Docs

Appearance

Commission guidance on prohibited AI practices

The Commission's second interpretive Communication on the EU AI Act addresses Article 5 prohibited AI practices. It was adopted on 29 July 2025 as Communication C(2025) 5052 final. This page paraphrases the Commission's reading of each of the eight prohibitions in Article 5(1)(a)–(h), the Article 5(2)–(7) real-time RBI authorisation regime, and the interaction with Article 50 transparency duties.

Status

Commission interpretive guidance, not binding law. The EU AI Act text and any Court of Justice of the European Union (CJEU) interpretation prevail in case of conflict. The Commission itself states this at paragraph (5) of the Communication.

Quick decision

  • You want to know whether your intended use is prohibited → the eight Article 5(1) prohibitions each have specific elements. Apply them in the order below; if your system meets every element of any one prohibition (and no listed exception), the practice is prohibited.
  • You operate AI in a workplace or education context → Article 5(1)(f) emotion recognition is the most-missed clause. The medical/safety carve-out is narrow.
  • You operate biometric systems → Article 5(1)(e) (untargeted scraping), Article 5(1)(g) (sensitive-attribute categorisation), and Article 5(1)(h) (real-time RBI) all apply. They can stack.
  • You are a law-enforcement authority considering real-time RBI → one Article 5(1)(h)(i)–(iii) objective must apply, and the Article 5(2)–(7) authorisation regime must also be satisfied. See Article 5(2)–(7) authorisation regime below.
  • You operate a scoring or profiling system in a regulated sector (finance, insurance, employment) → Article 5(1)(c) (social scoring) and Article 5(1)(d) (criminal-offence prediction) are the relevant tests, plus high-risk classification under Annex III if the system is not prohibited. See Commission draft guidance on high-risk classification.

TL;DR

  • Article 5(1) lists eight prohibited practices with specific cumulative elements per prohibition. Each carries narrow exceptions.
  • The prohibitions apply to placing on the market, putting into service, and use, with Article 5(1)(h) applying only to use; the Commission focuses on providers and deployers, each within their respective responsibilities (sections 2.3–2.4).
  • Article 5(2)–(7) layers a specific authorisation regime on real-time RBI for law enforcement under 5(1)(h) — alone among the prohibitions, 5(1)(h) admits authorised exceptions and the regime is the operative test.
  • Article 50 transparency duties apply independently; where Article 5 prohibits, Article 50 transparency obligations on the same deployment are moot (you cannot be transparent about an unlawful deployment).
  • Penalties under Article 99: up to €35 million or 7% of worldwide annual turnover, whichever is higher, for Article 5 infringements.
  • Application date for Article 5: 2 February 2025. The Commission Communication itself was adopted later, on 29 July 2025.

Primary source

Commission Communication C(2025) 5052 final, Brussels, 29 July 2025 — Commission Guidelines on prohibited artificial intelligence practices established by Regulation (EU) 2024/1689 (AI Act). © European Union. AI Act Service Desk PDF. Adopted under Article 96(1)(b) AI Act.

Cross-cutting interpretation principles

The Commission identifies several principles that apply across all eight prohibitions (Communication section 2):

  • Object-and-effect test. Several prohibitions (5(1)(a), 5(1)(b)) require both an objective or an effect — neither a malicious intent without effect nor an unintended effect without manipulative intent is sufficient on its own; the Commission reads the disjunctive carefully so that a system with the effect of materially distorting behaviour can fall within the prohibition even where the developer's stated intent was benign.
  • Material distortion. Where prohibitions require behaviour distortion (5(1)(a), 5(1)(b)), the Commission reads the distortion to require appreciably impairing the ability to make an informed decision — ordinary persuasion is not enough.
  • Significant harm. Where prohibitions require harm (5(1)(a), 5(1)(b)), 'significant' is read against the totality of effects (financial, psychological, physical, fundamental-rights). It is not limited to monetary loss.
  • AI-system test runs first. Article 5 only applies to AI systems within the meaning of Article 3(1). A system that fails the Article 3(1) test (e.g. a basic data-processing system) cannot be a prohibited AI practice — see Commission guidance on the AI-system definition.
  • Cumulative elements. Each prohibition has specific cumulative elements. A system that meets some but not all elements falls outside the specific prohibition (though may still engage other prohibitions or downstream high-risk classification).
  • Carve-outs are narrow. Where Article 5(1) lists an exception (5(1)(d) human-assessment carve-out; 5(1)(f) medical/safety; 5(1)(g) law-enforcement labelling; 5(1)(h)(i)–(iii) law-enforcement objectives), the Commission reads the exception strictly against the prohibition's purpose.

