Deepfakes and the EU AI Act: Article 50 Transparency
The EU AI Act does not ban deepfakes. It treats them as a transparency problem, so the duty is not to stop synthetic media but to make sure people know when content is artificial.
That duty lives in Article 50, and it splits the responsibility between the company that builds the generation tool and the company that publishes the result. Getting the split wrong is how a marketing clip or a training video turns into a compliance gap.
How does the EU AI Act regulate deepfakes?
Section titled “How does the EU AI Act regulate deepfakes?”Under the EU AI Act (Regulation (EU) 2024/1689), a deepfake is AI-generated or manipulated audio, image, or video that resembles real people, objects, or events and would falsely appear authentic. Article 3(60) sets that definition. Article 50 places deepfakes in the limited-risk tier and attaches transparency duties: the artificial nature of the content must be disclosed so an ordinary person is not deceived.
This is a lighter regime than the high-risk rules that govern systems like CV screening or credit scoring. The concern is honesty rather than safety, and the fix is a label rather than a ban. For how this tier sits next to the others, see our EU AI Act risk categories guide.
What does Article 50 require for synthetic media?
Section titled “What does Article 50 require for synthetic media?”Article 50 sets two distinct duties that often apply to the same piece of content. Providers of general-purpose generative AI must mark their output as artificially generated in a machine-readable format, so downstream systems can detect it. Deployers who create or publish a deepfake must disclose that the content is artificially generated or manipulated, in a way a person can perceive.
The machine-readable mark and the human-facing disclosure are separate requirements. A video can carry an invisible watermark from the generation tool and still breach Article 50 if the company posting it gives viewers no visible notice. The table below shows who owes what.
| Duty | Who it falls on | What it looks like in practice |
|---|---|---|
| Mark output as AI-generated | Provider of the GenAI system | Machine-readable watermark or metadata, robust and detectable |
| Disclose a deepfake to viewers | Deployer who publishes it | Visible caption, label, or on-screen notice |
| Disclose chatbot is AI | Deployer running the bot | Statement before the conversation begins |
| Inform when text is AI-generated | Deployer publishing AI text on public-interest matters | Disclosure unless human-reviewed with editorial responsibility |
The exercise on AI transparency and disclosure walks a marketing team through labeling each of these correctly, including a cloned-voice testimonial and an AI-upscaled product image.
Who must disclose a deepfake: the provider or the deployer?
Section titled “Who must disclose a deepfake: the provider or the deployer?”Both, but for different parts of the same problem. The provider is the company that develops the generative AI system and places it on the market, and its job is to embed the machine-readable mark at the point of creation. The deployer is the company that uses the system under its own authority and publishes the result, and its job is the visible disclosure to the audience.
A provider that watermarks correctly does not discharge the deployer’s duty. If your team uses an outside tool to generate a synthetic spokesperson for an ad, the vendor handles the technical mark, but your organization is the deployer that must tell viewers the figure is artificial. The provider versus deployer exercise makes this split concrete with a realistic scenario.
Most enterprises are deployers far more often than providers. You rarely build the model, but you constantly publish what it produces, which is where the disclosure duty bites.
Are there exceptions for art, satire, or law enforcement?
Section titled “Are there exceptions for art, satire, or law enforcement?”Yes, and they are proportionate rather than blanket. Article 50 carves out an exception for content that is part of an evidently artistic, creative, satirical, or fictional work. In those cases the disclosure must not spoil the experience, so it can be limited to a notice that does not hamper the display of the work.
Law enforcement use to detect, prevent, investigate, or prosecute crime is also treated differently under the regulation. These exceptions are narrow, and they do not cover ordinary commercial or corporate communications. A satirical sketch can carry a light-touch credit, but a fake executive announcement dressed up as real falls squarely inside the disclosure duty.
The safe operating rule for most businesses is simple. If a reasonable viewer could mistake the synthetic content for genuine footage of a real person or event, disclose it.
How do deepfake disclosure duties connect to fraud risk?
Section titled “How do deepfake disclosure duties connect to fraud risk?”Disclosure law and fraud defense point at the same problem from opposite ends. Article 50 governs the honest, declared use of synthetic media, while criminals use the exact same technology with no intention of labeling anything. The transparency duty does not stop the attacker, but the awareness it builds inside a workforce does.
The stakes are concrete. In 2024, engineering firm Arup confirmed that an employee in its Hong Kong office was tricked into paying out around US$25 million after a video call populated entirely by deepfake recreations of senior staff, as reported by CNN and the Financial Times. No watermark would have helped there, because the fraudsters controlled the tooling.
This is why disclosure training and attack training reinforce each other. Teams that learn to label their own synthetic content also learn how convincing it has become, which is the mindset that questions an unexpected video instruction. Our guides on deepfake social engineering and AI-powered phishing cover the attack side, and the real-time deepfake detection guide covers the verification habits that catch a fake before money moves.
