Article 50 transparency:
what gets labelled, what doesn’t, and what changes August 2
Article 50 of the EU AI Act applies from 2 August 2026. It splits transparency obligations between providers and deployersacross four AI surface types: interactive AI systems, synthetic content generators, emotion recognition and biometric categorisation, and deep fakes plus public interest text. Here’s the practical breakdown, including the three exception lines and the AI Office Code of Practice status.
The one thing to understand
Article 50 splits the work. Providers own the interaction notice (50(1)) and the synthetic content marking (50(2)). Deployers own the emotion recognition disclosure (50(3)), the deep fake disclosure (50(4) first part), and the AI generated text disclosure on matters of public interest (50(4) second part). If your organisation does both roles on the same surface (in-house generative tools, AI editorial workflows), both sets of obligations attach.
Provider obligations: interaction notice and content marking
Article 50(1) and 50(2). These bind whoever places the AI system on the market or puts it into service.
AI interaction notice
Providers shall design and develop AI systems intended to interact directly with natural persons so that the natural persons concerned are informed that they are interacting with an AI system, unless this is obvious from the point of view of a reasonably well informed natural person. Chatbots, virtual assistants, automated phone systems, AI customer support agents all fall in scope. Exception: AI systems authorised by law to detect, prevent, investigate, or prosecute criminal offences (subject to safeguards).
Synthetic content marking
Providers of AI systems (including general purpose AI systems) generating synthetic audio, image, video, or text content shall ensure that the outputs of the AI system are marked in a machine readable format and detectable as artificially generated or manipulated. Technical solutions must be effective, interoperable, robust, and reliable as far as technically feasible, taking into account the specificities and limitations of various content types, the costs of implementation, and the state of the art. Common techniques include watermarks, metadata identifiers, cryptographic methods, logging methods, fingerprints, or combinations. Exception: assistive editing functions that don't substantially alter the input, minor alterations, and law enforcement use.
Deployer obligations: emotion, biometrics, deep fakes, public interest text
Article 50(3) and 50(4). These bind whoever puts the system into use under their authority.
Emotion recognition and biometric categorisation disclosure
Deployers of emotion recognition systems or biometric categorisation systems shall inform the natural persons exposed to the operation of the system, and shall process personal data in accordance with GDPR, Regulation (EU) 2018/1725, and Directive (EU) 2016/680, as applicable. Exception: AI systems permitted by law to detect, prevent, or investigate criminal offences (subject to appropriate safeguards).
Deep fake disclosure
Deployers of AI systems that generate or manipulate image, audio, or video content constituting a deep fake shall disclose that the content has been artificially generated or manipulated. Exception 1: law enforcement use. Exception 2: where the content forms part of an evidently artistic, creative, satirical, fictional, or analogous work, the transparency obligations are limited to disclosing the existence of such generated or manipulated content in an appropriate manner that does not hamper display or enjoyment of the work.
AI generated text on matters of public interest
Deployers of AI systems that generate or manipulate text published with the purpose of informing the public on matters of public interest shall disclose that the text has been artificially generated or manipulated. Exception 1: law enforcement use. Exception 2: the AI generated content has undergone a process of human review or editorial control and where a natural or legal person holds editorial responsibility for the publication. The editorial responsibility carve out is the most contested line in Article 50: it removes the obligation where there is genuine human editorial oversight, but the threshold for "genuine" is unsettled.
The three exception lines
Article 50 has three distinct exception categories. Don’t conflate them: they attach to different paragraphs and have different thresholds.
Law enforcement carve out
Articles 50(1), 50(3), and parts of 50(4) include exceptions where the AI system is authorised by law to detect, prevent, investigate, or prosecute criminal offences, subject to appropriate safeguards for third party rights and freedoms.
Artistic and creative works (deep fakes only)
Where deep fake content forms part of an evidently artistic, creative, satirical, fictional, or analogous work, the disclosure obligation is limited to acknowledging the existence of AI-generated content in a manner that does not hamper display or enjoyment of the work. The full Article 50(4) deep fake disclosure does not apply in the same form.
Human editorial review (text on public interest only)
The Article 50(4) text disclosure obligation does not attach where the AI generated text has undergone human review or editorial control AND a natural or legal person holds editorial responsibility for the publication. This is a two part test, both elements required. Where editorial review is nominal (e.g., automatic publish with no real human gating), the carve out likely does not apply.
Timing and accessibility (Article 50(5))
Article 50(5) sets the bar for how transparency information must reach the affected person. Information shall be provided to the natural persons concerned in a clear and distinguishable manner at the latest at the time of the first interaction or exposure. The information shall conform to applicable accessibility requirements. Practical translation: a notice buried in a privacy policy or a banner that auto-dismisses before the user interacts does not meet 50(5).
Interaction with high risk obligations (Article 50(6))
Article 50(6) is a non-derogation clause. The transparency obligations in Article 50 do not affect the requirements and obligations set out in other parts of the AI Act for high risk AI systems, and they do not prejudice other Union or national transparency obligations for deployers of AI systems.