Article 5(1)(a) — harmful manipulation, deception, subliminal techniques

The Article 5(1)(a) prohibition applies to AI systems that deploy subliminal techniques beyond a person's consciousness, or purposefully manipulative or deceptive techniques, with the objective or the effect of materially distorting the behaviour of a person or group of persons by appreciably impairing their ability to make an informed decision, thereby causing them to take a decision they would not otherwise have taken, in a manner that causes or is reasonably likely to cause significant harm.

What the Commission says (section 3 of the Communication):

  • Subliminal techniques are read as inputs (visual, auditory, haptic) that bypass conscious awareness. The Commission does not require that the subliminal nature be technically proven — operational characteristics suggesting the technique is intended to bypass conscious processing are sufficient.
  • Purposefully manipulative or deceptive techniques are read against the system's design choices and stated purpose. AI systems deliberately built to deceive (e.g. impersonate a trusted entity) or to circumvent rational reflection (e.g. exploit known cognitive biases at individual scale) fall within the prohibition.
  • Material distortion: the Commission's emphasis (in section 3 and the cross-cutting principles) is on appreciably impairing the person's ability to make an informed decision. Standard persuasion, advertising, or commercial UX does not meet this threshold absent the manipulative/subliminal element.
  • Significant harm: financial, psychological, physical, or fundamental-rights harm. The Commission gives examples in section 3 including manipulated investment decisions, induced unsafe behaviour, and induced harmful interactions with services.

Borderline cases:

  • Hyper-personalised dark patterns leveraging individual psychological profiles — within the prohibition if material distortion + significant harm elements are met.
  • A/B-tested UX choices that increase conversion without targeting cognitive biases — outside the prohibition unless the techniques cross into deception.
  • Recommender systems optimised for engagement — outside Article 5(1)(a) unless they purposefully deploy manipulative techniques and the engagement effect causes significant harm; the Article 27 fundamental-rights impact assessment and Article 26 deployer obligations may still apply for high-risk recommender deployments.

Article 5(1)(b) — exploitation of vulnerabilities

The Article 5(1)(b) prohibition applies to AI systems that exploit any of the vulnerabilities of a natural person or specific group of persons due to age, disability, or specific social or economic situation, with the objective or effect of materially distorting behaviour in a manner that causes or is reasonably likely to cause significant harm.

What the Commission says (section 3):

  • The vulnerability categories are exhaustive as listed (age, disability, specific social or economic situation). Other vulnerabilities (e.g. emotional state, addiction) may engage Article 5(1)(a) but are not 5(1)(b) per se.
  • Specific social or economic situation has a defined scope: extreme poverty, temporary unemployment, over-indebtedness, migration or refugee status, and comparable specific social or economic vulnerability can qualify; grievances or loneliness alone do not.
  • The system must exploit the vulnerability — passively serving an audience that includes vulnerable persons is not enough; the system's design or operation must leverage the vulnerability.
  • The same material-distortion + significant-harm thresholds as Article 5(1)(a) apply.

Borderline cases:

  • AI-driven gambling that exploits a vulnerability listed in Article 5(1)(b) (e.g. addressing a player's age, disability, or specific socio-economic distress) and that materially distorts behaviour with significant resulting harm — within the prohibition. Targeting problem-gambling tendencies alone is not within 5(1)(b) (addiction is not a listed vulnerability per se), though may still engage 5(1)(a) where manipulative techniques meet that prohibition's elements.
  • AI-driven debt-restructuring marketing targeting individuals in financial distress with terms exploiting their distress — within the prohibition.
  • Loan-eligibility AI that scores socio-economically diverse populations using the same criteria — outside 5(1)(b) (though Annex III(5)(b) high-risk classification applies and Article 14 oversight / Article 9 risk management bite).

