Transparency Tells You It's AI. It Can't Tell You How to Trust It.

The European Commission opened its draft guidelines on the Article 50 transparency obligations of the AI Act for stakeholder consultation, and the consultation window closes today. As CEO of PAICE.work PBC, I filed a response, from the measurement-and-verification perspective we develop in the open. The guidelines are non-binding and explicitly provisional, the Commission may amend them, and only the Court of Justice can give an authoritative reading, but the obligations they interpret apply from 2 August 2026, so the consultation is the moment to get the interpretation right.

Working through the draft to write those comments, I kept circling the same gap. Article 50 can compell a system to announce that it is artificial. It cannot make sure that announcement reaches a human, survives the passage of time, or produces any actual judgment in the person who receives it. The first is a labeling problem, and the AI Act has a credible answer. The other three are structural and behavioral problems, and the regulation quietly hands them back to you.

Please note that this is not legal advice and you should always consult with your own legal and compliance teams before acting on the AI Act's transparency obligations. The draft guidelines discussed here were published for consultation and may change before adoption.

What Article 50 assumes

Article 50 is the AI Act's transparency tier, the category of systems that pose risk not through what they decide but through what they conceal. The draft guidelines walk through four obligations. Article 50(1) covers AI that interacts directly with people: providers must design the system so anyone interacting with it is informed they are dealing with an AI. Article 50(2) covers synthetic content: providers must mark generated outputs in a machine-readable, detectable way. Article 50(3) covers emotion recognition and biometric categorisation, where deployers must inform exposed persons. Article 50(4) covers deep fakes and AI-generated text published to inform the public on matters of public interest. A fifth provision, Article 50(5), sets the horizontal rule for all of them: the information must be clear, distinguishable, accessible, and provided no later than the first interaction or exposure.

Every one of those obligations rests on a single assumption. A human reads a clear label at the moment of first contact and acts on it. That assumption is wrong in three different ways, and each one became a section of my submission.

The label may never reach a human

The draft assumes the disclosure is read by the person it is meant to protect. Increasingly it is not. The first, and sometimes the only, reader of a disclosure is an autonomous agent acting on someone's behalf: a search agent, a shopping agent, a personal assistant that talks to a provider's customer-service chatbot so its owner does not have to. The human reads the agent's summary, not the original interface.

This creates a contradiction inside the guidelines themselves. Paragraph 35 says machine-readable markings cannot satisfy Article 50(1) because they are not perceivable by users at the point of interaction. Paragraph 33 and footnote 20 endorse verifiable AI-identity credentials built on eIDAS and the EU Digital Identity Wallets. Those pull in opposite directions. When exposure is agent-mediated, a human-only visual or auditory cue never reaches the person at all, because the person is reading a relayed summary. The machine-readable layer is the precondition for human perception, not an alternative to it. Our comment asked the Commission to say so directly, and to extend paragraph 28, which covers an agent disclosing itself, to the relay chain where one agent has to surface another system's disclosure to a human.

There is a deeper version of this problem that sits just outside Article 50's frame. Article 50 governs the provider's disclosure act, not whether a mediating agent faithfully relays it. A correctly marked disclosure can still be dropped or misrepresented by a compromised intermediary, and the person at the end of the chain is none the wiser. The regulation is mapping the content layer, the question of whether content is marked, and not yet the relay layer, whether that marking survives the agents standing between the system and the human. That is a robustness and agent-integrity problem more than a transparency one, and it is worth naming while the draft still commits to future review. In the submission, I successfully resisted the urge to mention our solution to this kind of issue via our GuideCheck open standard (CC BY 4.0).

A label decays

The second flaw is time. The draft treats compliance as a one-time judgment, fixed at the moment a provider makes it. Two of the obligations cannot work that way.

Article 50(1) has an exception for interactions that are obviously artificial. But "obviousness" is not stable, it changes pretty fast. Paragraph 42 of the draft concedes that realistic replication would decrease obviousness, then treats the assessment as static and provider-internal anyway. A voice assistant that was plainly synthetic at launch can become indistinguishable from a human after a routine model upgrade: same deployment, same disclosure decision, but the exemption has silently lapsed. Article 50(2) has the same shape on the marking side. Paragraphs 77 and 78 accept that the state of the art and adversarial techniques evolve, which means a robustness claim valid today degrades as attacks advance.

