EU AI Act Deepfake Labelling Requirements: Article 50 Disclosure and Marking Rules
Article 50 EU AI Act deepfake labelling: deployers disclose AI manipulation, providers mark outputs machine-readably. Content-marking moves to 2 December 2026.
The deepfake and AI-generated-content labelling rules of the EU AI Act live in Article 50 of Regulation (EU) 2024/1689. They impose two separate but complementary duties. Under Article 50(4), a deployer who generates or manipulates image, audio, or video content that constitutes a deep fake must clearly disclose that the content has been artificially generated or manipulated. Under Article 50(2), the provider of the generative system — including a general-purpose AI system — must mark that output in a machine-readable format so that it is detectable as artificially generated or manipulated.
In short: the provider marks the output at the point of generation; the deployer discloses the deepfake at the point of publication. Neither duty discharges the other. A marked output does not relieve the deployer of making a clear, human-perceptible disclosure, and a human-readable disclosure does not relieve the provider of embedding the machine-readable mark.
This guide sets out exactly what is required, who is responsible, which exceptions apply, and the current (June 2026) state of the deadlines after the Digital Omnibus — so you can scope an internal labelling and disclosure project with confidence. For the full paragraph-by-paragraph breakdown of the transparency tier, see Article 50 transparency obligations; if you are new to the regulation, start with what the EU AI Act requires.
What the EU AI Act Requires for Deepfakes and AI-Generated Content
Article 50 is the Act's limited-risk transparency tier, set out in Chapter IV. It is distinct from the high-risk regime in Articles 6–27 and from the general-purpose AI model duties in Chapter V (Articles 51–55). Where the high-risk regime imposes risk-management systems, conformity assessment, and technical documentation, Article 50 imposes a narrower thing: disclosure and marking so that people and machines can tell when content is synthetic.
The Two Core Duties — Article 50(2) and Article 50(4)
The deepfake and content-labelling rules split cleanly into two obligations on two different actors.
- Provider marking — Article 50(2). Providers of AI systems (including general-purpose AI systems) that generate synthetic audio, image, video, or text must mark their outputs in a machine-readable format, detectable as artificially generated or manipulated, to the extent technically feasible.
- Deployer disclosure — Article 50(4). Deployers who generate or manipulate image, audio, or video content constituting a deepfake must disclose that the content has been artificially generated or manipulated.
The duties stack. Think of marking as the technical provenance layer baked into the output by whoever built the generator, and disclosure as the human-facing notice added by whoever publishes the content to an audience.
Where This Sits in the Act's Risk Tiers
The Act runs four tiers: prohibited practices (Article 5), high risk (Articles 6–27), limited/transparency risk (Article 50), and minimal risk (no mandatory obligations). Deepfake labelling sits squarely in the limited-risk tier. A system can, however, be both — a biometric-categorisation tool may owe Article 50 transparency duties and also be high-risk under Annex III. In that case the obligations stack rather than displace each other.
Who Is Responsible: Provider Marking Versus Deployer Disclosure
The single most common scoping error is confusing the provider's duty with the deployer's. They are different obligations, owed by different parties, discharged at different points in the content lifecycle.
The Provider's Machine-Readable Marking Duty — Article 50(2)
A provider is the entity that develops the generative system and places it on the market or puts it into service under its own name. The provider bears the Article 50(2) marking duty, and it is built into the system output itself — every synthetic image, audio clip, video, or text the system produces should leave the product carrying a machine-readable mark.
The Deployer's Deepfake Disclosure Duty — Article 50(4)
A deployer is the entity using the system under its own authority to actually create or publish the deepfake. The deployer bears the Article 50(4) disclosure duty owed to the audience: a clear, human-perceptible statement that the content is artificially generated or manipulated. The provider's machine-readable mark does not satisfy this — a watermark a viewer cannot perceive is not a disclosure to that viewer.
When a Deployer Becomes a Provider — Article 25
Roles are not fixed. Under Article 25, a deployer that substantially modifies an AI system, or that places a system on the market or puts it into service under its own name or trademark, can become a provider and inherit the Article 50(2) marking obligation. If you white-label a generative tool and ship it as your own product, assume you have taken on the provider's marking duty as well as any deployer disclosure duty.