Article 5(1)(c) — social scoring

The Article 5(1)(c) prohibition applies to AI systems used for the evaluation or classification of natural persons or groups of persons over a certain period of time based on their social behaviour or known, inferred, or predicted personal or personality characteristics, with the social score leading to either or both of:

  • detrimental or unfavourable treatment of certain natural persons or groups of persons in social contexts that are unrelated to the contexts in which the data was originally generated or collected; or
  • detrimental or unfavourable treatment of certain natural persons or groups of persons that is unjustified or disproportionate to their social behaviour or its gravity.

What the Commission says (section 4):

  • Both public and private actors are in scope. The Commission addresses the recurring misconception that 5(1)(c) is only about state social-credit systems — private-sector cross-context scoring affecting access to goods/services can fall within the prohibition.
  • Cross-context is the load-bearing element. A system that scores in one context and applies the score to detrimental treatment in another unrelated context is within the prohibition. A system that scores and treats within the same context (e.g. workplace performance evaluation affecting work assignments) is not 5(1)(c) social scoring — it is workplace management, regulated under Annex III(4) high-risk classification.
  • Disproportionality is the alternative trigger. A score-based detrimental treatment that is grossly disproportionate to the underlying social behaviour falls within the prohibition even if the contexts are related.
  • Time element: 'over a certain period of time' is a minimum-duration element — single-event evaluations are not 5(1)(c) social scoring.

Borderline cases:

  • Customer trust score from one platform applied to refuse housing — within the prohibition (cross-context).
  • Anti-cheat in online games scoring in-game behaviour to ban accounts — outside 5(1)(c) (same context, proportionate).
  • Insurance risk score that combines driving behaviour with off-platform social media — close call; the cross-context element bites if the social-media data is in a genuinely unrelated context.
  • Worker performance scoring in the same employer affecting promotion — not 5(1)(c); Annex III(4) high-risk applies.

Article 5(1)(d) — individual criminal-offence risk prediction

The Article 5(1)(d) prohibition applies to AI systems used for making risk assessments of natural persons in order to assess or predict the risk of a natural person committing a criminal offence, based solely on the profiling of a natural person or on assessing their personality traits and characteristics. The prohibition does not apply to AI systems used to support the human assessment of the involvement of a person in a criminal activity, which is already based on objective and verifiable facts directly linked to a criminal activity.

What the Commission says (section 5):

  • The word 'solely' is load-bearing. A system that combines profiling with objective and verifiable facts (transaction patterns, behavioural anomalies that constitute conduct, witness statements) is not 'solely' based on profiling and therefore falls outside the prohibition's 'solely' limb. The express second-subparagraph carve-out — for AI that supports a human assessment already based on objective and verifiable facts directly linked to a criminal activity — is a separate, narrower route out of the prohibition.
  • The carve-out supports human assessment — the AI cannot make the prediction; it can produce inputs to a human decision-maker who applies the assessment.
  • The prohibition is forward-looking — it reaches prediction of future criminal offences. Backward-looking pattern matching (forensic AI identifying the perpetrator of a past offence) is outside the prohibition.
  • Criminal offence is read by reference to the national criminal law of the Member State concerned.

Borderline cases:

  • AI fraud-detection scoring transactions for ML and AML purposes — outside the prohibition (objective and verifiable facts, supports human investigators).
  • Predictive policing based on personality profiles — within the prohibition.
  • Recidivism risk-scoring tools used pre-trial — within the prohibition if based solely on personality traits or profiling; outside if based on factual circumstances of the alleged offence (though Annex III(6) high-risk obligations apply).
  • Customer-risk profiling for sanctions-screening — outside the prohibition (factual, supports human decision).

