From Compliance to Care

digitado ⋅ 29 de December de 2025

Author(s): Dr. Vasileios Ioannidis Originally published on Towards AI. Global AI Regulations How Software Becomes Law Modern HR platforms do more than process payroll or store data. They observe how employees behave, infer intentions and gently push them toward certain choices. Across continents, algorithmic systems are ranking candidates, suggesting promotions and flagging “anomalous” behaviour. In effect, software is beginning to govern the workplace. After decades spent designing HRIS, HRMS and EOR platforms, I have learned that every line of code carries regulatory and psychological consequences. AI in HR is never just a feature; it is a classification of risk, a compliance obligation and a litmus test for our duty of care. If we ignore that, we build efficient machines that quietly undermine agency and trust. There is a moment many of us recognise: the system offers a suggestion you had not planned, and it feels both helpful and unsettling. “When the machine knows your habits better than your manager, who is truly making the decisions?”This piece is not anti‑technology; it is a call to design technology with conscience and to champion ethics even when they slow us down. In the pages that follow, I translate the world’s major AI regulations into concrete product requirements. I explain why fairness and transparency must be part of the architecture and why companies need a governance architect who can navigate European and American rules while protecting human dignity. My aim is to position you as the unique expert who can fuse law, ethics and psychology into competitive advantage. The EU AI Act: High‑Risk Systems and Human Oversight The EU AI Act is the first law to rank AI systems by the harm they can cause. It treats employment‑related tools — those used to hire, fire, promote or monitor people — as high‑risk systems artificialintelligenceact.eu. Providers of such systems must implement risk management, rigorous data governance and record‑keeping, design for human oversight and cybersecurity, and avoid certain banned practices like manipulation, exploitative biometrics or social scoring artificialintelligenceact.eu. In parallel, the GDPR gives people a right not to be subject to solely automated decisions with significant effects ico.org.uk; decisions about jobs clearly fit this definition ico.org.uk. As a result, product teams must ensure that any AI recommendation affecting someone’s livelihood is reviewed by a human and that individuals can contest or understand these decisions ico.org.uk. Meeting these obligations means building risk assessments, audit logs and transparent interfaces into the core architecture — not as afterthoughts. These obligations carry teeth: regulators can impose multimillion‑euro fines, and implementation deadlines begin in 2025. They force vendors to shift from “move fast and break things” to “design carefully and document everything.” As product owners, our design choices become legal instruments — a fact that transforms compliance into competitive advantage. Ethical Frameworks: From Principles to Product Requirements Beyond law, Europe and the wider world have issued ethics guidelines that underpin responsible AI. The European Commission’s Trustworthy AI guidelines and the OECD AI Principles call for human agency, safety, privacy, transparency, fairness and accountability oecd.ai. UNESCO’s recommendation emphasises that human rights and dignity are the cornerstone of any AI deployment unesco.org. But practically for HR products such as HRIS/HRMS and EOR, these principles become basic design questions such as: Do we obtain meaningful consent? Can an employee understand and challenge automated decisions? Are training datasets representative and tested for bias? Do we explain who is responsible for the algorithm’s outputs? I always try to embed these questions into product roadmaps, designing screens that disclose when AI is used and processes that require human sign‑off. At first glance, phrases like “respect human rights” or “promote inclusive growth” sound abstract — almost ceremonial. Easy to agree with. Easy to ignore. But in practice, these principles live or die inside small, uncomfortable product decisions that shape how people experience power. When a developer pauses to ask whether a user’s behavioural history really needs to be stored to marginally improve a recommendation, the principle of data minimisation is no longer theoretical. It becomes a question of restraint. Of boundaries. Of whether the system is designed to serve the user, or quietly consume them. When an engineer argues for a black-box model because it delivers higher accuracy, transparency stops being a philosophical ideal and turns into a psychological necessity to the actuall user = the employee. Explainability is not for the person deploying the model, or the team celebrating its performance. It is for the person on the other side of the decision — whose opportunities, confidence, or sense of fairness maybe paused on a logic they are never allowed to see. Systems that cannot explain themselves do not just create opacity; they create anxiety, mistrust, and disengagement. This is where values either remain slogans or become architecture. When we embed them into features, defaults, and constraints, we do more than comply or signal virtue. We shape how safe people feel inside our systems. We decide whether technology earns trust or quietly erodes it. And in doing so, we build something far more durable than technical performance: reputational capital grounded in psychological credibility. The UK’s Sectoral Approach and Pro‑Innovation Principles Unlike the EU, the UK has opted for a lighter framework. Its 2023 policy paper lists five principles — safety and robustness, transparency, fairness, accountability and contestability — to guide existing regulators gov.uk. For HR tools, the fairness principle stands out: AI must not erode rights or embed discrimination. The Information Commissioner’s Office reminds companies that solely automated decisions with legal effects are generally unlawful ico.org.uk. Even under a pro‑innovation banner, human accountability cannot be waived. In practice, I harmonise UK flexibility with EU rigour by adopting the strictest requirements across both regimes, ensuring products remain compliant whatever politics bring. The UK’s approach reflects its economic priorities: rather than create a new regulator, it trusts sectoral bodies to adapt the five principles to their domains. Innovation can flourish under this flexibility, but it may lead to patchy enforcement. Companies operating in Britain should therefore exceed the […]

Like 0

Liked Liked