If you are unsure which role your organisation holds for a given system, work through a structured intake first — see a readiness assessment.
| Question | Provider (Art 50(2)) | Deployer (Art 50(4)) |
|---|---|---|
| What is the duty? | Mark output in machine-readable format | Disclose deepfake to the audience |
| How is it perceived? | Detectable by machines / detection tools | Clearly perceptible to a human |
| When does it attach? | At the point of generation, in the output | At the point of publication / first exposure |
| Who typically holds it? | The entity that built and markets the generator | The entity that creates or publishes the content |
| How do you acquire the other role? | — | Substantially modify or rebrand the system (Art 25) |
What Counts as a Deepfake Under Article 50
The trigger for the Article 50(4) disclosure is whether the content is a deepfake — a defined term, not a colloquial one.
The Statutory Definition — Article 3(60)
Under Article 3(60), a deep fake is AI-generated or AI-manipulated image, audio, or video content that resembles existing persons, objects, places, entities, or events and that would falsely appear to a person to be authentic or truthful. The test is the appearance of authenticity, not whether the depicted subject is a real individual. A photorealistic but entirely invented person can be a deepfake; so can AI-altered footage of a real event.
Synthetic Creation Versus Manipulation of Real Content
Both wholly synthetic content and AI-altered real footage fall in scope. What matters is that the output would plausibly read as authentic to a viewer or listener.
It is important to separate the deepfake trigger from the broader synthetic-content marking duty. All generative output gets the machine-readable mark under Article 50(2). Only realistic, deepfake-grade content triggers the Article 50(4) disclosure to the audience. Routine, non-deceptive synthetic graphics — clearly stylised illustrations, obvious CGI, a cartoon avatar — still require the Article 50(2) mark, but may not meet the deepfake disclosure trigger because no reasonable viewer would take them for authentic footage.
Scope and Exceptions: Artistic, Satirical, and Law-Enforcement Carve-Outs
Article 50 contains real exceptions, but each is narrower than it first appears. None is a blanket sectoral exemption.
The Lighter Creative-Work Disclosure — Article 50(4)
Where a deepfake forms part of an evidently artistic, creative, satirical, fictional, or analogous work, the Article 50(4) disclosure is lighter and non-prominent: it must be made in a way that does not hamper the display or enjoyment of the work. The disclosure is reduced in prominence — it is not eliminated. A clearly labelled parody video still carries a disclosure; it simply need not interrupt the viewing experience.
This is not a free pass for the creative sector. A realistic deepfake celebrity endorsement in a commercial advertisement is not "evidently artistic" and carries the full disclosure. If a reasonable viewer could take the content for genuine, the lighter regime does not apply.
The Law-Enforcement Exemption — Article 50(2) and 50(4)
Systems authorised by law to detect, prevent, investigate, or prosecute criminal offences are exempt from the Article 50 disclosure duties, subject to safeguards for the rights and freedoms of third parties. This is a narrow public-security carve-out, not a general exception for any organisation that processes sensitive content.
The Assistive-Editing Exclusion for Marking — Article 50(2)
The Article 50(2) marking duty does not apply where the AI system performs an assistive function for standard editing or does not substantially alter the input data — for example, minor colour correction or grammar fixes. An AI that rewrites a paragraph, generates a face, or synthesises a voice is well past "standard editing" and must mark its output.
Teams operationalising these triggers at content scale — for example, platforms screening user uploads — should align this work with their AI content moderation processes so the labelling and detection logic sits in one place.
Machine-Readable Marking and Watermarking: What "Effective" Means
Article 50(2) does not name a specific technology, but it sets a clear quality bar for whatever you choose.
The Four Technical Standards — Article 50(2)
Marking solutions must be effective, interoperable, robust, and reliable, as far as technically feasible, taking account of the specificities and limitations of different content types, the cost of implementation, and the generally acknowledged state of the art. These four adjectives are the statutory yardstick a regulator will measure your implementation against.
Interoperability and Detection
Interoperable is the load-bearing word. It means third-party detection tools must be able to read the mark. Proprietary, self-only watermarking — a scheme only your own software can detect — does not satisfy the duty, because the public and other platforms cannot verify it. Current practice points toward open standards such as C2PA content credentials, which embed cryptographically signed provenance that independent tools can validate.
Codes of Practice and Standards — Article 50(7)
Under Article 50(7), the AI Office facilitates codes of practice on the detection and labelling of artificially generated or manipulated content. These codes guide implementation but do not replace the statutory standard. The duty is qualified — "as far as technically feasible" — but the burden sits with the provider to show that a compliant technique was not feasible, not to assume the exception applies by default.
