On 2 August 2026, a question that used to live inside your production team becomes a legal one: was AI involved in this image? From that date, the transparency obligations of the EU AI Act (Article 50) apply, and for the first time synthetic and AI-manipulated visuals carry disclosure duties across the whole European market.
This is not a ban on AI. Nobody at the Commission is telling fashion brands to stop generating imagery. The Act does something more precise, and in the long run more demanding: it makes AI use in visual content something you have to be able to declare, mark, and stand behind. For an enterprise fashion or sport e-commerce operation shipping tens of thousands of SKUs a year, that changes what the content team is accountable for. For every asset it publishes, it now has to answer one question and back it up: was AI involved.
This guide walks through what Article 50 actually requires, where the grey zones sit for fashion imagery specifically, what the penalties really are (there is a widespread myth worth correcting), and how content operations are quietly reorganising around a single requirement: if you cannot prove what was AI, you cannot comply.
What Article 50 actually says: two layers, two owners
Article 50 splits the responsibility in two, and it helps to keep them separate because they land on different parties.
Layer one, the provider (Article 50(2)). Whoever provides a generative AI system that outputs synthetic image, audio, video or text must mark that output in a machine-readable format, detectable as artificially generated or manipulated. The marking has to be, in the Act's own words, "effective, interoperable, robust and reliable as far as this is technically feasible." In practice this means embedded provenance signals: cryptographic content credentials, watermarks, and metadata that survive downstream processing. There is an exception where the system only performs an assistive function for standard editing, or "does not substantially alter the input data or its semantics."
Layer two, the deployer (Article 50(4)). Whoever publishes AI-generated or manipulated content that constitutes a "deep fake" must disclose that it was artificially generated or manipulated. Under the Act, a deep fake is content resembling existing persons, objects, places, entities or events that would falsely appear authentic. The disclosure has to be clear, distinguishable and provided no later than the first interaction or exposure. Where the work is evidently artistic, creative, satirical or fictional, the disclosure can be minimal and non-intrusive.
For a fashion brand, the uncomfortable detail is that you are usually both. You are a deployer every time a product image goes live on a PDP or in a campaign. You can also be a provider the moment you generate imagery in-house with your own models. So "we just use a tool" does not settle who answers for the output.
Sources: EU AI Act, Article 50; A practical guide to Article 50.
Is a product image a "deep fake"? The grey zone fashion needs to understand
Here is where most of the confusion lives, and where honest guidance matters more than scary headlines.
A deep fake, under the Act, has to resemble something real and appear authentic. A clearly fantastical or impossible image (the classic example is a dragon) falls outside the definition. But a product photograph is the opposite of fantastical. It depicts a real object and is designed to look exactly like a trustworthy photograph. The European Commission has signalled a broad reading: AI-generated or AI-manipulated content can fall in scope where it closely resembles a real object and carries potential to mislead.
At the same time, the Act excludes edits that do not substantially alter the input or its meaning. Standard colour correction, exposure fixes, and routine retouching sit on the safe side of that line. The problem is that a lot of modern fashion workflows sit well past it. Consider the spectrum:
- Routine retouching, colour and exposure. Assistive editing. Generally outside the marking obligation.
- Background swap, scene replacement, AI lifestyle scenes. Substantial alteration. Increasingly likely to trigger obligations.
- AI-generated models, generated on-model shots, virtual try-on. Synthetic content resembling real people and garments. High likelihood of both provider marking and deployer disclosure.
- Fully AI-generated product visuals and reconstructed products. Squarely synthetic. In scope.
The honest summary is that the line is real but not yet perfectly drawn, and the Commission's guidelines and the Code of Practice are still being finalised. What is clear is that the safe default for an enterprise catalogue is not "assume we are exempt." It is "know, for every asset, which side of the line it sits on." You cannot make that judgement, let alone defend it to a regulator, if you do not have a record of what happened to each file.
Sources: Herbert Smith Freehills Kramer, from principle to practice; What constitutes a deep fake, arXiv.
The penalty reality, and a myth worth correcting
You will read, on more than one AI-image vendor's blog, that publishing an unlabelled AI product photo exposes you to fines of up to 35 million euro or 7 percent of global turnover. That number is wrong, and it is worth being precise about, because getting it wrong makes the whole topic sound like fear-selling.
The 7 percent tier is reserved for breaches of Article 5, the prohibited-practices rules that have been in force since February 2025. Transparency breaches under Article 50 fall under the general penalty tier of Article 99: up to 15 million euro or 3 percent of worldwide annual turnover, whichever is higher. Still a serious number for an enterprise, but a different order of exposure, and a different conversation with your finance and legal teams.
