EU AI Act Compliance
What Compliable checks for when validating AI-generated content against the EU's Artificial Intelligence Act.
EU AI Act compliance checking is currently in development. The content below is for reference and planning purposes.
Overview
The EU AI Act is the world's first comprehensive legal framework for artificial intelligence. It regulates AI systems based on their risk level and imposes transparency requirements on systems that generate or manipulate content.
Most developer-facing AI applications fall under the "limited risk" category and must comply with Article 52 transparency obligations.
POST /v1/check/eu-ai-act for EU AI Act compliance checks (coming soon).Article 52: Transparency Requirements
Article 52 of the EU AI Act mandates that AI systems interacting with humans or generating synthetic content must disclose their AI nature.
Chatbots Must Identify Themselves
HIGHArticle 52.1
The Requirement: Users must be informed that they are interacting with an AI system, unless it is "obvious from the circumstances."
❌ Chatbot: "Hi! How can I help you today?"
Why It Fails: If the chatbot doesn't explicitly state it's AI-powered, users may assume they're talking to a human.
✓ Chatbot: "Hi! I'm an AI assistant. How can I help you today?"
AI-Generated Content Must Be Labeled
MEDIUMArticle 52.3
The Requirement: AI-generated text, images, audio, or video must be labeled in a machine-readable format and disclosed to users.
❌ Blog post generated by AI with no attribution
Why It Fails: Users have the right to know when content is synthetic. This applies to marketing copy, blog posts, emails, and more.
✓ "This content was generated with AI assistance."
No Impersonation of Real People
CRITICALArticle 52.3
The Requirement: AI systems that generate or manipulate image, audio, or video content resembling existing persons must disclose that the content is AI-generated.
❌ AI-generated voice message that sounds like a company CEO, without disclosure
Why It Fails: Deepfakes and voice clones are explicitly regulated. Users must know when audio, video, or images are synthetic.
✓ "This audio was generated by AI and does not represent the actual voice of [Person]."
Risk Classifications
The EU AI Act categorizes AI systems into four risk levels:
| Risk Level | Examples | Requirements |
|---|---|---|
| Unacceptable | Social scoring, real-time biometric surveillance | Banned |
| High | Hiring AI, credit scoring, medical diagnosis | Conformity assessment, registration, human oversight |
| Limited | Chatbots, content generators, AI writing tools | Article 52 transparency requirements |
| Minimal | Spam filters, AI video games, inventory management | No specific obligations |
Most developer tools and SaaS products fall under Limited Risk.
What Compliable Checks
- Missing AI disclosure — Chatbot responses that don't identify themselves as AI
- Unlabeled synthetic content — AI-generated text, images, or audio without attribution
- Deceptive AI use — AI systems that impersonate humans without disclosure
- Ambiguous AI attribution — Vague language like "powered by technology" instead of explicit AI disclosure
Example Check
curl -X POST https://api.compliable.dev/v1/check/eu-ai-act \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"content": "Hi! How can I assist you today?",
"scope": {
"riskLevel": "high",
"jurisdiction": "EU"
},
"context": {
"documentType": "privacy_policy",
"industry": "saas"
}
}'