Article 50 is the one most companies actually trip over — because it applies to chatbots, generative AI and deepfakes regardless of whether they are high-risk. If you run a customer-facing assistant or generate content with AI, this article is for you.
The high-risk articles grab the headlines, but Article 50 has the widest reach in everyday business. It governs transparency — making sure people know when they are dealing with AI or AI-generated content — and it binds providers and deployers across the risk spectrum.
Article 50 of Regulation (EU) 2024/1689 sits in a separate transparency regime from the high-risk obligations. It targets specific interaction patterns — AI talking to people, AI generating content, AI inferring things about people — rather than specific sectors. A minimal-risk chatbot is out of scope of Articles 9, 13 and 14 but squarely inside Article 50.
| Who | Duty |
|---|---|
| Providers (50(1)) |
AI systems intended to interact directly with natural persons must be designed so people are informed they are interacting with an AI — unless that is obvious to a reasonably well-informed person. (Chatbots, voice assistants.) |
| Providers (50(2)) |
Providers of generative AI must ensure outputs — synthetic audio, image, video or text — are marked in a machine-readable format and detectable as artificially generated or manipulated, as far as technically feasible. |
| Deployers (50(3)) |
Deployers of an emotion recognition or biometric categorisation system must inform the people exposed to it, and process personal data in line with data-protection law. |
| Deployers (50(4)) |
Deployers of AI that produces deepfakes must disclose that the content is artificially generated or manipulated. Deployers of AI-generated text published to inform the public on matters of public interest must disclose its artificial generation. |
The everyday traps. Two cases catch ordinary businesses: a customer-service chatbot that never says it is a bot (50(1)), and marketing or support copy generated by AI and published without the required marking or disclosure (50(2) and 50(4)). Neither system needs to be “high-risk” for the obligation to apply.
Article 50(5) sets the timing: the information must be given clearly and distinguishably, at the latest at the time of the first interaction or exposure, and must meet accessibility requirements. Article 50(6) confirms these duties sit on top of, and do not displace, the high-risk requirements or other EU and national transparency law.
The Act builds in proportionate carve-outs: disclosure for deepfakes is limited where the content is part of an evidently artistic, creative or satirical work; AI-generated public-interest text is exempt where it has undergone human review and editorial responsibility; and specified law enforcement uses are treated separately. These are narrow exceptions, not general escape hatches — the default is disclosure.
Article 50 turns “which of our systems talk to people or generate content?” into a compliance question. To answer it you have to know your full AI estate — not just the obviously high-risk models, but every chatbot, content generator and categorisation tool — and record, per system, which Article 50 duty applies and how it is met. The systems most likely to fall through the cracks are the low-risk ones nobody bothered to register.
A complete Model Inventory for Jira registry covers every AI system, not only the high-risk ones — so chatbots, generative tools and categorisation systems are visible, with their EU AI Act category and notes on which transparency duty applies. The shareable onboarding wizard helps teams across the firm register the AI they run, so the low-risk systems Article 50 targets do not slip through. The disclosure itself is yours to implement in the product; the inventory ensures nothing is forgotten.
See how it worksThis page is a practical explanation, not legal advice. Always confirm requirements against the official text of Regulation (EU) 2024/1689.