AI-Generated Text Published to Inform the Public
Article 50(4) does not stop at audiovisual deepfakes. It carries a parallel duty for AI-generated text in a specific context.
The Public-Interest Publication Duty — Article 50(4)
Deployers who use AI to generate or manipulate text that is published to inform the public on matters of public interest must disclose that the text is artificially generated or manipulated. This reaches news articles, political commentary, and public-interest analysis distributed to a general audience — not internal drafts or private correspondence.
The Human-Editorial-Review Exception — Article 50(4)
The disclosure is not required where the AI-generated content has undergone human review or editorial control and where a natural or legal person holds editorial responsibility for the publication. The practical impact for media, investor relations, public-sector communications, and compliance newsletters is direct: an editor who reviews the text and takes responsibility removes the disclosure trigger; a fully automated publishing pipeline that pushes AI text live without human oversight does not.
The operational artefact for documenting and surfacing these disclosures is the notice itself — see AI transparency notices for how to structure and record them.
Timing: Which Article 50 Duties Are Delayed and Which Are Not (June 2026 Status)
The deadlines around Article 50 changed in 2026. Getting the dates right — and stating clearly what is and is not yet law — matters for any project plan.
Content-Marking and Watermarking Move to 2 December 2026
Under the Digital Omnibus, the content-marking and watermarking obligations move to a fixed date of 2 December 2026. This is a new fixed calendar date, not a standards-contingent trigger. The "stop the clock" proposal — which would have tied the delay to the availability of harmonised standards — was rejected. The delay is a hard date, full stop.
Freshness caveat (June 2026): the Digital Omnibus reached a provisional political agreement on 6–7 May 2026, and the COREPER text was confirmed around 13 May 2026, but it is not yet law. It still requires a European Parliament plenary vote, formal Council adoption, and publication in the Official Journal. Until those steps complete, the statute as enacted still reads its original dates. Treat the 2 December 2026 marking date as the agreed direction of travel, and confirm it against the Official Journal before relying on it for a compliance deadline.
What Did Not Move
Not everything was deferred. The Article 5 prohibitions have applied since 2 February 2025, and the GPAI model duties (Articles 51–55) since 2 August 2025. Several Article 50 transparency duties are unchanged. And the high-risk track is entirely separate: the Digital Omnibus agreed to defer stand-alone high-risk Annex III obligations (Article 6(2)) from 2 August 2026 to 2 December 2027, and Annex I product-embedded high-risk systems (Article 6(1)) from 2 August 2027 to 2 August 2028 — but, as of June 2026, that too is agreed and not yet in force.
Penalties for Breach — Article 99
Breach of the Article 50 transparency duties falls under Article 99(4): fines up to €15,000,000 or 3% of total worldwide annual turnover, whichever is higher. The top tier of €35,000,000 or 7% (Article 99(3)) is reserved for breaches of the Article 5 prohibitions — it does not apply to labelling failures. Supplying incorrect, incomplete, or misleading information to notified bodies or authorities is a separate offence under Article 99(5), fined up to €7,500,000 or 1%. For SMEs and start-ups, Article 99(6) caps fines at the lower of the percentage or the fixed amount as a proportionality measure.
Because this transparency regime is largely separate from the high-risk regime, keep the general-purpose track distinct as well — see general-purpose AI models.
| Tier | Trigger | Ceiling |
|---|---|---|
| Art 99(3) | Article 5 prohibited practices | €35M or 7% of worldwide turnover |
| Art 99(4) | Article 50 transparency / labelling breaches | €15M or 3% of worldwide turnover |
| Art 99(5) | Incorrect/incomplete/misleading info to authorities | €7.5M or 1% of worldwide turnover |
| Art 99(6) | SME / start-up proportionality cap | Lower of percentage or fixed amount |
Article 50 Deepfake and Content-Labelling Duties at a Glance
The table below maps content type to the responsible actor, the requirement, and the timing. Disclosures must in every case be made clearly and distinguishably, at the latest at the time of first exposure (Article 50(5)).
