Notes on the EU AI Act Article 50 Transparency Obligations - An Academic Reading

Posted on In , Views: Disqus: Word count in article: 12k Reading time ≈ 45 mins.

Source document: Draft Guidelines on the implementation of the transparency obligations for certain AI systems under Article 50 of Regulation (EU) 2024/1689, issued by the European Commission’s Directorate-General for Communications Networks, Content and Technology (DG CONNECT), through the Artificial Intelligence Office.

Nature of the document: The Guidelines are non-binding. Authoritative interpretation of the AI Act may ultimately only be given by the Court of Justice of the European Union (CJEU). The present version remains in the stakeholder consultation stage, and the final text is yet to be adopted by the Commission.

Introduction (added by the present author)

Regulation (EU) 2024/1689 (hereinafter the “AI Act”) constitutes the first horizontally applicable comprehensive legislative framework for artificial intelligence at the supranational level. Within its risk-based regulatory architecture, Article 50 occupies a position intermediate between the “high-risk” tier and the “minimal-risk” tier. The provision does not prohibit any technical use, nor does it impose an ex ante conformity assessment procedure. Rather, it employs information disclosure as a comparatively restrained regulatory instrument designed to redress the informational asymmetry that obtains between AI systems and the natural persons exposed to them.

The present notes are structured as follows. Sections one to three constitute additions by the present author, addressing in turn the regulatory problem at which Article 50 is directed, the legislative motivations and normative aims of the provision, and the antecedent normative materials with which it interacts. Section four summarises the original Guidelines section by section, in the order of the source document. Section five provides practical implications and preliminary commentary by the present author on issues arising from the systematic interpretation of the provision.

Part One: The Regulatory Problem (added by the present author)

The regulatory problem to which Article 50 is addressed can be articulated at three distinct levels.

1. The asymmetry between generative capability and human discernment

As generative AI systems approach and in some cases exceed the threshold at which natural persons can rely on intuitive judgement to distinguish synthetic content from authentic content across the four modalities of text, image, audio, and video, the “native discernment capacity” enjoyed by individuals has been significantly devalued. This phenomenon implicates not only individual-level cognitive bias but also the credibility of the information ecosystem as a whole. Article 50 does not seek to impose a general prohibition on AI outputs that are indistinguishable from human-produced content. Rather, it requires that, through marking, disclosure, and detection mechanisms, natural persons be equipped with the metadata necessary to make informed choices regarding the trust they extend to such content.

2. The diffusion of responsibility along the AI value chain

The AI value chain involves multiple tiers, including model providers, system providers, deployers, distribution platforms, and end users. Specific harms such as impersonation, deception, and manipulation may arise at any point along this chain, yet no single actor is in a position to undertake compliance responsibility for the entire chain. The regulatory technique of Article 50 lies in allocating obligations to the actors most capable of implementing the relevant measures: the provider for technical measures (marking and detection), and the deployer for disclosure and labelling in the context of dissemination. Auxiliary actors along the chain (in particular online platforms) are addressed through connecting provisions that encourage coordinated conduct.

3. Cross-modal and cross-contextual regulatory granularity

The technical maturity of watermarking and detection techniques varies significantly across textual, visual, auditory, and video modalities. The risk profile of a given system also varies markedly across contexts, with the risks posed by a non-player character in a video game differing substantially from those posed by a politically charged deepfake on a social platform. Article 50 must therefore strike a balance between generality of application and avoidance of regulatory over-reach. It does so by introducing a substantial set of exceptions, including the “obviousness” standard, the exception for assistive functions of standard editing, the attenuated disclosure regime for artistic and creative works, the law enforcement exception, the exclusion for purely personal non-professional activities, the exclusion for scientific research and development, and the exception for human review under editorial responsibility.

Part Two: Legislative Motivations and Normative Aims (added by the present author)

According to Recitals 132 to 136 of the AI Act, the normative aims of Article 50 may be classified into four interrelated objectives.

1. Reducing the risks of impersonation, deception, misinformation, manipulation at scale, and fraud

This is the most direct aim. Generative AI has substantially lowered the marginal cost of producing high-fidelity synthetic content capable of misleading audiences. The transparency obligations do not prohibit the generation of such content but require that, before it reaches natural persons, identifying metadata accompany it.

2. Safeguarding democratic processes and societal trust

Recital 136 emphasises the actual or foreseeable negative effects of deepfake content on elections, civic discourse, and democratic processes. The transparency obligations thus operate as an indirect protective mechanism for the democratic public sphere. They interact in particular with Articles 34 and 35 of the Digital Services Act (Regulation (EU) 2022/2065, hereinafter “DSA”), which set out the systemic risk assessment and mitigation obligations of providers of very large online platforms (VLOPs) and very large online search engines (VLOSEs).

3. Enabling natural persons to make informed decisions and calibrate trust

Recital 132 states that the information obligation is intended to enable natural persons “to make informed decisions regarding the system’s outputs,” to avoid “over-reliance on such systems,” and to “calibrate their trust in the content and the interactions accordingly.” This objective emphasises individual autonomy rather than paternalistic protection and is consonant with the European tradition of consumer information rights.

4. Maintaining the integrity and trustworthiness of the information ecosystem

The beneficiaries of the marking and detection obligation in Article 50(2) are not limited to natural persons directly exposed to synthetic content. They also encompass market surveillance authorities, independent researchers, civil society organisations, media organisations, trusted flaggers, fundamental rights defenders, and providers of online platforms — that is, the intermediary actors of the information ecosystem. This broad designation of beneficiaries reflects the legislator’s recognition of transparency as a public good.

Part Three: Antecedent Materials and the Normative Landscape (added by the present author)

Article 50 does not operate as an isolated rule. Its effective implementation depends on a constellation of antecedent norms and institutional arrangements. An appreciation of these materials assists in identifying the interpretive boundaries of the provision.

1. The internal normative basis within the AI Act

Provision Content Relation to Article 50
Article 3(1) Definition of “AI system” Common antecedent requirement for all four paragraphs of Article 50
Article 3(3) Definition of “provider” Responsible actor under Articles 50(1) and 50(2)
Article 3(4) Definition of “deployer” Responsible actor under Articles 50(3) and 50(4)
Article 3(39) Definition of “emotion recognition system” One of the two object categories of Article 50(3)
Article 3(40) Definition of “biometric categorisation system” The other object category of Article 50(3)
Article 3(60) Definition of “deep fake” Core object of Article 50(4), first subparagraph
Article 3(66) Definition of “general-purpose AI system” Scope coverage under Articles 50(1) and 50(2)
Article 2(6) Exclusion for scientific research and development Horizontal exemption
Article 2(8) Exclusion for research, testing, and development prior to placing on the market Horizontal exemption
Article 2(10) Exclusion for the purely personal non-professional activity of natural persons Horizontal exemption
Article 2(12) Special provision for systems released under free and open-source licences Does not exempt systems falling within Article 50
Article 5 Prohibited AI practices Emotion recognition in the workplace or education may be directly prohibited
Article 6 Classification of high-risk AI systems Systems within Article 50 may concurrently be classified as high-risk
Article 55(1)(b) Mitigation obligations for general-purpose AI models with systemic risk Model-level marking may form part of systemic risk mitigation measures
Article 85 Right to lodge a complaint Any natural or legal person with reasonable grounds may lodge a complaint
Article 99(7)(e) Factors for determining the amount of fines Adherence to an approved code of practice may serve as a mitigating factor
Article 113 Date of application Article 50 applies from 2 August 2026
  1. Digital Services Act (Regulation (EU) 2022/2065, DSA): Articles 16(1) and 16(6) on notice mechanisms for illegal content; Articles 34 and 35 on systemic risk assessment and mitigation by VLOPs and VLOSEs; Article 35(1)(k) on the marking of deepfakes.
  2. European Media Freedom Act (Regulation (EU) 2024/1083, EMFA): Article 2(8) on the definition of “editorial responsibility,” with close relevance to the human review exception under Article 50(4), second subparagraph.
  3. General Data Protection Regulation (Regulation (EU) 2016/679, GDPR): where synthetic content concerns identifiable natural persons, data protection principles and information obligations apply concurrently.
  4. Unfair Commercial Practices Directive (Directive 2005/29/EC, UCPD): prohibits the misleading of consumers as to the main characteristics of a product or service. AI-driven attributes may, in appropriate circumstances, constitute such a “main characteristic.”
  5. Consumer Rights Directive (Directive 2011/83/EU): pre-contractual information obligations covering the main characteristics of AI-driven services.
  6. Directive (EU) 2016/2102 on the accessibility of public-sector websites and mobile applications, and Directive (EU) 2019/882 on accessibility requirements for products and services: referenced by Article 50(5).
  7. Regulation (EU) 2019/1020 on market surveillance and compliance of products: the legal basis for the enforcement powers of market surveillance authorities.
  1. Commission Guidelines on prohibited artificial intelligence practices established by Regulation (EU) 2024/1689 (C(2025) 5052), on the interpretation of horizontally applicable exceptions.
  2. Commission Guidelines on the definition of an AI system (C(2025) 5053), on the interpretation of Article 3(1).
  3. Commission Guidelines on the classification of high-risk AI systems (under preparation), on emotion recognition and biometric categorisation systems.
  4. Joint Commission and EDPB Guidelines on the interplay between the AI Act and EU data protection law (under preparation).
  5. The Code of Practice on the marking and labelling of AI-generated content (under development).
  6. Commission Notice “The Blue Guide on the implementation of EU product rules 2022” (2022/C 247/01), on the horizontal interpretation of placing on the market, putting into service, and use.

