateġija għall-konformità regolatorja, inkluż il-konformità mal-proċeduri ta' valutazzjoni tal-konformità u mal-proċeduri għall-ġestjoni tal-modifiki fis-sistema tal-IA b'riskju għoli;

(a)

a strategy for regulatory compliance, including compliance with conformity assessment procedures and procedures for the management of modifications to the high-risk AI system;

(b)

it-tekniki, il-proċeduri u l-azzjonijiet sistematiċi li għandhom jintużaw għad-disinn, il-kontroll tad-disinn u l-verifika tad-disinn tas-sistema tal-IA b'riskju għoli;

(b)

techniques, procedures and systematic actions to be used for the design, design control and design verification of the high-risk AI system;

(c)

it-tekniki, il-proċeduri u l-azzjonijiet sistematiċi li jridu jintużaw għall-iżvilupp, il-kontroll tal-kwalità u l-garanzija tal-kwalità tas-sistema tal-IA b'riskju għoli;

(c)

techniques, procedures and systematic actions to be used for the development, quality control and quality assurance of the high-risk AI system;

(d)

il-proċeduri ta' eżaminazzjoni, ittestjar u validazzjoni li għandhom jitwettqu qabel, waqt u wara l-iżvilupp tas-sistema tal-IA b'riskju għoli, u l-frekwenza li biha jridu jsiru;

(d)

examination, test and validation procedures to be carried out before, during and after the development of the high-risk AI system, and the frequency with which they have to be carried out;

(e)

l-ispeċifikazzjonijiet tekniċi, inkluż l-istandards, li għandhom jiġu applikati u, meta l-istandards armonizzati rilevanti ma jiġux applikati b'mod sħiħ, jew ma jkoprux ir-rekwiżiti rilevanti kollha stipulati fit-Taqsima 2, il-mezzi li għandhom jintużaw biex jiġi żgurat li s-sistema tal-IA b'riskju għoli tikkonforma ma' dawk ir-rekwiżiti;

(e)

technical specifications, including standards, to be applied and, where the relevant harmonised standards are not applied in full or do not cover all of the relevant requirements set out in Section 2, the means to be used to ensure that the high-risk AI system complies with those requirements;

(f)

is-sistemi u l-proċeduri għall-ġestjoni tad-data, inkluż l-akwiżizzjoni tad-data, il-ġbir tad-data, l-analiżi tad-data, it-tikkettar tad-data, il-ħżin tad-data, il-filtrazzjoni tad-data, l-estrazzjoni tad-data, l-aggregazzjoni tad-data, iż-żamma tad-data u kwalunkwe operazzjoni oħra rigward id-data li titwettaq qabel u għall-fini tal-introduzzjoni fis-suq jew it-tqegħid fis-servizz ta' sistemi tal-IA b'riskju għoli;

(f)

systems and procedures for data management, including data acquisition, data collection, data analysis, data labelling, data storage, data filtration, data mining, data aggregation, data retention and any other operation regarding the data that is performed before and for the purpose of the placing on the market or the putting into service of high-risk AI systems;

(g)

is-sistema ta' ġestjoni tar-riskju msemmija fl-Artikolu 9;

(g)

the risk management system referred to in Article 9;

(h)

l-istabbiliment, l-implimentazzjoni u l-manutenzjoni ta' sorveljanza ta' wara t-tqegħid fis-suq, f'konformità mal-Artikolu 72;

(h)

the setting-up, implementation and maintenance of a post-market monitoring system, in accordance with Article 72;

(i)

il-proċeduri relatati mar-rappurtar ta' inċident serju f'konformità mal-Artikolu 73;

(i)

procedures related to the reporting of a serious incident in accordance with Article 73;

(j)

it-trattament tal-komunikazzjoni mal-awtoritajiet nazzjonali kompetenti, ma' awtoritajiet rilevanti oħra, inkluż dawk li jipprovdu jew jappoġġaw l-aċċess għad-data, mal-korpi notifikati, ma' operaturi oħra, mal-klijenti jew ma' partijiet interessati oħra;

(j)

the handling of communication with national competent authorities, other relevant authorities, including those providing or supporting the access to data, notified bodies, other operators, customers or other interested parties;

(k)

is-sistemi u l-proċeduri għaż-żamma tar-rekords tad-dokumentazzjoni u l-informazzjoni rilevanti kollha;

(k)

systems and procedures for record-keeping of all relevant documentation and information;

(l)

il-ġestjoni tar-riżorsi, li tinkludi miżuri relatati mas-sigurtà tal-provvista;

(l)

resource management, including security-of-supply related measures;

(m)

qafas ta' responsabbiltà li jistabbilixxi r-responsabbiltajiet tal-maniġment u ta' persunal ieħor fir-rigward tal-aspetti kollha elenkati f'dan il-paragrafu.

(m)

an accountability framework setting out the responsibilities of the management and other staff with regard to all the aspects listed in this paragraph.

(a)

id-dokumentazzjoni teknika msemmija fl-Artikolu 11;

(a)

the technical documentation referred to in Article 11;

(b)

id-dokumentazzjoni dwar is-sistema ta' ġestjoni tal-kwalità msemmija fl-Artikolu 17;

(b)

the documentation concerning the quality management system referred to in Article 17;

(c)

id-dokumentazzjoni dwar il-bidliet approvati mill-korpi notifikati meta applikabbli;

(c)

the documentation concerning the changes approved by notified bodies, where applicable;

(d)

id-deċiżjonijiet u dokumenti oħrajn maħruġa mill-korpi notifikati meta applikabbli;

(d)

the decisions and other documents issued by the notified bodies, where applicable;

(e)

id-dikjarazzjoni ta' konformità tal-UE msemmija fl-Artikolu 47.

(e)

the EU declaration of conformity referred to in Article 47.

