Checklist for Open Source of AI systems under the EU AI Act
The content of this page is a checklist for open source of AI systems within the meaning of the EU AI Act (version 1.1).
The checklist is based on the following workflow. It is described in more detail in this technical article on Open Source of AI systems:
The checklist can be downloaded here as a link and as a freely usable PDF by clicking on the image below:
1. Objectives of this checklist:
This checklist helps providers and operators of AI systems to check whether an AI system falls under the exception of Article 2 (12) EU AI Act.
- The checklist refers exclusively to AI systems within the meaning of Article 3 No. 1, No. 66 EU AI Act.
- In case of doubt, the exception only applies if all components of the AI system are open and freely licensed.
2. Target group of this checklist:
- Legal, ethics & compliance
- Communication and marketing
- Software development
- Product/project management
- IT and operations
Background information and technical details on the checklists can be found in this article on checklists for the EU AI Act.
3. Contents of the checklist as HTML
| 1. AI system? |
| First, check whether the (planned) AI offer is actually an AI system within the meaning of the EU AI Act: |
| If the definition of AI systems according to Article 3 No. 1 EU AI Act is met, e.g.: |
| – Is the offer machine-based and does it have an interaction interface? |
| – Are the other criteria met? |
| 2. Risk classification? |
| Check whether your AI system qualifies as a prohibited AI practice or high-risk AI. In this case, the exception to Article 2 (12) EU AI Act will no longer apply. |
| Prohibited AI practice (Article 5 EU AI Act): |
| – Is it one of the practices described there? |
| – Is there an exception within the meaning of Article 5 (2) EU AI Act? |
| High-risk AI (Article 6 EU AI Act): |
| – For example, is it a system for critical infrastructure, finance or healthcare? |
| – Is there an exception within the meaning of Article 6 (3) EU AI Act? |
| 3. Transparency obligations? |
| Check whether your AI system is subject to the transparency obligations of Article 50 of the EU AI Act. In this case, the exception to Article 2 (12) of the EU AI Act will no longer apply. |
| Direct interaction with natural persons (para. 1): |
| – Is the AI system designed to interact directly with natural persons? |
| – For example, is it an AI chatbot in the form of an application or in browser-based form? |
| GPAI system with general purpose (para 2): |
| – Is it an AI system in which a general-purpose AI model is integrated (GPAI model), cf. Articles 3 No. 63, 66 EU AI Act? |
| Other generative AI systems (para 2): |
| – Can the AI system create synthetic content such as image, sound, video or text using another AI model? |
| 4. License types? |
| For the exemption from Article 2 (12) EU AI Act, the following criteria must be met cumulatively: |
| Free License: |
| – Is the AI system including its components published under a free license (e.g. Creative Commons)? |
| Is the use, distribution and modification of the AI system explicitly permitted by the license? |
| Open source: |
| – Is the source code of the AI system, including its components, publicly visible and changeable? |
| – Has the source code been disclosed with regard to all decision-relevant components of the AI system? |
| 5. Documentation? |
| Review the documentation requirements for your open source AI system: |
| – Has the operation of the AI model, including the training data, algorithms and parameters, been disclosed? |
| – Were recognized documentation standards (e.g. model cards) used? |
| 6. Data sources, APIs and interaction interface? |
| Check the disclosure of the connection of additional data sources, APIs and interaction interfaces: |
| – Are any additional data sources used in the AI system free and disclosed? |
| – Have you freely and correctly disclosed API connections and interfaces? |
| – Are the codes for the interaction interface free and disclosed? |
Be First to Comment