4. Technical reference frameworks

The reference in Article 50 to “interoperability” and “the generally acknowledged state of the art” entails that standardisation bodies and industry practice play a non-trivial role in shaping the operational compliance standards. The Guidelines clarify that the “state of the art” refers to a developed stage of technical capability based on the consolidated findings of science, technology, and experience and accepted as good practice, and that it does not necessarily include the latest scientific research that remains at the experimental stage or that has not attained sufficient technological maturity. This formulation introduces an objective and evolving technical reference framework into the compliance analysis.

Part Four: Structural Summary of the Original Document

Chapter One: Background and Objectives

  1. The AI Act entered into force on 1 August 2024.
  2. The transparency obligations under Article 50 apply two years after entry into force, that is, from 2 August 2026.
  3. The Guidelines are issued pursuant to Article 96(1)(d), with the aim of assisting competent authorities, providers, and deployers in implementing the obligations in a consistent, effective, and uniform manner.
  4. The drafting was informed by public stakeholder consultation and input from Member States through the AI Board.
  5. The Guidelines are non-binding.

Chapter Two: Overview of the Transparency Obligations and Horizontal Topics

Section 1: Overview of the four transparency obligations

Provision Type of system or output Responsible actor Core obligation Exceptions and special regimes
Article 50(1) AI systems directly interacting with natural persons Provider To design and develop the system such that affected natural persons are informed that they are interacting with an AI system Where the artificial nature of the interaction is obvious; or where the system is authorised by law for the detection, prevention, investigation, or prosecution of criminal offences, but not where the system is made available to the public for reporting criminal offences
Article 50(2) AI systems generating or manipulating synthetic image, video, audio, or text content Provider To ensure that the outputs are marked in a machine-readable format and detectable as artificially generated or manipulated; the technical solution must be effective, interoperable, robust, and reliable Where the system performs an assistive function for standard editing; where it does not substantially alter the input data or its semantics; or where it is authorised by law for law enforcement purposes
Article 50(3) Emotion recognition systems and biometric categorisation systems Deployer To inform the natural persons exposed to the system of its operation Where permitted by law for the detection, prevention, or investigation of criminal offences
Article 50(4) AI systems generating or manipulating deepfakes, or AI-generated or manipulated text published to inform the public on matters of public interest Deployer To disclose that the content has been artificially generated or manipulated Where authorised by law for law enforcement purposes; where the text has undergone human review or editorial control and is subject to editorial responsibility; an attenuated disclosure regime applies to artistic, creative, satirical, fictional, or analogous works

Section 2: Rationale and objectives

Pursuant to Recitals 132 to 136, the regulatory aims are to reduce the risks of impersonation, deception, misinformation, manipulation at scale, and fraud; to mitigate potential adverse impacts on democratic processes and societal trust; and to enable natural persons to make informed decisions.

Section 3: Responsible actors

  1. Provider (Article 3(3)): a natural or legal person, public authority, agency, or other body that develops an AI system or has one developed and places it on the Union market or puts it into service under its own name or trademark. Providers established outside the Union are also subject to the AI Act where the output of their system is used within the Union (Article 2(1)(a)).
  2. Deployer (Article 3(4)): a natural or legal person, public authority, agency, or other body using an AI system under its authority, save where the use is in the course of a purely personal non-professional activity. “Authority” entails responsibility for the decision to deploy the system and for the manner of its actual use, including its outputs. Where the deployer is a legal person, employees acting under its instructions and control do not constitute separate deployers. The deployer remains responsible where it engages third parties such as contractors, freelancers, or external staff to operate the system on its behalf.
  3. Actors that are not deployers: entities whose role is limited to disseminating or transmitting AI-generated or manipulated content produced by third parties (including online platforms), or that receive or are exposed to such content without directly controlling the use of the system. Such actors are nevertheless encouraged to preserve the marks and labels applied pursuant to the AI Act.
  4. Multiple roles: a single entity may concurrently be both a provider and a deployer.
  5. Other actors along the value chain: actors acting in a professional capacity and disseminating content are encouraged to take appropriate measures to ensure that natural persons exposed to the content are effectively informed of its artificial origin.

Section 4: Exclusions from the scope of the AI Act

Subsection 1: Purely personal non-professional activity (Article 2(10))

The exception applies only to the obligations of natural persons acting as deployers and requires that the activity be both “purely personal” and “non-professional.” Any activity through which a natural person regularly obtains economic benefit, or which falls within a professional, business, trade, occupational, or freelance activity, falls outside “non-professional.” Criminal activity does not qualify as “purely personal” even where no economic benefit is sought. A deepfake made publicly available and capable of affecting public discourse on matters of public interest also does not qualify as a “purely personal non-professional activity.” It must be noted that the exception applies only to the obligations of deployers; the obligation of the provider under Article 50(2) to implement machine-readable marking is unaffected.

Subsection 2: Research and development (Articles 2(6) and 2(8))

AI systems and their outputs specifically developed and put into service for the sole purpose of scientific research and development benefit from this exception. Once such a system is put into service outside the scientific research context, or once its outputs are used outside that context, the relevant transparency obligations again become applicable. Research, testing, and development activities prior to placing on the market are also protected by Article 2(8), but systems placed on the market or put into service must comply.

Subsection 3: AI systems released under free and open-source licences (Article 2(12))

Open-source AI systems within the scope of Article 50 are not exempt by virtue of their open-source character. Providers and deployers must comply with their respective transparency obligations.

Section 5: Interplay with prohibited practices and high-risk requirements

Compliance with the transparency obligations under Article 50 does not entail that the use of the system is itself lawful. Emotion recognition in the workplace or in educational institutions may be prohibited under Article 5. Systems within the scope of Article 50 may also be classified as high-risk under Article 6, requiring parallel compliance with the high-risk regime.

Section 6: Interplay with general-purpose AI models and systems

Article 50 applies to general-purpose AI systems, including chatbots used for direct interaction and generative systems producing or manipulating synthetic content. It does not directly apply to general-purpose AI models, but where the system is built upon a model provided by the same provider, transparency measures may be implemented at the model level. For general-purpose AI models with systemic risk, model-level safety measures may form part of the systemic risk mitigation measures required under Article 55(1)(b).