(a)

jivverifika li d-dikjarazzjoni ta' konformità tal-UE msemmija fl-Artikolu 47 u d-dokumentazzjoni teknika msemmija fl-Artikolu 11 ikunu tfasslu u li l-fornitur ikun wettaq proċedura ta' valutazzjoni tal-konformità xierqa;

(a)

verify that the EU declaration of conformity referred to in Article 47 and the technical documentation referred to in Article 11 have been drawn up and that an appropriate conformity assessment procedure has been carried out by the provider;

(b)

iżomm għad-dispożizzjoni tal-awtoritajiet kompetenti u l-awtoritajiet jew il-korpi nazzjonali msemmija fl-Artikolu 74(10), għal perjodu ta' 10 snin wara li s-sistema tal-IA b'riskju għoli tkun ġiet introdotta fis-suq jew tqiegħdet fis-servizz, id-dettalji ta' kuntatt tal-fornitur li jkun ħatar ir-rappreżentant awtorizzat, kopja tad-dikjarazzjoni ta' konformità tal-UE msemmija fl-Artikolu 47, id-dokumentazzjoni teknika u, jekk applikabbli, iċ-ċertifikat maħruġ mill-korp notifikat;

(b)

keep at the disposal of the competent authorities and national authorities or bodies referred to in Article 74(10), for a period of 10 years after the high-risk AI system has been placed on the market or put into service, the contact details of the provider that appointed the authorised representative, a copy of the EU declaration of conformity referred to in Article 47, the technical documentation and, if applicable, the certificate issued by the notified body;

(c)

jipprovdi lil awtorità kompetenti, fuq talba motivata, bl-informazzjoni u bid-dokumentazzjoni kollha, inkluż dak imsemmi fil-punt (b) ta' dan is-subparagrafu, meħtieġa biex turi l-konformità ta' sistema tal-IA b'riskju għoli mar-rekwiżiti stipulati fit-Taqsima 2, inkluż l-aċċess għar-reġistri, kif imsemmija fl-Artikolu 12(1), iġġenerati awtomatikament mis-sistema tal-IA b'riskju għoli sal-punt li tali reġistri jkunu fil-kontroll tal-fornitur;

(c)

provide a competent authority, upon a reasoned request, with all the information and documentation, including that referred to in point (b) of this subparagraph, necessary to demonstrate the conformity of a high-risk AI system with the requirements set out in Section 2, including access to the logs, as referred to in Article 12(1), automatically generated by the high-risk AI system, to the extent such logs are under the control of the provider;

(d)

jikkoopera mal-awtoritajiet kompetenti, fuq talba motivata, f'kull azzjoni li dawn tal-aħħar jieħdu fir-rigward tas-sistema tal-IA b'riskju għoli, b'mod partikolari biex inaqqsu u jimmitigaw ir-riskji ppreżentati minn sistema tal-IA b'riskju għoli;

(d)

cooperate with competent authorities, upon a reasoned request, in any action the latter take in relation to the high-risk AI system, in particular to reduce and mitigate the risks posed by the high-risk AI system;

(e)

meta applikabbli, jikkonforma mal-obbligi ta' reġistrazzjoni msemmija fl-Artikolu 49(1), jew, jekk ir-reġistrazzjoni titwettaq mill-fornitur innifsu, jiżgura li l-informazzjoni msemmija fil-punt 3 tat-Taqsima A tal-Anness VIII tkun korretta.

(e)

where applicable, comply with the registration obligations referred to in Article 49(1), or, if the registration is carried out by the provider itself, ensure that the information referred to in point 3 of Section A of Annex VIII is correct.

(a)

il-proċedura rilevanti ta' valutazzjoni tal-konformità msemmija fl-Artikolu 43 twettqet mill-fornitur tas-sistema tal-IA b'riskju għoli;

(a)

the relevant conformity assessment procedure referred to in Article 43 has been carried out by the provider of the high-risk AI system;

(b)

il-fornitur ikun fassal id-dokumentazzjoni teknika f'konformità mal-Artikolu 11 u l-Anness IV;

(b)

the provider has drawn up the technical documentation in accordance with Article 11 and Annex IV;

(c)

is-sistema jkollha l-markatura CE meħtieġa u tkun akkumpanjata mid-dikjarazzjoni tal-konformità tal-UE msemmija fl-Artikolu 47 u l-istruzzjonijiet tal-użu;

(c)

the system bears the required CE marking and is accompanied by the EU declaration of conformity referred to in Article 47 and instructions for use;

(d)

il-fornitur ikun ħatar rappreżentant awtorizzat f'konformità mal-Artikolu 22(1).

(d)

the provider has appointed an authorised representative in accordance with Article 22(1).

(a)

ipoġġu isimhom jew it-trademark tagħhom fuq sistema tal-IA b'riskju għoli diġà introdotta fis-suq jew imqiegħda fis-servizz, mingħajr preġudizzju għal ftehimiet kuntrattwali li jistipulaw li l-obbligi jiġu allokati b'mod ieħor;

(a)

they put their name or trademark on a high-risk AI system already placed on the market or put into service, without prejudice to contractual arrangements stipulating that the obligations are otherwise allocated;

(b)

jagħmlu modifika sostanzjali f'sistema tal-IA b'riskju għoli li tkun diġà ġiet introdotta fis-suq jew diġà tqiegħdet fis-servizz b'tali mod li tibqa' sistema tal-IA b'riskju għoli skont l-Artikolu 6;

(b)

they make a substantial modification to a high-risk AI system that has already been placed on the market or has already been put into service in such a way that it remains a high-risk AI system pursuant to Article 6;

(c)

jimmodifikaw l-għan maħsub ta' sistema tal-IA, inkluż sistema tal-IA bi skop ġenerali, li ma tkunx ġiet ikklassifikata bħala ta' riskju għoli u li tkun diġà ġiet introdotta fis-suq jew imqiegħda fis-servizz b'tali mod li s-sistema tal-IA kkonċernata ssir sistema tal-IA b'riskju għoli skont l-Artikolu 6.