For deployers running a system that is both high risk under Annex III and in scope of Article 50 (for example, a recommender used in workforce management contexts, or a chatbot used in employment), both layers run in parallel. Article 26 deployer obligations (see August 2: what attaches for deployers) attach independently of Article 50, and where Article 27 FRIA also applies (see Article 27 FRIA scope guide) it layers on top again.
The Code of Practice on Marking and Labelling
Article 50(7) tasks the AI Office with encouraging and facilitating the drawing up of codes of practice at Union level to facilitate effective implementation of the obligations regarding the detection and labelling of artificially generated or manipulated content. The EU Commission also has implementing act powers under Article 50(7).
The AI Office published the first draft Code of Practice on Marking and Labelling of AI Generated Content on 17 December 2025. The second draft was published on 3 March 2026. The final version is expected by June 2026, in time for the 2 August 2026 application date.
The Code adopts a multilayered approach to the “machine readable” marking requirement. Rather than mandating a single technique (watermarks alone, or metadata alone), it combines watermarks, metadata identifiers, cryptographic provenance methods, logging, and fingerprinting in stacked combinations appropriate to the content type and use case.
Adherence to the final Code of Practice will likely create a presumption of compliance for providers, although the legal weight of that presumption depends on the final text and any implementing acts. Until publication, providers should design their marking infrastructure to be modular and capable of adopting whichever combination the final Code specifies.
Practical implementation before August 2
The deliverable structure for an Article 50 readiness programme.
Inventory your AI surfaces
Identify every customer or public facing AI surface: chatbots, virtual assistants, recommender systems, generative content tools, deep fake or synthetic media generators, AI editorial workflows, emotion recognition tools, biometric categorisation tools. Each maps to one or more Article 50 paragraphs.
Classify each surface by paragraph
For each surface, identify whether you are provider, deployer, or both (provider-deployer overlap is common for in-house tools). Map to 50(1) interaction notice, 50(2) synthetic content marking, 50(3) emotion/biometric disclosure, or 50(4) deep fake/text disclosure.
Draft the notice copy
Each in-scope surface needs notice copy compliant with Article 50(5): clear, distinguishable, at the latest at first interaction or exposure, conforming to accessibility requirements. Notices can sit alongside existing GDPR Article 13/14 notices but are separate obligations.
Implement the technical marking (providers of generative AI)
For 50(2), build or procure marking infrastructure: watermarking, metadata identifiers, cryptographic provenance, logging, or fingerprinting. The Code of Practice favours a multilayered approach, not a single technique. Document the choice and rationale.
Document the exception case if relying on one
If invoking the law enforcement, artistic works, or human editorial review exceptions, document the basis explicitly. The editorial review exception in particular needs a documented review workflow that a supervisory authority can audit.
Map interaction with high risk obligations
Article 50(6) clarifies that transparency obligations don't override high risk AI obligations. Where a surface is both high risk (Annex III) and Article 50 in scope (e.g., a recommender system used in workforce contexts), you have both layers running.
Track Code of Practice developments
The AI Office published the first draft Code of Practice on Marking and Labelling of AI Generated Content on 17 December 2025, the second draft on 3 March 2026, with the final version expected by June 2026. Adhering to the Code creates a presumption of compliance for providers.
How Article 50 sits within the August 2 stack
Article 50 attaches to specific AI surfaces (interactive, generative, emotion/biometric, deep fake or public interest text) regardless of whether those surfaces are high risk under Annex III. A consumer chatbot that is not Annex III high risk still owes an Article 50(1) interaction notice. A generative AI tool that is not high risk still owes Article 50(2) synthetic content marking.
Where the AI surface is also high risk under Annex III, both Article 26 deployer obligations and Article 50 transparency obligations apply in parallel. Where the FRIA threshold is met (public body, public service provider, or credit/insurance pricing AI), Article 27 also layers on top. Plan your August 2 readiness work to cover all three intersections.
Get the Article 50 readiness analysis for your AI surfaces
ActComply runs the Article 50 classification analysis end to end. Send us one AI surface and we return which paragraphs attach, which role applies (provider, deployer, or both), whether any exception is available, and a notice copy template that meets the Article 50(5) clear and distinguishable bar.
Assess your AI systems free →No credit card required
Related guides
More EU AI Act compliance pieces from ActComply.
EU AI Act Compliance Checklist
All 27 obligations across high risk, limited risk, general provider, and GPAI categories.
EU AI Act Risk Classification
Walk through the four risk tiers and how to classify your AI system.
High Risk AI Systems
Annex III categories and what counts as high risk under the AI Act.
Omnibus Update
How the May 2026 provisional agreement shifts high risk deadlines, and what stays unchanged.
Article 26 Deployer Obligations
All twelve Article 26 obligations attaching to every deployer of a high risk system on August 2.
Article 27 FRIA Scope
Who the Fundamental Rights Impact Assessment actually applies to, and what fills the gap when it doesn't.
Article 27 FRIA Template
Working one page template covering the six Article 27(1) inputs, with PDF download.
Article 25(1)(b) Substantial Modification
When a deployer becomes a provider through substantial modification, and what crossing the line costs.
GPAI Provider Obligations
Article 53 + 55 obligations for general purpose AI model providers, plus the 10 July 2025 Code of Practice.