Chapter Three: Article 50(1) — Transparency for Interactive AI Systems

Section 1: Conditions for application

The provision requires the cumulative presence of four elements:

Element 1: an AI system. The system must satisfy the definition in Article 3(1). Traditional non-AI automated response mechanisms (for example, conventional out-of-office email replies or rule-based quick replies) fall outside the scope.

Element 2: intended to interact. Interaction entails a bidirectional exchange of information or actions between natural persons and the AI system, which may take auditory, visual, or physical forms. Natural persons must be able to provide input (in textual, vocal, or physical form), and the system must be capable of responding with contextual output, and vice versa. Interaction may be one-off or continuous, and may be initiated by either party. Systems that merely collect data passively and are incapable of engaging in exchanges with natural persons (such as automated facial recognition access controls) fall outside the scope.

Element 3: direct interaction. The interaction must be direct, typically involving real-time or near real-time exchange. Indirect or mediated interaction lies outside the scope, for example where customer service representatives use AI assistive tools to communicate with natural persons, or where AI output is conveyed to a person through another person rather than by the system itself.

Element 4: with natural persons. The interacting natural persons may be professional deployers, other users (including those using the system for purely personal purposes), or persons using the system on behalf of others. Systems operating in closed physical or virtual environments without direct contact with natural persons fall outside the scope.

Section 2: AI agents

AI agents fall within the scope of Article 50(1) where they are designed to interact with the persons instructing them and potentially with other natural persons in the execution of tasks. Where the provider cannot reliably determine whether an agent will interact with a natural person, the agent should be instructed to disclose itself as such in every situation in which it may foreseeably interact with a natural person.

Section 3: Illustrative examples

Within scope: AI-driven voice assistants; chatbots and conversational agents in public service, customer support, e-commerce, finance, healthcare, and education; humanoid and collaborative robots; AI companions; robotic companion pets; AI avatars in virtual reality environments; bots on social networks; coding agents and other agentic AI systems.

Outside scope: AI-enabled traditional industrial robots operating in closed industrial environments and not intended for interaction with humans; algorithmic recommender systems; spam filters; automated translation or transcription tools; authentication and biometric recognition systems; back-end decision support systems whose outputs are visible to users without the possibility of direct interaction; predictive maintenance and optimisation systems in factories.

Section 4: The information obligation

Subsection 1: Embedding of the disclosure mechanism. The disclosure mechanism is to be embedded in the design and development of the system and is to be implemented during its operation, at the latest at the time of the first interaction with a natural person (Article 50(5)). Providers are responsible for ensuring that natural persons are effectively informed throughout the lifecycle of the system.

Subsection 2: Format of disclosure. Article 50(1) does not prescribe any particular technique, provided that two requirements are satisfied: first, the information is provided in a clear and distinguishable manner at the latest at the time of the first interaction, in accordance with Article 50(5); second, where the system is intended to interact with persons belonging to vulnerable groups by reason of age (children or older persons) or disability, the disclosure is adapted accordingly. Where the system may interact with children, the disclosure must be child-friendly, age-appropriate, easy to understand, and accessible to all children, including those with disabilities or additional accessibility needs.

Subsection 3: Substance of the disclosure. Providers must explicitly inform all natural persons interacting with the system of the artificial, non-human nature of their interlocutor. Where it is reasonably foreseeable that the system may interact with persons belonging to vulnerable groups, the information must be adapted and provided in an accessible format.

Subsection 4: Recommended multimodal techniques:

| Type | Examples |
||-|
| Text-based (UI) | Prominent, plain-language labels or banners (for example, “You are interacting with an AI system”); first-turn disclosures in chatbots; persistent badges visible throughout the interaction. Disclosure is recommended to be positioned close to the interaction interface |
| Auditory | In voice-based or telephony contexts, explicit spoken statements at the start of the interaction (for example, “This is an AI-powered assistant”), supplemented by periodic reminders in longer interactions. Distinct audio cues may assist visually impaired users but are insufficient on their own |
| Visual or graphical | Persistent icons, watermarks, coloured frames, or recognisable “AI” symbols. Standardised visual indicators across a provider’s services are recommended to reduce cognitive burden |
| Multimodal combinations | Combining text, audio, and visual cues (for example, a chatbot displaying a label while also providing a first-turn textual disclosure) to ensure accessibility and reinforce clarity |

Subsection 5: Techniques that are insufficient when used alone:

  1. Disclosures contained only in terms and conditions, URLs, or documentation (these may complement but cannot replace in-context disclosure);
  2. Disclosures relying solely on machine-readable markings (such as metadata or watermarks) that are not perceivable by users at the point of interaction;
  3. Unclear or ambiguous signals (such as generic references to “assistant”) or human-like representations that may mislead users;
  4. Purely technical or capability-based descriptions (such as “this system uses LLMs”) that do not explain the function or the artificial non-human origin of the system.

Subsection 6: Cautionary considerations. Overly intrusive disclosure techniques may undermine the effectiveness of disclosure, disrupt user experience, and lead to habituation effects known as “banner blindness.”

Subsection 7: The need for continuous disclosure. One-time disclosures at the beginning of an interaction may be insufficient where the interaction is sustained or evolving, particularly in sensitive contexts (where users may express or experience emotional distress or vulnerability) or where users may form emotional attachments (for example, AI companions). In such cases, periodic reminders and context-aware disclosures may be necessary. Disclosure is also expected where natural persons inquire about the nature of the system or the origin of the interaction, or where it may reasonably be inferred from the exchange that the natural person is likely to be misled or confused regarding the AI origin.

Section 5: Exceptions

Subsection 1: The “obviousness” exception

Providers must assess and demonstrate (i) that the artificial nature of the interaction is obvious, (ii) from the perspective of a reasonably well-informed, observant, and circumspect natural person, taking into account the circumstances and context of use.

The standard draws on the “average consumer” concept established under EU consumer protection law and is to be interpreted consistently while accounting for the specific and varied contexts of AI interaction and the objectives of Article 50(1). The construction of this hypothetical “average” natural person comprises two stages: first, the provider considers the target audience with which the system is intended to interact; second, the provider assesses how reasonably well-informed, observant, and circumspect an average member of that audience would be, taking into account the circumstances and the context of use.

Factors to be taken into account include the reasonably foreseeable composition of the audience; whether persons with disabilities, older persons, or minors form part of the audience (in which case the expected level is lower); whether the audience is restricted to professional or specialised users (in which case the expected level is higher); and the digital and AI literacy of the audience, together with relevant social, cultural, and linguistic factors.

The assessment of “obviousness” depends on several considerations: in physical interactions, the visibility of mechanical components or the degree to which the system replicates its non-artificial counterpart is relevant; in visual or auditory interactions, writing or speech patterns, vocal tone (robotic versus genuinely human-sounding voice), user interface design (such as a chatbot displaying a human profile picture), and the system’s capacity for advanced personalised interaction are relevant.

Examples falling within the “obviousness” exception: AI-powered code assistance chatbots available only to professional developers; interactive AI systems intended only for use by properly trained health professionals to support medical diagnosis and treatment recommendations; interactions with AI-enabled non-playable characters (NPCs) in video games.

Examples not benefiting from the “obviousness” exception: an AI-powered robotic companion pet closely resembling its natural counterpart and designed to mimic typical human-pet interaction; AI systems embedded in immersive environments using realistic avatars or human-sounding voices, where children, older persons, or persons with disabilities may not readily distinguish between human and AI interaction; AI chatbots embedded in online platforms or helpdesks where users may perceive the outputs as neutral or human-generated.