(c)

they modify the intended purpose of an AI system, including a general-purpose AI system, which has not been classified as high-risk and has already been placed on the market or put into service in such a way that the AI system concerned becomes a high-risk AI system in accordance with Article 6.

(a)

is-sistema tal-IA b'riskju għoli tiġi introdotta fis-suq flimkien mal-prodott taħt l-isem jew it-trademark tal-manifattur tal-prodott;

(a)

the high-risk AI system is placed on the market together with the product under the name or trademark of the product manufacturer;

(b)

is-sistema tal-IA b'riskju għoli titqiegħed fis-servizz taħt l-isem jew it-trademark tal-manifattur tal-prodott wara li l-prodott ikun ġie introdott fis-suq.

(b)

the high-risk AI system is put into service under the name or trademark of the product manufacturer after the product has been placed on the market.

(a)

deskrizzjoni tal-proċessi tal-implimentatur li fihom ser tintuża s-sistema tal-IA b’riskju għoli skont l-għan maħsub tagħha;

(a)

a description of the deployer’s processes in which the high-risk AI system will be used in line with its intended purpose;

(b)

deskrizzjoni tal-perjodu ta’ żmien li fih ikun maħsub li kull sistema tal-IA b’riskju għoli ser tintuża, u l-frekwenza ta’ dan l-użu;

(b)

a description of the period of time within which, and the frequency with which, each high-risk AI system is intended to be used;

(c)

il-kategoriji ta’ persuni u gruppi fiżiċi li aktarx jiġu affettwati mill-użu tagħha fil-kuntest speċifiku;

(c)

the categories of natural persons and groups likely to be affected by its use in the specific context;

(d)

ir-riskji speċifiċi ta’ ħsara li x’aktarx ikollhom impatt fuq il-kategoriji ta’ persuni fiżiċi jew gruppi ta’ persuni identifikati skont il-punt (c) ta’ dan il-paragrafu, b’kont meħud tal-informazzjoni mogħtija mill-fornitur skont l-Artikolu 13;

(d)

the specific risks of harm likely to have an impact on the categories of natural persons or groups of persons identified pursuant to point (c) of this paragraph, taking into account the information given by the provider pursuant to Article 13;

(e)

deskrizzjoni tal-implimentazzjoni tal-miżuri ta’ sorveljanza mill-bniedem, skont l-istruzzjonijiet għall-użu;

(e)

a description of the implementation of human oversight measures, according to the instructions for use;

(f)

il-miżuri li għandhom jittieħdu fil-każ tal-materjalizzazzjoni ta’ dawk ir-riskji, inkluż l-arranġamenti għall-governanza interna u l-mekkaniżmi tal-ilmenti.

(f)

the measures to be taken in the case of the materialisation of those risks, including the arrangements for internal governance and complaint mechanisms.

(a)

tivvaluta l-impatt fuq iċ-ċertifikati maħruġa mill-korp notifikat;

(a)

assess the impact on the certificates issued by the notified body;

(b)

tippreżenta rapport dwar is-sejbiet tagħha lill-Kummissjoni u lill-Istati Membri l-oħra fi żmien tliet xhur minn meta tkun innotifikat dwar il-bidliet fid-deżinjazzjoni;

(b)

submit a report on its findings to the Commission and the other Member States within three months of having notified the changes to the designation;

(c)

titlob lill-korp notifikat jissospendi jew jirtira, f’perjodu ta’ żmien raġonevoli determinat mill-awtorità, kwalunkwe ċertifikat maħruġ bi żball sabiex tkun żgurata l-konformità kontinwa tas-sistemi tal-IA b’riskju għoli fis-suq;

(c)

require the notified body to suspend or withdraw, within a reasonable period of time determined by the authority, any certificates which were unduly issued, in order to ensure the continuing conformity of high-risk AI systems on the market;

(d)

tinforma lill-Kummissjoni u lill-Istati Membri dwar ċertifikati li tkun talbet is-sospensjoni jew l-irtirar tagħhom;

(d)

inform the Commission and the Member States about certificates the suspension or withdrawal of which it has required;

(e)

tipprovdi lill-awtoritajiet nazzjonali kompetenti tal-Istat Membru li fih il-fornitur ikollu l-post tan-negozju rreġistrat tiegħu bl-informazzjoni rilevanti kollha dwar iċ-ċertifikati li għalihom tkun talbet is-sospensjoni jew l-irtirar; dik l-awtorità għandha tieħu l-miżuri xierqa, fejn meħtieġ, biex jiġi evitat riskju potenzjali għas-saħħa, is-sikurezza jew id-drittijiet fundamentali.

(e)

provide the national competent authorities of the Member State in which the provider has its registered place of business with all relevant information about the certificates of which it has required the suspension or withdrawal; that authority shall take the appropriate measures, where necessary, to avoid a potential risk to health, safety or fundamental rights.

(a)

l-awtorità tan-notifika tkun ikkonfermat, fi żmien xahar mis-sospensjoni jew ir-restrizzjoni, li ma hemm l-ebda riskju għas-saħħa, is-sikurezza jew id-drittijiet fundamentali b’rabta ma’ ċertifikati milquta mis-sospensjoni jew ir-restrizzjoni, u l-awtorità tan-notifika tkun fasslet skeda ta’ żmien għal azzjonijiet biex tiġi rimedjata s-sospensjoni jew ir-restrizzjoni; jew

(a)

the notifying authority has confirmed, within one month of the suspension or restriction, that there is no risk to health, safety or fundamental rights in relation to certificates affected by the suspension or restriction, and the notifying authority has outlined a timeline for actions to remedy the suspension or restriction; or

