You can’t detect AI-generated content at scale without machine-readable marking. Watermarks can be stripped. Visual labels require human review. Metadata can be lost in transit.
The EU just published the first draft of its Code of Practice on AI Content Transparency. Article 50 of the EU AI Act requires all AI-generated content—text, images, audio, video—to carry machine-readable, detectable, and interoperable markings. The rules become enforceable August 2, 2026.
If you build or deploy generative AI systems in the EU, you have six months to implement this.
Article 50 requires three properties for AI content marking
The Code of Practice specifies that AI-generated or AI-manipulated content must be marked in a format that is:
- Machine-readable - not just human-visible labels or watermarks
- Detectable - systems can automatically identify the marking
- Interoperable - works across platforms and tools
This applies to all generative AI outputs: text, images, audio, and video.
What machine-readable marking looks like in practice
The draft doesn’t mandate specific standards yet, but here’s what compliant marking likely requires:
Embedded metadata (example format):
{
"generator": "OpenAI DALL-E 3",
"generated_at": "2026-02-11T10:30:00Z",
"content_type": "ai_generated",
"model_version": "dall-e-3-20260101",
"provenance_hash": "sha256:7d8a9..."
}
Digital watermarking:
- Frequency-domain watermarks in images (survives compression)
- Audio watermarking in non-audible ranges
- Video frame-level embedding
Text marking (example format):
<meta name="ai-generated" content="true">
<meta name="generator" content="GPT-5.3-Codex">
<meta name="generated-at" content="2026-02-11T10:30:00Z">
Blockchain-based provenance:
- Content hash stored on-chain
- Verification without central authority
- Tamper-evident audit trail
The key requirement: marking must survive common transformations like resizing, format conversion, and re-encoding.
Who must comply and what they must do
Three groups face compliance requirements by August 2, 2026:
AI Model Providers
- Build marking into model outputs at generation time
- Ensure marking survives transformations
- Your outputs need marking embedded before they leave your system
Professional Deployers
- Label deepfakes and AI text for public interest content
- Required for journalism, public communications, matters of public interest
- Must clearly disclose when content is AI-generated
Platform Operators
- Implement detection systems to identify marked content
- Surface AI markings to users
- Build infrastructure to read and verify multiple marking formats
Timeline: six months until enforcement begins
- Now to Jan 23, 2026: Feedback period on draft 1 (closed)
- Mid-March 2026: Second draft expected with technical standards
- June 2026: Final code published
- August 2, 2026: Rules become enforceable
The second draft will specify technical standards—formats, protocols, and verification methods. If you’re building generative AI systems, start planning implementation now.
Technical challenges: what the standard must solve
Marking persistence across transformations: Content gets resized, compressed, converted, and re-encoded. Marking must survive these operations or the system fails at scale.
Interoperability across providers: A marking system from OpenAI must be detectable by Meta’s tools. A watermark from Anthropic must be readable by Google’s verification system. Without interoperability, every platform builds custom detection for every provider.
Verification without centralization: Who verifies that a marking is legitimate? A central authority creates a single point of failure. Blockchain-based approaches distribute verification but add complexity.
Performance at internet scale: Billions of pieces of content are generated daily. Detection systems must run in real-time without bottlenecking content delivery.
Enforcement: the open question
The draft doesn’t specify enforcement mechanisms. Key questions remain:
How do you ensure global AI providers comply? The EU has jurisdiction over companies operating in Europe, but enforcement against non-EU providers is unclear.
What happens when bad actors strip markings? If removal is trivial, the system fails. Marking must be robust against adversarial removal attempts.
What are the penalties for non-compliance? Without clear consequences, voluntary compliance may be low.
These questions should be addressed in the June 2026 final version.
What this means for your implementation
If you’re building or deploying generative AI systems:
Start now: Don’t wait for the final standard. Begin designing marking systems that meet the three core requirements: machine-readable, detectable, interoperable.
Follow the second draft: The mid-March draft will include technical specifications. Monitor the EU AI Office for updates.
Plan for verification: Consider how your marking will be verified. Build in tamper-evidence and audit trails.
Test across transformations: Ensure your marking survives compression, resizing, format conversion, and other common operations.
The EU is the first major jurisdiction to mandate AI content marking at this scale. Other regions will likely follow similar approaches. Building compliant systems now positions you for broader regulatory trends.
Next steps
- Read the full draft: EU Commission Code of Practice on AI Content Transparency
- Track updates: EU AI Office News
- Explore technical standards: C2PA Content Credentials (candidate interoperable standard)
Sources
- Commission publishes first draft of Code of Practice on marking and labelling of AI-generated content
- First Draft Code of Practice on Transparency of AI-Generated Content
- The EU AI Act Newsletter #93: Transparency Code of Practice First Draft
- European Commission Publishes Draft Code of Practice on AI Labelling and Transparency
- Transparency of AI-generated content: the EU’s first draft Code of Practice