Is Your AI Article 50 Disclosure Ready by 2 Aug?

Council and Parliament negotiators reached a provisional political agreement on the EU's "Digital Omnibus on AI" on 7 May 2026, amending Regulation (EU) 2024/1689. The deal sets new application dates for the core high-risk regime — 2 December 2027 for stand-alone Annex III systems, and 2 August 2028 for high-risk AI embedded in Annex I regulated products. It also adds a new prohibited practice under Article 5 covering AI used to generate child sexual abuse material (CSAM) and non-consensual intimate imagery (NCII), and extends certain SME carve-outs to small mid-caps. Formal Council and Parliament adoption is targeted "before 2 August 2026."

The catch most teams miss: Article 50(1) general transparency obligations (deepfake labelling, AI-interaction disclosure, biometric/emotion-recognition notices) still apply from 2 August 2026 — that date is NOT moved. Only Article 50(2) machine-readable watermarking shifted, to 2 December 2026. Council press release — 7 May 2026

EU Article 50 draft transparency guidelines — consultation closes 3 June (14 days). The Commission published its draft Article 50 transparency guidelines on 8 May, the first Commission instrument to interpret the full Article 50 scope. The draft adopts the "average consumer" standard from EU consumer protection law as the benchmark for obviousness, with explicit multi-factor treatment of vulnerable groups (children, elderly, persons with disabilities). If you operate generative, biometric, or emotion-recognition systems for the EU market, this is the consultation window to shape the interpretive lens you'll be measured against. Draft guidelines — DG CONNECT · Consultation page

Colorado resets its AI law — SB 26-189 signed. Governor Jared Polis signed SB 26-189 on 14 May 2026 (Senate 34-1, House 57-6), repealing and re-enacting the original Colorado AI Act. The new law replaces "high-risk AI system" with "Automated Decision-Making Technology" under a "materially influence" standard, drops the reasonable-care duty and impact-assessment mandate, and shifts to disclosure-and-rights. Effective 1 January 2027. Re-scope any work sized to the 30 June 2026 SB 205 effective date — the bias-audit / risk-management posture is gone. Holland & Knight · SB26-189 — Colorado General Assembly

China publishes first national framework for AI agents. CAC, NDRC and MIIT jointly issued Implementation Opinions on Intelligent Agents on 8 May, treating "AI agents" as a distinct system class. The Opinions set a three-tier authorization model (user-only / user-authorized / autonomous), prohibit agents from acting beyond explicit user authorization, and ban patterns engineered to create emotional dependency or manipulative consumption. The AI Application Ethics and Safety Guidelines v1.0 released yesterday in Nanning is voluntary today but seeds binding CAC rules tomorrow. Xinhua · State Council

EU Article 50 transparency consultation — closes 3 June 2026 (14 days from today). This is the last live window to influence how the Commission will read "clear and distinguishable" disclosure, deepfake labelling, and the average-consumer test before the 2 August 2026 application date.

Map every customer-facing AI surface against Article 50(1) by category — interactive AI, deepfakes, emotion / biometric categorisation, and generated synthetic content — and confirm which require disclosure UX changes by 2 August 2026. The Omnibus did not move that date. If you have something to say about the average-consumer test or vulnerable-user protections, file a consultation response before 3 June.

Thursday is CyberEyeQ Weekly day — a single deep dive across the week's most consequential regulatory moves. Watch your inbox.

CyberEyeQ — Actionable Regulatory Intelligence
Questions or feedback? Reply to this email or write to [email protected]