Complete guide to requirements for tagging content generated by artificial intelligence (January 2026)
Introduction
The first draft of the code of best practices on the transparency of content generated by artificial intelligence was published on 17 December 2025. This 32-page document, drawn up by two working groups, operationalizes article 50 of the European AI Act and sets out the concrete AI marking rules that companies must comply with as of 2 August 2026.
If your business develops or uses generative AI systems, this code is directly relevant to you. It details how to tag, detect, and label content generated or manipulated by AI, with specific obligations depending on your role in the value chain. In this article, I decipher for you the key measures of this first version, the obligations by type of actor, and the practical implications for your business.
What is the first version of the Code of Best Practices on AI Content Transparency?
Background and legal value
The first version of the code of best practices on the transparency of AI content is a compliance guide that aims to help companies demonstrate their compliance with the obligations set out in article 50 of the European AI Act. Although it is not conclusive proof of compliance, it is a tool that businesses can choose to use to structure their compliance.
This code is the result of a process involving industry, academia, civil society and Member States. The public consultation remains open until January 23, 2026, and successive versions will specify and refine the measures proposed in this first draft. The deadline to remember remains August 2, 2026, the date of full applicability of the AI Act with the possibility of sanctions in case of non-compliance.
Objectives of the code
The first version of the code pursues two main objectives that correspond to the two main categories of actors concerned. For providers of generative AI systems, it is a question of ensuring that the generated content is marked in a machine-readable and detectable manner with effective, reliable, robust and interoperable technical solutions. For users, the objective is to facilitate the identification by natural persons of deepfakes and generated or manipulated texts published for the purpose of informing the public.
Obligations of providers of generative AI systems
Who is concerned?
Providers are companies that develop and market generative AI systems capable of creating synthetic content, whether text, image, video, or audio. We naturally think of players like OpenAI, Anthropic, Midjourney or Stability AI, but the category includes any developer of generative AI systems made available to the public in the European Union.
The mandatory multi-layer approach
The first version of the code requires a combination of marking techniques because, according to the current state of the art, no single solution is sufficient to meet the four legal requirements of efficiency, reliability, robustness and interoperability. This multi-layered approach is deployed on three complementary levels.
The first layer is based on digitally signed metadata. It involves integrating source information detailing the operation carried out by the AI system into the files produced (images, videos, documents), whether generating, editing or manipulating. This metadata is accompanied by a digital signature that guarantees its authenticity and integrity.
The second layer consists of imperceptible watermarks, that is, markings that are integrated directly into the content itself. These markings are designed to be difficult to separate from the original content and must withstand common transformations like compression, cropping, or format change. Providers can implement these watermarks at the model, inference, or output level depending on their technical architecture.
The third layer uses fingerprinting or logging, techniques necessary to overcome the shortcomings of the first two approaches. For text, direct logging may be preferred, while for visual content, perceptual hashing offers a relevant alternative. For audio, similar techniques exploit psychoacoustic properties. These mechanisms make it possible to verify afterwards whether content has been generated by the system, even if active tags have been altered or removed.
Obligation to detect and access
Beyond tagging, providers must provide an interface, whether an API or a user interface, free of charge, allowing users and third parties to check if content has been generated by their system. This verification should be accompanied by a confidence score that indicates the level of certainty of the detection. When the content has been marked by other providers, the interface must also disclose all available source information.
These detection mechanisms should be maintained throughout the life cycle of the system. The first version of the code even foresees the case where a provider ceases its activity: in this scenario, the detectors must be transmitted to the supervisory authorities to ensure that the legacy content remains detectable over time. This requirement testifies to the desire to ensure the long-term traceability of content generated by AI.
Specific measures for AI models
AI model providers, i.e. those who develop models that can be integrated into downstream systems by other actors, face particular obligations. They must implement tagging techniques before the model is put on the market, thus facilitating the compliance of system providers who will use these models. This “upstream” approach aims to distribute the compliance burden across the entire value chain.
For providers who publish open-weight models, the code imposes structural marking encoded in the weights during training. This requirement recognizes the specificity of models whose parameters are publicly accessible and for which post-hoc tagging techniques would be ineffective. Structural marking allows downstream users of these models to automatically benefit from a first level of marking.
