EU AI Act Article 50: Transparency Rules from 2 Aug 2026

Article 50 of the EU AI Act sets transparency obligations that apply from 2 August 2026. In short: people must be told when they are interacting with an AI system, AI-generated or manipulated content (text, image, audio, video, including deepfakes) must be labelled and machine-readable-marked, and anyone exposed to emotion recognition or biometric categorisation must be informed. The rules fall on both providers (who build the systems) and deployers (who use them), and they apply regardless of whether the system is otherwise classed as high-risk. This is general information, not legal advice.

What does EU AI Act Article 50 actually require?

Article 50 is the EU AI Act's transparency layer. It is not about banning systems or proving they are safe — it is about making sure people are not deceived by AI. The principle is simple: if a human is talking to a machine, or looking at content a machine produced, they have a right to know. The detail is where most teams get tripped up, so let's break it into its three concrete duties.

1. AI systems that interact with people must disclose they are AI. If you run a chatbot, voice assistant, or any system designed to interact directly with a person, that person must be informed they are dealing with an AI — unless it is already obvious from the context to a reasonably observant person. So a clearly labelled "AI assistant" widget needs an explicit disclosure; a system pretending to be a human agent definitely does.

2. AI-generated or manipulated content must be marked. Providers of generative AI systems must mark their synthetic outputs — text, images, audio, and video — in a machine-readable format so the content can be detected as artificially generated or manipulated. This is the technical-watermarking side of the obligation and it sits with whoever builds or supplies the generative system.

3. Deepfakes and AI-generated text on matters of public interest must be disclosed to people. Deployers who create deepfakes — image, audio, or video content that resembles real people, objects, or events and would falsely appear authentic — must disclose that the content is artificially generated or manipulated. A parallel duty covers AI-generated text published to inform the public on matters of public interest. There are narrow exceptions, for example for evident artistic or satirical work, where the disclosure can be lighter so it does not spoil the piece.

4. Emotion recognition and biometric categorisation must be disclosed. If you operate an emotion-recognition system or a biometric categorisation system, you must inform the people exposed to it. This is separate from any consent or lawful-basis requirements under the GDPR, which still apply on top.

Who is affected — providers, deployers, and everyday examples

Article 50 deliberately splits the duties between two roles, and most organisations are one or the other depending on the system. Get the role right and the rest of the checklist becomes obvious.

Providers are the organisations that develop an AI system (or have one developed) and put it on the market under their own name. The marking-at-source duty — embedding a machine-readable signal into generated text, images, audio, and video — lands on the provider of the generative system.

Deployers are the organisations that use an AI system in their own operations. The duties that land here are mostly the human-facing disclosures: telling people they are talking to a chatbot, labelling a deepfake you publish, and informing people exposed to emotion recognition or biometric categorisation.

A few everyday examples make this concrete:

• A support chatbot on your website. You are the deployer. Visitors must be told, before or as the conversation starts, that they are chatting with an AI — not buried in a privacy policy nobody reads.
• AI-written marketing or news content. If you publish AI-generated text to inform the public on a matter of public interest, you disclose it. A product description is usually fine; an opinion column about an election is not the same thing.
• Synthetic media in a campaign. A deepfake voiceover of a recognisable person, or a face-swapped video, needs a clear "this content was generated or altered by AI" label.
• A sentiment tool in a call centre that reads caller emotion is an emotion-recognition system — callers must be informed.

Whether you are a Dutch SME deploying one chatbot or a larger firm shipping a generative product across Europe, the same logic applies. If you are unsure which role you hold for a given system, that is exactly the question to settle first — and a short AI audit and strategy engagement is built to answer it.

Why 2 August 2026 matters — and why to act now

The EU AI Act entered into force in 2024 and switches on in phases. The prohibited-practices and AI-literacy rules came first, the general-purpose AI model obligations followed, and the Article 50 transparency obligations apply from 2 August 2026. That date is fixed and public, which is why this is a now-problem rather than a someday-problem.

Acting early is not about box-ticking for its own sake. Two of the three duties — machine-readable marking of generated content and reliable disclosure inside a chatbot — are engineering tasks, not policy memos. Watermarking a generative pipeline, wiring a disclosure into a conversational flow, and keeping it working through future releases all take design and testing time. Bolting them on the week before the deadline tends to produce brittle, easy-to-bypass implementations.

There is also a reputational angle. Transparency obligations are the part of the Act the public actually notices, because they govern the moment a person realises they were talking to a machine or looking at synthetic media. Doing it cleanly, early, and visibly is a trust signal — the opposite of being caught out. If you want the broader phased picture, our guide to EU AI Act compliance in the Netherlands maps the wider timeline and obligations.

A practical Article 50 compliance checklist

Here is a focused checklist for the transparency obligations specifically — not the whole Act, just Article 50. Work through it system by system rather than trying to answer it for your whole organisation at once.