The timeline matters too. The AI Act entered into force on 1 August 2024. Article 50 transparency obligations apply from 2 August 2026, the same date the penalty provisions become operative. One softening: under the Digital Omnibus provisional agreement of May 2026, generative AI systems already on the market before that date have until 2 December 2026 to meet the machine-readable marking requirement of Article 50(2). The disclosure obligations themselves still land on 2 August.
Sources: Sidley, preparing for 2 August 2026; Business of Fashion.
The industry is already pushing back
This is not a hypothetical concern that brands are ignoring. In June 2026, EuroCommerce, the association that represents European retail, formally asked the Commission's tech chief Henna Virkkunen to exclude AI-generated advertisements that carry no intent to deceive from the deep-fake definition. Its members include some of the largest names in fashion and retail. Its director general used a telling example: generating an image of a living room to showcase a sofa, or "enhancing product visuals for presentation purposes," should not, in their view, count as a deep fake.
Two things follow from that. First, the lobbying confirms how directly these rules hit everyday commercial imagery, not just political deepfakes. Second, and more useful for planning: as of now the Commission has not signalled a category-wide exemption. The only reliable relief is the existing carve-outs for assistive editing and evidently artistic work. Do not build your 2 August plan on a lobbying win.
Source: Business of Fashion, on the EuroCommerce request.
Before and after 2 August: what actually changes in the workflow
For most catalogues, very little changes on the page, and a lot changes behind it.
Before. AI touches an image somewhere in the pipeline. A background is replaced, a scene is generated, a variant is extended. The asset ships to the PDP and the marketplaces. Nobody records what was AI and what was camera. The provenance, if it ever existed, is lost the moment the file is flattened and pushed through the CDN.
After. The same asset ships, but it carries a machine-readable provenance signal, a visible disclosure where the content could be mistaken for a real photograph, and an internal record of what was generated, by which model, and when. Disclosure stops being a scramble at publish time and becomes a property of how the content was made.
The brands that will struggle are the ones using AI with nothing to show for how they used it. You cannot disclose what you did not track.
A compliance checklist for enterprise fashion e-commerce
A practical starting point, aimed at Heads of E-commerce, Content and Digital who own this in practice:
1. Inventory where AI touches imagery. Product pages, marketplace exports, paid social, email, campaign assets. Most teams underestimate the surface.
2. Classify by alteration level. Separate assistive edits from substantial manipulation and fully synthetic content. This is your exposure map.
3. Preserve provenance through the pipeline. Metadata and content credentials have to survive resizing, compression and CDN delivery. Verify sample files after downstream processing, not just at export.
4. Set a disclosure standard. Decide how a visible label appears where an image could be taken for a real photograph, consistently across channels.
5. Keep generation records. Timestamp, model, and file identity for AI-touched assets, so you can answer "which images were AI-assisted" without a forensic project.
6. Review vendor and tool arrangements. Your marking obligation can depend on whether your provider supports machine-readable output. Ask before August, not after.
Why provenance is the real answer
Strip away the legal detail and Article 50 rewards one operational capability above all others: knowing, for every asset, what was AI and being able to prove it. That is not something you bolt on at publish time. A tool that generates an image and forgets cannot give it to you. Rotating offshore retouchers who never knew your brand cannot give it to you either. It has to be a property of the operation that produced the content.
This is where gopackshot's way of working fits. We are AI realists. Real photography carries the shots that earn conversion, supervised AI scales the variants around them, and one team owns the asset end to end, from packshot to PDP. An operation built that way already holds what Article 50 is really asking for: a record of what happened to every file. Handled that way, the compliance work rides along with disciplined production instead of a separate project bolted on later.
We are careful not to oversell this. gopackshot is a content production partner, not a legal compliance vendor, and the standards for machine-readable marking, content credentials and watermarking are still settling. What an integrated operation gives you is the foundation the law assumes you have: provenance you can actually stand behind.
The reframe: transparency as a trust advantage
It is easy to read Article 50 as a burden. The more useful reading, for a brand whose whole business rests on being believed, is that it formalises something the market was already demanding. Shoppers have grown suspicious of imagery that looks synthetic. Trust is doing more of the conversion work than it did five years ago. A brand that can show, clearly and provably, how its content was made earns something past compliance: it reads as more honest than the competitor who cannot.
2 August is a deadline. It is also a reason to treat provenance as part of the product, not paperwork. From that date, every brand gets asked the same question about its imagery. The ones with a record answer in a sentence. The rest open an investigation.