Model providers should also offer forensic detection mechanisms that do not depend on active tagging. These techniques, which rely on the identification of patterns characteristic of the model in the generated content, constitute a backup solution when active tags have been removed or degraded. Forensic detection represents an additional layer of security in the transparency ecosystem.
Preservation of the chain of origin
The first version of the code requires providers to record and trace the entire chain of origin of the content. This traceability must cover the entire journey, from authentic human content to AI-assisted content to content generated entirely by AI. Each transformation step should be documented in the metadata, with a clear distinction between operations performed by AI and human interventions.
This obligation is accompanied by a ban on the removal of existing markings. Providers must put in place technical measures to preserve the markings on the content they use as inputs and must contractually prohibit, in particular in their general conditions of use, the removal or alteration of markings by deployers or any other third party. When flagged content is reused as input to generate new content, the original tags should be maintained and complemented by the new tags.
Facilitating marking for suppliers
Providers that offer systems with user interfaces must integrate a feature that allows the direct addition of perceptible marking, in the form of an icon or label, when generating content. This feature must be enabled by default, which means that the user must take active steps to deactivate it. This measure aims to make it easier for deployers to comply with their own obligations under section 50 (4) of the AI Act by offering them a simple and immediately available tool.
Quality requirements for technical solutions
The first version of the code details four quality requirements that marking and detection solutions must meet. Efficiency, the first requirement, requires that solutions be adapted to the type of content processed, that they can be applied in real time without significantly degrading the quality of the generated content, and that they are computationally efficient. Providers must demonstrate that their solutions do not hinder the normal functioning of their systems.
Reliability, the second requirement, is mainly measured through the false-positive and false-negative rates of the detection mechanisms. Providers must validate their solutions on content that was not seen during training or system development, thus ensuring that the announced performances are not the result of over-learning. This validation must be based on metrics established and documented in a transparent manner.
Robustness, the third requirement, concerns the resistance of markings to alterations. On the one hand, tags must survive the common transformations that content undergoes in their normal life cycle: compression, cropping, paraphrasing for text, changing the resolution for images and videos, pitch shifting and time stretching for audio. On the other hand, they must resist deliberate adversarial attacks aimed at removing, copying, regenerating, modifying, or amortizing markings. Providers must also implement security measures, such as rate limits, to protect their detectors against reverse engineering attempts.
Interoperability, the fourth requirement, requires solutions to work across platforms and distribution channels. Markings should not be linked to a closed proprietary ecosystem but should be able to be read and verified by different actors in the value chain. The code strongly encourages the use of open standards, with explicit references to initiatives like C2PA (Coalition for Content Provenance and Authenticity). Providers are also invited to contribute to shared aggregated verifiers or, failing that, to encode information in their tags to identify appropriate detection means.
Obligations of generative AI Deployers
Who is concerned?
Deployers are businesses, organizations, and professionals who use generative AI systems to create content that they then publish. This category encompasses a very broad spectrum of actors: communication agencies using image generation tools for their campaigns, media producing AI-assisted content, marketing services generating promotional visuals or texts, producers of creative content integrating synthetic elements into their works. Unlike the providers who develop technologies, deployers are the professional end users of these technologies.
Scope: deepfakes and texts of public interest
The first version of the code defines deepfakes in a particularly broad way. This is audio, visual, or video content that significantly resembles existing people, objects, places, entities, or events and that may falsely appear authentic or true. This definition obviously includes classic cases of face or voice replacement, but it extends well beyond that.
Deepfakes are thus considered to be the removal of objects in an image or video when this removal affects the meaning of the content, the addition of AI-generated text to real images, hybrid audio formats combining deepfake and authentic audio, or even beauty filters that change a person's perceived age or emotional tone. The definition also covers changes that are apparently minor but change the context of the content, such as removing background noise that would make it look like a different environment, or color adjustments that change the contextual meaning, for example by changing a person's skin tone.
When it comes to texts, deployers must mark texts generated or manipulated by AI that are published in order to inform the public about issues of public interest. This category is mainly aimed at journalistic content, political analyses, institutional communications, or any other text intended to form public opinion on topics of general interest. However, an important exception exists: the marking obligation does not apply if the text has been subject to human review or editorial control and if a natural or legal person assumes editorial responsibility for the publication. This exception recognizes that human responsibility may, in some cases, be a substitute for technical marking.