Article 5(1)(e) — untargeted scraping of facial images

The Article 5(1)(e) prohibition applies to AI systems that create or expand facial-recognition databases through the untargeted scraping of facial images from the internet or CCTV footage.

What the Commission says (section 6):

  • Untargeted is the load-bearing element. A scrape that collects every face it can find from public web sources or CCTV is within the prohibition. A targeted, lawfully-authorised collection (e.g. retrieval of specific identified suspects' images from authorised sources) is outside the prohibition.
  • Creating or expanding databases is the operative function — the prohibition reaches both building the face dataset and growing an existing dataset through untargeted scraping. Using an already-existing database (whether or not lawfully built) raises separate questions under Article 5(1)(h) for real-time RBI and under GDPR.
  • Facial-recognition databases are read narrowly — image datasets used for facial recognition specifically, not general-purpose computer-vision datasets.

Borderline cases:

  • Clearview-style web-scraped face databases — squarely within the prohibition.
  • A retailer's CCTV system that retains face images of identified shoplifters from its own footage — outside 5(1)(e) (targeted, single-deployer, not 'scraping'); GDPR and national law apply.
  • A research dataset of face images collected under explicit consent — outside the prohibition.

Article 5(1)(f) — emotion recognition in workplace and education

The Article 5(1)(f) prohibition applies to AI systems used to infer emotions of a natural person in the area of workplace or education institutions. The carve-out applies to AI systems intended to be put in place or into the market strictly for medical or safety reasons.

What the Commission says (section 7):

  • Place-based prohibition. The prohibition turns on where the emotion inference occurs (workplace or education institution), not on who the data subject is. An AI system that infers an employee's emotions while at work falls within the prohibition; the same system inferring a customer's emotions in a non-workplace setting does not.
  • Workplace is read broadly: any work-context location and digital work context (e.g. remote work tools that infer emotion from video calls or messaging are within the prohibition).
  • Education institutions includes primary, secondary, tertiary, vocational, adult education. Private tutoring is borderline; the Commission's reading focuses on the institutional setting.
  • Medical / safety carve-out is narrow. The system's intended purpose must be strictly medical or safety — incidental safety claims layered onto a productivity-analytics system do not qualify. The Commission treats pain/fatigue detection, such as professional pilot or driver fatigue, as physical-state inference outside emotion recognition where no emotion is inferred; safety-purpose emotion recognition remains narrowly limited (section 7).
  • Inferring emotions is the trigger. Detecting physiological states (heart rate, sweat) without inferring an emotional state is not 5(1)(f); detecting an emotional state from those signals is.

Borderline cases:

  • Call-centre QA inferring agent emotional state during calls — within the prohibition (workplace).
  • Call-centre QA inferring customer emotional state for routing — close call; the Commission's analysis focuses on the primary subject of the inference. If the system effectively scores the agent (e.g. by counting "negative customer emotions handled"), the workplace prohibition bites.
  • Driver-drowsiness detection in commercial vehicles — outside the prohibition where it infers physical fatigue rather than emotion (section 7).
  • Wellness app that flags employee burnout or general wellbeing — within the prohibition; the Commission says burnout/depression and general stress monitoring are not within the medical/safety exception.
  • Education proctoring that infers student emotional state to detect cheating — within the prohibition (education institution).

Article 5(1)(g) — biometric categorisation for sensitive attributes

The Article 5(1)(g) prohibition applies to AI systems that categorise individual natural persons based on their biometric data to deduce or infer their race, political opinions, trade union membership, religious or philosophical beliefs, sex-life or sexual orientation. The carve-out applies to labelling or filtering of lawfully acquired biometric datasets, such as images, based on biometric data, or categorising of biometric data in the area of law enforcement.