Subsection 2: The law enforcement exception

A provider is exempted from Article 50(1) where the interactive AI system is authorised by law to detect, prevent, investigate, or prosecute criminal offences, subject to appropriate safeguards for the rights and freedoms of third parties.

“Authorised by law” comprises both Union law and Member State national law adopted in compliance with Union law. The authorising law must clearly specify the system, the purposes and circumstances of permitted use, and the safeguards for the rights of third parties.

The exception is not limited to use by law enforcement authorities within the meaning of Article 3(48). It may also cover use by other public authorities or by private actors such as security firms or financial institutions, provided that the use is authorised by law and appropriate safeguards are in place.

Where the exception does not apply: where the system is (i) available to the public and (ii) offers functionality enabling individuals to report criminal offences. Examples include AI-enabled police chatbots deployed on official websites or mobile applications; AI-assisted fraud reporting hotlines or digital portals operated by financial institutions or public authorities; virtual assistants used for the collection of witness statements. Such systems remain subject to the transparency obligation under Article 50(1).

Article 50(1) applies without prejudice to information disclosure obligations under EU consumer protection, data protection, and digital legislation. Under the UCPD, traders must ensure that consumers are not misled as to the main characteristics of a product or service. Under the Consumer Rights Directive, traders must provide clear and comprehensible pre-contractual information about the main characteristics of goods or services. Where the service is AI-driven, the AI attribute may constitute a “main characteristic” that must be disclosed, irrespective of whether the interaction is “obvious” under Article 50(1).

The DSA likewise contains transparency obligations relevant to AI-mediated interactions, such as the obligation of online platform providers to inform users clearly about their content moderation, recommender system, and advertising practices. These obligations are complementary to those of Article 50(1).

Article 50(1) pursues a different objective from the information obligations owed to data subjects under EU data protection law, and the two regimes apply in parallel.

Chapter Four: Article 50(2) — Marking and Detection of AI-Generated or Manipulated Content

Section 1: Conditions for application

The provision requires the cumulative presence of the following:

  1. The system must qualify as an AI system within the meaning of Article 3(1);
  2. The system must be capable of generating or manipulating synthetic content;
  3. The content must fall within one or more of the modalities of audio, image, video, or text;
  4. The system must not fall within any of the following exceptions: (i) it performs an assistive function for standard editing; (ii) it does not substantially alter the input data or its semantics; or (iii) it is authorised by law to detect, prevent, investigate, or prosecute criminal offences.

Section 2: Generation and manipulation distinguished

  1. Generation refers to the creation of synthetic material by the AI system (for example, on the basis of a human prompt), such as the generation of a synthetic image or song. Article 50(2) applies both to generative systems with narrow intended purposes (such as the generation of medical images or text-based assessments of learning outcomes) and to systems serving multiple purposes, including general-purpose and agentic AI systems.
  2. Manipulation refers to the alteration by an AI system of existing content (not necessarily itself synthetic), as where an existing image or voice recording is modified in accordance with human instructions.
  3. Article 50(2) does not require that the content be wholly AI-generated or manipulated. Content mixed with human-produced material remains within scope where any of the relevant modalities has been generated or manipulated by an AI system.

Section 3: The modalities within scope (exhaustively listed)

Modality Interpretation
Text Discrete symbolic content composed of characters or numbers arranged in a particular sequence, capable of being read and interpreted semantically by humans
Image Static spatial representations encoding visual information at one moment in time, capable of being seen by humans
Audio Time-varying signals encoding sound, capable of being perceived through hearing by humans; encompassing speech, instrumental music, and other audio signals
Video Time-based sequences of images, optionally synchronised with audio, capable of being seen by humans; both the video and the audio components must be marked and rendered detectable

AI systems generating or manipulating three-dimensional images, video, and audio, as well as virtual, augmented, and mixed reality, fall within the scope of Article 50(2). Virtual reality may be regarded as “video” content. Digital twins providing a virtual replica of natural persons, physical objects, or systems and integrating multiple data types likewise fall within scope, save where they qualify as industrial applications.

Agentic AI systems are also covered. Where the agent’s action (such as a web request or browser operation) is not intended to be directly perceived by natural persons, it does not constitute regulated synthetic content. Where the action takes the form of perceptible audio, image, video, or text output, the marking and detection requirements apply.

Section 4: Outputs outside the scope

  1. Outputs that merely present or arrange existing content (such as music playlists or recommender systems);
  2. Inputs and outputs that are mere observations and recordings of data from physical or virtual environments (such as consumption recorded by AI-enabled smart meters, measurements of grid frequency and voltage, or GPS positioning data of vehicles);
  3. Outputs consisting of short sequences of numbers, symbols, or letters;
  4. Source code;
  5. Outputs exclusively communicated from machine to machine and not exposed to humans;
  6. Outputs used only in closed-loop industrial and product development environments (such as intermediate outputs in film production), save where they constitute the final output and take the form of AI-generated or manipulated text, audio, image, or video content.

Section 5: The dual structure of the marking and detection obligation

Article 50(2) establishes two distinct but inherently interlinked elements:

  1. Marking: the provider must ensure that the outputs of the AI system are marked in a machine-readable format.
  2. Detection: the provider must ensure that the outputs are detectable as artificially generated or manipulated.

For each marking solution implemented, the provider must provide a corresponding means of detection that enables natural persons exposed to the content, as well as other relevant actors, to identify and distinguish it from other content. The fulfilment of only one element is insufficient for compliance.

The marking element:

  1. Only machine-readable marking is required. Perceptible marks or labels are permitted as complementary measures and may assist deployers in fulfilling their disclosure obligations under Article 50(4).
  2. Providers may rely on a single marking technique or on a combination of techniques, provided that the overall technical solution is machine-readable and meets the requirements of effectiveness, reliability, robustness, and interoperability.
  3. Recital 133 lists examples of techniques: watermarks, metadata identifications, cryptographic methods for proving provenance and authenticity of content, logging methods, and fingerprints. Providers are not required to maintain a full provenance chain or modification history.
  4. Providers may implement marking at different stages of the value chain (for example, at the level of the AI system or the underlying AI model) and may rely on solutions provided by upstream model providers or third parties (such as an open standard or specialised service), without prejudice to their responsibility to demonstrate compliance.

The detection element:

  1. A detection tool is a mechanism that identifies whether content has been AI-generated or manipulated, typically by identifying technical markers or signatures verifying its origin.
  2. The provider must provide its own detection solution or rely on a third-party or publicly available solution, provided interoperability is ensured.
  3. Under Article 50(5), the result of detection is to be provided to natural persons exposed to the content in a clear and distinguishable manner at the latest at the time of the first interaction or exposure, in a human-readable form.

Section 6: The four quality requirements of the technical solution

The second sentence of Article 50(2) requires that the technical solution be effective, interoperable, robust, and reliable. These requirements are to be understood as follows:

Requirement Interpretation
Effectiveness The capability of the technical solution to detect its marks and enable natural persons to distinguish artificially generated or manipulated content, thereby contributing to trust and integrity in the information ecosystem
Reliability The capability of the technical solution to accurately identify and distinguish AI-generated or manipulated content from other content under nominal conditions, across a variety of content generated or manipulated by the system
Robustness The capability of the technical solution to maintain its intended performance levels under varying conditions, including both common alterations and adversarial attacks
Interoperability The capability of different technical solutions for marking and detection to operate seamlessly across multiple systems, actors, contexts, and technical implementations, enabling detection regardless of the marking technique deployed

Technical feasibility. A “technically feasible” solution within the meaning of Article 50(2) is one capable of being implemented for the relevant modalities using currently available technology, methods, and engineering practices within the specific technical architecture and operational environment concerned. Providers are not obliged to make use of solutions that are not yet developed or available, or that are technically infeasible to implement. Technical feasibility is an objective notion that does not depend on the resources and capabilities of individual providers.