Common taxonomy at two levels
The first version of the code requires the use of a standardized taxonomy to classify content into two distinct levels. The first level corresponds to content generated entirely by AI, that is, content created independently by AI without an authentic human base. Here we think of images generated by Prompt, synthetic videos produced from scratch, or articles written entirely by AI without substantial human intervention in the creation process.
The second level covers AI-assisted content, which is a mixture of human and AI elements. What characterizes this level is that AI intervention affects meaning, factual accuracy, emotional tone, or other elements that may falsely appear authentic. Examples include a real photo that has AI-generated text added to it, an audio recording that has had its voice replaced, human text that has been rewritten or summarized by AI, or visual alterations that change the context or meaning of the original content.
This taxonomic distinction should be visually reflected in the tagging icon, allowing the audience to immediately understand the degree of intervention of the AI in the content they are viewing. The aim is to provide nuanced information rather than a simple binary “AI/non-AI” indicator.
Mandatory European common icon
Pending the finalization of a standardized icon at European level, the code provides an interim solution that deployers can use immediately. This solution is based on a two-letter acronym referring to artificial intelligence in the language of the country concerned. Thus, “AI” will be used in English-speaking countries, “KI” in Germany (“Künstliche Intelligenz”), “IA” in France and in Spanish and Portuguese speaking countries, etc.
This interim icon should be clearly visible from the first time the audience is exposed to the content. Its positioning must be appropriate to the content format and the context of distribution, while ensuring that it does not interfere with the appreciation of artistic works when the content falls within this framework. The icon should also visually integrate the taxonomic distinction between content generated entirely by AI and content assisted by AI, for example through the use of different colors or graphic variations.
The future common European icon, currently under development, will be interactive. It will allow the public, by simple click or hover, to access the precise details of what has been generated or manipulated by AI in the content. This interactivity will be based on machine-readable information provided by providers in accordance with section 50 (2) of the AI Act. The EU icon will also incorporate audio disclaimers to meet accessibility requirements and will comply with the ETSI EN 301 549 standard, which sets out accessibility requirements for information and communication technology products and services.
Marking methods by type of content
The first version of the code details specific rules depending on the type of content to be marked. For real-time videos, the icon should be displayed continuously throughout the exhibition, accompanied by a disclaimer at the beginning that explains the presence of deepfake in the content. This double measure aims to ensure that the public is informed from the first contact with the content and that this information remains present throughout the viewing period.
For non-real-time videos, deployers have some flexibility and can choose from several options, used individually or in combination. They can insert a disclaimer at the beginning of the video, provided that if the disclaimer is oral, the icon must appear simultaneously on the screen. They can also place the icon fixedly throughout the exposure, in a consistent and clearly visible position. A third option is to include a disclaimer in the end credits, but this option should always be accompanied by at least one of the two previous measures to ensure that the information is available upon first exposure.
When it comes to audio only, the code distinguishes between short and long formats. For content under thirty seconds, such as advertisements or jingles, a brief audible disclaimer in natural language should be inserted at the beginning. For long formats like podcasts, audible disclaimers must be repeated at the beginning, during intermediate phases, and at the end of the content. This repetition is intended to inform listeners who would join the listening along the way. When a screen is available while listening, for example on a smartphone or in a connected car, the icon should also be displayed visually.
For images, the icon should be placed in a fixed position, clearly visible and distinct from the image itself. The code specifies that the icon should not be hidden, for example in multiple layers or backgrounds that would require specific user action to be revealed. The aim is for the information to be immediately perceptible without any additional interaction.
For texts that are subject to the marking requirement, the icon must be placed in a fixed position. The code suggests several possible locations without imposing them rigidly: at the top of the text, next to the text, in the colophon, or after the final sentence. The choice of location may depend on the publication format and the technical constraints of the distribution platform.
Finally, for multimodal content combining multiple modalities, the icon should be clearly visible without the need for additional interaction from the audience. This category includes image-text-sound, text-sound, image-sound, or image-text combinations, excluding video content that is treated by the specific rules mentioned above.
Specific rules for creative works
When deepfakes are part of artistic, creative, satirical, fictional or similar works, disclosure obligations apply in a proportionate and non-intrusive manner. The guiding principle is not to hinder the dissemination, appreciation, normal exploitation, or creative quality of the work while maintaining sufficient information for the public.
