The EU AI Act explicitly bans a specific set of AI practices categorized as an unacceptable risk. This prohibition targets systems that deploy subliminal techniques, exploit vulnerabilities of specific groups due to age or disability, or implement public social scoring by authorities, as these are considered to fundamentally contradict European values of dignity, freedom, and non-discrimination.
Glossary
Unacceptable Risk

What is Unacceptable Risk?
Unacceptable risk is the highest and most restrictive tier in the EU AI Act's risk-based classification system, designating artificial intelligence practices that are deemed a clear and intolerable threat to fundamental rights, safety, and Union values, and are therefore strictly prohibited from being placed on the market or put into service.
The ban extends to the use of 'real-time' remote biometric identification systems in publicly accessible spaces for law enforcement, with narrow exceptions. Placing a prohibited AI system on the market triggers severe administrative fines, calculated as a percentage of global annual turnover, making this the most critical classification for providers and deployers to avoid.
Prohibited AI Practices Under Unacceptable Risk
The EU AI Act explicitly bans a set of artificial intelligence practices deemed to pose an unacceptable risk to fundamental rights, safety, and societal values. These prohibitions, effective from February 2025, carry severe penalties of up to €35 million or 7% of global annual turnover.
Subliminal & Manipulative Techniques
AI systems deploying subliminal components beyond a person's consciousness or purposefully manipulative and deceptive techniques are prohibited when they materially distort behavior and cause or are likely to cause physical or psychological harm. This targets dark patterns amplified by AI that exploit cognitive biases and vulnerabilities, such as inaudible voice commands or imperceptible image flashes designed to influence purchasing decisions or political views without awareness.
Exploitation of Vulnerabilities
Prohibits AI systems that exploit vulnerabilities of specific groups due to age or disability to materially distort behavior in a manner causing harm. This includes toys using AI to encourage dangerous behavior in children or voice assistants designed to manipulate elderly users with cognitive decline into financial transactions. The key legal test is whether the system's design targets the vulnerability to distort behavior, not merely whether harm occurs.
Social Scoring by Public Authorities
AI systems evaluating or classifying natural persons over time based on social behavior or personality characteristics are banned when the social score leads to:
- Detrimental treatment in unrelated social contexts
- Unjustified or disproportionate treatment This directly prohibits government-led social credit systems that rate citizens based on trustworthiness and restrict access to services like travel, education, or employment based on generalized behavioral patterns.
Real-Time Remote Biometric Identification
The use of real-time remote biometric identification systems in publicly accessible spaces for law enforcement purposes is prohibited with narrow exceptions. These systems match facial images against databases instantaneously without subjects' knowledge. Exceptions require prior judicial authorization and are limited to:
- Targeted search for specific crime victims (e.g., kidnapping)
- Prevention of imminent terrorist threat
- Localization of suspects for crimes punishable by at least 3 years imprisonment
Predictive Policing Based on Profiling
AI systems making risk assessments of natural persons to predict the likelihood of committing a criminal offense are prohibited when based solely on profiling or personality traits. This bans pre-crime assessment tools that assign criminal risk scores to individuals based on demographic data, behavioral patterns, or psychological characteristics without objective, verifiable facts directly linked to criminal activity. Statistical correlations alone are insufficient legal grounds.
Untargeted Facial Image Scraping
The creation or expansion of facial recognition databases through untargeted scraping of facial images from the internet or CCTV footage is prohibited. This directly bans companies like Clearview AI from harvesting billions of publicly available images to build biometric databases without consent. The prohibition addresses the chilling effect on privacy and freedom of assembly when individuals cannot appear in public without their biometric data being captured and indexed.
Emotion Recognition in Workplaces & Education
AI systems inferring emotions of natural persons are prohibited in workplace and educational settings, except for medical or safety purposes. This bans sentiment analysis cameras monitoring student engagement in classrooms or employee emotional states during performance reviews. The prohibition recognizes the scientific controversy around emotion detection validity and the power imbalance in employment and education contexts where refusal is not practically possible.
Biometric Categorization of Sensitive Attributes
AI systems categorizing individuals based on biometric data to deduce or infer race, political opinions, trade union membership, religious beliefs, sex life, or sexual orientation are prohibited. This bans systems that claim to detect sexual orientation from facial features or political affiliation from gait analysis. The prohibition extends to both direct inference and proxy-based categorization where biometric data serves as the input for sensitive attribute classification.
Frequently Asked Questions
Clarifying the prohibited artificial intelligence practices under the EU AI Act that pose a clear threat to fundamental rights and are banned from the European market.
Unacceptable risk is the highest and most severe risk tier in the European Union Artificial Intelligence Act, designating specific AI practices that are deemed a clear threat to the safety, livelihoods, and fundamental rights of individuals and are therefore strictly prohibited from being placed on the market, put into service, or used within the European Union. This classification is not subject to exceptions or conformity assessments; the identified practices are banned outright. The prohibition applies regardless of whether the system originates from an EU provider or a third country, as long as the output is used within the EU. The legal basis for this tier rests on the premise that certain forms of algorithmic manipulation and social control are inherently incompatible with European values of human dignity, freedom, and democracy, making any cost-benefit analysis irrelevant. The prohibition covers the entire lifecycle of the system, including development, marketing, deployment, and distribution.
Enabling Efficiency, Speed & Accuracy
Intelligent Analysis, Decision & Execution
We build AI systems for teams that need search across company data, workflow automation across tools, or AI features inside products and internal software.
Talk to Us
Search across company data
Give teams answers from docs, tickets, runbooks, and product data with sources and permissions.
Useful when people spend too long searching or get different answers from different systems.