State of the art. The term refers to a developed stage of technical capability at a given time, based on the consolidated findings of science, technology, and experience, and accepted as good practice in technology. It does not necessarily imply the latest scientific research still at an experimental stage or with insufficient technological maturity.

Combination of techniques. Under the current state of the art, no single marking and detection technique satisfies all four requirements to the legally required degree simultaneously. Technical solutions must therefore combine multiple techniques. Should a single technique in the future come to satisfy all four requirements, reliance on such a technique would also become permissible.

Cost considerations. The cost of implementing certain technical solutions may be taken into account where it is disproportionate to marginal gains and offers limited value for enabling humans to distinguish AI-generated or manipulated content.

Narrowly defined cases of reduced obligation:

  1. Where a generative AI system is embedded in a physical product and produces outputs in a technically controlled and closed environment, primarily instructive in nature, with outputs not leaving the product or being exported (for example, an AI system embedded in a vehicle navigation system);
  2. Industrial or business-to-business applications meeting all of the following cumulative conditions: (i) the output is strictly technical in nature (such as engineering designs, industrial production workflows, technical instructions, outputs of predictive maintenance processes, or internal documentation processes prior to external publication); and (ii) the output is intended to be perceived only by a limited and predefined number of natural persons acting in a professional capacity within the provider’s or deployer’s organisation, is not intended to be shared outside the organisation, and is not intended to be used or verified by external persons, with appropriate safeguards against reasonably foreseeable misuse;
  3. Real-time content generation that is ephemeral and consumed at the moment without storage or further dissemination (such as in video games), where the persons concerned are aware that the content is AI-generated or manipulated and the output is not recorded such that further verification would be required.

Section 7: Express exceptions

Subsection 1: Assistive function for standard editing. Standard editing is the process of preparing existing content for publication or distribution (such as minor edits to improve readability and grammar, quality, and format) and does not involve the generation of new content. Its purpose is to ensure that content is free from obvious technical or grammatical errors, conforms to applicable layout, presentation, formatting, or accessibility requirements, or aligns with sectoral practices. Editing goes beyond standard editing where the content is changed in a material way that affects its meaning, style, or intent.

Subsection 2: No substantial alteration of input data or semantics. Whether the alteration is substantial requires a case-specific assessment based on factors such as format, type of media content, style, and changes affecting the meaning, style, or intent of the content. Where the same system may serve both for content generation or manipulation and for non-substantial minor alterations of input data, Article 50(2) does not apply to content altered in a minor non-substantial manner.

Examples of standard editing and minor alterations benefiting from the exception: grammar correction and spell-checking; format conversions; technical compression; noise reduction; minor cropping; minor colour adjustments or corrections; limited lightening or darkening; limited sharpening; removal of dust spots caused by a dirty lens or sensor; removal of red-eye caused by flash photography; rotation of an image; rescaling of a video clip; limited video stabilisation; minor adjustments to playback speed; minor corrections to level the horizon of an image. AI-generated content that only transforms authentic human input through assistive technologies for persons with disabilities (such as augmentative and alternative communication or customised neural voices) is also covered, as no semantic alteration of the meaning occurs.

Examples of semantic changes requiring marking: AI-generated translations and summaries of text; the addition of objects or information not present in the original image or video; the deletion or obscuring of backgrounds, objects, or other information; pixelation or blurring of faces; alteration of body shape or skin colour; extreme lightening, darkening, colour, and contrast adjustments by any editing software (such as turning a grey sky blue or a blue sky orange); the creation of an extreme silhouette from a correctly exposed image or video; conversion of black-and-white into colour images or video; the creation of composite images or video clips; and any other substantial alteration of the content.

Subsection 3: Law enforcement exception. The interpretation of this exception parallels that of the corresponding exception under Article 50(1).

The marking and detection obligation under Article 50(2) concerns how the content has been created and its artificial origin, not who created it. Any marking and detection solutions employed must comply with EU data protection principles and obligations, including data protection by design and by default, data minimisation, limited storage period, and security and confidentiality of information.

Recital 136 underscores the particular relevance of the transparency obligations under Articles 50(1), (2), and (4) for the effective implementation of the DSA, especially the obligations of VLOPs and VLOSEs to assess and mitigate systemic risks under Articles 34 and 35 of the DSA. Machine-readable marking may enable such platforms to detect AI-generated or manipulated content and to apply appropriate labels and disclosures.

The marking and labelling obligations under Articles 50(2) and 50(4) do not affect the obligations of hosting service providers under Article 16(6) of the DSA concerning the processing of notices of illegal content received pursuant to Article 16(1) of the DSA. The application of a mark or label does not affect the assessment of illegality under other regulatory frameworks. A labelled deepfake flagged as potentially constituting child sexual abuse material or infringing trade mark or copyright law remains subject to the corresponding legal assessment, irrespective of the label. Conversely, unmarked deepfakes or other unmarked AI-generated content failing to comply with Article 50 may be considered “illegal content” within the meaning of Article 3(h) of the DSA.

Chapter Five: Article 50(3) — Emotion Recognition and Biometric Categorisation Systems

Section 1: Scope of application

Article 50(3) imposes an obligation on deployers of emotion recognition systems and biometric categorisation systems to inform the natural persons exposed to such systems of their operation, irrespective of whether the exposure occurs in real time or ex post.

Section 2: Key concepts

Subsection 1: Emotion recognition system. Article 3(39) defines this as “an AI system for the purpose of identifying or inferring emotions or intentions of natural persons on the basis of their biometric data.” All emotion recognition systems are concurrently classified as high-risk, save where prohibited under Article 5(1)(f) in the workplace and education contexts. The transparency obligation under Article 50(3) thus applies in conjunction with the safeguards and requirements applicable to high-risk systems.

Subsection 2: Biometric categorisation system. Article 3(40) defines this as “an AI system for the purpose of assigning natural persons to specific categories on the basis of their biometric data, unless it is ancillary to another commercial service and strictly necessary for objective technical reasons.” Article 50(3) applies to any biometric categorisation system, regardless of whether it is classified as high-risk.

Section 3: Implementation of the information obligation

Dimension Requirement
Scope of information To inform of the operation of the system; the AI Act does not require information concerning the reasons for the operation
Addressees All natural persons exposed to the operation of the system, including children
Means of providing information The AI Act does not prescribe a specific means. Pursuant to Article 50(5), the information must be provided in a clear and distinguishable manner and in accordance with applicable accessibility requirements. Means may include written form, standardised icons (including in electronic form), oral communication, or a combination thereof, depending on the place of deployment, the addressees, and any existing communication channels
Timing At the latest at the time of the first exposure; earlier disclosure is not precluded

Examples: a centrally placed pop-up message before the launch of a computer game, informing the player that their facial image will be recorded for the capture of emotions; a visible notice at each entrance of an exhibition room, informing visitors that their facial images will be captured to assign them to a specific age group.

Section 4: Out of scope

Emotion recognition and biometric categorisation systems permitted by law to detect, prevent, or investigate criminal offences, subject to appropriate safeguards for the rights and freedoms of third parties and in accordance with Union law, are exempted.

Deployers must comply with the information requirement under Article 50(3) in addition to applicable information requirements under EU data protection law. Where appropriate, the notification under Article 50(3) may be combined with the privacy statement provided to data subjects under data protection law (for example, where consent is relied upon as the legal basis for personal data processing).

Chapter Six: Article 50(4) — Labelling of Deepfakes and Certain Text Publications

Article 50(4) imposes two distinct disclosure obligations on deployers of generative AI systems, the first concerning deepfakes and the second concerning AI-generated or manipulated text published to inform the public on matters of public interest. Both obligations apply in addition to and without prejudice to the marking and detection obligation imposed on providers under Article 50(2).

