European Commission2d ago

🏷️ AI content is getting labels.

Just like energy ratings or safety certifications help you make informed choices, the same logic now applies to AI.

From 2 August 2026, the AI Act will require clear labelling in key cases:
🔹 Deepfakes
🔹 AI-generated or manipulated content
🔹 Interactions with chatbots and AI systems

You have the right to know whether what you see, hear or read has been made or altered by AI 🤖

👉 https://link.europa.eu/jrcdgq

Show threadJan Steen2d ago
@EUCommission how is this enforced?
Show threadStijn van Drongelen2d ago
@jansteen @EUCommission From the link: "Today, the European Commission published the final Code of Practice on marking and labelling of AI-generated content. The Code is voluntary and" will therefore not be enforced.
Show threadJan Steen2d ago
@stiiin @EUCommission thnx, i was afraid of that...
Show threadDavid August ❌👑1d ago

@jansteen @stiiin @EUCommission nope, useful to read further: “These transparency obligations, applicable from 2 August 2026…Even though adherence to the code is voluntary, the transparency requirements under article 50 of the AI Act are legal obligations…it provides an EU-wide recognised practical framework for signatories to demonstrate compliance with those obligations.”

Opt-in now to get ready to show compliance in August.

Show threadStijn van Drongelen

@davidaugust @jansteen @EUCommission The Code, which is a guideline on how to label AI slop, is voluntary and will not become mandatory in August.

In August, the transparency obligations that were already in the AI Act become mandatory. Each member state has to choose for itself how supervision works. Given the lackluster enforcement of the GDPR, due to a lack of resources for the DPAs, I don't think there will be effective enforcement.

Jun 23 at 5:21amWeb
Show threadBaron Vonskinnback1d ago
@stiiin @davidaugust @jansteen @EUCommission I have been at the centre of a GDPR ICO investigation, trust me they were not lackluster...
Show threadStijn van Drongelen1d ago

@Vonskinnback @davidaugust @jansteen @EUCommission In 2025, the Dutch DPA had maybe 10 employee-hours on average to spend for each reported breach and complaint (if you factor in their 36-hour work week and a bunch of paid leave; ignoring the fact that not all employees process these signals full-time or even at all, and that not all worked hours are productive). https://www.autoriteitpersoonsgegevens.nl/over-de-autoriteit-persoonsgegevens/feiten-en-cijfers

Of course, that average doesn't mean much for the long tail. I'm sure that once you're being investigated, they spend a lot of time and effort on your case. That said, if tens of thousands of signals per year result in only a few dozen investigations, that's more likely due to a bottleneck than the nature of the personal data breaches.