G360 Technologies
The Enterprise AI Brief | Issue 11

AI Content Labels Are Becoming a Chain-of-Custody Problem

July 17, 2026

A communications team generates an image, adjusts it in an editing tool, approves it in a content-management system, and publishes it across several channels.

The original file leaves the AI system with a machine-readable marker. The editing tool preserves it. The content-management system does not. By the time the image reaches the public, the pixels remain, but the evidence of how they were created is gone.

The European Union's emerging transparency framework is designed around that problem.

Article 50 of the EU AI Act requires certain AI-generated and AI-manipulated content to be identifiable by machines and, in specific cases, disclosed to people. A Code of Practice published on June 10, 2026, followed by assessments from the European Commission and European AI Board, provides a voluntary implementation framework for those obligations.

The legal requirements apply from August 2, 2026. Meeting them will involve more than adding an “AI-generated” label before publication. Organizations will need controls that connect generation, editing, approval, distribution, and evidence retention.

Article 50 divides responsibility between providers and deployers.

Providers of systems that generate or manipulate text, images, audio, or video must ensure that outputs are marked in a machine-readable format and can be detected as artificially generated or manipulated. Those measures must be effective, interoperable, robust, and reliable where technically feasible.

Providers of interactive AI systems must also inform people that they are interacting with AI when that fact is not otherwise apparent.

Deployers have a different role. They must disclose when published image, audio, or video content constitutes a deepfake. They must also disclose AI-generated or manipulated text published to inform the public on matters of public interest, unless it has undergone human review or editorial control and an identifiable person or organization assumes responsibility for it.

The Code of Practice offers a common implementation path. Participation is voluntary. Following it may help demonstrate how an organization approached compliance, but it does not create a safe harbor or conclusively establish that the law has been satisfied.

How the Mechanism Works

The framework relies on two transparency layers.

The first is machine-readable marking. An AI system may attach metadata, embed an invisible watermark, create a signed provenance record, or use another signal that allows software to identify the output as synthetic or manipulated. The AI Act does not prescribe one technology.

Specifications such as the Coalition for Content Provenance and Authenticity’s Content Credentials can support this layer. They allow information about an asset’s origin and modification history to be cryptographically signed and associated with the file. Verification software can then check whether the asset still matches that record.

The second layer is human-readable disclosure. A deployer may use a visible label, notice, icon, or caption presented when the content is first encountered. The Commission has released optional icons, but an icon alone does not prove compliance.

Return to the communications team. Its generation system may mark the image correctly, while the publishing workflow adds a visible label. Those controls serve different audiences. The marker helps software inspect the asset. The label helps a person understand what they are viewing.

Neither proves that the underlying claim is accurate.

The controls are also fragile in different ways. Metadata may disappear during conversion or platform processing. Watermarks may weaken after compression or generative editing. A visible label may remain on a webpage while becoming detached from a downloaded copy.

The practical control is therefore larger than the asset itself. Organizations need a separate record of what was generated, how it changed, who approved it, and where it was published.

Analysis: Why This Matters Now

The EU framework turns content transparency into a chain-of-custody problem.

Many disclosure practices have traditionally been treated as a final publishing step. A label is added, the asset is released, and the work is considered complete.

Article 50 reaches further upstream. It separates the party responsible for building marking capabilities from the party responsible for disclosing how content is used. Between them sit editing tools, agencies, content-management systems, distribution platforms, and human reviewers.

That creates room for technically valid controls to produce incomplete evidence. A provider may mark an output correctly. A deployer may publish it responsibly. Yet an intermediate system can remove the signal without changing the visible content.

The reverse problem is also possible. A file may contain a valid provenance record while omitting important context about the synthetic elements used to create it.

Provenance should not be confused with truth. It records origin and change. It does not establish that an event happened, a statement is accurate, or a scene was not staged.

Implications for Enterprises

The first operational task is role classification. An organization may be a provider when it develops or places an AI system on the market, a deployer when employees use that system to publish content, or both.

The next task is workflow mapping.

AI gateways and generation tools may need to create marking records. Editing software must preserve or update them. Approval workflows must confirm that required disclosures are present. Content-management and digital asset systems must retain the final asset together with its supporting evidence.

That evidence may include the original output, file hashes, provenance records, marking-system versions, human-review records, disclosure templates, approval logs, publication records, and test results.

Testing matters because a control that exists in a design document may fail in production. Organizations will need to observe what happens when content is resized, transcoded, copied into a document, uploaded to a platform, downloaded, or republished.

The relevant question is no longer simply, “Was the content labelled?” It is, “Can the organization reconstruct what happened after generation?”

Risks and Open Questions

The most difficult unresolved problem may be mixed authorship.

Consider a public-facing financial report. An AI system produces the first draft. A finance team replaces the figures and rewrites several sections. Legal removes unsupported statements. Communications changes the structure and tone. An executive approves the final version and the company accepts editorial responsibility.

At what point does the document stop being AI-generated text and become a human-edited corporate publication? The editorial-control exception may be relevant, but the framework does not reduce that judgment to a percentage of changed words or a simple workflow test.

The same uncertainty appears in visual media. Minor retouching may be assistive. Replacing a background, altering a person’s expression, or reconstructing part of an event may change the meaning of the asset. The point at which assistance becomes substantial manipulation remains difficult to define consistently.

Technical adequacy presents another tension. The law calls for robust and reliable marking, but no single watermark or provenance format has been mandated. A method may perform well in a laboratory and fail after ordinary distribution. Cost, content type, and the state of the art may all affect what regulators consider reasonable.

Responsibility becomes harder when the chain crosses organizational boundaries. A provider may embed a marker that a contractor removes. A deployer may attach a label that a platform does not preserve. The duties are separate, but the allocation of responsibility after a downstream failure remains unsettled.

There may be no permanent signal that survives every transformation. The emerging evidence model therefore depends on overlapping controls, documented handoffs, and records capable of showing where the chain broke.

Further Reading

  • Regulation (EU) 2024/1689, Article 50
  • European Commission Code of Practice on Transparency of AI-Generated Content
  • European Commission Opinion on the Code of Practice
  • European AI Board Adequacy Assessment
  • European Commission Guidelines on Article 50 Transparency Obligations
  • EU Icons for Labelling AI-Generated Content
  • Coalition for Content Provenance and Authenticity Specification
  • NIST AI 100-4, Reducing Risks Posed by Synthetic Content