Section 1: Obligations concerning deepfakes

Subsection 1: Conditions for application
  1. The system must constitute an AI system;
  2. The system must be used by a deployer for a non-personal professional purpose;
  3. It must be used to generate or manipulate image, audio, or video content constituting a deepfake;
  4. The use must not fall within the exception for systems authorised by law to detect, prevent, investigate, or prosecute criminal offences.
Subsection 2: The definition of “deepfake” (Article 3(60))

A “deepfake” is “AI-generated or manipulated image, audio or video content that resembles existing persons, objects, places, entities or events and would falsely appear to a person to be authentic or truthful.” Four elements are to be examined:

| Element | Interpretation |
|||
| Resemblance | The content must appreciably resemble the simulated subject; identity is not required. Whether resemblance is appreciable is a case-by-case assessment by the deployer, based on an objective comparison between the simulated subject and the deepfake content |
| Existing | The simulated subject must be capable of existing in reality. Content depicting subjects that defy the laws of nature or physics (such as humans flying without mechanical aids, dragons, or elephants driving cars) does not qualify as a deepfake |
| Persons, objects, places, entities, or events | “Persons” denotes realistic natural human beings, encompassing digital replicas of real persons as well as realistic AI-generated human avatars or personas; “objects” denotes realistic inanimate material items; “places” denotes realistic locations; “entities” denotes realistic non-human but animate beings, including animals or other biological lifeforms; “events” denotes realistic scenes or situations |
| Falsely appearing authentic or truthful | The assessment does not consider the deployer’s intent to deceive. Rather, it takes into account the possibly diverse composition of the audience exposed to the content. Where the audience may include children, older persons, or persons with lower digital and AI literacy, the assessment must be adjusted accordingly |

The “false appearance of authenticity or truthfulness” is to be interpreted independently of the concept of deception under the UCPD.

Minor, technical AI-supported modifications of pre-existing content typically do not render the content a deepfake. Such modifications may include adjustments to background details, lighting, audio parameters, colour correction, noise reduction, accessibility improvements, or file compression. The assessment is case-specific and must consider the context and the impact on the perception of authenticity or truthfulness. Substantive AI-supported editing of background details in journalistic images, for example, is likely to negatively affect authenticity and truthfulness, whereas AI-supported colour correction or rescaling of images in product advertisements typically has only a minor impact on audience perception.

Examples constituting deepfakes: an AI-manipulated image depicting two professional footballers in front of a building resembling a football stadium; AI-generated audio involving voice cloning of a podcast’s regular presenters and a guest discussing news events; an AI-generated video of a person resembling a politician delivering a speech to an audience; an AI-generated video featuring a celebrity influencer in an advertising or promotional context.

Examples not constituting deepfakes: an AI-generated image of a sphinx flying over the Eiffel Tower; an AI-generated video of mice debating cheese types in human language as part of a cheese manufacturer’s advertising campaign; an AI-manipulated radio broadcast adjusting only technical audio parameters (such as volume normalisation, noise reduction, or audio compression) without altering the spoken content or manner of speech; an AI-generated cartoon adaptation of a pre-existing image depicting a historical event.

Subsection 3: The disclosure obligation

Article 50(4), first subparagraph, requires deployers “to disclose that the content has been artificially generated or manipulated.” Recital 134 clarifies that disclosure should be clear and distinguishable, achieved through appropriate labelling that discloses the artificial origin of the content. The labels or disclosure methods must be understandable and perceivable by natural persons (for example, through visible or audible labels), without requiring specific technical tools or dedicated actions.

Subsection 4: Attenuated disclosure for artistic, creative, satirical, fictional, or analogous works

Where deepfake content forms part of an evidently artistic, creative, satirical, fictional, or analogous work or programme, an attenuated disclosure regime applies. The deployer must still disclose the artificial origin or manipulation but may do so in a manner that does not hamper the display or enjoyment of the work.

The five categories of works:

Category Interpretation
Artistic works Works created for the purpose of art, including music, cinematographic works, and the visual arts
Creative works Works displaying the creative choices of the deployer; works motivated primarily by functional or technical considerations do not qualify
Satirical works Works intended to criticise society, politics, business, or public figures through humoristic techniques (including irony, sarcasm, mockery, and pastiche)
Fictional works Works involving persons, objects, places, entities, or events in an imaginary setting
Analogous works Works sharing core traits with or serving similar expressive or functional purposes to the above categories, but not fitting neatly into any one (for example, where they have a secondary informative or commercial purpose)

These categories may also apply to “programmes,” meaning individual items within a schedule or catalogue established by a media service provider, comparable in form and content to television broadcasting. The reference to “works” or “programmes” does not imply that the content is or may be protected under Union law on copyright and related rights.

The “evidently” requirement:

  1. Whether the content displays formats or styles characteristic of the category (such as irony or exaggeration for satirical works, or specific artistic styles);
  2. The context in which the content is presented (such as whether the platform, medium, or location is associated with artistic, creative, satirical, or fictional use);
  3. Audience expectations (such as a film, a gaming environment, or a virtual reality scene).

The “evidently” requirement also excludes content that primarily serves an informative or commercial purpose and is recognisable as such. Some types of content (such as advertisements or documentaries) containing deepfake content may be regarded as evidently creative or fictional in certain situations but not in others; the assessment is case-specific.

Determining appropriate disclosure. According to Recital 134, appropriate disclosure should not hamper normal exploitation and use of the work, while maintaining its utility and quality. This is a case-by-case assessment, taking into account factors such as the nature of the work, the audience, and the context.

Safeguards for the rights and freedoms of third parties. Recital 134 makes clear that the attenuated disclosure is subject to appropriate safeguards for the rights and freedoms of third parties. Deployers must ensure that the rights of third parties (including personal image and intellectual property rights) are adequately safeguarded when creating or publishing deepfakes. Reliance on the attenuated disclosure regime does not constitute a justification for failing to comply with Union law on intellectual property or data protection.

Examples qualifying as artistic, creative, satirical, fictional, or analogous works: AI-generated special effects in films constituting deepfakes (such as actor simulations, de-aging of living actors, and digital replicas of deceased persons); AI-generated music in any genre resembling the style of existing artists; an AI-manipulated image of an existing politician placed in a scene clearly intended to criticise certain policy decisions; AI-generated gaming imagery involving deepfake simulations of existing persons or locations.

Examples not qualifying: an AI-manipulated video involving a deepfake of humans advertising a product in an AI-generated scene depicting the use of the product by the simulated consumers, with the aim of persuading viewers to purchase the product; AI-generated images of celebrities implying their involvement in activities, lacking any fictional, satirical, or analogous purpose.

Subsection 5: Law enforcement exception

Where the use of a deepfake is authorised by law to detect, prevent, investigate, or prosecute criminal offences, deployers are fully exempted from the obligation.

Article 50(4), first subparagraph, has an important interaction with Article 35(1)(k) of the DSA, which lists the prominent marking of “generated or manipulated image, audio or video that appreciably resembles existing persons, objects, places or other entities or events and falsely appears to a person to be authentic or truthful” as a risk mitigation measure that VLOPs and VLOSEs may adopt. Two important distinctions are to be drawn:

  1. Different material scope: Article 35(1)(k) of the DSA covers a wider range of “false” content than Article 50(4), regardless of the technology used to create it.
  2. Different personal scope: Article 50(4) imposes obligations on deployers of AI systems generating or manipulating deepfakes; Article 35(1)(k) of the DSA applies to providers of VLOPs and VLOSEs disseminating such content. Deployers of AI systems integrated into a VLOP or VLOSE generally constitute “recipients of the service” under Article 3(b) of the DSA. Where the VLOP or VLOSE makes labelling tools available to such deployers, the deployers may rely on those tools to fulfil their obligations under Article 50(4).