What the Commission says (section 8):

  • Categorisation is read as assigning a person to a category based on their biometric data. Mere extraction of biometric features (e.g. face descriptors) is not 5(1)(g) without the categorisation-by-sensitive-attribute step.
  • Sensitive attribute list is exhaustive as listed. Other inferences from biometric data (e.g. age estimation, mood) are not 5(1)(g) per se but may engage 5(1)(f) (emotion recognition in workplace/education) or high-risk classification.
  • Labelling / filtering carve-out allows lawfully-acquired biometric datasets to be labelled with sensitive-attribute categories for downstream legitimate use (e.g. dataset bias auditing). The labelling itself is permitted; using the categorisation to take adverse action would engage other prohibitions.
  • Law-enforcement carve-out is narrow — categorisation in the area of law enforcement is permitted; this does not authorise downstream prohibited uses.

Borderline cases:

  • Marketing-segmentation AI that infers religion from face data — within the prohibition.
  • Dataset-bias-auditing tool that labels images by inferred ethnicity to measure model fairness — within the labelling/filtering carve-out.
  • Border-control biometric matching against watchlists — outside 5(1)(g) (matching, not sensitive-attribute categorisation); engages Article 5(1)(h) real-time RBI and Annex III(7)(a) high-risk.

Article 5(1)(h) — real-time remote biometric identification

The Article 5(1)(h) prohibition applies to the use of real-time remote biometric identification (RBI) systems in publicly accessible spaces for the purposes of law enforcement, except where strictly necessary for one of three listed objectives:

  • (i) targeted search for specific victims of abduction, trafficking, sexual exploitation, or for missing persons;
  • (ii) prevention of a specific, substantial and imminent threat to the life or physical safety of natural persons, or a genuine and present or genuine and foreseeable threat of a terrorist attack;
  • (iii) localisation or identification of a person suspected of having committed a criminal offence listed in Annex II and punishable in the Member State concerned by a custodial sentence or detention order for a maximum period of at least four years — for the purposes of conducting a criminal investigation, prosecution, or executing a criminal penalty.

Even where one of the (i)–(iii) objectives applies, the deployment is subject to the Article 5(2)–(7) authorisation regime — see below.

What the Commission says (section 9):

  • Real-time is read against the temporal distance between data capture and identification. Identification happening contemporaneously with the biometric capture is real-time; identification after a temporal gap is post-RBI (regulated under Annex III(1)(a) as high-risk, not under Article 5(1)(h)).
  • Remote is read as identification without active cooperation of the data subject. Cooperative biometric authentication (e.g. fingerprint unlock, attended biometric border check with informed consent) is not 'remote' under 5(1)(h).
  • Publicly accessible spaces is read broadly per Article 3(44): spaces accessible to an undefined number of natural persons (streets, squares, public transport, shopping centres, sports venues). Private workplaces, schools, hospitals are typically not 'publicly accessible' in the Commission's reading.
  • For the purposes of law enforcement narrows the prohibition's reach: non-law-enforcement uses of real-time RBI in publicly accessible spaces (e.g. retail security, event access control) are not 5(1)(h) but engage Annex III(1)(a) high-risk classification.
  • The (i)–(iii) exceptions are cumulative with the Article 5(2)–(7) regime — invoking an objective without the authorisation is not sufficient.

Borderline cases:

  • Stadium-entry RBI for ticket-holder verification by a private operator — outside 5(1)(h) (not law enforcement) but Annex III(1)(a) high-risk applies.
  • Police live face-scanning at a protest looking for known suspects of unspecified offences — within the prohibition (no specific (i)–(iii) objective; insufficient authorisation).
  • Investigative use of CCTV after the fact to identify a suspect — not 5(1)(h) (post-RBI, not real-time); Annex III(1)(a) high-risk.

