EU AI Act and Education AI

AI systems used for admission to, access to, or assignment to educational or vocational training institutions at all levels. This covers university application screening algorithms that rank or shortlist candidates, automated placement tests that determine whether an applicant meets entry requirements, and machine-learning systems that route applicants between courses or programmes.

AI systems for evaluating learning outcomes of persons, including systems used to steer the learning process of a student. Automated grading systems, AI that scores written essays and feeds those scores into pass/fail decisions, and adaptive learning platforms that adjust an individual's study path or content difficulty based on performance data all fall within this category.

AI systems for assessing the appropriate level of education that an individual will receive or to which they will have access. This includes AI that determines which educational track a student should enter — academic versus vocational, standard versus advanced — or that decides on specialised support needs such as remedial programmes or accelerated pathways.

AI systems for monitoring and detecting prohibited behaviour of students during tests. AI-powered exam proctoring systems that watch for gaze deviation, unusual keystrokes, or background noise, and flag candidates for suspected cheating, are the primary use case. These systems are high-risk because a flag can directly lead to disciplinary action or grade invalidation, making accuracy and human oversight critical safeguards.

The AI system is intended to perform a narrow procedural task. It assists a human in one well-defined sub-step of a workflow — for example, converting handwritten exam answers to typed text — and does not itself assess quality or make any judgement about the student.

The AI system is intended to improve the result of a previously completed human activity. It works on material that a human evaluator has already produced — for example, automatically formatting a teacher's written grade sheet after the teacher has graded — rather than producing a new assessment itself.

The AI system is not intended to replace or influence a human assessment. It only analyses data to detect patterns — for example, flagging statistical outliers in a cohort's marks for a teacher to review — but makes no recommendation about any individual student.

The AI system is intended to prepare an assessment to be carried out by a human and is not a basis for the decision itself. It aggregates raw input data for a teacher or admissions officer to review but never produces a score, grade, or outcome on which anyone relies.

Establish, document, and maintain a risk management system that runs throughout the entire lifecycle of the system — from design to post-market monitoring. The system must identify and analyse known and reasonably foreseeable risks to health, safety, or fundamental rights; estimate risks from intended use and foreseeable misuse; and adopt targeted measures to address them. Article 9(9) specifically requires providers to consider whether their system is likely to have an adverse impact on persons under the age of 18, which is directly relevant to school-age learners.

Training, validation, and testing datasets must be relevant, sufficiently representative, and as free of errors as possible. Providers must examine datasets for biases that could lead to discrimination under Union law — critical in education because bias in training data (for example, historical admissions patterns) can entrench disadvantage. Article 10(5) permits processing of special categories of personal data for bias detection under strict conditions: no suitable alternative data exists; pseudonymisation is applied; data is not shared with third parties; data is deleted once bias correction is complete.

Draw up technical documentation as set out in Annex IV before placing the system on the market or putting it into service. The documentation must demonstrate compliance with all Section 2 requirements and make the information accessible to national authorities and notified bodies. SMEs and start-ups may use a simplified technical documentation form that the Commission is required to establish.

The high-risk AI system must technically allow automatic recording of events throughout its lifetime. Logging must capture situations that could indicate a risk, support post-market monitoring, and enable deployers to monitor operation. Providers must retain logs under their control for at least six months (Article 19). For deployers such as universities, the deployer-side log retention obligation runs independently under Article 26(6).

Design the system to be sufficiently transparent for deployer institutions to interpret its outputs correctly and use them appropriately. Supply instructions for use in a suitable digital format covering: the intended purpose; accuracy metrics and known limitations; circumstances that could lead to risks to fundamental rights; human oversight requirements; log collection mechanisms; and any pre-determined changes to the system's performance. Institutions need this information to implement Art 26 and meet the FRIA requirements under Art 27.

Design and develop the system with appropriate human-machine interface tools so that responsible persons at the deploying institution can effectively oversee its operation. The system must enable oversight persons to: understand the system's capabilities and limitations; detect and address anomalies; avoid automation bias when reviewing AI-generated grades or flags; correctly interpret outputs; and, in any situation, override or reverse the system's output, or halt it entirely.

The system must achieve and maintain an appropriate level of accuracy, robustness, and cybersecurity throughout its lifecycle. Declare the accuracy metrics in the instructions for use. For systems that continue to learn after deployment (for example, adaptive learning platforms), design the system to prevent feedback loops where a biased output influences the next round of training data. Protect against adversarial attacks including data poisoning of the training set and input manipulation designed to cause erroneous outputs.

Maintain a documented quality management system (Article 17). Before placing the system on the market, complete the relevant conformity assessment procedure under Article 43 — for most education AI systems not embedded in Annex I regulated products, self-declaration under Annex VI (internal control) is available. Affix the CE marking. Register the system in the EU database under Article 49(1). Keep all documentation for 10 years (Article 18).

Take appropriate technical and organisational measures to ensure the system is used in line with the instructions provided by the EdTech company. Using a high-risk AI grading system outside its documented intended purpose — for example, applying it to a subject type not covered in the instructions — creates compliance exposure for the institution.

Designate natural persons — staff with the necessary competence, training, and authority — to perform human oversight. These persons must be able to understand the system's outputs, detect when the system is malfunctioning or producing biased results, and take corrective action. They must also be empowered to override or disregard AI outputs in individual cases.

Where the institution controls the input data fed to the high-risk AI system — for example, uploading student records to an admission screening tool — that data must be relevant and sufficiently representative of the intended population. Using a system trained on one demographic with data from a very different student population is a deployer-side compliance risk.

Monitor the system's operation on the basis of the instructions for use. If the system appears to present a risk within the meaning of Article 79(1), suspend its use and immediately notify the provider and the relevant market surveillance authority. Retain all automatically generated logs under the institution's control for at least six months — or longer if required by applicable data protection or national education law.

Deployers of Annex III high-risk systems that make decisions or assist in making decisions relating to natural persons must inform those persons. In practice: when an AI system is used to grade work, determine a student's course track, or flag suspected cheating in a test, the student must be told that AI is involved. This obligation applies without prejudice to the separate Art 50 disclosure rules for AI systems that interact directly with students.

Providers must ensure that AI systems designed to interact directly with natural persons — including students — are built to inform users that they are interacting with an AI, unless this is obvious from the context. The disclosure must be made at the latest at the time of the first interaction and must conform to accessibility requirements. An EdTech company deploying a chatbot tutor must build this disclosure into the product. The disclosure cannot be buried in terms and conditions.

Providers of AI systems that generate synthetic text, audio, image, or video content must ensure the output is marked in a machine-readable format as artificially generated or manipulated. This applies to AI writing tools, essay feedback generators, and content creation systems used in education. The technical solution must be effective, interoperable, and robust to the extent technically feasible.

Deployers using AI to generate or manipulate image, audio, or video constituting a deepfake must disclose that the content is artificially generated, at the time of first exposure. Where the content is evidently artistic or fictional — for example, an AI-generated historical re-enactment video used in a history class — only a signal that AI was used is required, and the display of the work need not be disrupted.