(b)

l-awtorità tan-notifika tkun ikkonfermat li mhu ser jinħareġ, jiġi emendat jew jinħareġ mill-ġdid l-ebda ċertifikat rilevanti għas-sospensjoni matul is-sospensjoni jew ir-restrizzjoni, u tgħid jekk il-korp notifikat għandux il-kapaċità li jkompli jimmonitorja u jibqa’ responsabbli miċ-ċertifikati eżistenti maħruġa għall-perjodu tas-sospensjoni jew ir-restrizzjoni; fil-każ li l-awtorità tan-notifika tiddetermina li l-korp notifikat ma għandux il-kapaċità li jappoġġa ċ-ċertifikati eżistenti maħruġa, il-fornitur tas-sistema koperta miċ-ċertifikat għandu jikkonferma bil-miktub lill-awtoritajiet nazzjonali kompetenti tal-Istat Membru li fih ikollu l-post tan-negozju rreġistrat tiegħu, fi żmien tliet xhur mis-sospensjoni jew mir-restrizzjoni, li korp notifikat kwalifikat ieħor qed jassumi temporanjament il-funzjonijiet tal-korp notifikat biex jimmonitorja u jibqa’ responsabbli għaċ-ċertifikati matul il-perjodu ta’ sospensjoni jew restrizzjoni.

(b)

the notifying authority has confirmed that no certificates relevant to the suspension will be issued, amended or re-issued during the course of the suspension or restriction, and states whether the notified body has the capability of continuing to monitor and remain responsible for existing certificates issued for the period of the suspension or restriction; in the event that the notifying authority determines that the notified body does not have the capability to support existing certificates issued, the provider of the system covered by the certificate shall confirm in writing to the national competent authorities of the Member State in which it has its registered place of business, within three months of the suspension or restriction, that another qualified notified body is temporarily assuming the functions of the notified body to monitor and remain responsible for the certificates during the period of suspension or restriction.

(a)

l-awtorità kompetenti nazzjonali tal-Istat Membru li fih il-fornitur tas-sistema tal-IA b’riskju għoli kopert miċ-ċertifikat ikollu l-post tan-negozju rreġistrat tiegħu tkun ikkonfermat li ma hemm l-ebda riskju għas-saħħa, is-sikurezza jew d-drittijiet fundamentali assoċjati mas-sistemi tal-IA b’riskju għoli kkonċernati; u

(a)

the national competent authority of the Member State in which the provider of the high-risk AI system covered by the certificate has its registered place of business has confirmed that there is no risk to health, safety or fundamental rights associated with the high-risk AI systems concerned; and

(b)

korp notifikat ieħor ikun ikkonferma bil-miktub li ser jassumi minnufih ir-’responsabbiltà għal dawk is-sistemi tal-IA u jlesti l-valutazzjoni tiegħu fi żmien 12-il xahar mill-irtirar tad-deżinjazzjoni.

(b)

another notified body has confirmed in writing that it will assume immediate responsibility for those AI systems and completes its assessment within 12 months of the withdrawal of the designation.

(a)

il-Kummissjoni tkun talbet, skont l-Artikolu 10(1) tar-Regolament (UE) Nru 1025/2012, organizzazzjoni Ewropea tal-istandardizzazzjoni waħda jew aktar biex tabbozza standard armonizzat għar-rekwiżiti stipulati fit-Taqsima 2 ta’ dan il-Kapitolu, jew, kif applikabbli, għall-obbligi stipulati fit-Taqsimiet 2 u 3 tal-Kapitolu V, u:

(a)

the Commission has requested, pursuant to Article 10(1) of Regulation (EU) No 1025/2012, one or more European standardisation organisations to draft a harmonised standard for the requirements set out in Section 2 of this Chapter, or, as applicable, for the obligations set out in Sections 2 and 3 of Chapter V, and:

(i)

it-talba ma tkunx ġiet aċċettata minn ebda waħda mill-organizzazzjonijiet Ewropej tal-istandardizzazzjoni; jew

(i)

the request has not been accepted by any of the European standardisation organisations; or

(ii)

l-istandards armonizzati li jindirizzaw dik it-talba ma jkunux tfasslu sal-iskadenza stipulata f’konformità mal-Artikolu 10(1) tar-Regolament (UE) 1025/2012; jew

(ii)

the harmonised standards addressing that request are not delivered within the deadline set in accordance with Article 10(1) of Regulation (EU) No 1025/2012; or

(iii)

l-istandards armonizzati rilevanti ma jindirizzawx biżżejjed it-tħassib dwar id-drittijiet fundamentali; jew

(iii)

the relevant harmonised standards insufficiently address fundamental rights concerns; or

(iv)

l-istandards armonizzati ma jkunux konformi mat-talba; u

(iv)

the harmonised standards do not comply with the request; and

(b)

ma tkun ġiet ippubblikata l-ebda referenza għall-istandards armonizzati li jkopru r-rekwiżiti msemmija fit-Taqsima 2 ta’ dan il-Kapitolu jew, kif applikabbli, l-obbligi msemmija fit-Taqsimiet 2 u 3 tal-Kapitolu V, f’Il-Ġurnal Uffiċjali tal-Unjoni Ewropea f’konformità mar-Regolament (UE) 1025/2012 u l-ebda referenza bħal din ma tkun mistennija li tiġi ppubblikata fi żmien raġonevoli.

(b)

no reference to harmonised standards covering the requirements referred to in Section 2 of this Chapter or, as applicable, the obligations referred to in Sections 2 and 3 of Chapter V has been published in the Official Journal of the European Union in accordance with Regulation (EU) No 1025/2012, and no such reference is expected to be published within a reasonable period.

(a)

il-kontroll intern imsemmi fl-Anness VI; jew

(a)

the internal control referred to in Annex VI; or

(b)

il-valutazzjoni tas-sistema ta’ ġestjoni tal-kwalità u l-valutazzjoni tad-dokumentazzjoni teknika, bl-involviment ta’ korp notifikat, imsemmija fl-Anness VII.

(b)

the assessment of the quality management system and the assessment of the technical documentation, with the involvement of a notified body, referred to in Annex VII.