• Inventory your in-scope systems. List every chatbot, voice agent, generative model, deepfake/synthetic-media workflow, and emotion-recognition or biometric-categorisation tool you build or use.
• Assign the role for each. For each system, decide whether you are the provider, the deployer, or both. The duties follow the role.
• Add chatbot disclosure. Ensure every AI-human interaction states, clearly and up front, that the user is dealing with an AI — in the user's language and visible without scrolling.
• Mark generated content at source. If you provide a generative system, embed a machine-readable signal (for example a watermark or content credential) into the text, image, audio, and video it produces.
• Label deepfakes and public-interest text. Where you deploy synthetic media or publish AI-generated text on matters of public interest, add a human-visible disclosure, respecting the narrow artistic/satirical exceptions.
• Disclose emotion recognition and biometric categorisation. Inform anyone exposed to these systems, and confirm your GDPR lawful basis separately.
• Make disclosures durable. Document where each disclosure lives, test that it survives product updates, and assign an owner who re-checks it after every release.
• Keep evidence. Record what you decided and why. If a regulator or customer asks, you want a clear trail, not a scramble.

Treat this as living documentation. The point is not a one-off audit; it is a routine that survives the next model swap and the next feature launch.

Chatbot disclosure: getting the small details right

Chatbot disclosure sounds trivial until you write the words. "You're chatting with our AI assistant" works; a microscopic disclaimer below the input box does not. The disclosure should be obvious to a normal user before they share anything meaningful, and it should hold up even when the bot is embedded in a third-party messaging channel where your styling does not apply.

Two practical pitfalls show up again and again. The first is a bot that sounds human enough to blur the line — using a person's name, typing indicators, and "I" in a way that implies a human agent. If the persona is human-like, the disclosure needs to be stronger, not weaker. The second is handoff: when a conversation moves from AI to a human agent (or back), the user should be able to tell which they are talking to at any point. Building these handoffs cleanly is core to any AI agent project, and worth designing in from the first prototype.

Labelling AI-generated and synthetic content

The content-marking duty has two layers that people often conflate. The first is the machine-readable mark a provider embeds at generation time — invisible to a casual viewer but detectable by tools and platforms. The second is the human-visible disclosure a deployer adds when publishing a deepfake or public-interest text. You can be on the hook for one, the other, or both, depending on your role.

On the technical side, the practical question is how to mark text, image, audio, and video reliably without degrading the output or being trivially stripped. Approaches such as content credentials and provenance metadata are maturing, and the right choice depends on your pipeline. If your team is building or fine-tuning generative models, this is exactly the kind of thing to bake into the architecture rather than retrofit — our generative AI services cover labelling and provenance as part of the build, not as an afterthought.

Common mistakes and how to avoid them

A handful of misunderstandings cause most of the avoidable work. Knowing them up front saves a lot of rework.

• "It's not high-risk, so Article 50 doesn't apply." Wrong. Transparency obligations apply to systems regardless of whether they are otherwise classed as high-risk. A simple support chatbot is low-risk and still in scope.
• "Our privacy policy mentions AI, so we're covered." A disclosure buried in a policy is not the clear, up-front information Article 50 expects for chatbots or synthetic media.
• "We bought the tool, so it's the vendor's problem." As a deployer you carry the human-facing disclosure duties even when someone else built the system. Read your contracts and confirm who marks what.
• "GDPR consent covers our emotion-recognition tool." GDPR and Article 50 are separate. You may need both a lawful basis and a transparency disclosure.
• "We labelled it once at launch." Disclosures break silently when products change. Without an owner and a re-check after releases, you drift out of compliance without noticing.

None of these are hard to fix once you can see them. The trap is assuming the obligation sits with someone else, or that a single launch-day pass is enough.

How Crux Digits builds disclosure and labelling in by design

At Crux Digits we treat transparency as a design requirement, not a compliance bolt-on. When we scope an AI project, disclosure and content-marking go into the architecture from day one — because retrofitting them later is slower, more brittle, and easier for a regulator or customer to poke holes in.

In practice that means: chatbot disclosures and AI-to-human handoffs designed into the conversation flow; machine-readable marking planned into any generative pipeline we build; and a short, plain-language record of who is the provider, who is the deployer, and where each disclosure lives. We work in fixed-scope projects with transparent pricing, so an AI Audit and Strategy engagement can map your Article 50 exposure before you commit to a build, and a Proof of Concept can prove the disclosure and labelling approach works on your real systems.

We are a boutique consultancy in Nieuwegein, in the province of Utrecht, working with organisations across the Netherlands and Europe. If you are weighing what a compliant build looks like, our AI consulting and AI automation work both fold these obligations in by default.

If you want a second pair of eyes on where you stand before 2 August 2026, a free initial consultation is the easiest place to start — no pressure, just an honest read on your Article 50 exposure and what it would take to close the gaps. You can reach us via the contact page whenever it suits you.

Frequently asked questions