Quick answer

From August 2, 2026, providers of AI systems that generate synthetic audio, image, video or text must ensure outputs are marked in a machine-readable format and detectable as artificially generated or manipulated. Marking must be effective, interoperable, robust and reliable as far as technically feasible, per Article 50(2) of the EU AI Act.

Updated June 2026 · MmowW AI Compliance

EU AI Act Machine-Readable Marking of AI-Generated Content: Article 50(2) Guide

The Obligation in One Sentence

Article 50(2) of Regulation (EU) 2024/1689 requires providers of AI systems — including general-purpose AI systems — that generate synthetic audio, image, video or text content to ensure the outputs are marked in a machine-readable format and detectable as artificially generated or manipulated. The provision adds an engineering qualifier: providers must ensure their technical solutions are effective, interoperable, robust and reliable as far as this is technically feasible, taking into account the specificities and limitations of various types of content, the costs of implementation, and the generally acknowledged state of the art, as may be reflected in relevant technical standards. The duty applies from August 2, 2026.

Machine-Readable Versus Human-Visible

Article 50 builds a two-layer transparency system, and confusing the layers is the most common compliance error. Article 50(2) is the machine layer: an invisible, automated signal embedded by the provider so that software — platforms, browsers, verification tools, regulators — can detect synthetic origin at scale. Article 50(4) is the human layer: visible disclosure by deployers when content constitutes a deep fake or informs the public. A photorealistic generated image therefore typically needs both: provenance metadata or watermarking from the generation system's provider, and a visible label from the professional deployer who publishes it as apparently real imagery. Neither substitutes for the other.

The Technical Toolbox

The regulation is deliberately technology-neutral; recital 133 names the families of techniques: watermarks, metadata identifications, cryptographic methods for proving provenance and authenticity, logging methods, fingerprints, or combinations of them. In current practice the main options are:

Because each technique fails differently, serious implementations layer them — metadata for verifiability, watermarking for survivability, logging for forensics — which is exactly the combination reading the regulation's effectiveness and robustness criteria suggests.

The Text Problem

Text is the hardest modality: it can be retyped, paraphrased and trivially stripped of any embedded signal, and statistical watermarks degrade with editing. The regulation acknowledges this through the technical-feasibility qualifier — providers must apply the state of the art, not achieve the impossible. For text systems the practical reading in 2026 is: apply available watermarking where it survives the product's use patterns, attach provenance signals in formats and channels that retain them, document honestly in technical files what is feasible and what is not, and revisit as standards mature. The exemption in Article 50(2) also matters here: the marking duty does not apply where the AI system performs an assistive function for standard editing or does not substantially alter the input data provided by the deployer or its semantics — grammar correction, autocomplete and light rewriting sit outside the duty.

Who Carries the Duty

The obligation binds providers of the generating AI system. In layered value chains, that is whoever places the generation system on the EU market — which is often a downstream company building on a GPAI model through an API. The system provider cannot simply assume the upstream model provider has solved marking: if the model's native watermarking does not survive the product's output path, or the product post-processes outputs, the system provider must close the gap. Conversely, deployers and end users carry no Article 50(2) duty — but professional deployers inherit the visible-disclosure duties of Article 50(4), and platforms increasingly require provenance signals contractually regardless of legal role. The law-enforcement carve-out mirrors the rest of Article 50.

Enforcement and Standards Context

Article 50 duties are supervised by national market surveillance authorities, with fines up to 15 million euros or 3 percent of worldwide annual turnover for non-compliance. Two soft-law tracks matter for implementation. The Commission and AI Office encourage codes of practice to facilitate effective implementation of detection and labelling obligations, foreseen by Article 50(7), and work on harmonised standards for marking is proceeding through European standardisation. Providers tracking C2PA, emerging watermarking standards and the AI Office's transparency work will find that the compliance target is consolidating around interoperable provenance plus modality-appropriate watermarking — building to that combination now is the lowest-regret path.

Interaction with GPAI Model Duties

The marking obligation belongs to the AI system layer, but it connects to Chapter V in two practical ways. First, many system providers will satisfy Article 50(2) partly through capabilities inherited from the underlying general-purpose model — native watermarking in image generators, provenance hooks in model APIs — and the Annex XII documentation that GPAI providers owe downstream integrators is where those capabilities and their limits should be described. Integrators should read it before designing their own marking stack, and ask for it where it is missing. Second, the GPAI Code of Practice and the AI Office's transparency work are converging on shared expectations for content provenance across the value chain, so the model provider's roadmap is a leading indicator of what system providers will be able to claim as state of the art. Where the model layer offers nothing, the system provider carries the full weight alone — a point worth pricing into model selection.

The competitive context is also shifting: major platforms now read and display provenance signals, advertisers demand them, and public-sector buyers write them into procurement. Marking is becoming infrastructure rather than compliance overhead, and providers that implement it well convert a legal duty into a distribution advantage.

A Concrete Example

A European start-up offers a marketing-content generator producing images and product videos on top of a third-party diffusion model accessed by API. As provider of the generation system, it implements three measures before August 2026. Every exported asset receives signed content credentials recording AI generation, the toolchain and timestamp. The upstream model's invisible watermark is verified to survive the start-up's post-processing pipeline — where compression broke detection, the pipeline was adjusted. And exports are hashed into a retention log so customer-support and abuse cases can be matched later. Documentation in the technical file records the design choices, the standards followed and the known limitations — for instance, that screenshots strip metadata but the pixel watermark persists. When a customer publishes a photorealistic campaign image of a real city square, the customer's own visible caption duty under Article 50(4) is its business; the start-up's machine-readable layer is already in the file.

Common Pitfalls

The recurring failures: shipping with the upstream model's watermark but post-processing it away; treating visible logos or captions as satisfying the machine-readable requirement — a watermark for the eye is not a format for machines; ignoring the assistive-editing exemption and over-marking, which dilutes user trust and creates noise; conversely, stretching the exemption to cover full generation features; and writing nothing down — the feasibility qualifier protects providers only if the technical file documents what was assessed, chosen and rejected. Finally, interoperability is part of the legal test: a proprietary mark that nothing downstream can read scores poorly against the criteria the article itself names.

Action Plan

Providers of generative features should inventory every output path; select a provenance standard and a watermarking approach per modality; test survivability across the real export pipeline including compression, cropping and platform re-encoding; implement the assistive-function analysis for borderline features; document everything in the technical file; and assign ownership for tracking standards as they harden. The marking obligation rewards engineering done early: retrofitting provenance into a shipped product is an order of magnitude harder than building it into the export path from the start.

For teams sequencing the work against the August 2, 2026 deadline, a quarter-by-quarter plan suffices: one quarter for inventory, standard selection and survivability testing; one for pipeline integration and the assistive-function analysis; one for documentation, monitoring and a dry run of how the organisation would answer a market surveillance request about a specific asset. The components are mature, the standards are public, and the duty was published in 2024 — by 2026, unreadiness is a choice rather than a surprise.

Check your AI compliance readiness — free.

Take the Readiness Check 3 minutes · 10 questions · no signup required

This article is for informational purposes only and does not constitute legal advice. Regulatory requirements change frequently — verify current rules with official sources. Built by Sawai Gyoseishoshi Office, Hiroshima, Japan.