European Commission publishes first draft of Code of Practice on Transparency of AI-Generated Content

Last month, the European Commission published a first draft of its Code of Practice on Transparency of AI-Generated Content (the “Code”), a set of guidelines intended to provide AI developers and deployers with practical guidance on how to meet their transparency obligations relating to the AI systems they create or operate. While the Code itself is voluntary and therefore not binding, it is supplemental to the EU AI Act (the “Act”), which is binding statutory law. In particular, the Code seeks to clarify how developers and deployers can comply with the transparency obligations set out in Article 50 of the Act, including requirements relating to the marking and labelling of AI-generated content. AI developers and deployers should therefore familiarise themselves with the Code to better understand how to comply with the transparency obligations imposed by the Act.

Currently the Code remains in draft form, and the Commission has opened the floor for feedback on the first draft (to be submitted by 23 January 2026). However, the primary objective of the Code is clear – to avoid ‘deception and manipulation’ of the end user of AI systems and ‘foster the integrity of the information ecosystem’.

Background to the Code

The process began back in September 2025, when the European Artificial Intelligence Office within the European Commission (the “AI Office”) launched a consultation, requesting input from various relevant parties. Through a collaborative effort involving experts from industry and academia, alongside representatives from civil society and member states, the first draft of the Code was submitted to the Commission for approval and subsequently published on 17 December 2025. The Code marks the first concrete attempt to flesh out how Article 50’s abstract transparency obligations can be implemented in practice.

Overview of the Code’s contents

The Code is structured around the core transparency requirements of the AI Act and as such, is divided into two sections:

• marking and detection – the first part relates to the obligations in Articles 50(2) and (5) of the Act and sets out the ‘rules for marking and detection of AI generated and manipulated content applicable to providers of generative AI systems’. Specifically, it focuses on providers of AI systems and requests that any outputs those systems create are ‘marked in a machine-readable format and detectable as artificially generated or manipulated’.
• labelling and disclosure – the second part relates to the obligations in Articles 50(4) and (5) of the Act and sets out the ‘rules for labelling of deepfakes and AI generated and manipulated text applicable to deployers of AI systems’. This part focuses on organisations who deploy AI systems and exemplifies how AI-generated material could be labelled clearly for the benefit of end-users.

One key point that the Code raises and recommends is a multi-layered approach to marking AI-generated content. It emphasises that reliance on a single methodology is insufficient, so AI system providers should employ a ‘multiple marking approach’ that combines several techniques instead. These may include marking embedded metadata, adding imperceptible watermarks or logging fingerprints. These measures are intended to make AI-generated content both machine-readable and detectable while being robust.

The Code also proposes the creation of a common visual language or icon (e.g. an ‘AI’ icon) to standardise labelling practices. It further suggests that the positioning and accessibility of this label should vary based on the content type (e.g. persistent labelling for video, spoken disclosures for audio).

Implications of the Code for AI developers and deployers

As mentioned previously, the Code itself is voluntary and will likely be amended following feedback received by the Commission. However, the Code is intended to complement the Act as well as any other codes of practice the AI Office may choose to publish, including the code of practice relating to general-purpose AI models (we have written about this in further detail here). As such, it is imperative that organisations that develop or deploy AI systems are closely monitoring the evolution of the Code, as the final draft is likely to shape emerging best practice around transparency compliance under the Act. For example, the Code already emphasises that disclosures must be made to all users, including those with disabilities, and that providers and deployers should take all appropriate measures to ensure compliance. This includes maintaining internal documentation setting out compliance practices, training of staff and implementing mechanisms to ensure accurate implementation.

If you are a developer or deployer of an AI system and have a view on how the Code should be amended or implemented in practice, we would be happy to assist with submitting those views to the European Commission ahead of the 23 January 2026 deadline.  If you would like legal advice or guidance in relation to the Code, the Act, or how these developments could impact your business, please don’t hesitate to contact a member of the HLaw team.

This piece was written by Alina Merchant-Mohamed with input from Robert Humphreys.  All the thoughts and commentary that HLaw publishes on this website, including those set out above, are subject to the terms and conditions of use of this website.  None of the above constitutes legal advice and is not to be relied upon.  Much of the above will no doubt fall out of date and conflict with future law and practice one day.  None of the above should be relied upon.  Always seek your own independent professional advice.

Humphreys Law