Decoding the EU AI Act Part 2 – A Deep Dive into Article 2

The EU Artificial Intelligence Act (AI Act), formally adopted in 2024 as Regulation (EU) 2024/1689, represents a landmark legal framework aimed at regulating the development, placement on the market, and use of artificial intelligence in the European Union. Central to understanding the AI Act is Article 2, which defines the regulation’s scope. This provision plays a pivotal role in clarifying who and what the regulation applies to—and, equally important, what it excludes.

Territorial and Material Scope

Article 2(1) establishes a broad territorial reach by applying the regulation to:

• Providers placing AI systems on the market or putting them into service in the EU, regardless of their location.
• Deployers of AI systems
• Providers or deployers of AI systems or general-purpose AI models (GPAI) located in a third country, where the output of the system is used in the EU.
• Product manufacturers who use an AI system as part of their product
• People affected by AI systems who are located within the EU.

This extraterritorial application mirrors other recent EU digital regulations, such as the GDPR and the Digital Services Act, and reflects the EU’s strategy to project its regulatory standards globally.
The material scope of the Act covers AI systems and general-purpose AI models, with obligations tailored according to the risk level. Article 2 confirms that the AI Act applies to both standalone AI systems and those integrated into other products or services.

Key Exclusions

Equally significant are the exclusions set out in Article 2 (3-12). The AI Act does i.e. not apply to:
• AI systems used exclusively for military purposes and national security activities
• AI systems used exclusively for law enforcement and national security activities by authorities of third countries, when these activities fall outside the scope of Union law.
• AI systems specifically developed for only scientific research & development.
• Private non-professional use of AI systems.

These exclusions aim to respect the limits of EU competences while also acknowledging the sensitive nature of certain domains, particularly defence and foreign affairs.

Implications for Businesses and Developers

Understanding Article 2 is crucial for determining whether a particular AI use case falls under the AI Act. Even non-EU providers must assess their exposure if their systems are accessible to or used by EU users. For businesses developing general-purpose AI models, the regulation introduces new layers of accountability, including documentation, transparency, and risk management obligations, which apply even if the model is not initially developed for a specific application.

Non-EU Providers of AI Systems

Providers of either High-Risk Ai Systems or General-Purpose AI Systems, who do not have an establishment within the European Union, have to appoint an ‘Authorised Representative’ within the European Union.

Conclusion

Article 2 of the EU AI Act sets the stage for the entire regulatory framework. It ensures broad applicability while carving out essential exclusions to respect institutional boundaries and sovereignty concerns. Developers, deployers, and users of AI — whether inside or outside the EU — must carefully assess their obligations under this provision to ensure compliance and mitigate legal risk.

Disclaimer:

The content of this blog is provided for general informational purposes only and does not constitute legal advice. While we strive to ensure that the information is accurate and up to date, it may not reflect the most current legal developments or the specific circumstances of your organization. Readers should not act upon any information contained in this blog without first seeking professional legal counsel. No attorney-client relationship is created through your use of or reliance on the information provided herein.