The EU AI Act (Regulation (EU) 2024/1689) has a tiered enforcement schedule. Most obligations apply from August 2, 2027. But Article 50 — the transparency chapter — is different. It becomes enforceable on August 2, 2026. That's 41 days from today.
If your website uses chatbots, AI-generated content, or any AI system that interacts with users, this deadline applies to you — including if you're a US company.
What Gets Enforced August 2
Article 50 covers four specific transparency obligations. These are not aspirational guidelines — they are legally binding requirements with fines attached.
| Obligation | Article | What It Requires | Who It Hits |
|---|---|---|---|
| Chatbot identification | Art. 50(1) | AI systems interacting with humans must inform users they are talking to AI | Any website with a chatbot or AI assistant |
| AI content labeling | Art. 50(4) | AI-generated content designed to appear authentic must be machine-readable labeled | Sites publishing AI-generated images, video, audio, or text |
| Emotion recognition notice | Art. 50(3) | Systems using emotion recognition must notify users before exposure | Sites using facial analysis or behavioral AI |
| Deepfake disclosure | Art. 50(2) | Synthetic media of real people requires clear disclosure | Media, entertainment, marketing sites |
The chatbot obligation (Art. 50(1)) is the most broadly applicable. If your site has any conversational AI — a support bot, a lead qualification assistant, an AI chat widget — it must clearly identify itself as AI before or at the start of the interaction.
The content labeling obligation (Art. 50(4)) applies when AI-generated content is "intended to appear authentic." Blog posts with an "AI-assisted" disclosure at the top likely satisfy this. AI-generated product images presented without any label likely don't.
Who It Applies To
Article 2 of the EU AI Act establishes extraterritorial scope — the same mechanism GDPR uses. The regulation applies to:
- Providers placing AI systems on the EU market
- Deployers of AI systems located in the EU
- Providers and deployers located outside the EU, when the output is used in the EU
That third category is the one that catches most US companies off guard. If your website is accessible to EU users and uses AI to generate content or power a chatbot, you are within scope. There is no minimum EU traffic threshold in the regulation.
The only exception in Article 50 is for AI systems used exclusively for military, national security, or research purposes — not relevant to commercial websites.
For a full breakdown of extraterritorial scope, see our guide on whether the EU AI Act applies to US companies.
Fines and Penalties
Article 99 sets the penalty structure for AI Act violations. For Article 50 transparency violations specifically, the ceiling is:
Article 50 violation fine ceiling
€15,000,000 or 3% of global annual turnover — whichever is higher
For context: 3% of global turnover is the same tier as many GDPR violations. It's designed to be meaningful even for large companies. For a company with $10M annual revenue, the 3% figure is $300,000. For a $500M company, it's $15M — hitting the ceiling.
National market surveillance authorities (MSAs) in each EU member state handle enforcement. Each country designates its own authority. The supervisory structure is similar to GDPR's lead supervisory authority model under Article 77.
EU Enforcement Track Record
Some companies assume EU digital regulation enforcement is slow. The GDPR record suggests otherwise:
| Company | Fine | Violation | Authority |
|---|---|---|---|
| Meta (Facebook) | €1.2 billion | Unlawful data transfers to US | Irish DPC, 2023 |
| Amazon | €746 million | Advertising targeting without consent | Luxembourg CNPD, 2021 |
| Clearview AI | €20 million | Facial recognition without lawful basis | Italian Garante, 2022 |
| Replika | Service suspended | AI companion without transparency obligations | Italian Garante, 2023 |
The Replika case is the most instructive for Article 50. The Italian DPA suspended the service — not just fined it — over transparency failures in an AI conversational system. Article 50 enforcement will use the same authorities with similar powers.
EU AI Act enforcement capacity is actively being built. Germany, France, the Netherlands, and Ireland are all ahead in designating national authorities. These are the same countries with active GDPR enforcement units — meaning the infrastructure exists.
What To Do Before August 2
With 41 days remaining, the highest-value actions in priority order:
1. Audit your chatbots and AI assistants
Every conversational AI widget on your site — support bots, lead bots, AI assistants — must display a clear disclosure before or at the start of the conversation. "I'm an AI assistant" in the chat header is sufficient. Buried in a settings page is not.
2. Label AI-generated content
Review which content on your site is substantially AI-generated. Add visible labels where the content could be mistaken for human-created. For images, machine-readable metadata (C2PA standard) satisfies the technical requirement.
3. Publish or update your AI policy page
A dedicated page documenting how your site uses AI systems — what tools, what data, what purposes — demonstrates good faith compliance. It's referenced by Article 13 transparency requirements and is increasingly expected by regulators reviewing complaints. See our guide to AI content disclosure requirements for what to include.
4. Check your GDPR disclosure alignment
Article 50 works alongside GDPR — not instead of it. If your AI systems process personal data, GDPR transparency obligations (Articles 13-14) apply on top of Article 50. See our GDPR AI compliance checklist for the full picture.
5. Scan your site for compliance gaps
Manual audits miss things. An automated scan surfaces missing disclosures, undisclosed AI systems, and GDPR gaps across every page — not just the ones you remember to check.
August 2 is 41 days away.
SiteProof AI scans your website for EU AI Act Article 50 violations, missing chatbot disclosures, and GDPR gaps — and tells you exactly what to fix.
Scan your site free →