This paper critically evaluates the European Commission's proposed AI Act's approach to risk management and risk acceptability for high-risk AI systems that pose risks to fundamental rights and safety. The Act aims to promote "trustworthy" AI with a proportionate regulatory burden. Its provisions on risk acceptability require residual risks from high-risk systems to be reduced or eliminated "as far as possible", having regard to the "state of the art". This criterion, especially if interpreted narrowly, is unworkable and promotes neither proportionate regulatory burden, nor trustworthiness. By contrast the Parliament's most recent draft amendments to the risk management provisions introduce "reasonableness", cost-benefit analysis, and are more transparent about the value-laden and contextual nature of risk acceptability judgements. This paper argues that the Parliament's approach is more workable, and better balances the goals of proportionality and trustworthiness. It explains what reasonableness in risk acceptability judgments would entail, drawing on principles from negligence law and European medical devices regulation. And it contends that the approach to risk acceptability judgments need a firm foundation of civic legitimacy: including detailed guidance or involvement from regulators, and meaningful input from affected stakeholders.

翻译：本文批判性评估了欧盟委员会拟议《人工智能法》中对高风险人工智能系统（对基本权利与安全构成风险的系统）进行风险管理和风险可接受性的方法。该法案旨在通过相称的监管负担促进"可信赖"人工智能发展。其关于风险可接受性的条款要求高风险系统的残余风险须在考虑"技术发展水平"的前提下被"尽可能"降低或消除。这一标准（尤其在狭义解释下）不可行，既无法促进相称的监管负担，也无法保障可信赖性。相较之下，欧洲议会对风险管理条款的最新修订草案引入了"合理性"原则与成本效益分析，并更透明地揭示了风险可接受性判断的价值承载性与情境依赖性。本文认为，欧洲议会的方案更具可行性，且能更好地平衡相称性与可信赖性两大目标。本文借鉴过失法原则与欧洲医疗器械监管经验，阐明了风险可接受性判断中"合理性"的内涵，并指出风险可接受性判断需建立在坚实的公民合法性基础之上，包括监管机构的详细指导与参与，以及受影响利益相关方的实质性意见。