Glossary

Key terms on AI regulation, data protection and Responsible AI — clearly explained.

A

AI Act (EU AI Act): European regulation governing Artificial Intelligence. Establishes risk-based requirements for AI systems, ranging from prohibited practices to transparency obligations.

Bias: Systematic errors in AI systems that lead to unfair or discriminatory outcomes. Can arise from training data, algorithms or interaction patterns.

Conformity Assessment: Conformity assessment under the EU AI Act. High-risk AI systems must demonstrate compliance with legal requirements before being placed on the market.

Data Processing Agreement (DPA): Processing of personal data on behalf of a controller by a processor (Art. 28 GDPR). Requires a written contract.
Data Subject Rights: Rights of natural persons under GDPR, including access (Art. 15), rectification (Art. 16), erasure (Art. 17) and objection to automated decision-making (Art. 22).
DPIA (Data Protection Impact Assessment): Data Protection Impact Assessment under Art. 35 GDPR. Required for processing operations that pose a high risk to the rights of natural persons, particularly when deploying AI.

EDPB: European Data Protection Board. Issues guidelines and opinions on the uniform application of GDPR, increasingly covering AI-related topics.
Explainability (XAI): The ability to make the decisions and predictions of an AI system comprehensible. Methods include SHAP, LIME and Attention Maps.

Foundation Model: Large, pre-trained AI model that serves as a basis for various applications (e.g. GPT, Claude, Llama). Regulated as General Purpose AI (GPAI) under the AI Act.

GDPR (General Data Protection Regulation): The EU's General Data Protection Regulation. Governs the processing of personal data and grants data subjects comprehensive rights.
GPAI (General Purpose AI): General Purpose AI models under the EU AI Act (Art. 51-56). Subject to specific transparency and documentation obligations, with stricter requirements for systemic risk.

High-Risk AI System: AI systems deployed in sensitive areas as defined in Annex III of the EU AI Act (e.g. human resources, education, judiciary). Subject to comprehensive requirements.

LLM (Large Language Model): A large language model trained on extensive text data. Capable of generating, translating, summarizing text and answering questions.

Prompt Engineering: Technique for crafting targeted inputs (prompts) to AI models in order to achieve desired outcomes.

Responsible AI: An approach to the ethically responsible use of AI. Encompasses fairness, transparency, explainability, data protection and human oversight.
Risk Classes: The EU AI Act categorizes AI systems into four risk levels: unacceptable risk (prohibited), high risk, limited risk (transparency) and minimal risk.

SHAP (SHapley Additive exPlanations): An XAI method for explaining individual model predictions. Based on game-theoretic Shapley values, it quantifies the contribution of each feature.

Transparency Obligations: Obligations under the EU AI Act to inform users about the use of AI. Includes labelling of AI-generated content and deepfakes.