The European Commission has published its draft guidelines on Article 50 of the AI Act, the provision that sets transparency obligations for certain AI systems regardless of whether they are classified as high-risk. The guidelines are open for stakeholder consultation, but the substance is unlikely to shift much before adoption. Article 50 applies from 2 August 2026, with a tighter grace period for one specific obligation following the 7 May 2026 Digital Omnibus provisional agreement.
The four transparency obligations cover a much broader population of AI systems than the high-risk classification alone. Providers and deployers across consumer technology, enterprise software, financial services, public services, education, advertising, journalism and many other sectors will find at least one Article 50 obligation attaching to their AI portfolio.
This article walks through what Article 50 actually requires, how each obligation works in practice, what the principal exceptions look like, and the most useful next steps for providers and deployers between now and August.
What Article 50 Covers
Article 50 sets out four transparency obligations, each targeting a different type of AI system or output, and each addressed to a specific responsible actor.
Article 50(1) addresses providers of AI systems intended to interact directly with natural persons. The provider must design and develop the system so that the natural person is informed they are interacting with an AI.
Article 50(2) addresses providers of AI systems generating or manipulating synthetic image, video, audio or text content. The provider must ensure that outputs are marked in a machine-readable format and detectable as artificially generated or manipulated.
Article 50(3) addresses deployers of emotion recognition systems and biometric categorisation systems. The deployer must inform the natural persons exposed to the system of its operation.
Article 50(4) addresses deployers of generative AI systems that produce deep fakes, or AI-generated or manipulated text published to inform the public on matters of public interest. The deployer must disclose that the content has been artificially generated or manipulated.
The obligations apply cumulatively. A single AI system, depending on what it does, can engage more than one. Penalties for non-compliance reach EUR 15 million or 3 per cent of worldwide annual turnover, whichever is higher.
A point that often gets missed: the grandfathering rule for high-risk AI systems placed on the market before the high-risk rules apply does not extend to Article 50. Article 50 transparency obligations apply on top of the high-risk obligations, and there is no transitional relief on transparency for legacy systems already on the EU market other than the narrow Article 50(2) grace period discussed below.
Article 50(1): Interactive AI Systems
Article 50(1) is the obligation that applies to systems intended to interact directly with natural persons. The guidelines confirm that the scope covers conversational agents and voice assistants in any context (customer support, e-commerce, finance, public service, healthcare, education and many others), AI companions and avatars, humanoid robots and cobots, agentic AI and coding agents, bots on social networks and media, and AI-driven NPCs in video games where the interaction is not obvious.
The provider must design the system so that the natural person is informed that the interaction is with an AI. Disclosure has to be perceivable at the point of interaction. The guidelines are explicit about what does not satisfy the obligation: disclosures buried in terms and conditions, URLs or documentation; machine-readable markings alone, which are not perceivable by users at the point of interaction; unclear or ambiguous signals such as generic references to “assistant”; technical or capability-based descriptions such as “this system uses LLMs” without explaining what the system actually is for the user.
The textual, auditory or visual disclosure has to be in plain language. The guidelines recommend a combination of techniques where appropriate (text labels, first-turn greetings, persistent badges, distinct audio cues, visual icons or watermarks), with the use of multimodal disclosure encouraged for accessibility and reinforcement.
The exception for obvious interaction is real but narrow. To rely on it, the provider must demonstrate that the artificial nature of the interaction is obvious to a natural person who is reasonably well-informed, observant and circumspect, taking into account the actual target audience. The guidelines emphasise that where the audience includes children, elderly individuals, persons with disabilities, or any group with lower digital and AI literacy, the expected level of obviousness drops. The exception works comfortably for tools available only to a narrow professional or specialised audience. It works less comfortably for any system the public can readily access.
The guidelines also flag that one-time disclosures at the beginning of an interaction may not be considered adequate in sensitive contexts where users may express or experience emotional distress or vulnerability, or where there is an increased risk of users forming emotional attachments. Periodic reminders and context-aware disclosures may be necessary. AI companion products are the headline case, but the principle applies more broadly to any system where the user is likely to be emotionally invested in the interaction.
Article 50(2): Marking Synthetic Content
Article 50(2) is the obligation with the broadest reach in practice. Any AI system that generates or manipulates synthetic image, video, audio or text content falls within scope unless one of the narrow exceptions applies.