There is a related gap in how compliance is shown. Paragraph 74 defines effectiveness and robustness as observable, external properties: whether marks survive realistic transmission, re-encoding, cropping, and adversarial manipulation in the wild. The draft never says how a provider demonstrates them, which leaves provider self-attestation as the default. A provider's own internal testing, however rigorous, cannot establish external effectiveness. We argued that compliance should rest on independent, externally verifiable evaluation reported by modality at a stated confidence threshold, and that the claim should be a time-stamped assertion, dated and re-evaluated at intervals, with a review trigger on material capability changes, rather than a conformity statement that persists unchanged.

That is exactly the model behind AI Posture, the open specification we maintain (CC BY 4.0, no commercial claim on the outcome) for treating a security and governance claim as an externally verifiable, time-stamped statement of state rather than a one-time certificate. A posture is true as of a date and re-established on a cadence. Transparency compliance has the same temporal structure, and the draft guidelines would be stronger for naming it. It was the single outside reference in our submission, placed against the one paragraph whose gap it fits, rather than scattered across the response.

Even a perfect label isn't a skill

Suppose both structural flaws were fixed. The disclosure is machine-readable, it reaches the human through every agent in the chain, and it carries a fresh assertion date. A third gap remains, and it is the one PAICE (People + AI Collaboration Effectiveness) exists to measure.

The guidelines are candid about why these obligations exist. The stated purpose, drawn from Recital 132, is to let people take informed decisions, to keep them from over-relying on AI systems, and to allow them to calibrate their trust in the content and the interactions accordingly. Calibrate their trust. That is the goal in the regulation's own words. Not be warned, not see a label, but adjust trust up or down to match how reliable the system actually is on this task, in this moment.

A disclosure does one job well: it removes the excuse of not knowing. Once a banner says you are interacting with an AI system, the person can no longer claim they assumed a human wrote it. But knowing you are talking to an AI does nothing to make you good at talking to one. The label is identical whether the system is right or wrong on any given turn. It does not flag the fabricated citation, the confidently stated number off by an order of magnitude, the summary that drops the one clause that reverses the meaning. Calibrating trust means catching those, and no notice can do that work, because the work happens inside the person after the disclosure has been read and dismissed. This is the same gap that opens under meaningful human review: a regulation can mandate that a human reviews AI output, but it cannot mandate that the review is any good. PAICE observes the behavior the disclosure is supposed to enable and cannot deliver: whether a person catches injected errors, whether they verify before relying, whether their trust tracks the evidence rather than the fluency.

Three layers, one shape

Writing the comments meant holding four kinds of legal text in mind at once: the binding Regulation, the non-binding Recitals that interpret it, the draft Guidelines that interpret the articles, and a forthcoming Code of Practice that will carry a presumption of compliance. As a reader coming from US statutes (and who has worked alongside lawyers but never formally studied law), I struggled with which of these is actually law and how they relate. To keep them straight while I worked, I modeled Article 50 in Obligation First, the open pattern I maintain for collapsing a multi-layer legal source hierarchy into one uniform shape: Terms, and the Obligations they create or interpret.

In that model, Article 50(2), Recital 133, and paragraph 69 of the Guidelines look like three different kinds of thing but are all Terms. What differs is only which instrument each belongs to and whether it creates an obligation. Article 50(2) creates the marking duty. Recital 133 creates nothing and exists to be anchored to for interpretation. Paragraph 69 belongs to a separate, non-binding instrument and anchors to the article it explains. Crucially, interpretation is not override: a non-binding guideline can anchor to the regulation it interprets but can never defeat or supersede it, and only the Court of Justice could issue a determination that authoritatively binds the reading. Modeling the relationship that way encodes the legal reality directly. It also made the structural flaws above easier to see, because once the source hierarchy is one graph, the question of what an obligation requires and how time and agents change that requirement is a single traversal rather than a reading exercise across three documents in three citation styles.

The gap transparency leaves open

Article 50 is good regulation aimed at a real harm, and the draft guidelines make it more workable. Infringements can draw fines up to fifteen million euros or three percent of worldwide annual turnover, so the obligations have real teeth. What the draft makes visible, almost in passing, is the limit of what disclosure can accomplish. The AI Act can require a label on every system in scope by August 2026. It cannot guarantee the label ever reaches a human, it cannot keep the label true as models advance, and it cannot put calibrated judgment behind the eyes that read it.

The first two gaps are addressable in the text, which is why we filed as a US public benefit corporation contributing an open, vendor-neutral standard to EU rulemaking in good faith. The third is not a drafting problem. Calibrated trust is a behavioral capability that varies from person to person, does not come bundled with a notice, and for professionals whose work carries real consequences is the part that actually protects anyone.

Transparency tells you it's AI. Whether you know what to do with that is a separate measurement entirely.

Want to understand your own readiness profile? Take the PAICE assessment to discover your strengths and opportunities.