// EU AI Act · Tool 01

EU AI Act tier classifier

Answer five short questions and we'll tell you which tier of the EU AI Act your use case falls into, which obligations attach to it, and when they start to apply. Educational - not legal advice.

I am the:Provider = builds / brands the system.

Does the system do anything in Art. 5? (social scoring by public authorities, manipulative subliminal techniques exploiting vulnerabilities, untargeted facial-image scraping, real-time remote biometric ID in public for law-enforcement outside narrow exceptions, predictive policing solely from profiling, emotion recognition at work/school, biometric categorisation by sensitive attributes.)

If yes → Prohibited. No further questions.

Is the intended use in an Annex III area? (Biometrics, critical infrastructure, education, employment, essential public/private services, law enforcement, migration/border, justice & democratic processes.)

Annex III areas trigger high-risk classification unless a narrow Art. 6(3) exception applies (purely procedural, narrow procedural improvement, etc.).

Is the AI a safety component, or itself a product, covered by EU harmonisation law in Annex I (machinery, toys, medical devices, in-vitro diagnostics, radio equipment, etc.) that requires third-party conformity assessment?

If yes → high-risk under Art. 6(1).

Are you placing a general-purpose AI model on the market (a model trained on broad data, capable of competently performing a wide range of distinct tasks)?

GPAI obligations live in Chap V (Art. 51–55). Models with systemic risk get heavier duties.

Does the system interact with people, generate or manipulate image/audio/video/text content (deepfakes), or perform emotion recognition / biometric categorisation outside Art. 5?

If yes → at minimum Art. 50 transparency duties (label AI content, inform users).

// Waiting

Answer the questions above to see the tier and obligations.