(a)

ma jeżistux standards armonizzati kif imsemmija fl-Artikolu 40 u l-ispeċifikazzjonijiet komuni msemmija fl-Artikolu 41 ma jkunux disponibbli;

(a)

harmonised standards referred to in Article 40 do not exist, and common specifications referred to in Article 41 are not available;

(b)

il-fornitur ma jkunx applika, jew applika biss parti, mill-istandard armonizzat;

(b)

the provider has not applied, or has applied only part of, the harmonised standard;

(c)

l-ispeċifikazzjonijiet komuni msemmija fil-punt (a) jkunu jeżistu iżda l-fornitur ma jkunx applikahom;

(c)

the common specifications referred to in point (a) exist, but the provider has not applied them;

(d)

wieħed jew aktar mill-istandards armonizzati msemmija fil-punt (a) ikunu ġew ippubblikati b’restrizzjoni u biss fuq il-parti tal-istandard li kienet ġiet ristretta.

(d)

one or more of the harmonised standards referred to in point (a) has been published with a restriction, and only on the part of the standard that was restricted.

(a)

kwalunkwe ċertifikat tal-valutazzjoni tad-dokumentazzjoni teknika tal-Unjoni, kwalunkwe suppliment għal dawk iċ-ċertifikati, u kwalunkwe approvazzjoni tas-sistema ta’ ġestjoni tal-kwalità maħruġa f’konformità mar-rekwiżiti tal-Anness VII;

(a)

any Union technical documentation assessment certificates, any supplements to those certificates, and any quality management system approvals issued in accordance with the requirements of Annex VII;

(b)

kwalunkwe rifjut, restrizzjoni, sospensjoni jew irtirar ta’ ċertifikat tal-valutazzjoni tad-dokumentazzjoni teknika tal-Unjoni jew approvazzjoni tas-sistema ta’ ġestjoni tal-kwalità maħruġa f’konformità mar-rekwiżiti tal-Anness VII;

(b)

any refusal, restriction, suspension or withdrawal of a Union technical documentation assessment certificate or a quality management system approval issued in accordance with the requirements of Annex VII;

(c)

kull ċirkostanza li taffettwa l-kamp ta’ applikazzjoni tan-notifika jew l-kundizzjonijiet tagħha;

(c)

any circumstances affecting the scope of or conditions for notification;

(d)

kwalunkwe talba għal informazzjoni li jkunu rċevew mingħand l-awtoritajiet tas-sorveljanza tas-suq rigward attivitajiet ta’ valutazzjoni tal-konformità;

(d)

any request for information which they have received from market surveillance authorities regarding conformity assessment activities;

(e)

meta mitluba, l-attivitajiet ta’ valutazzjoni tal-konformità mwettqa fil-ambitu tan-notifika tagħhom u kwalunkwe attività oħra mwettqa, inkluż attivitajiet transfruntieri u sottokuntrattar.

(e)

on request, conformity assessment activities performed within the scope of their notification and any other activity performed, including cross-border activities and subcontracting.

(a)

approvazzjonijiet tas-sistema ta’ ġestjoni tal-kwalità li jkun irrifjuta, issospenda jew irtira, u, meta jintalab, dwar l-approvazzjonijiet tas-sistema tal-kwalità li jkun ħareġ;

(a)

quality management system approvals which it has refused, suspended or withdrawn, and, upon request, of quality system approvals which it has issued;

(b)

ċertifikati ta’ valutazzjoni tad-dokumentazzjoni teknika tal-Unjoni jew kwalunkwe suppliment għalihom li jkun irrifjuta, irtira, issospenda jew irrestrinġa b’xi mod ieħor, u, fuq talba, ċertifikati u/jew supplimenti tagħhom li jkun ħareġ.

(b)

Union technical documentation assessment certificates or any supplements thereto which it has refused, withdrawn, suspended or otherwise restricted, and, upon request, of the certificates and/or supplements thereto which it has issued.

(a)

it-taqsima A, il-punti 1 sa 10 tal-Anness VIII,, bl-eċċezzjoni tal-punti 6, 8 u 9;

(a)

Section A, points 1 to 10, of Annex VIII, with the exception of points 6, 8 and 9;

(b)

it-Taqsima C, il-punti 1 sa 5, u l-punti 8 u 9 tal-Anness VIII;

(b)

Section B, points 1 to 5, and points 8 and 9 of Annex VIII;

(c)

it-Taqsima C, il-punti 1 sa 3, tal-Anness VIII;

(c)

Section C, points 1 to 3, of Annex VIII;

(d)

il-punti 1, 2, 3 u 5, tal-Anness IX.

(d)

points 1, 2, 3 and 5, of Annex IX.

(a)

ikollu kapaċitajiet b'impatt kbir evalwati abbażi ta' għodod u metodoloġiji tekniċi xierqa, inkluż indikaturi u parametri referenzjarji;

(a)

it has high impact capabilities evaluated on the basis of appropriate technical tools and methodologies, including indicators and benchmarks;

(b)

abbażi ta' deċiżjoni tal-Kummissjoni, ex officio jew wara allert kwalifikat mill-bord, ikollu kapaċitajiet jew impatt ekwivalenti għal dawk stipulati fil-punt (a) b'kont meħud tal-kriterji stipulati fl-Anness XIII.

(b)

based on a decision of the Commission, ex officio or following a qualified alert from the scientific panel, it has capabilities or an impact equivalent to those set out in point (a) having regard to the criteria set out in Annex XIII.