The guidelines confirm that scope covers AI image and video generators, text-to-speech and voice cloning tools, music and audio synthesis tools, AI text generators including chatbots producing substantively new content, AI tools that manipulate existing media in substantive ways, and agentic AI producing perceptible audio, image, video or text outputs. Generative AI systems with narrow intended purposes, such as those generating educational evaluations, marketing copy, synthetic training data or AI-enhanced medical images, are explicitly within scope. General-purpose AI systems with multimodal output capabilities are within scope to the extent they generate or manipulate synthetic content in the listed modalities.
Providers must implement technical solutions for marking outputs in a machine-readable format and for making those outputs detectable as artificially generated or manipulated. The solutions must be effective, interoperable, robust and reliable. Recital 133 of the AI Act lists examples of marking techniques: watermarks, metadata identifications, cryptographic methods for proving provenance and authenticity, logging methods, fingerprints, or combinations of these. The guidelines acknowledge that no single technique meets all four quality requirements simultaneously at the current state of the art, so providers are likely to need a combination of techniques.
Three exceptions matter in practice. The first covers AI systems performing an assistive function for standard editing (grammar correction, format conversion, technical compression, minor cropping, minor colour adjustments, dust spot removal). The second covers AI systems that do not substantially alter the input data or its semantics. The third covers AI systems authorised by law to detect, prevent, investigate or prosecute criminal offences. Anything that substantially alters the input data, including translations, summaries, composite imagery, semantic changes to existing content, addition or removal of objects, or pixelation of faces, is in scope.
Following the 7 May Omnibus provisional agreement, the grace period for systems already on the market before 2 August 2026 has been compressed from six months to three. The compliance deadline for those legacy systems is 2 December 2026. Systems placed on the market or put into service from 2 August 2026 onwards must comply from the date of placement. For both populations, the technical solutions need to be designed, integrated and validated, not bolted on after the fact.
Article 50(3): Emotion Recognition and Biometric Categorisation
Article 50(3) is addressed to deployers, meaning the natural or legal persons using the system under their authority. The obligation is to inform exposed individuals that the system is operating.
The guidelines confirm that emotion recognition systems within scope are AI systems that identify or infer emotions or intentions of natural persons on the basis of biometric data. Biometric categorisation systems within scope are AI systems that assign natural persons to specific categories on the basis of biometric data, where the categorisation is not strictly necessary for an ancillary commercial service for objective technical reasons.
The contexts in which this obligation applies include consumer well-being and lifestyle applications, advertising and audience measurement, gaming and immersive entertainment, security and access control, customer experience monitoring in physical retail and hospitality, and research applications outside the prohibited workplace and education contexts. Note that emotion recognition in the workplace and in education is prohibited under Article 5 of the AI Act, with narrow medical and safety exceptions, and that prohibition has applied since February 2025.
Information must be provided in a clear and distinguishable manner and in accordance with accessibility requirements. The means can include a centrally placed pop-up before the system runs, a visible notice at the point of entry to a space where the system is operating, or written information provided through an existing communication channel. The guidelines give examples including pop-up onboarding messages before a computer game launches and visible notices at the entrance to an exhibition room where facial images are captured.
The vast majority of emotion recognition systems are also classified as high-risk under the AI Act. The Article 50(3) obligation applies in addition to the high-risk requirements, not instead of them. Manufacturers acting as both provider and deployer carry both sets of obligations.
Article 50(4): Deep Fakes and Public-Interest Text
Article 50(4) addresses deployers of AI systems that generate deep fakes and deployers of AI systems generating or manipulating text published to inform the public on matters of public interest.
A deep fake is AI-generated or manipulated image, audio or video content that resembles existing persons, objects, places, entities or events and would falsely appear to a person to be authentic or truthful. The guidelines apply a relatively broad reading of “resembles existing”, covering realistic depictions of subjects that exist or could have existed in reality. Simulated subjects that defy the laws of nature or depict obviously fantastical scenes fall outside the deep fake definition.
The contexts where the deep fake obligation lands include advertising and marketing using synthetic depictions of real or realistic-looking people, places or events; political communication; entertainment and creative content; influencer and brand-partnership content; corporate communications and product demonstrations; and journalism using synthetic re-enactments. A softer disclosure regime applies to deep fakes that are evidently part of an artistic, creative, fictional or satirical work, but the disclosure must still appear and must not impair the enjoyment of the work.
