CSOAI
Initializing...
Free forever · No credit card
CSOAI
Initializing...
Article 50 Watermarking Kit — £999 one-time + £99/mo monitoring (optional)
Article 50(1)–(3) imposes three distinct transparency obligations: machine-readable marking by providers, visible disclosure by deployers, and deepfake labelling for manipulated content. The second draft of the Code of Practice (3 March 2026) clarifies how each obligation is satisfied. Non-compliance risks penalties up to €15M or 3% global turnover.
Test the kit on a small scale. C2PA manifest only. No watermark.
Get £9 Quick Kit →Full kit: C2PA + invisible watermark + perceptual fingerprint + HMAC attestation. Limited time.
Buy LAUNCH50 — £499 →Full kit + 90-day support + 1 conformity attestation. Ships in 7 days.
Buy — £999 →C2PA + watermark + fingerprint + monthly attestations + new-model support.
Subscribe — £199/mo →Multi-tenant, custom rules, council governance, unlimited attestations.
Talk sales — £1,499/mo →Auditor-ready evidence pack for ISO 42001 / EU AI Act / DORA. CEASAI-aligned.
Buy Audit-Prep — £4,950 →Third-party CEASAI certification. MEOK signs the cert. Auditor verifies.
Buy Watchdog Cert — £4,950 →Any deployer of a generative AI system must disclose to natural persons exposed to AI-generated content that the content is artificially generated. This applies to images, video, audio, and text.
Providers of generative AI systems must ensure AI-generated outputs are marked in a machine-readable format. Article 50(2) mandates technical solutions enabling detection that content is AI-generated.
When a deployer uses AI to generate or manipulate content that resembles existing persons, objects, places, or events, a visible label must accompany the output identifying it as artificially generated or manipulated.
Deployers of emotion recognition or biometric categorisation systems must inform natural persons subjected to the system. This carries separate disclosure requirements under Article 50(3).
AI-generated or manipulated content that substantially resembles real persons or events (deepfakes) must be labelled as artificially generated, subject to certain exceptions for lawful purposes.
All three marking layers + deployer disclosure guidance + signed conformity attestation. 90-day setup support included.
Buy — £999 →Article 50 distinguishes between provider obligations and deployer obligations. Providers must ensure AI-generated outputs are machine-readable (technical detection provenance). Deployers must disclose AI generation to natural persons exposed to the output, label deepfakes, and inform persons subjected to emotion recognition or biometric categorisation systems. The Code of Practice (finalising June 2026) provides the technical specification for machine-readable marking.
Disclosure must be made to any natural person exposed to AI-generated content. This includes end users viewing AI-generated images, videos, or text; persons interacting with AI chatbots; employees using AI tools in the workplace; and any person whose biometric data is processed by an emotion recognition system. In B2B contexts, the obligation transfers to the deployer who interfaces with end users.
Article 50 transparency obligations apply from 2 August 2026 for providers and deployers of new generative AI systems placed on the market after that date. Legacy systems (placed on market before 2 August 2026) have until 2 December 2026. Existing high-risk AI systems classified under Annex III have until December 2027. The Digital Omnibus did not alter the Article 50 timetable for new systems.
Non-compliance with Article 50 transparency obligations attracts penalties under EU AI Act Article 99: up to €15 million or 3% of the undertaking's total global annual turnover for the preceding financial year, whichever is higher. Penalties are per infringement and can be cumulative across multiple outputs. National supervisory authorities also have powers to issue public warnings, impose corrective measures, and require withdrawal from the market.
A 'deployer' means any natural or legal person, public authority, agency or other body using an AI system under its own authority. If your organisation integrates a third-party generative AI model (GPT, Claude, Gemini, Stable Diffusion, etc.) into your product or service and exposes the output to users, you are a deployer with independent Article 50 disclosure obligations. This cannot be contracted away to the model provider.
Not on its own. Machine-readable marking (Article 50(2)) satisfies the provider's obligation to ensure outputs carry technical provenance data. Deployers must additionally provide a visible, clear, distinguishable disclosure to natural persons. The Code of Practice treats these as separate but complementary obligations. Our Article 50 Kit addresses both: machine-readable C2PA + invisible watermark for provider marking, plus compliance attestation guidance for deployer disclosure workflows.
First, identify every system in your organisation that generates or manipulates content using AI. Map each to its deployment context (B2C, B2B, internal). Second, select a technical marking solution that covers at least two machine-readable layers as required by the Code of Practice (C2PA + invisible watermark). Third, design your deployer disclosure workflow — where, when, and how natural persons will see the AI label. Fourth, document your compliance approach for audit readiness. Our free 30-min triage call can help you scope this.
Dive deeper: Two-layer marking technical deep-dive · Code of Practice 2nd Draft analysis · Article 50 Kit · EU Code of Practice.
Need more than the kit? See the £4,950 Audit-Prep Bundle (kit + 2-day engagement + 90-day support). Refund policy: 14-day pre-deployment.
MEOK AI Labs · CSOAI LTD · UK Companies House 16939677