The EU AI Act Transparency Deadline Is 63 Days Away and Nobody's Ready

What actually happens on August 2

On August 2, 2026, the EU AI Act's transparency obligations become enforceable. That's Article 50 — the part that says users must know when they're interacting with AI, and AI-generated content must be labelled.

The same date also activates Chapter V — the rules for general-purpose AI models (GPT-4, Claude, Gemini, Llama, etc.). If you build on top of one of these models, your provider has obligations. And depending on how you deploy it, so do you.

This is not the high-risk deadline. That got pushed to December 2, 2027 under the Digital Omnibus deal. So if your system is high-risk under Annex III (HR screening, credit scoring, law enforcement), you have more time. But if you have a chatbot or generate content? August 2 is your date.

Who this hits

The transparency deadline affects a wider range of companies than most people realize. It's not just "AI companies." It's anyone deploying AI that interacts with people or generates content in the EU market.

Specifically:

• Chatbots and virtual assistants. If a user in the EU talks to your AI, they need to know it's AI. That includes customer support bots, sales assistants, and any conversational AI feature.
• Content generation tools. Text, images, audio, video — if AI generates it and it reaches the public, it must be labelled. The Commission wants machine-readable metadata, not just a small disclaimer.
• Deepfake and synthetic media. Anything that makes people look or sound like they said something they didn't. Must be disclosed.
• Emotion recognition systems. If your AI detects emotions (in a call center, for example), the people being analyzed must be informed.

The extraterritorial reach matters here. If you're a US company with a chatbot that EU customers can use, Article 50 applies to you. Same logic as GDPR — it follows the user, not the company.

Why nobody's started

I've been building an EU AI Act compliance tool for the past few months, and the most surprising thing isn't how complex the regulation is — it's how few companies are doing anything about it.

There are a few reasons for this:

• The regulation is 144 pages. Most people read the first few pages and give up. The actual obligations are buried across multiple articles and annexes, and figuring out which ones apply to your specific situation requires cross-referencing several sections.
• The deadline kept moving. The high-risk deadline was originally August 2026, then got pushed to December 2027. This created confusion about whether anything was actually happening in August. (It is. Transparency obligations are still on schedule.)
• No enforcement actions yet. GDPR had the same problem. Nobody took it seriously until the first fines landed. The AI Act's prohibited practices have been enforceable since February 2025 and we haven't seen major enforcement yet. That will change.
• Companies don't know where to start. "Am I a provider or a deployer?" "Is my chatbot limited risk or high risk?" "What's Annex III?" The vocabulary alone is enough to make people put it off.

This is going to play out exactly like GDPR. Quiet until enforcement, then panic. The companies that start now will have a much easier time than the ones scrambling in July.

What to actually do

If you're reading this and you have a chatbot, content generation feature, or any AI that interacts with EU users, here's what you need before August 2:

• Figure out your risk tier. Run a risk classification to find out if you're limited risk (transparency obligations only) or something else. This takes 5 minutes and it's free.
• Add AI disclosure to your product. If users interact with AI, tell them. A clear banner or notice in your UI: "You are interacting with an AI assistant." Not buried in your terms of service — visible where the interaction happens.
• Label AI-generated content. If your product generates text, images, or other content, it must be labelled as AI-generated. The Commission wants this to be machine-readable (metadata), not just human-readable (a disclaimer).
• Update your terms of service. Reference that your product uses AI systems in accordance with Article 50 of the EU AI Act. This is basic housekeeping but it matters.
• Document your approach. Keep records of what disclosures you've implemented, where, and when. This is your evidence if a regulator asks.

That's it for limited risk. If you're generating synthetic media (deepfakes, voice cloning), the requirements are stricter — you need the content itself to be machine-detectable, not just disclosed. But for most companies with chatbots and AI features, the list above covers it.

High-risk is a different deadline

If your AI system falls under Annex III — meaning it operates in HR, finance, education, law enforcement, critical infrastructure, or other regulated sectors — you have until December 2, 2027. That's the deadline for the full 11 obligations: risk management, technical documentation, data governance, human oversight, accuracy testing, conformity assessment, and the rest.

But here's the thing: even if your system is high-risk, you still have transparency obligations starting August 2, 2026. The high-risk deadline gives you more time for the heavy compliance work, but it doesn't exempt you from telling users they're interacting with AI.

The practical advice is the same either way: start with classification. Figure out what tier you're in. If you're limited risk, handle the transparency requirements now — they're not that hard. If you're high risk, start with transparency (it's due first) and use the extra 16 months to work through the heavier obligations.

Either way, doing nothing and hoping the deadline passes quietly is not a strategy. The fines are real: up to €15 million or 3% of global turnover for non-compliance with transparency obligations, and up to €35 million or 7% for prohibited practices.