Automate internal workflows
Use AI to route work, draft outputs, trigger actions, and keep approvals and logs in place.
Useful when repetitive work moves across multiple tools and teams.

Add AI to products and internal tools
Build assistants, guided actions, or decision support into the software your team or customers already use.
Useful when AI needs to be part of the product, not a separate tool.
Related Terms
Understanding the prohibited category requires context within the broader risk classification system and its enforcement mechanisms.
High-Risk AI System
The tier directly below prohibited practices. These systems are permitted but subject to mandatory conformity assessments before market placement. Examples include AI in critical infrastructure, educational assessment, employment screening, and law enforcement. Unlike unacceptable risk systems which are banned outright, high-risk systems must demonstrate compliance with harmonized standards for data governance, transparency, and human oversight.
Social Scoring
A specific prohibited practice under Article 5(1)(c) of the EU AI Act. It refers to the evaluation or classification of natural persons over a period of time based on their social behavior or known personality characteristics, leading to detrimental treatment in unrelated contexts. The prohibition targets public authorities conducting mass surveillance-style scoring, not private credit scoring agencies operating under existing financial regulations.
Market Surveillance Authority
The national enforcement body in each EU member state responsible for policing the AI Act's prohibitions. These authorities have the power to:
- Investigate suspected prohibited practices
- Order immediate withdrawal of non-compliant systems
- Impose fines up to €35 million or 7% of global annual turnover for unacceptable risk violations They coordinate through the European Artificial Intelligence Board to ensure consistent enforcement across the single market.
Fundamental Rights Impact Assessment
A mandatory pre-deployment analysis required for deployers of high-risk systems, but the concept originates from the need to identify when a system crosses into unacceptable risk territory. The assessment must document:
- The specific groups of individuals likely to be affected
- The risks to fundamental rights (dignity, non-discrimination, privacy)
- The duration and frequency of the system's use Systems found to pose a clear threat to fundamental rights during this assessment must not be deployed.
Serious Incident Reporting
A mandatory obligation requiring providers to immediately notify market surveillance authorities of any malfunction or failure that leads to death or serious harm. While this applies to high-risk systems, the reporting mechanism serves as a safeguard against de facto unacceptable risk—if a system consistently causes severe harm, authorities can reclassify it and order its removal from the market. Reports must be filed within 72 hours of the provider becoming aware of the incident.

About the author
Prasad Kumkar
CEO & MD, Inference Systems
Prasad Kumkar is the CEO & MD of Inference Systems and writes about AI systems architecture, LLM infrastructure, model serving, evaluation, and production deployment. Over 5+ years, he has worked across computer vision models, L5 autonomous vehicle systems, and LLM research, with a focus on taking complex AI ideas into real-world engineering systems.
His work and writing cover AI systems, large language models, AI agents, multimodal systems, autonomous systems, inference optimization, RAG, evaluation, and production AI engineering.
Partnered with leading AI, data, and software stack.
How We Work
Custom AI workflows for your Business
One-fit-all AI don't work for modern businesses. At Inferensys, we aim to understand your business & custom requirements; which we use to define most efficient agentic workflows, the data, and the tools for your business.
01
Review the use case
We understand the task, the users, and where AI can actually help.
Read more02
Pick the right approach
We define what needs search, automation, or product integration.
Read more03
Build the first useful version
We implement the part that proves the value first.
Read more04
Improve from there
We add the checks and visibility needed to keep it useful.
Read moreThe first call is a practical review of your use case and the right next step.
Talk to Us