(a)

ifasslu u jżommu aġġornata d-dokumentazzjoni teknika tal-mudell, inkluż il-proċess ta' taħriġ u ttestjar tiegħu u r-riżultati tal-evalwazzjoni tiegħu, li għandu jkun fiha, bħala minimu, l-informazzjoni stipulati fl-Anness XI għall-fini li tintbagħat, fuq talba, lill-Uffiċċju għall-IA u lill-awtoritajiet nazzjonali kompetenti;

(a)

draw up and keep up-to-date the technical documentation of the model, including its training and testing process and the results of its evaluation, which shall contain, at a minimum, the information set out in Annex XI for the purpose of providing it, upon request, to the AI Office and the national competent authorities;

(b)

ifasslu, iżommu aġġornati u jagħmlu disponibbli informazzjoni u dokumentazzjoni lill-fornituri tas-sistemi tal-IA li beħsiebhom jintegraw il-mudell tal-IA bi skop ġenerali fis-sistemi tal-IA tagħhom. Mingħajr preġudizzju għall-ħtieġa li jiġu osservati u protetti d-drittijiet tal-proprjetà intellettwali u l-informazzjoni kummerċjali kunfidenzjali jew is-sigrieti kummerċjali f'konformità mal-liġi tal-Unjoni u l-liġi nazzjonali, l-informazzjoni u d-dokumentazzjoni:

(b)

draw up, keep up-to-date and make available information and documentation to providers of AI systems who intend to integrate the general-purpose AI model into their AI systems. Without prejudice to the need to observe and protect intellectual property rights and confidential business information or trade secrets in accordance with Union and national law, the information and documentation shall:

(i)

għandhom jippermettu lill-fornituri tas-sistemi tal-IA jkollhom fehim tajjeb tal-kapaċitajiet u l-limitazzjonijiet tal-mudell tal-IA bi skop ġenerali u jikkonformaw mal-obbligi tagħhom skont dan ir-Regolament; u

(i)

enable providers of AI systems to have a good understanding of the capabilities and limitations of the general-purpose AI model and to comply with their obligations pursuant to this Regulation; and

(ii)

għandu jkun fihom, bħala minimu, l-elementi stipulati fl-Anness XII;

(ii)

contain, at a minimum, the elements set out in Annex XII;

(c)

idaħħlu fis-seħħ politika biex jikkonformaw mal-liġi tal-Unjoni dwar id-drittijiet tal-awtur u drittijiet relatati, u b'mod partikolari biex jidentifikaw u jikkonformaw ma', inkluż permezz ta' teknoloġiji tal-ogħla livell ta' żvilupp tekniku, riżerva tad-drittijiet espressa skont l-Artikolu 4(3) tad-Direttiva (UE) 2019/790;

(c)

put in place a policy to comply with Union law on copyright and related rights, and in particular to identify and comply with, including through state-of-the-art technologies, a reservation of rights expressed pursuant to Article 4(3) of Directive (EU) 2019/790;

(d)

ifasslu u jagħmlu disponibbli għall-pubbliku sommarju dettaljat b'mod adegwat dwar il-kontenut użat għat-taħriġ tal-mudell tal-IA bi skop ġenerali, skont mudell ipprovdut mill-Uffiċċju għall-IA.

(d)

draw up and make publicly available a sufficiently detailed summary about the content used for training of the general-purpose AI model, according to a template provided by the AI Office.

(a)

jivverifika li d-dokumentazzjoni teknika speċifikata fl-Anness XI tkun tfasslet u l-obbligi kollha msemmija fl-Artikolu 53 u, fejn applikabbli, l-Artikolu 55, ikunu ġew issodisfati mill-fornitur;

(a)

verify that the technical documentation specified in Annex XI has been drawn up and all obligations referred to in Article 53 and, where applicable, Article 55 have been fulfilled by the provider;

(b)

iżomm kopja tad-dokumentazzjoni teknika speċifikata fl-Anness XI għad-dispożizzjoni tal-Uffiċċju għall-IA u tal-awtoritajiet nazzjonali kompetenti, għal perjodu ta' 10 snin wara li l-mudell tal-IA bi skop ġenerali jkun ġie introdott fis-suq, u d-dettalji ta' kuntatt tal-fornitur li jkun ħatar ir-rappreżentant awtorizzat;

(b)

keep a copy of the technical documentation specified in Annex XI at the disposal of the AI Office and national competent authorities, for a period of 10 years after the general-purpose AI model has been placed on the market, and the contact details of the provider that appointed the authorised representative;

(c)

jipprovdi lill-Uffiċċju għall-IA, fuq talba motivata, bl-informazzjoni u d-dokumentazzjoni kollha, inkluż dik imsemmija fil-punt (b), meħtieġa biex tintwera l-konformità mal-obbligi f'dan il-Kapitolu;

(c)

provide the AI Office, upon a reasoned request, with all the information and documentation, including that referred to in point (b), necessary to demonstrate compliance with the obligations in this Chapter;

(d)

jikkoopera mal-Uffiċċju għall-IA u mal-awtoritajiet kompetenti, fuq talba motivata, fi kwalunkwe azzjoni li huma jieħdu fir-rigward tal-mudell tal-IA bi skop ġenerali, inkluż meta l-mudell jiġi integrat f'sistemi tal-IA introdotti fis-suq jew imqiegħda fis-servizz fl-Unjoni.

(d)

cooperate with the AI Office and competent authorities, upon a reasoned request, in any action they take in relation to the general-purpose AI model, including when the model is integrated into AI systems placed on the market or put into service in the Union.

