- 1.
In addition to the obligations listed in Articles 53 and 54, providers of general-purpose AI models with systemic risk shall:
- a) perform model evaluation in accordance with standardised protocols and tools reflecting the state of the art, including conducting and documenting adversarial testing of the model with a view to identifying and mitigating systemic risks;
- b) assess and mitigate possible systemic risks at Union level, including their sources, that may stem from the development, the placing on the market, or the use of general-purpose AI models with systemic risk;
- c) keep track of, document, and report, without undue delay, to the AI Office and, as appropriate, to national competent authorities, relevant information about serious incidents and possible corrective measures to address them;
- d) ensure an adequate level of cybersecurity protection for the general-purpose AI model with systemic risk and the physical infrastructure of the model.
- 2.
Providers of general-purpose AI models with systemic risk may rely on codes of practice within the meaning of Article 56 to demonstrate compliance with the obligations set out in paragraph 1 of this Article, until a harmonised standard is published. Compliance with European harmonised standards grants providers the presumption of conformity to the extent that those standards cover those obligations. Providers of general-purpose AI models with systemic risks who do not adhere to an approved code of practice or do not comply with a European harmonised standard shall demonstrate alternative adequate means of compliance for assessment by the Commission.
- 3.
Any information or documentation obtained pursuant to this Article, including trade secrets, shall be treated in accordance with the confidentiality obligations set out in Article 78.
AI Act Article EN
Article 55
Obligations of providers of general-purpose AI models with systemic risk
Related across sources
News EDPB and EDPS support streamlining AI Act implementation but call for stronger safeguards to protect fundamental rights Guidance Guidelines 02/2021 on virtual voice assistants Guidance Guidelines 8/2020 on the targeting of social media users Guidance Guidelines 9/2022 on personal data breach notification under GDPR Guidance Guidelines 05/2022 on the use of facial recognition technology in the area of law enforcement News Is the AI Act caging ChatGPT and other General Purpose Artificial Intelligence systems?