For real-time or near real-time videos related to artistic creation, the icon can be displayed in a corner of the screen for five seconds at the start of the exhibition, without the need for continuous maintenance that could distract the viewer. For artistic images, the icon may be embedded in the image itself or in its background, as long as this integration preserves the audience's ability to discern the icon. For audio, a non-intrusive audio disclaimer can be used, or the future EU disclaimer standardized once it is available.
However, this proportionality does not exempt deployers from putting in place appropriate safeguards for the rights and freedoms of third parties. These third parties include the individuals depicted or simulated in deepfakes, whose privacy, dignity, and other fundamental rights need to be protected. Safeguards also concern the wider audience when deepfake addresses sensitive political or societal topics that could mislead the public on issues of general interest.
Exception for texts with editorial responsibility
Deployers can avoid the disclosure requirement for texts generated or manipulated by AI if they are able to demonstrate two cumulative conditions. First, the text must have been subject to human review or editorial control. Second, a natural or legal person must assume editorial responsibility for the publication.
This exception recognizes that in certain contexts, in particular journalistic or editorial contexts, human responsibility assumed publicly can constitute a sufficient guarantee of quality. It thus avoids imposing systematic tagging that could stigmatize the use of writing assistance tools in traditional editorial processes where the final responsibility remains clearly human.
To invoke this exception, deployers must maintain minimal documentation that includes identifying the person with editorial responsibility, including name, role, and contact information. The documentation should also present an overview of the organizational and technical measures put in place as well as the human resources allocated to ensure appropriate review prior to publication. It should include the date of review and approval, and contain a reference to the final approved version of the content, for example in the form of a file name, URL, or other internal identifier.
The code specifies that this documentation must be proportionate to the size of the deploy, thus avoiding imposing an excessive administrative burden on small structures. The main thing is to be able to demonstrate to the authorities, if necessary, that a genuine human review has taken place and that clear responsibility has been assumed.
Common obligations: compliance, training
Compliance plan
Whether providers or deployers, code actors must establish and maintain a compliance framework that documents their processes. For providers, this documentation details the tagging and detection processes implemented. For deployers, it describes the labelling practices applied with concrete examples of how to use the icon in different contexts.
This framework should include internal procedures that ensure consistent content classification. The first version of the code places particular emphasis on the fact that classification and labelling processes should not rely solely on automation but should be supported by appropriate human oversight. This requirement aims to avoid the systematic errors that fully automated systems could generate and to ensure a nuanced application of the rules in borderline cases.
Staff training
Providers and deployers must ensure appropriate training for personnel involved in their code activities. For providers, this mainly concerns teams designing and developing AI systems. For deployers, training should reach everyone involved in creating, editing, or distributing content.
The minimum content of this training should cover several aspects. Staff should understand when disclosures are legally required, how to apply the taxonomy and icon in different contexts, what are the specific rules for creative works, how the editorial liability exception for texts applies, what accessibility requirements should be met, and what procedures should be followed to correct identified tagging or labelling errors.
The code specifies that this training must be proportionate to the size of the provider or deploy, to the resources available, and to the risks associated with the content generated or manipulated by the AI systems used. The aim is to take into account the context of use, the extent of content dissemination, and its potential impact on the public.
Flagging and monitoring system
Deployers should set up a confidential and secure channel for individuals to report mislabeled or unlabeled content. This flagging system must also be accessible to relevant third parties, including market surveillance authorities, media regulators, intermediary service providers including very large online platforms and search engines defined by the Digital Services Act, as well as certified and independent fact-checking organizations.
The aim of this system is twofold. On the one hand, it allows deployers to receive feedback on the quality of their labelling and to quickly identify errors. On the other hand, it offers authorities and other stakeholders a way to verify compliance and document possible breaches. The technical solution should enable deployers to demonstrate that they have carried out consistent and timely labelling, and should facilitate the reporting of problematic content across Member States.
When content is reported and after review, it is found to be in fact mislabeled or incorrectly unlabeled, the deployer should correct the error without undue delay. This requirement for rapid correction aims to limit the spread of misleading content and to quickly restore the expected transparency.
