Dieser Artikel ist derzeit auf Englisch verfügbar.
What the EU AI Act Means for You: Your Rights as an Individual When AI Affects Your Life
The EU AI Act is often discussed from a business perspective. But it creates important protections for individuals — rights to explanation, human review, and protection from the most harmful AI uses. Here is what it does for you.
Key Takeaways
The EU AI Act bans specific AI uses — including AI that exploits vulnerabilities to manipulate behaviour, social scoring by public authorities, real-time biometric identification in public spaces, and AI that infers sensitive characteristics from neutral data. These prohibitions apply from August 2024.
For high-risk AI (used in hiring, credit, education, benefits, and law enforcement), Article 86 gives individuals the right to explanation when high-risk AI significantly affects them — separate from and supplementing GDPR Article 22 rights.
Chatbot and AI-generated content transparency obligations apply from August 2026: chatbots must disclose they are AI; AI-generated images and video must be labelled; emotion recognition systems must be disclosed. You have the right to know when you are interacting with AI.
National market surveillance authorities are responsible for enforcing the EU AI Act. If you believe an organisation has used prohibited AI or high-risk AI without required safeguards, you can file a complaint with your national authority.
The EU AI Act does not create a private right of action — you cannot sue under the Act directly. But existing GDPR, consumer protection law, and national tort law create compensation pathways when AI causes harm.
The EU AI Office oversees compliance for general-purpose AI models and publishes guidance on how the Act applies in practice — increasingly relevant as GPAI models become the backbone of many AI services.
"Nur zu Informationszwecken. Dieser Artikel stellt keine rechtliche, regulatorische, finanzielle oder professionelle Beratung dar. Konsultieren Sie einen qualifizierten Spezialisten für spezifische Beratung."
What the EU AI Act does for individuals
The EU AI Act's fundamental logic is that the risks of AI should be proportionate to its potential harm, and that individuals in high-risk AI contexts deserve specific protections. These protections take three forms: prohibitions on the most harmful AI uses (protecting everyone by banning those uses); rights in high-risk AI contexts (giving affected individuals specific entitlements); and transparency obligations (ensuring individuals know when significant AI is in use).
Prohibited AI: the strongest protections
Article 5 prohibits specific AI practices from August 2024. Most relevant to individuals: AI that uses subliminal techniques or exploits vulnerabilities (physical, psychological, relating to age or disability) to manipulate behaviour in ways causing harm; AI that creates facial recognition databases through untargeted internet or CCTV scraping; AI that infers sensitive characteristics (political views, religion, sexual orientation, race) from neutral data; real-time remote biometric identification in public spaces for law enforcement (with narrow exceptions); and social scoring of individuals by public authorities. If you encounter AI that appears to use prohibited techniques — manipulative AI in commercial contexts, facial recognition in retail — you can report it to your national market surveillance authority, including anonymously.
High-risk AI: your rights
High-risk AI used in hiring, credit, education, essential services, and law enforcement (Annex III) must be designed for human oversight, meet accuracy and robustness standards, and provide transparency documentation. Article 86 gives individuals affected by high-risk AI the right to a clear and meaningful explanation of the AI's role in decisions that significantly affect them — supplementing GDPR Article 22 rights from August 2027.
Transparency obligations
From August 2026: chatbots must disclose they are AI; AI-generated images, video, and audio must be labelled as AI-generated; and emotion recognition systems must disclose their operation. These are your rights now — you have the right to know when you are talking to an AI or viewing AI-generated content.
Enforcement and remedies
Enforcement goes through national market surveillance authorities and the EU AI Office (for general-purpose AI). The Act works alongside GDPR (compensation for data protection breaches), national consumer protection law (redress for consumer harm), and tort law (compensation for personal injury). File EU AI Act complaints with your national market surveillance authority. File GDPR complaints with your national DPA.