Where the deepfake content includes personal data relating to a directly or indirectly identifiable living natural person, deployers acting as data controllers must comply with their obligations under EU data protection law, including reliance on an appropriate legal basis for processing and transparency towards depicted data subjects.

Deployers must also comply with relevant Union intellectual property law (such as trade mark law and copyright and related rights), and where the deepfake depicts existing natural persons, with applicable legal regimes protecting personality rights over personal images or voices.

Section 2: Obligations concerning AI-generated or manipulated text

Subsection 1: Conditions for application
  1. The system must constitute an AI system;
  2. It must be used to generate or manipulate text published with the purpose of informing the public on matters of public interest;
  3. The use must not fall within either of the following exceptions: (i) the AI-generated or manipulated content has undergone human review or editorial control and a natural or legal person holds editorial responsibility for the publication; or (ii) the use is authorised by law to detect, prevent, investigate, or prosecute criminal offences.
Subsection 2: Text published with the purpose of informing the public on matters of public interest

| Element | Interpretation |
|||
| Published text | Text accessible to an indeterminate, fairly large number of unrelated potential readers, simultaneously or successively, whether or not against payment (such as subscriptions). Text not accessible beyond specific individuals within a closed private group is not “published” |
| Informing the public | The text must intend to communicate knowledge, opinions, or facts. Text with an entirely distinct objective (such as entertainment) is not covered |
| On matters of public interest | Matters relevant to society at large, whether at the local, national, European, or international level, meriting public debate or scrutiny. The scope encompasses topics such as public administration and services, fundamental rights (including the administration of justice and law enforcement), public health, environmental protection, consumer safety, and any economic, political, scientific, or cultural development of potentially important public implication. The list is non-exhaustive and may evolve over time and across contexts |

Examples within scope: an AI-generated summary of a human-authored article on a newspaper’s website discussing a recent decision by a town council; AI-manipulated parts of a published academic paper comparing the effects of various diets on a particular disease in middle-aged women; AI-manipulated corporate reports published on a listed company’s website containing investor information; an AI-generated message on a meteorological institute’s social media profile warning citizens about stormy weather.

Examples outside scope: AI-generated fictional novels or poems in any genre; AI-manipulated text forming part of a company’s advertisement, not including claims related to health, consumer safety, or sustainability; news summaries by a chatbot available only to the user that prompted it.

Subsection 3: The disclosure obligation

Article 50(4), second subparagraph, requires deployers to disclose that the text has been artificially generated or manipulated. According to Recital 134, deployers should clearly and distinguishably disclose the artificial origin or manipulation of the text by labelling the output. The labels or disclosure methods (including disclaimers) must be clear and perceivable by natural persons (for example, through visible or audible measures), without requiring the use of specific technical tools or dedicated actions.

Subsection 4: The exception for text under human review or editorial control with editorial responsibility

The exception applies where two cumulative conditions are satisfied:

Condition 1: Human review or editorial control

  1. Human review refers to the deliberate examination of the substance of the content by one or more natural persons possessing relevant competence and professional judgement pertaining to the subject matter.
  2. Editorial control refers to control exercised in practice by a responsible editorial entity (such as an editor-in-chief), having the authority to approve, alter, or reject the substance of the text on substantive grounds (including fact-checking of information and assessment of the trustworthiness of sources).
  3. Superficial, purely formal, or procedural checks (such as spell-checking or grammatical correction), the mere existence of an editorial policy, or cursory editorial approval without substantive engagement, cannot satisfy the requirements of the exception.

Condition 2: Editorial responsibility

  1. A natural or legal person must hold the ultimate legal responsibility over the publication of the content, including the human review or editorial control (for example, an individual, an editorial board, or the publishing company).
  2. In the interest of public accountability and trust, and in line with existing media professional standards, the identity and contact details of the editorial responsibility holder should be made publicly available in an easily findable location. This may be done online, through website terms and conditions or other user-facing legal information, or offline, through a publication’s colophon or edition notice.

Examples satisfying the conditions: an AI-manipulated article in a newspaper subject to the editorial control of the editor-in-chief, with editorial responsibility held by the publishing legal person; an AI-manipulated academic blog post that has undergone internal peer review, with the research centre managing the blog holding editorial responsibility; AI-generated public safety warnings approved by a public official before distribution to citizens, under the responsibility of the relevant civil protection public agency.

Examples not satisfying the conditions: a website where AI-generated articles on EU policy are published without any deliberate human review or editorial control; AI-generated articles reviewed and edited by another AI system, where a human editor performs only a superficial grammatical check before publication.

For European media law, “editorial responsibility” is defined in Article 2(8) of the European Media Freedom Act (EMFA) as “the exercise of effective control both over the selection of programmes or press publications and over their organisation, for the purposes of the provision of a media service, regardless of the existence of liability under national law for the service provided.” This definition may overlap with the notion of editorial responsibility under Article 50(4), second subparagraph, in particular where the deployer of the AI system also qualifies as a media service provider under the EMFA. Editorial responsibility under Article 50(4) is to be interpreted consistently with the existing EU media acquis, notwithstanding that it remains a distinct concept capable of application in broader contexts and to other deployers, provided they assume editorial responsibility for the text publication.

Chapter Seven: Article 50(5) — Horizontal Requirements Applicable to the Information Provided

Article 50(5) requires that the information referred to in Article 50(1) to (4) be provided to the natural persons concerned in a clear and distinguishable manner, at the latest at the time of the first interaction or exposure, and that it conform to applicable accessibility requirements.

Section 1: Clear and distinguishable manner

Clear“ denotes that the information is noticeable and easy to understand by the natural person concerned (including persons with accessibility needs). “Distinguishable“ denotes that the information is easy to identify as separate from other information and from the environment in which the content is presented. Both require ease of understanding by the audience, including specific groups such as children. Providers or deployers may present the information as part of the interaction (under Article 50(1)) or as part of the relevant content (under Articles 50(2) and 50(4)). Information presented only as part of a manual or hidden under layers of menu options on an online interface does not satisfy the requirement.

Section 2: First interaction or exposure

“First interaction or exposure” refers not only to the first natural person interacting with or exposed to the output of an AI system, but also to any subsequent first interaction or exposure by any other natural person. With respect to AI-generated or manipulated content, the information obligation therefore applies to each output of the system relative to each natural person exposed to it.

The obligation is to be understood as applying at any moment at which a natural person is reasonably likely to be exposed to the output and to perceive the disclosure. Providers and deployers may also inform natural persons earlier than the actual first interaction or exposure, where this is appropriate for ensuring the effective provision of information. For example, in a live broadcast featuring deepfake content, since natural persons may begin watching after the start of the broadcast, disclosure should not occur only at the outset but also at later stages or persistently.

Examples of compliance: launching a conversation with a chatbot or commencing physical interaction with an AI system; the beginning of a video containing deepfake content, the beginning of an AI-generated or manipulated text publication on matters of public interest, or the appearance of AI-manipulated deepfake content while scrolling on social media.

Examples of non-compliance: disclosure made only when ending the interaction; disclosure as part of end credits.

Section 3: Compliance with applicable accessibility requirements

Providers and deployers must be aware of applicable accessibility requirements (such as those under Directive (EU) 2016/2102 and Directive (EU) 2019/882) and assess whether their products, services, or content fall within their scope. Where they do, the information conveyed under Article 50 must comply with the relevant accessibility requirements. Article 50 itself does not impose any separate or additional accessibility requirements.

Chapter Eight: Enforcement of Article 50

Pursuant to Article 50(7), providers and deployers of AI systems falling within Articles 50(2) and 50(4) may demonstrate compliance by adhering to a code of practice deemed adequate by the AI Office. They may also demonstrate compliance through other adequate means.