Cooperation with authorities
Providers and deployers must cooperate fully with the competent market surveillance authorities to demonstrate compliance. This cooperation involves providing all relevant information and providing access to systems when required. In particular, authorities may request to consult compliance documentation, review technical marking or detection mechanisms, verify personnel training records, or analyze monitoring reports and responses to reports.
Accessibility: transversal requirement
The first version of the code requires compliance with European Union accessibility requirements to ensure that icons, and labels are accessible to people with disabilities. This transversal requirement applies both to providers in the design of their labelling functionalities and to deployers in the concrete implementation of markings.
For people with visual disabilities, accessibility measures include the provision of audio descriptions for visual indicators, the integration of alt-text allowing screen readers to vocalize the presence and meaning of icons, and the use of high contrast as well as compatibility with assistive technology. For people with hearing disabilities, this means providing visual or tactile signals for audio content alone, and accompanying audio disclaimers with synchronized captions.
The standard recommended by the code is ETSI EN 301 549 entitled “Accessibility requirements for ICT products and services”, which is the harmonized European standard for digital accessibility. Providers are encouraged to rely on this standard or other recognized standards to ensure that their implementations effectively meet the needs of users with disabilities.
This attention to accessibility is not only an obligation of non-discrimination, it also ensures that the very objective of transparency aimed at by the code is achieved for the entire population, without exclusion related to disability.
Frequently asked questions
Is the first version of the code of best practices mandatory?
The first version of the Code of Practice is not legally binding in itself. It is a voluntary instrument that businesses can choose to use to structure their compliance. On the other hand, article 50 of the AI Act is indeed mandatory and imposes clear obligations on providers and deployers of generative AI systems. The code is a detailed guide to demonstrate compliance with this article, but businesses can theoretically choose other ways to achieve the same goal. In fact, since the code was developed in collaboration with the European Commission and represents a consensus, it is highly likely that supervisory authorities will refer to it as a benchmark when conducting their checks.
What happens if I don't follow the code?
From 2 August 2026, national market surveillance authorities will have the power to impose sanctions for non-compliance with Article 50 of the AI Act. These sanctions may be graded according to the seriousness of the breach, the intentional or negligent nature of the violation, and the size of the company concerned. Failure to follow the code in itself is not punishable, but if a company does not follow the code and cannot demonstrate by other means that it complies with section 50, it is subject to sanctions. Conversely, a company that follows the code but whose concrete implementation proves to be flawed could also be sanctioned if this failure constitutes a breach of legal obligations.
Will the EU icon be mandatory from August 2026?
The code explicitly provides for an interim solution for the period prior to the finalization of the European common icon. Suppliers can use the two-letter acronym in the appropriate language now and during the transition phase. Once the common EU icon is finalized and officially published, suppliers will have to gradually switch to this new icon. The code does not yet specify the timeframe that will be granted for this transition, but it is reasonable to anticipate a grace period allowing users to adapt their processes and templates. The exact date of availability of the icon EU final is not yet known, but the current developments should be completed in the months following the publication of this first draft.
How do you prove that content has been the subject of an editorial review?
The code defines a minimum level of documentation that, while simple, must be consistently maintained. This documentation must identify by name the natural or legal person who assumes editorial responsibility, with full contact details and function within the organization. It should describe the concrete organizational measures put in place to ensure the review: who carries out the review, according to what process, with what criteria, and within what timeframes. The human resources allocated should be mentioned, whether they are dedicated editors, reviewers, or validation managers. Documentation should include the date the review was completed and the date approved for publication. Finally, it must contain a precise reference to the final approved version, making it possible to find the exact content that has been validated. This reference can take the form of a file name with version, a URL, a cryptographic hash of the content, or any other unambiguous internal identifier. This documentation should be kept for a reasonable period of time and should be able to be produced quickly if requested by the authorities.
Do SMEs have reduced obligations?
The code explicitly recognizes that obligations should be applied in a proportionate manner taking into account the size and resources of businesses. This proportionality is mainly evident in three areas. First, the complexity of the compliance framework can be adapted: an SME is not required to produce documentation as elaborate as a multinational, as long as the essential elements are present and the processes are effectively followed. Second, the extent of staff training can be calibrated to real needs: a startup with a smaller team can organize lighter training courses than a large group with hundreds of employees involved in content production. Third, the level of documentation required can be simplified for smaller structures, as long as traceability and the ability to demonstrate compliance are not compromised. On the other hand, the fundamental marking and labelling obligations remain the same regardless of the size of the company. An SME that generates deepfakes or publishes texts of public interest must mark them with the same rigor as a large group. Proportionality refers to the means and processes, not to the expected results in terms of transparency for the public.
