Background The European Union’s Artificial Intelligence Act (AI Act) establishes a pioneering, sector-agnostic, risk-based taxonomy for artificial intelligence systems. However, its concrete operational implications for academic libraries, which increasingly rely on AI for discovery services, metadata generation, user support, and analytics, remain insufficiently explored. Methods This study conducts a systematic review of recent scientific and professional literature and maps common academic library AI use cases onto the proportional risk and compliance obligations defined by the AI Act. Based on this analysis, a sector-specific risk-classification matrix is developed to support regulatory interpretation in the library context. Results The findings indicate that ethical principles frequently prevail over enforceable compliance mechanisms, that library AI applications align conceptually with the AI Act’s taxonomy but lack practical operationalization, that generative AI and large language models intensify regulatory ambiguity, that AI procurement practices in libraries rarely incorporate AI Act safeguards, and that the protection of fundamental rights, including equity, privacy, and intellectual freedom, requires measurable controls beyond transparency notices. Discussion The results reveal a substantial gap between the regulatory framework and its practical implementation in academic libraries. Governance approaches remain largely normative, while auditable and operational compliance mechanisms are still underdeveloped. The rapid diffusion of generative AI further complicates accountability, risk classification, and institutional responsibility. Conclusion This study contributes a sector-specific AI risk-classification matrix, identifies policy needs for tailored audit and procurement models, and highlights key research gaps in empirical validation, bias detection, and trust frameworks. By bridging regulation and practice, it positions academic libraries as potential norm-setters within the European AI governance ecosystem, exemplifying rights-preserving and compliance-ready institutions where regulation acts both as a safeguard and a catalyst for responsible innovation.
Nuno Miguel Teixeira Sousa (Sun,) studied this question.