Written answers
Tuesday, 8 July 2025
Department of Enterprise, Trade and Employment
Artificial Intelligence
Sinéad Gibney (Dublin Rathdown, Social Democrats)
Link to this: Individually | In context
370. To ask the Minister for Enterprise, Trade and Employment if, given the eight competent authorities for the EU Artificial Intelligence (AI) Act announced in March, he will set out the specific regulatory bodies and market surveillance authorities responsible for each of the prohibitions (Article 5) and high-risk uses (Annex III) in the Act (details supplied), in tabular form; if he will clarify the lead regulator for the EU Artificial Intelligence (AI) Act in Ireland; if the lead regulator will be an independent authority or established within an existing Department; and if he will make a statement on the matter. [37903/25]
Niamh Smyth (Cavan-Monaghan, Fianna Fail)
Link to this: Individually | In context
I would like to thank the Deputy for the question.
The AI Act sets out a phased enforcement timeline. The next key milestone for implementation is 2 August 2025, by which time member states must have designated market surveillance authorities and notifying authorities, collectively known as national competent authorities, and the Single Point of Contact for the Act.
From 2 August 2026 enforcement powers will come into effect for market surveillance authorities within their respective areas of responsibility.
For AI systems intended to be used as a safety component of a product in specified safety categories, or where the AI system is itself a product of those categories, enforcement will apply from August 2027.
My department recognises the importance of governance for AI in Ireland and over the last year, has been actively engaged with sectoral regulators to identify and agree regulatory responsibility for the obligations set out in the AI Act. As you note, a Government decision in March of this year saw Ireland adopt a distributed model and designate an initial eight public bodies as market surveillance authorities for the implementation of the AI Act.
As requested, the bodies designated as market surveillance authorities and notifying authorities are listed in tabular form in Table 1 and Table 2 below. This list may be expanded by further Government decisions.
In relation to Annex III of the Act, which lists eight high-risk use cases, the Data Protection Commissioner will be designated as a Market Surveillance Authority for high-risk use cases in points 1, 6, 7, and 8 of Annex III, as required in Art. 74 (8) of the AI Act. While some of the obligations on the market surveillance authorities, being sectoral specific, are quite clear cut, others are more cross-sectoral in nature or relate to areas where there is no existing regulator in operation. With regards to the remaining high-risk use cases, and the prohibitions listed in Article 5, my officials are working with colleagues across Government to finalise arrangements as appropriate.
Additionally and as provided for in the Government decision in March, my Department may also consider further additional authorities, if required to ensure comprehensive implementation of the Act, and like all Member States we are dependent on emerging EU guidelines and clarity to enable us, and any relevant authorities fully understand the role that they are taking on, and plan for the operations and resources that will be required for that role. To that end my department is actively liaising with the European Commission’s AI Office to avail of their support in that regard.
Given the distributed model adopted, there is also a requirement to have a central and coordinating authority to ensure the effective and coherent governance of the AI Act in Ireland. This new authority will also be designated as the Single Point of Contact as is mandated under the AI Act. My department, in consultation with officials across the wider government system, is also currently considering in detail the role and responsibilities required of, and the provisions necessary to operationalise, a central coordinating authority. Subject to government approval, it will be established in legislation as an independent statutory body to coordinate enforcement of the Act. In the interim period, in order to adhere to the challenging implementation timeline of the AI Act, it is envisaged that the central coordinating authority would operate within my department.
The AI Act is a regulation and as such has direct effect in member States. However primary and secondary legislation will also be required to provide for supervision and enforcement arrangements and other matters. My department is currently preparing the relevant draft legislative proposals.
It is important to note that while the market surveillance authorities are to be designated by 2 August 2025, enforcement powers for those authorities under the AI Act will not come into effect until 2 August 2026, thus providing time for member states and the designated authorities to finalise their arrangements and make the necessary provisions to become operational.
Table 1: Competent Authorities for High-risk AI Systems defined with respect to Product Safety Legislation (Section A, Annex I, AI Act)
| Harmonised Legislation | Product Type | Market Surveillance Authority | Notifying Authority |
|---|---|---|---|
| Directive 2006/42/EC | Machinery | Health and Safety Authority | Minister for Enterprise, Tourism and Employment |
| Directive 2009/48/EC | Toys | Consumer and Competition Protection Authority | Minister for Enterprise, Tourism and Employment |
| Directive 2013/53/EC | Watercraft | Marine Safety Office of the Department of Transport | Minister for Transport |
| Directive 2014/33/EU | Lifts | Health and Safety Authority | Minister for Tourism, Enterprise and Employment |
| Directive 2014/34/EU | Equipment for explosive atmospheres | Health and Safety Authority | Minister for Enterprise Tourism and Employment |
| Directive 2014/53/EU | Radio equipment | Commission for Communications Regulation | Commisison for Communications Regulation |
| Directive 2014/68/EU | Pressure equipment | Health and Safety Authority | Minister for Enterprise, Trade and Employment |
| Regulation (EU) 2016/424 | Cableways | Commission for Railway Regulation | Minister for Transport |
| Regulation (EU) 2016/425 | Personal Protective Equipment | Health and Safety Authority | Minister for Enterprise, Tourism and Employment |
| Regulation (EU) 2016/426 | Appliances burning gaseous fuels | Consumer and Competition Protection Authority | Minister for Enterprise, Tourism and Employment |
| Regulation (EU) 2017/745 | Medical devices | Health Products Regulatory Authority | Health Products Regulatory Authority |
| Regulation (EU) 2017/746 | In Vitro Diagnostic Medical Devices | Health Products Regulatory Authority | Health Products Regulatory Authority |
Table 2: Annex III, AI Act – High-risk Use-cases
| - | Use Case | Market Surveillance Authority |
|---|---|---|
| 1 | Biometric identification or categorisation, emotion recognition | Data Protection Commission* |
| 2 | Safety components of critical digital infrastructures, road traffic, supply of water, gas, heating or electricity | Arrangements to o be finalised |
| 3 | Education and Vocational Training | Arrangements to beo be finalised |
| 4 | Employment, workers management, & access to self-employment | Arrangements to beTo be finalised |
| 5 | Access to essential private & public services | Arrangements to be finalised |
| 6 | Law Enforcement | Data Protection Commission |
| 7 | Migration, asylum & border control management | Data Protection Commission |
| 8 | Administration of justice & democratic processes | Data Protection Commission |
*In so far as the systems are used for law enforcement purposes, border management and justice and democracy – as set out in Article 74.8 of the AI Act.
No comments