EU extends Article 50 transparency

The European Commission published draft guidelines on May 8 for the AI Act’s Article 50 transparency rules and opened a consultation ahead of the rules taking effect on August 2, 2026. The Commission said the obligations will require people in the European Union to be informed when they are interacting with AI systems or exposed to certain AI-generated or manipulated content. A parallel code-of-practice process, run by the Commission’s AI Office with outside experts, is drafting more detailed compliance approaches for marking and labeling AI-generated content. The combined effect is to move Article 50 from a legal text into a set of implementation tasks for product, compliance and engineering teams. ### Which AI systems does Article 50 actually cover? Article 50 covers four categories of systems, according to the Commission’s Q&A and draft guidelines. Providers of AI systems that interact directly with people must inform users that they are dealing with AI unless that is already obvious. Providers of systems that generate synthetic audio, image, video or text content must ensure outputs are marked in a machine-readable format and detectable as artificially generated or manipulated. (digital-strategy.ec.europa.eu) Deployers of emotion-recognition or biometric-categorization systems must inform natural persons exposed to them, except in limited law-enforcement cases. Deployers of deepfake systems must disclose that content has been artificially generated or manipulated, and deployers that publish AI-generated text on matters of public interest must disclose that text was generated or manipulated by AI, with some exceptions for editorial review and responsibility. ### Why are companies treating this as an engineering job, not just a legal one? The Commission’s own language centers on “marking,” “detection” and “labelling,” not just policy statements. The first and second drafts of the code of practice describe technical and organizational measures for machine-readable marking of AI-generated content, including synthetic audio, images, video and text, to enable downstream detection. That means providers need systems that can attach provenance or other markers to outputs, preserve those markers through product workflows where possible, and document when those controls apply. (digital-strategy.ec.europa.eu) The draft guidelines published on May 8 also focus on who bears obligations — providers or deployers — and in which use cases. That split matters operationally because a model provider, an application developer and a professional user may each carry separate duties depending on how a system is built and used. Companies therefore need internal maps showing where AI-generated content is created, which product surface presents it, and which team owns the disclosure step. That ownership question is not set out as a slogan in the law, but it follows from the way Article 50 assigns duties across providers and deployers. (digital-strategy.ec.europa.eu) ### What do “machine-readable” and “detectable” mean in practice? The Commission said providers will have to add machine-readable marks to AI-generated or manipulated content to enable detection. The code-of-practice process is intended to support compliance with those obligations and has been framed around practical, technologically neutral guidance, according to Commission materials on the working groups. Those documents do not impose a single technical standard in the material reviewed here, but they do make clear that compliance is meant to be implemented through technical artifacts, not only user-facing notices. (digital-strategy.ec.europa.eu) The AI Office has described the code as a voluntary instrument to help providers of generative AI systems meet transparency obligations. That leaves the legal duty in the AI Act itself, while the code and guidelines are meant to show firms how to carry it out in products and workflows before August 2026. ### Who inside a company is likely to be on the hook? (digital-strategy.ec.europa.eu) Article 50 applies to both providers and deployers, and the Commission’s draft guidance repeatedly separates those roles. In practice, that means legal teams cannot complete compliance on their own if product teams control user interfaces, model teams control output pipelines, and trust-and-safety or publishing teams control final distribution. The Commission’s consultation says the guidelines are intended to help providers and deployers comply in a “consistent, effective and uniform manner,” language that points to documented processes rather than ad hoc disclosures. (digital-strategy.ec.europa.eu) Professional users also face direct duties. The Commission said users who deploy generative AI systems for professional purposes must clearly label deepfakes and certain AI-text publications on matters of public interest. For media, marketing, enterprise software and public-sector users, that means the obligation may attach at the publication layer even when the underlying model comes from another company. (digital-strategy.ec.europa.eu) ### What happens between now and August 2026? May 8, 2026 is the current procedural marker: the Commission opened consultation on the draft Article 50 guidelines and published the draft text. The AI Office is also continuing work on the code of practice on marking and labelling AI-generated content, following earlier draft releases in December 2025 and March 2026. Article 50 itself is scheduled to apply from August 2, 2026, according to the AI Act implementation timeline. (digital-strategy.ec.europa.eu 1) (digital-strategy.ec.europa.eu 2)