(a)

iwettqu evalwazzjoni tal-mudell f'konformità ma' protokolli u għodod standardizzati li jirriflettu l-ogħla livell ta' żvilupp tekniku, inkluż it-twettiq u d-dokumentazzjoni tal-ittestjar kontradittorju tal-mudell bil-ħsieb li jiġu identifikati u mmitigati r-riskji sistemiċi;

(a)

perform model evaluation in accordance with standardised protocols and tools reflecting the state of the art, including conducting and documenting adversarial testing of the model with a view to identifying and mitigating systemic risks;

(b)

jivvalutaw u jimmitigaw ir-riskji sistemiċi possibbli fil-livell tal-Unjoni, inkluż is-sorsi tagħhom, li jistgħu jirriżultaw mill-iżvilupp, l-introduzzjoni fis-suq, jew l-użu ta’ mudelli tal-IA bi skop ġenerali b’riskju sistemiku;

(b)

assess and mitigate possible systemic risks at Union level, including their sources, that may stem from the development, the placing on the market, or the use of general-purpose AI models with systemic risk;

(c)

iżommu rekord ta’, jiddokumentaw u jirrapportaw, mingħajr dewmien żejjed, lill-Uffiċċju għall-IA u, kif xieraq, lill-awtoritajiet nazzjonali kompetenti, informazzjoni rilevanti dwar inċidenti serji u miżuri korrettivi possibbli biex dawn jiġu indirizzati;

(c)

keep track of, document, and report, without undue delay, to the AI Office and, as appropriate, to national competent authorities, relevant information about serious incidents and possible corrective measures to address them;

(d)

jiżguraw livell adegwat ta' protezzjoni taċ-ċibersigurtà għall-mudell tal-IA bi skop ġenerali b'riskju sistemiku u l-infrastruttura fiżika tal-mudell.

(d)

ensure an adequate level of cybersecurity protection for the general-purpose AI model with systemic risk and the physical infrastructure of the model.

(a)

il-mezzi biex jiġi żgurat li l-informazzjoni msemmija fl-Artikolu 53(1), il-punti (a) u (b), tinżamm aġġornata fid-dawl ta' żviluppi teknoloġiċi u tas-suq;

(a)

the means to ensure that the information referred to in Article 53(1), points (a) and (b), is kept up to date in light of market and technological developments;

(b)

il-livell adegwat ta' dettall għas-sommarju dwar il-kontenut użat għat-taħriġ;

(b)

the adequate level of detail for the summary about the content used for training;

(c)

l-identifikazzjoni tat-tip u n-natura tar-riskji sistemiċi fil-livell tal-Unjoni, inkluż is-sorsi tagħhom, fejn xieraq;

(c)

the identification of the type and nature of the systemic risks at Union level, including their sources, where appropriate;

(d)

il-miżuri, il-proċeduri u l-modalitajiet għall-valutazzjoni u l-ġestjoni tar-riskji sistemiċi fil-livell tal-Unjoni, inkluż id-dokumentazzjoni tagħhom, li għandhom ikunu proporzjonati għar-riskji, iqisu s-severità u l-probabbiltà tagħhom kif ukoll l-isfidi speċifiċi tal-indirizzar ta' dawk ir-riskji fid-dawl tal-modi possibbli li bihom dawn ir-riskji jistgħu jitfaċċaw u jimmaterjalizzaw tul il-katina tal-valur tal-IA.

(d)

the measures, procedures and modalities for the assessment and management of the systemic risks at Union level, including the documentation thereof, which shall be proportionate to the risks, take into consideration their severity and probability and take into account the specific challenges of tackling those risks in light of the possible ways in which such risks may emerge and materialise along the AI value chain.

(a)

it-titjib taċ-ċertezza legali biex tinkiseb konformità regolatorja ma' dan ir-Regolament jew, fejn rilevanti, ma' liġijiet applikabbli oħra tal-Unjoni u nazzjonali;

(a)

improving legal certainty to achieve regulatory compliance with this Regulation or, where relevant, other applicable Union and national law;

(b)

l-appoġġ għall-kondiviżjoni tal-aħjar prattiki permezz ta' kooperazzjoni mal-awtoritajiet involuti fl-ambjenti ta' esperimentazzjoni regolatorja għall-IA;

(b)

supporting the sharing of best practices through cooperation with the authorities involved in the AI regulatory sandbox;

(c)

it-trawwim tal-innovazzjoni u l-kompetittività u jiffaċilita l-iżvilupp ta' ekosistema tal-IA;

(c)

fostering innovation and competitiveness and facilitating the development of an AI ecosystem;

(d)

il-kontribut għal tagħlim regolatorju bbażat fuq l-evidenza;

(d)

contributing to evidence-based regulatory learning;

(e)

l-iffaċilitar u l-aċċellerazzjoni tal-aċċess tas-suq tal-Unjoni għas-sistemi tal-IA, b'mod partikolari meta jkunu pprovduti minn SMEs, inkluż negozji ġodda.

(e)

facilitating and accelerating access to the Union market for AI systems, in particular when provided by SMEs, including start-ups.

(a)

l-eliġibbiltà u l-kriterji tal-għażla għall-parteċipazzjoni fl-ambjent ta' esperimentazzjoni regolatorja għall-IA;

(a)

eligibility and selection criteria for participation in the AI regulatory sandbox;

(b)

il-proċeduri għall-applikazzjoni, il-parteċipazzjoni, il-monitoraġġ, il-ħruġ mill-ambjent ta' esperimentazzjoni regolatorja għall-IA u t-terminazzjoni tiegħu, inkluż il-pjan tal-ambjent ta' esperimentazzjoni u r-rapport tal-ħruġ;

(b)

procedures for the application, participation, monitoring, exiting from and termination of the AI regulatory sandbox, including the sandbox plan and the exit report;

(c)

it-termini u l-kundizzjonijiet applikabbli għall-parteċipanti.

(c)

the terms and conditions applicable to the participants.