The legal effects of adherence to an approved code of practice include:

  1. The Commission and competent market surveillance authorities will focus their supervisory activities on assessing adherence to the code, rather than conducting broader independent assessments;
  2. Adhering parties will benefit from increased trust on the part of the Commission, other competent market surveillance authorities, and other stakeholders (including the general public), owing to their transparency regarding compliance measures;
  3. Any opt-out from sections of an approved code of practice by signatories will result in the loss of the corresponding benefit of facilitated demonstration of compliance;
  4. Pursuant to Article 99(7)(e), competent authorities may take commitments implemented in line with an approved code of practice into account as a mitigating factor when determining the amount of fines.

For providers and deployers that are not signatories to an approved code of practice, compliance must be demonstrated through other adequate means, with an explanation of how the measures implemented ensure compliance (for instance, by carrying out a gap analysis comparing the implemented measures with those of an approved code of practice). Such parties may also be subject to more frequent requests for information and requests for access.

Where a code of practice is not deemed adequate by the AI Office, the Commission may adopt an implementing act specifying common rules for the implementation of the obligations under Articles 50(2), 50(4), and 50(5).

Section 2: Market surveillance authorities

Market surveillance authorities designated by Member States, the AI Office (as the market surveillance authority for AI systems built on general-purpose AI models provided by the same provider), and the European Data Protection Supervisor (as the market surveillance authority for Union institutions, bodies, and agencies) are jointly responsible for enforcement. Enforcement is conducted within the system of market surveillance and product compliance established by Regulation (EU) 2019/1020.

Market surveillance authorities may take enforcement action on their own initiative or following a complaint. Pursuant to Article 85, any affected person or any natural or legal person having grounds to consider that an infringement has occurred has the right to lodge a complaint.

Section 3: Penalties

Providers and deployers that fail to comply with the applicable transparency obligations under Article 50 may be fined up to EUR 15 000 000 or up to 3% of total worldwide annual turnover for the preceding financial year, whichever is higher. Where the infringer is a Union institution, body, or agency, an administrative fine of up to EUR 750 000 may apply.

Section 4: Entry into application

Pursuant to Article 113, Article 50 applies from 2 August 2026. All in-scope AI systems placed on the market or put into service in the Union must be compliant, regardless of the date of placing on the market or putting into service. The AI Omnibus proposal currently under examination by the Union co-legislators envisages a targeted grandfathering rule with respect to the marking and detection obligations under Article 50(2) for generative AI systems placed on the market or put into service before 2 August 2026, affording providers a transitional period.

AI-generated or manipulated outputs (including deepfakes) within the scope of Articles 50(2) and 50(4), which are generated and already made available before 2 August 2026, need not be marked or labelled retroactively. However, in light of the AI Act’s objective of transparency and increased trust and integrity of the information ecosystem, deployers and other actors in possession of, or disseminating, such content are encouraged to do so.

Chapter Nine: Review and Update of the Guidelines

The Guidelines constitute a first interpretive document with practical examples concerning the transparency obligations under Article 50. The Commission will review them as necessary in light of practical experience gained from implementation, the pace of technological, societal, and regulatory developments, relevant experience from market surveillance enforcement actions, and interpretations of Article 50 by the CJEU. During such review, the Commission may decide to withdraw or amend the Guidelines. Providers, deployers, national market surveillance authorities (through the AI Board), the AI Advisory Forum, the research community, and civil society organisations are encouraged to contribute to future public consultations.

Part Five: Practical Implications and Preliminary Commentary (generated by the present author)

This part provides preliminary commentary on issues of operational significance or interpretive controversy. The observations are analytical in nature and based on the systematic interpretation of the provisions; they do not constitute legal advice.

1. Design considerations for providers at the product architecture stage

The compliance requirements under Articles 50(1) and 50(2) effectively constitute engineering goals that must be incorporated into the architectural design of generative and interactive AI products. Design-stage considerations should encompass at least the following: disclosure mechanisms at the interaction interface, covering text, voice, and multimodal contexts; modality-specific machine-readable marking techniques, including watermarking, metadata, and cryptographic provenance methods; detection solutions callable by third parties or publicly available; and accessibility adaptations for vulnerable groups including children, older persons, and persons with disabilities. Providers are advised to treat these compliance requirements as functional requirements in the product specification stage, rather than as ancillary considerations.

2. Procedural and organisational compliance on the deployer side

The obligations under Articles 50(3) and 50(4) are essentially procedural in nature. Deployers should establish compliance frameworks through internal policies, operational guidelines, review procedures, and the allocation of responsibilities. This is particularly the case for deployers seeking to avail themselves of the human review exception (such as news media, academic publishers, and public authorities), who should document their review processes, including the qualifications of reviewers, the substantive content of the review process, and the identity of the entity holding editorial responsibility, so as to be able to demonstrate compliance in response to access requests by supervisory authorities.

3. Coordination space for non-obligated actors along the value chain

While Article 50 imposes obligations only on providers and deployers, effective implementation depends on coordination by other actors along the value chain, including online platforms, search engines, and content distributors. The Guidelines encourage such coordination through several pathways: preserving and displaying the machine-readable marks implemented by providers; making labelling tools available to deployers in user-friendly form; and incorporating marking information into content moderation and recommendation systems. From a normative incentive perspective, distribution actors not directly bound by Article 50 may nevertheless need to address AI-generated content as part of their DSA obligations, providing a substantial basis for such coordination.

4. Dynamic compliance under the “state of the art” standard

The reference in Article 50(2) to the “state of the art” entails that the compliance standard is not static. Providers should establish ongoing monitoring of the technical standards published by relevant standardisation bodies (such as CEN-CENELEC, ETSI, and ISO/IEC JTC 1) and conduct periodic effectiveness evaluations of their marking and detection solutions. As emerging techniques reach the maturity threshold of being “accepted as good practice,” previously adopted solutions may cease to qualify as compliant.

5. Strategic considerations regarding adherence to a code of practice

Adherence to a code of practice deemed adequate by the AI Office offers significant facilitation in demonstrating compliance and may serve as a mitigating factor in the assessment of fines. However, adherence also entails corresponding transparency commitments and external scrutiny. Providers and deployers should carefully assess their internal capabilities, compliance maturity, and likely reporting burdens before signing. For actors operating at the technological frontier but still building compliance capacity, staged accession or the reservation of opt-outs on specific sections may constitute a more prudent strategy.

6. Implications for academic research and public discourse

The category under Article 50(4), second subparagraph, of “text published with the purpose of informing the public on matters of public interest” is comparatively broad and may encompass academic blogs, policy commentary by research centres, and public-facing science communication. Research institutions and scholars using AI to assist in drafting or translating such content should consider (i) whether the text constitutes a “published” work and concerns matters of public interest; and if so, (ii) whether to provide clear and distinguishable labels disclosing the AI involvement, or to ensure substantive satisfaction of the human review and editorial responsibility conditions. AI-assisted translation and summarisation deserve particular attention in the context of research outputs disseminated across languages.

7. Extraterritorial implications for third-country actors

Pursuant to Article 2(1)(a), providers and deployers established outside the Union are subject to the AI Act where the outputs of their systems are used within the Union. This extraterritorial effect imposes substantial compliance pressure on providers of AI products and services in third countries. Its implications include the following: cross-border providers of AI chatbots, generative services, or emotion recognition systems must offer EU users disclosure and marking functionalities consistent with Article 50; advertisers, media organisations, and academic publishers placing AI-generated content in the EU market must likewise comply with the labelling obligations.

The present notes are based on the Draft Guidelines issued by the European Commission and are intended for academic study. They do not constitute legal advice. Authoritative interpretation of the provisions rests ultimately with the Court of Justice of the European Union. The Guidelines themselves remain at the stakeholder consultation stage and may be subject to revision.

The author-supplemented chapters (Parts One through Three) and the practical implications (Part Five) constitute systematic organisation and analytical extension of the original text by the present author. Where the views of others are referenced or paraphrased, separate citation of the original source remains appropriate.