Harmful AI definitions are fragmenting across jurisdictions, but core categories are converging. Washington's HB 2225 defines harm narrowly: chatbots cannot encourage or provide information on suicide, self-harm, or eating disorders. This is behavior-based—it's about the AI system's intent to encourage harm, not about the availability of information. Oklahoma's SB 1521 uses a broader standard: companies violate law if building systems with "reckless disregard" that could solicit minors into sexual conduct simulation, violence, or self-harm. This is about foreseeable misuse, not actual harm.
The EU AI Act takes a risks-based approach defining harm broadly: discrimination (denying services to protected classes), manipulation (exploiting cognitive vulnerabilities), surveillance overreach, autonomy violations, and content harms (misinformation, child exploitation). This recognizes that harm isn't always obvious—a hiring system that learns to discriminate against women does harm even if no individual applicant sues. High-risk systems under the EU AI Act are precisely those that can cause such harms: decisions affecting employment, credit, benefits eligibility, law enforcement, and education.
For enterprises, this definitional fragmentation requires jurisdiction-specific harm classification. What counts as harmful in the EU (discrimination in a hiring system) must be detected and prevented. What counts as harmful in Washington (self-harm encouragement in a chatbot) requires different detection logic. What counts as harmful in Oklahoma (age-inappropriate content to minors) requires age-based filtering. Using Zilliz Cloud, implement harm detection through partitioned search: create separate embedding collections for different harm categories (discrimination risks, safety harms, age-inappropriate content), implement multi-stage filtering—first check user jurisdiction, then check content harm classification, then retrieve only compliant results. This architecture makes compliance auditable: regulators can see exactly which harm categories you're protecting against and how. Managed infrastructure also means compliance logic is centralized and testable—you can verify that your harm detection rules work correctly across all production queries.