Can I remove watermarks from AI content that I generated?
No, the code explicitly prohibits the removal or alteration of markings on AI-generated content. This ban aims to preserve the chain of origin and to ensure that content remains detectable throughout its life cycle, regardless of the transformations it may undergo. Providers are required to include this prohibition in their general terms of use, making any attempt to remove markings by deployers contractually unlawful. Beyond the contractual dimension, the deliberate removal of markings by a deployer could be considered as an attempt to circumvent the obligations of section 50 of the AI Act, with the ensuing legal consequences. Providers must also put in place technical measures to make it difficult to remove markings, in particular by using robust watermarks that resist common alterations and by combining several layers of marking whose simultaneous removal would require significant effort.
Conclusion: anticipate now
The first version of the code of best practices on the transparency of AI content marks a decisive step in the regulation of generative artificial intelligence in Europe. With an applicable date of August 2, 2026, businesses have less than eight months to prepare. This delay may seem comfortable at first glance, but the technical and organizational complexity of the measures to be implemented requires immediate foresight.
For providers of generative AI systems, the challenges are primarily technical. The implementation of a multi-layer tagging approach, the development of robust and free detection interfaces, and the guarantee of interoperability with emerging standards represent considerable development projects. These projects require not only engineering resources but also constant technological monitoring and active participation in standardization work. Suppliers that would launch these developments a few weeks before the deadline would take major risks both in terms of compliance and technical quality.
For suppliers, the challenges are more organizational but no less important. The exhaustive identification of the use cases concerned, the establishment of reliable classification processes, the training of creative and editorial teams, and the implementation of flagging and monitoring systems represent a profound transformation of content production practices. This transformation must take place without compromising creative quality or operational efficiency, which requires a gradual and methodical approach.
For all companies involved, whether suppliers or users, the legal dimension should not be overlooked. Compliance documentation, internal procedures, contracts with partners and service providers, and preparation for possible checks by the authorities require specialized legal support. AI law is an emerging field where cross-skills between intellectual property law, technology law, and technical understanding of AI are essential.
My advice to businesses is to structure their preparation in three phases. The emergency phase, which is expected to run from January to March 2026, should focus on compliance auditing, accurate identification of gaps, participating in public consultation for relevant stakeholders, and budgeting the necessary investments. The preparation phase, from April to June 2026, should see the effective implementation of technical solutions for suppliers, the drafting of internal procedures and the training of teams for users, as well as testing and adjustment phases for all. The finalization phase in July 2026 allows the final validation, the completion of the documentation, the communication to customers and users, and the establishment of continuous monitoring which should last beyond the August deadline.
It would be tempting for some businesses, especially smaller structures, to consider that the obligations of the code do not really concern them or that their application may be delayed. That would be a major strategic error. Supervisory authorities will have significant investigative and sanctioning powers, and it is likely that they will choose to conduct exemplary checks quickly to establish the credibility of the regulatory framework. In addition, competitive pressure will quickly come into play: businesses that proactively comply will be able to make it an argument of differentiation and trust with their customers, while those that delay may find themselves in a defensive position.
Beyond regulatory compliance in the strict sense, the first version of the code also opens up opportunities. For suppliers, the development of robust marking and detection solutions can become a competitive advantage, especially if these solutions become widely adopted references in the industry. For users, the early adoption of transparent practices can build the trust of their audience and position them as responsible actors in a media ecosystem that is often criticized for its contribution to misinformation. Platforms that will invest in tools that facilitate the compliance of their users can also differentiate themselves and attract professional content creators who want to meet their obligations.
Code is not a fixed text. Future versions will specify many of the points that remain open in this first draft, and technological change will continue to influence best practices beyond 2026. Businesses that are preparing now must therefore not only aim for short-term compliance but also develop a capacity for continuous adaptation. This involves regulatory monitoring, participation in professional and academic communities working on these topics, and maintaining flexibility in technical and organizational architectures in order to be able to quickly integrate future developments.