(a)

li l-ambjenti ta' esperimentazzjoni regolatorja għall-IA jkunu miftuħa għal kwalunkwe fornitur jew fornitur prospettiv ta' sistema tal-IA li japplika u li jissodisfa l-kriterji tal-eliġibbiltà u tal-għażla, li għandhom ikun trasparenti u ġusti, u li l-awtoritajiet nazzjonali kompetenti jinfurmaw lill-applikanti bid-deċiżjoni tagħhom fi żmien tliet xhur mill-applikazzjoni;

(a)

that AI regulatory sandboxes are open to any applying provider or prospective provider of an AI system who fulfils eligibility and selection criteria, which shall be transparent and fair, and that national competent authorities inform applicants of their decision within three months of the application;

(b)

li l-ambjenti ta' esperimentazzjoni regolatorja għall-IA jippermettu aċċess wiesa' u ugwali u jlaħħqu mad-domanda għall-parteċipazzjoni; il-formituri u l-fornituri prospettivi jistgħu wkoll jippreżentaw applikazzjonijiet fi sħubijiet ma' implimentaturi u ma’ kwalunkwe parti terza rilevanti oħra;

(b)

that AI regulatory sandboxes allow broad and equal access and keep up with demand for participation; providers and prospective providers may also submit applications in partnerships with deployers and other relevant third parties;

(c)

li l-arranġamenti ddettaljati għall-ambjenti ta’ esperimentazzjoni regolatorja għall-IA u l-kundizzjonijiet li jikkonċernawhom għandhom kemm jista’ jkun possibbli jappoġġaw il-flessibbiltà għall-awtoritajiet nazzjonali kompetenti biex jistabbilixxu u jħaddmu l-ambjenti ta’ esperimentazzjoni regolatorja għall-IA tagħhom;

(c)

that the detailed arrangements for, and conditions concerning AI regulatory sandboxes support, to the best extent possible, flexibility for national competent authorities to establish and operate their AI regulatory sandboxes;

(d)

li l-aċċess għall-ambjenti ta’ esperimentazzjoni regolatorja għall-IA ikun bla ħlas għall-SMEs, inkluż in-negozji ġodda, mingħajr preġudizzju għall-kostijiet eċċezzjonali li l-awtoritajiet nazzjonali kompetenti jistgħu jirkupraw b’mod ġust u proporzjonat;

(d)

that access to the AI regulatory sandboxes is free of charge for SMEs, including start-ups, without prejudice to exceptional costs that national competent authorities may recover in a fair and proportionate manner;

(e)

li jiffaċilitaw lill-fornituri u lill-fornituri prospettivi, permezz tal-eżiti tat-tagħlim tal-ambjenti ta' esperimentazzjoni regolatorja għall-IA, biex jissodisfaw l-obbligi tal-valutazzjoni tal-konformità skont dan ir-Regolament u l-applikazzjoni volontarja tal-kodiċijiet ta' kondotta msemmija fl-Artikolu 95;

(e)

that they facilitate providers and prospective providers, by means of the learning outcomes of the AI regulatory sandboxes, in complying with conformity assessment obligations under this Regulation and the voluntary application of the codes of conduct referred to in Article 95;

(f)

li l-ambjenti ta' esperimentazzjoni regolatorja għall-IA jiffaċilitaw l-involviment ta' atturi rilevanti oħra fi ħdan l-ekosistema tal-IA, bħal korpi notifikati u organizzazzjonijiet tal-istandardizzazzjoni, SMEs, inkluż negozji ġodda, intrapriżi, innovaturi, faċilitajiet tal-ittestjar u tal-esperimentazzjoni, laboratorji tar-riċerka u tal-esperimentazzjoni u Ċentri Ewropej tal-Innovazzjoni Diġitali, ċentri ta' eċċellenza, riċerkaturi individwali, sabiex jippermettu u jiffaċilitaw il-kooperazzjoni mas-settur pubbliku u dak privat;

(f)

that AI regulatory sandboxes facilitate the involvement of other relevant actors within the AI ecosystem, such as notified bodies and standardisation organisations, SMEs, including start-ups, enterprises, innovators, testing and experimentation facilities, research and experimentation labs and European Digital Innovation Hubs, centres of excellence, individual researchers, in order to allow and facilitate cooperation with the public and private sectors;

(g)

li l-proċeduri, il-proċessi u r-rekwiżiti amministrattivi għall-applikazzjoni, l-għażla, il-parteċipazzjoni u l-ħruġ mill-ambjent ta' esperimentazzjoni regolatorja għall-IA jkunu sempliċi, intelliġibbli faċilment u kkomunikati b'mod ċar sabiex tiġi ffaċilitata l-parteċipazzjoni tal-SMEs, inkluż in-negozji ġodda b'kapaċitajiet legali u amministrattivi limitati u jiġu ssimplifikati fl-Unjoni kollha, sabiex tiġi evitata l-frammentazzjoni u li l-parteċipazzjoni f'ambjent ta' esperimentazzjoni regolatorja għall-IA stabbilita minn Stat Membru, jew mill-Kontrollur Ewropew għall-Protezzjoni tad-Data tkun rikonoxxuta b'mod reċiproku u uniformi u jkollha l-istess effetti legali fl-Unjoni kollha;

(g)

that procedures, processes and administrative requirements for application, selection, participation and exiting the AI regulatory sandbox are simple, easily intelligible, and clearly communicated in order to facilitate the participation of SMEs, including start-ups, with limited legal and administrative capacities and are streamlined across the Union, in order to avoid fragmentation and that participation in an AI regulatory sandbox established by a Member State, or by the European Data Protection Supervisor is mutually and uniformly recognised and carries the same legal effects across the Union;

(h)

li l-parteċipazzjoni fl-ambjent ta' esperimentazzjoni regolatorja għall-IA tkun limitata għal perjodu li jkun xieraq għall-kumplessità u l-iskala tal-proġett u li tista' tiġi estiża mill-awtorità nazzjonali kompetenti;

(h)

that participation in the AI regulatory sandbox is limited to a period that is appropriate to the complexity and scale of the project and that may be extended by the national competent authority;

(i)

li l-ambjenti ta' esperimentazzjoni regolatorja għall-IA jiffaċilitaw l-iżvilupp ta' għodod u infrastruttura għall-ittestjar, għall-analiżi komparattiva, għall-valutazzjoni u għall-ispjegazzjoni tad-dimensjonijiet tas-sistemi tal-IA rilevanti għat-tagħlim regolatorju, bħall-akkuratezza, ir-robustezza u ċ-ċibersigurtà kif ukoll miżuri għall-mitigazzjoni tar-riskji għad-drittijiet fundamentali u s-soċjetà inġenerali.