How do GDPR and identity rights apply to deepfakes?
Section titled “How do GDPR and identity rights apply to deepfakes?”A deepfake of a real person is almost always processing of personal data, so the AI Act sits on top of GDPR rather than replacing it. Article 50 governs the disclosure, while GDPR (Regulation (EU) 2016/679) still governs the lawful basis, the person’s rights, and the security of the underlying data. Using someone’s face or cloned voice without a valid basis is a data-protection problem regardless of any label.
The raw material for a deepfake usually comes from public exposure. A few photos and a short voice clip are enough to train a convincing fake, and people hand that material over freely on social platforms. The social media oversharing exercise shows how a single conference photo or birthday post feeds the reconnaissance that makes synthetic impersonation possible.
The other half is impersonation of a named individual to commit fraud or steal credentials. When a deepfake spoofs a real employee to redirect payroll or harvest personal details, it crosses into identity theft, the territory the identity theft prevention exercise trains staff to recognize and report.
How RansomLeak trains deepfake awareness and disclosure
Section titled “How RansomLeak trains deepfake awareness and disclosure”RansomLeak treats Article 50 as an operational skill rather than a legal abstraction. The AI transparency and disclosure exercise puts learners inside a content governance review, where they label AI-generated, AI-assisted, and synthetic media correctly and rewrite a chatbot that hides its AI identity. The scenario teaches the disclosure duty by making people apply it, not by reading the article to them.
The attack side runs in parallel. The deepfake audio detection exercise trains staff to question a cloned voice on a call, and the whaling with a deepfake exercise rehearses the executive-impersonation scenario that cost Arup so much, the same pattern our whaling guide breaks down in depth. Both live in the AI security catalogue, next to the prompt injection and LLM risks that share the same root cause.
Disclosure also belongs to your compliance program, which is why the privacy and compliance catalogue carries the EU AI Act course alongside GDPR scenarios. For the regulation end to end, our EU AI Act training guide maps each obligation to a specific exercise. To see how the synthetic-media duties translate into role-based training, book a walkthrough with our team.
Frequently asked questions
Section titled “Frequently asked questions”Does the EU AI Act ban deepfakes?
Section titled “Does the EU AI Act ban deepfakes?”No. The EU AI Act does not prohibit deepfakes; it treats them as limited-risk and attaches transparency duties under Article 50. The content is allowed, but its artificial nature has to be disclosed so viewers are not deceived. Prohibited practices under Article 5 are a separate and much smaller category.
What is the legal definition of a deepfake under the EU AI Act?
Section titled “What is the legal definition of a deepfake under the EU AI Act?”Article 3(60) defines a deepfake as AI-generated or manipulated image, audio, or video content that resembles real persons, objects, places, entities, or events and would falsely appear to a person to be authentic or truthful. The definition turns on resemblance to reality and the potential to mislead, not on the specific technique used to create it.
Who is responsible for labeling a deepfake?
Section titled “Who is responsible for labeling a deepfake?”Responsibility is split. The provider of the generative AI system must mark output as artificially generated in a machine-readable way, and the deployer who publishes the deepfake must disclose to viewers that the content is artificial. A correct watermark from the tool does not remove the publisher’s duty to give a visible disclosure.
When do the deepfake transparency rules start to apply?
Section titled “When do the deepfake transparency rules start to apply?”The Article 50 transparency obligations apply from 2 August 2026, the same date most remaining provisions of the regulation take effect. The AI Act itself entered into force on 1 August 2024, with prohibited practices and AI literacy duties already live from 2 February 2025.
Are there penalties for failing to disclose a deepfake?
Section titled “Are there penalties for failing to disclose a deepfake?”Yes. Breaching the transparency obligations can draw fines of up to €15 million or 3% of global annual turnover under Article 99, whichever is higher, with the lower figure applying to small and medium-sized enterprises. The exact penalty depends on the breach, the size of the organization, and the cooperation shown.
Does Article 50 apply to synthetic media used internally?
Section titled “Does Article 50 apply to synthetic media used internally?”The disclosure duty is aimed at content that reaches people, so a deepfake published to staff, customers, or the public falls inside it. Purely internal experiments that no one is meant to mistake for real footage carry less exposure, but the safer practice is to label any synthetic depiction of a real person regardless of audience.
Bottom line
Section titled “Bottom line”The EU AI Act regulates deepfakes through disclosure, not prohibition. Article 50 asks providers to mark synthetic output by machine and asks deployers to tell their audience the content is artificial, and most organizations carry the deployer duty far more often than they realize.
Treat it as a workforce skill. Teams that label their own synthetic media correctly also build the instinct to doubt an unexpected video call, which is the same instinct that stops a deepfake fraud. If your organization operates AI in Europe, explore the privacy and compliance catalogue or talk to our team.