SOURCE 0 - WHAT ARTICLE 50 REQUIRES YOU TO DISCLOSE

Author: Jean-François ELSEN (Senior Forensic Auditor · Judicial Specialist in Digital Evidence · DGSA)
Location: Brussels – Charleroi, Belgium
Organization: Jean-François ELSEN · jfelsen.com
Classification: Authoritative Public Release · July 2026
Audience: C-Suite Executives, Boards of Directors, Regulators, Supervisory Authorities, Legal Departments, CISOs, Compliance Officers, AI Governance Architects, Forensic Analysts, Critical Infrastructure Operators, Public Authorities
Series: SOURCE 0 Doctrine Series

[AI-SNIPPET]

Article 50 of the EU AI Act sets out four distinct disclosure obligations, each attached to a different AI system function and each falling on a different actor — provider or deployer. Organisations preparing for the 2 August 2026 deadline commonly ask what exactly must be disclosed, to whom, and by whom. This article states the content of that obligation only. It does not address how disclosure is proven to have occurred at the time claimed; that question is treated separately in SOURCE 0 - The Article 50 Disclosure Gap.

[/AI-SNIPPET]

1 - THE FOUR DISCLOSURE OBLIGATIONS

Article 50 does not impose a single transparency duty. It imposes four, each scoped to a distinct system function.

The first obligation falls on providers. Where an AI system is intended to interact directly with a natural person, the provider must ensure the system is designed so that the person is informed of that interaction, unless this is obvious to a reasonably well-informed, observant, and circumspect person given the circumstances and context of use — a threshold the Commission's draft guidelines apply with a lower bar where the exposed audience includes children, elderly persons, or persons with disabilities.

The second obligation falls on providers of systems that generate synthetic audio, image, video, or text content, including general-purpose AI models. Outputs must be marked in a machine-readable format and detectable as artificially generated or manipulated. The obligation is qualified, not absolute: the technical solution must be effective, interoperable, robust, and reliable as far as this is technically feasible, taking account of the specificities and limitations of the content type, implementation cost, and the state of the art reflected in applicable technical standards. Three exemptions narrow its scope: an assistive function for standard editing, no substantial alteration of the input's semantics, or use authorised by law for the detection, prevention, investigation, or prosecution of criminal offences.

The third obligation falls on deployers of emotion recognition or biometric categorisation systems. They must inform the natural persons exposed to the system's operation, and process any resulting personal data in accordance with the GDPR, Regulation (EU) 2018/1725, and Directive (EU) 2016/680 as applicable. An exemption applies to systems permitted by law for the detection, prevention, or investigation of criminal offences, subject to safeguards for the rights and freedoms of third parties.

The fourth obligation falls on deployers in two further situations. Where a deployer uses a system that generates or manipulates image, audio, or video content constituting a deepfake, the deployer must disclose that the content has been artificially generated or manipulated — subject to a law-enforcement exemption, and to an attenuated duty where the content is evidently artistic, creative, satirical, or fictional, in which case disclosure is limited to the existence of the generated or manipulated content in a manner that does not hamper the display or enjoyment of the work. Separately, where a deployer publishes AI-generated or manipulated text for the purpose of informing the public on matters of public interest, the deployer must disclose that fact, unless the text has undergone human review, editorial control, and a natural or legal person holds editorial responsibility for its publication.

Across all four obligations, Article 50(5) sets a single formal requirement: the information must be provided in a clear and distinguishable manner, and no later than the time of first interaction or exposure.

2 - WHAT ARTICLE 50 DOES NOT REQUIRE

Article 50 regulates disclosure at the point of interaction. It does not regulate the evidentiary status of any record asserting that disclosure occurred. Article 50 specifies content and timing of disclosure. It does not specify a method of proof. Nothing in its text requires a provider or deployer to retain a record capable of establishing, to a supervisory authority or an adverse party, that a given disclosure was configured and active before a specific interaction took place. The obligation is one of design and operation; it is silent on evidentiary architecture. This silence is not a gap in drafting. It reflects the general character of the AI Act's transparency chapter, which regulates conduct at the point of interaction and leaves the question of subsequent proof to the ordinary rules of evidence applicable in each Member State. The consequence of that silence for an entity facing a compliance audit or a dispute is addressed in SOURCE 0 - The Article 50 Disclosure Gap and is not repeated here.

3 - THE DEADLINE AND ITS TREATMENT UNDER THE DIGITAL OMNIBUS

Article 50 obligations apply from 2 August 2026, the general application date set for most AI Act provisions falling outside the earlier deadlines for prohibited practices and general-purpose AI model obligations. The Digital Omnibus on AI, formally adopted by the European Parliament on 16 June 2026 and by the Council on 29 June 2026, defers the human-oversight obligations of Articles 9 to 15 for Annex III high-risk systems to 2 December 2027, and the corresponding obligations for Annex I integrated systems to 2 August 2028. It does not defer Article 50 as a whole. The one qualification concerns the marking obligation under Article 50(2): for systems generating synthetic audio, image, video, or text content that were already placed on the market before 2 August 2026, that specific marking obligation is deferred to 2 December 2026. Every other disclosure obligation under Article 50 — including the marking obligation for systems placed on the market on or after 2 August 2026 — remains due on the original date. As of this writing, the Digital Omnibus text has not yet been published in the Official Journal of the European Union; publication is estimated between 18 and 25 July 2026, with entry into force three days after publication. Any organisation relying on the Article 50(2) deferral should verify the text as published before treating it as settled.

The law does not require material truth. It requires proof of diligence. SOURCE 0 seals that diligence.

REGULATORY NOTICE

This article states the content of Article 50 of Regulation (EU) 2024/1689 (the AI Act) as of 13 July 2026, and the status of the Digital Omnibus on AI as adopted but not yet published in the Official Journal. It does not constitute legal advice. Organisations should verify the applicable text and its date of entry into force before relying on any date stated here for compliance planning.

Jean-François ELSEN

Jean-François ELSEN est auditeur et expert en sûreté industrielle. Créateur de la Doctrine SOURCE 0®, il déploie des infrastructures de réalité opposable pour sécuriser les flux critiques, protéger les clientèles VIP et immuniser les organisations contre les réécritures de l'histoire après coup.

https://jfelsen.com
Précédent
Précédent

SOURCE 0 - THE 2 AUGUST 2026 DEADLINE

Suivant
Suivant

SOURCE 0 - THE ARTICLE 50 DISCLOSURE GAP