On May 8, the European Commission published draft implementation guidelines for Article 50 of the EU AI Act and opened a public consultation with a short comment window. These are not the same guidelines as the high-risk AI classification rules the Commission released on May 19. Article 50 covers something broader and more immediately relevant to enterprises that deploy any AI that interacts with people: the transparency obligations.
The rules take effect August 2, 2026. That is 72 days from today.
What Article 50 Actually Requires
According to the EU Commission, Article 50 of the EU AI Act introduces specific disclosure obligations to ensure that humans are informed when they are interacting with AI systems. The Commission's own guidance states directly: "when using AI systems such as chatbots, humans should be made aware that they are interacting with a machine so they can take an informed decision."
The obligations fall into two categories:
Chatbot disclosure. Any AI system designed to generate and exchange text with natural persons must disclose to those users that they are interacting with an AI — unless the use is obvious from context.
AI-generated content labeling. Providers and deployers of AI systems that generate synthetic content must mark those outputs as AI-generated. One sub-requirement — the technical watermarking obligation under Article 50(2) — was postponed from August 2 to December 2, 2026 via the AI Omnibus deal reached May 7. The chatbot disclosure requirement was not delayed.
The enforcement stakes are concrete. Violations under Article 50 can result in fines of up to €15 million or 3 percent of annual worldwide turnover, whichever is higher.
What the May 8 Draft Guidelines Change
The AI Act's text has been clear on the what of Article 50 since the regulation was adopted in June 2024. What was missing until May 8 was the how — practical guidance for providers and deployers on what disclosure mechanisms satisfy the requirement, what counts as "obvious from context," and how the obligations apply across different AI deployment patterns.
The Commission's draft guidelines are that practical guidance. They represent the last formal input window before the implementation rules are locked. Per EU regulatory counsel briefings on the consultation terms, the comment window closes June 3, 2026 — meaning enterprises with customer-facing AI systems have two weeks to flag ambiguities before the Commission finalizes the guidance.
Why This Catches Enterprise Legal Teams Off Guard
Most enterprise AI Act compliance planning has focused on the high-risk system rules — the Annex III obligations covering biometrics, credit scoring, employment tools, and similar use cases, which were just extended to December 2027 via the Omnibus deal.
Article 50 follows a different track. It is not scoped by risk classification. It applies to any deployer of any AI system that interacts with natural persons in a chatbot-style interaction, or any AI system that generates content that reaches end users. The August 2 deadline for these obligations was not extended.
The practical effect: an enterprise deploying an AI-assisted customer service tool, a financial advisory summary generator, or an HR-facing AI chatbot may have Article 50 obligations regardless of how the system scores on a risk classification assessment.
The Shadow AI Gap That Article 50 Exposes
Article 50 creates a disclosure obligation. It does not answer the harder operational question: does your compliance team know which AI tools your employees are using in workflows that touch external parties?
When a customer success team uses an AI tool to draft responses that go to clients, when a financial analyst uses an AI to generate summaries for customer reports, the enterprise may be the deployer under Article 50 — without the visibility to know it, let alone enforce a disclosure policy downstream.
Disclosure requires inventory. Inventory requires visibility into AI tool usage at the point where employees generate and send content. That visibility is the compliance infrastructure gap that Article 50 now makes material.
For enterprises that have deployed official AI tools with disclosure mechanisms, the question is whether employees are also using unsanctioned AI tools in the same workflows — tools that carry no enterprise-controlled disclosure mechanism at all.
What to Do Before August 2
Review the draft guidelines. The Commission published the draft on May 7 on the EU digital strategy portal under the AI Act policy section. The consultation window for input closes in early June. If the draft creates compliance ambiguity for your sector, this is the window to surface it.
Map your AI chatbot and content deployments. Which tools in your organization interact with external parties or generate content that reaches natural persons? Which qualify as deployed AI systems under Article 50's scope?
Audit your disclosure mechanisms. Do the AI tools you officially deploy currently surface disclosure to end users? Will those mechanisms satisfy the August guidelines once finalized?
Assess your shadow AI exposure. Which AI tools are employees using that your compliance team does not have visibility into? Those tools may be operating in Article 50-relevant workflows without your knowledge — and without the disclosure mechanisms required come August.
The August 2 deadline for chatbot disclosure obligations has not moved. The May 8 guidelines consultation is the last formal input window before the Commission finalizes how those obligations will be interpreted and enforced.
Containment.AI gives compliance teams real-time visibility into which AI tools employees are using across ChatGPT, Claude, Gemini, Copilot, Grok, and Perplexity — before content reaches regulated workflows. Learn how it works →