| Content type | Who must act | What is required | When |
|---|---|---|---|
| Synthetic image / audio / video / text output | Provider | Machine-readable marking detectable as AI-generated (Art 50(2)) | Content-marking moves to 2 December 2026 under the Digital Omnibus (agreed, not yet law as of June 2026) |
| Deepfake image / audio / video | Deployer | Clear, human-perceptible disclosure that content is artificially generated or manipulated (Art 50(4)) | At the latest at first exposure |
| Deepfake in evidently artistic / creative / satirical work | Deployer | Lighter, non-prominent disclosure that does not hamper enjoyment (Art 50(4)) | At the latest at first exposure |
| AI-generated text on matters of public interest | Deployer | Disclose AI generation unless human-reviewed under editorial responsibility (Art 50(4)) | At the latest at first exposure |
| Law-enforcement authorised use | Provider / Deployer | Exempt from disclosure, subject to safeguards (Art 50(2),(4)) | n/a |
How Confir Helps
When you register a generative or content system in Confir, the AIRC (Risk Classification) assessment runs a transparency-trigger checklist that flags the Article 50 obligations from how you describe the system — whether it generates synthetic content, whether outputs are realistic enough to constitute deepfakes, and whether you hold the provider or deployer role for that system.
The AITO (Transparency and Human Oversight) assessment then captures the specific Article 50(2) marking and Article 50(4) disclosure obligations that apply, records the editorial-responsibility position for any AI-generated text, and produces a documented record a compliance team or external auditor can inspect.
Both modules run on Confir's rule-based engine. The synthesis is deterministic: the same system description produces the same Article 50 obligations every time — auditable, reproducible, the same logic every time, with no model inference and no hallucination in the engine.
Frequently Asked Questions
What does the EU AI Act require for deepfake labelling? Under Article 50(4) of Regulation (EU) 2024/1689, deployers who create or manipulate image, audio, or video content that constitutes a deepfake must clearly disclose that it is artificially generated or manipulated. Separately, under Article 50(2), the provider of the generative system must mark the output in a machine-readable format so detection tools can identify it as AI-generated.
Who is responsible for labelling AI-generated content, the provider or the deployer? Both, at different points. The provider of the generative AI system carries the Article 50(2) duty to embed a machine-readable mark in every output. The deployer who actually publishes a deepfake carries the Article 50(4) duty to make a clear, human-perceptible disclosure to the audience. The provider's marking does not discharge the deployer's disclosure obligation.
Are artistic or satirical deepfakes exempt from labelling? No, but the duty is lighter. For content that is evidently artistic, creative, satirical, or fictional, Article 50(4) requires only a non-prominent disclosure that does not hamper the display or enjoyment of the work. It is not a blanket exemption: a realistic deepfake endorsement in an advertisement is not evidently artistic and must carry a full, clear disclosure.
When do the EU AI Act deepfake watermarking rules apply? Under the Digital Omnibus, the content-marking and watermarking obligations move to a fixed date of 2 December 2026. As of June 2026 this change is politically agreed but not yet law, still awaiting a European Parliament plenary vote, formal Council adoption, and Official Journal publication, so the enacted statute's original timing stands until then.
Is AI-generated text covered by the EU AI Act labelling rules? Yes. Article 50(4) requires deployers who use AI to generate text published to inform the public on matters of public interest to disclose that it is artificially generated. The disclosure is not required where the text underwent human review or editorial control and a person holds editorial responsibility for the publication, which covers most edited journalism.
What does machine-readable marking of AI content mean under Article 50? Article 50(2) requires providers to embed a mark in the output that machines can detect and that flags the content as artificially generated. The solution must be effective, interoperable, robust, and reliable as far as technically feasible, so third-party detection tools can read it. In practice this points to open standards such as C2PA content credentials rather than proprietary watermarks.
What are the penalties for breaching the EU AI Act deepfake labelling rules? Breach of the Article 50 transparency duties falls under Article 99(4): up to €15 million or 3% of total worldwide annual turnover, whichever is higher. The top tier of €35 million or 7% (Article 99(3)) is reserved for Article 5 prohibited practices. SMEs and start-ups benefit from a proportionality cap under Article 99(6).
Related guides
- Article 50 transparency obligations
- What the EU AI Act requires
- AI transparency notices
- AI content moderation
- General-purpose AI models
- A readiness assessment
Manage your EU AI Act compliance in one place
Confir automates risk classification, technical documentation, and audit trails for any company. No consultants. No 6-month projects. 7-day free trial.
Start free trial →