The AI-generated text obligation applies only where the text is published to inform the public on matters of public interest. Most internal documentation, marketing copy and product literature falls outside it. Public health communications, scientific commentary intended for general audiences, journalism on public-interest topics and certain corporate communications could fall inside it. The exception for text under human review and editorial control with editorial responsibility provides a practical carve-out for content produced through a documented editorial process.
The obligation is to disclose, in a clear and distinguishable manner at the latest at the time of the first exposure, that the content has been artificially generated or manipulated. The deployer is responsible for the disclosure, even where the content was generated using a third-party AI system. The provider’s Article 50(2) machine-readable marking sits underneath and supports the deployer’s perceptible disclosure.
How Article 50 Stacks with the High-Risk Regime
Many AI systems within the scope of Article 50 are also classified as high-risk under Article 6 of the AI Act. The high-risk requirements under Articles 8 to 15, covering risk management, data governance, technical documentation, record-keeping, transparency to deployers, human oversight, accuracy, robustness and cybersecurity, sit alongside Article 50.
The Article 50 obligations apply cumulatively with the high-risk obligations. The grandfathering rule for high-risk systems placed on the market before the high-risk rules apply does not extend to Article 50. Anyone with an AI system already on the EU market should not assume that Article 50 work can be deferred to align with the new 2 December 2027 or 2 August 2028 high-risk dates.
The guidelines also clarify that Article 50 compliance does not in itself indicate that the system is lawful under the AI Act. A system covered by Article 50 can still be prohibited under Article 5 (for example certain emotion recognition uses in workplace and education) and can still need to meet the high-risk requirements separately. Compliance is layered.
What Providers and Deployers Should Do Between Now and 2 August
The application date is now approaching quickly. A focused readiness exercise over the next weeks is realistic and worthwhile for any provider or deployer with AI in their portfolio.
Map your AI portfolio against the four obligations. For every AI-enabled product, AI feature or AI-driven service in your portfolio, identify which of Article 50(1) to (4) applies. A single product can engage more than one obligation. Provider and deployer roles attach separately, and a single organisation can hold both roles for the same system.
Test the obviousness exception honestly. For interactive AI systems, the carve-out is real but narrow. Map the actual user population, including foreseeable exposure to vulnerable groups. Specialist professional audiences can rely on the exception more comfortably than general-public audiences. If the system is reachable by the public, plan to disclose.
Specify your marking and detection technical solution. For generative AI, the marking and detection requirement is concrete and technical. Identify which combination of watermarking, metadata, cryptographic provenance, logging and fingerprinting will meet the four quality requirements for your specific modality and workflow. Treat this as a design input and document it in your technical documentation.
Document the standard editing assessment. Where your AI performs functions that may qualify as standard editing or non-substantial alteration, document the assessment that places the function inside the exception. The case-by-case nature of the assessment means the evidence has to live in your file.
Align disclosure design with sensitive context guidance. For systems where users may express emotional distress, vulnerability, or where the user is likely to form an emotional attachment, build periodic and context-aware disclosure into the user experience. A first-turn statement alone is unlikely to satisfy the guidelines.
Review your deployer-facing obligations separately. Where your business model includes operating the system on the customer’s behalf, or directly delivering services to end users, you are also a deployer. Articles 50(3) and 50(4) obligations attach to that role, separately from the provider obligations.
Anchor the Article 50(2) deadline as the nearest live obligation. For generative AI systems on the market before 2 August 2026, 2 December 2026 is the deadline. For systems placed on the market from 2 August 2026, the obligation is immediate. Seven months of engineering time is realistic for design and integration if the work starts now.
Where Blue Arrow Can Help
Article 50 sits at the intersection of the AI Act, sectoral product legislation, and your existing technical documentation. The Commission’s draft guidelines are detailed but inevitably leave case-by-case judgement calls to providers and deployers. Those judgement calls are easier to make with a structured assessment that maps your AI portfolio against each obligation, evaluates the available exceptions on the evidence, and identifies the technical, documentation and disclosure work needed before 2 August.
If you would like to work through what Article 50 means specifically for your AI systems, your transparency design or your deployer-facing obligations, we can help. Book a call with the team and we will walk through your portfolio together.