Article 5(2)–(7) — the real-time RBI authorisation regime

Where law-enforcement use of real-time RBI in a publicly accessible space pursues one of the Article 5(1)(h)(i)–(iii) objectives, Article 5(2)–(7) sets a layered authorisation regime. Per Commission section 10:

  • Article 5(2) — limited and targeted use, fundamental-rights impact assessment, registration in the EU database (Article 49).
  • Article 5(3) — prior judicial or independent administrative authorisation. In duly justified urgent situations, deployment may begin and authorisation be requested without undue delay, at most within 24 hours. If authorisation is rejected, use must cease immediately and all data, results and outputs of that use must be discarded and deleted.
  • Article 5(4) — notification to the competent market-surveillance authority and the national data-protection authority.
  • Article 5(5) — Member State may authorise (in national law) the use of real-time RBI within the limits of 5(2)–(4) and must notify the Commission within 30 days; the Commission publishes consolidated annual reports.
  • Article 5(6) — competent authorities submit annual reports on use.
  • Article 5(7) — the Commission publishes consolidated annual reports based on Member State data.

What the Commission emphasises: Article 5(2)–(7) does not authorise general real-time RBI deployments. Each deployment requires the (i)–(iii) objective, the prior authorisation, the FRIA, the registration, and the reporting. Absent any single element, the deployment falls back within the Article 5(1)(h) prohibition. The 24-hour urgent-authorisation carve-out (sections 10.2.2.3–10.2.2.4) is narrow and must be justified on the record.

Interaction with Article 50 transparency duties

Article 50 transparency duties apply independently of Article 5 prohibitions. The Commission's reading (section 2):

  • Where Article 5 prohibits, Article 50 transparency obligations on the same deployment are moot — a transparency duty cannot operate on an unlawful deployment.
  • Where the deployment is outside Article 5, Article 50 still applies on the same trigger (e.g. emotion recognition outside workplace/education is not prohibited under 5(1)(f) but Article 50(3) transparency to subjects still applies; synthetic-content generation that does not meet 5(1)(a) thresholds still triggers Article 50(2) machine-readable marking).
  • AI Omnibus impact (provisional agreement May 2026, pending adoption) — adds a new prohibition covering AI-generated NCII and CSAM; provides a four-month grace period for Article 50(2) provider-side marking on systems already on the market before 2 August 2026. See the EU AI Act overview.

Settled vs vague (per Commission guidance)

The Commission's guidance pins down many open questions about Article 5. Several remain explicitly or implicitly unsettled.

Settled:

  • The eight prohibitions have cumulative elements; missing any element takes the system outside the specific prohibition (section 2).
  • 'Solely' in Article 5(1)(d) is load-bearing — real, substantial and meaningful non-profiling elements may take a system outside the 'solely' limb; the express human-assessment exclusion is a separate route (section 5).
  • The Article 5(1)(f) workplace prohibition is place-based; the medical/safety carve-out is narrow (section 7).
  • Article 5(1)(g) is exhaustive on the listed sensitive-attribute categories (section 8).
  • The Article 5(2)–(7) authorisation regime is mandatory for any real-time RBI deployment that invokes an Article 5(1)(h)(i)–(iii) objective (section 10).
  • The prohibitions reach providers and deployers, each within their respective responsibilities; the material-scope verbs are 'placing on the market, putting into service, use' (sections 2.3–2.4, with Article 5(1)(h) applying only to use).

Left vague:

  • The boundary between commercial persuasion and 5(1)(a) manipulation is judgement-based; the Commission gives examples but no quantitative threshold.
  • The threshold of 'specific social or economic situation' under 5(1)(b) is broad and largely fact-specific.
  • The cross-context line in 5(1)(c) social scoring is the central judgement call; private-sector cases especially.
  • The dividing line between inferring emotions and detecting physiological state in 5(1)(f) is technical and will turn on system architecture.
  • The Article 5(2)–(7) 'duly justified urgent situation' threshold for the 24-hour post-deployment authorisation is not quantitatively defined.

How to operationalise prohibited-practice screening in Modulos

Modulos models the Article 5 screening question through the MFF-1 framework template's prohibited-practices requirement.

ArticleCommission guidance sectionModulos requirementCode
Article 5(1)(a)–(h)section 2 cross-cutting + section 3–section 9 per-prohibitionProhibited AI Practices (app)MRF-119
Article 5(2)–(7) RBI authorisationsection 10 (authorisation regime; FRIA + EU-database registration)Prohibited AI Practices (app) — authorisation, FRIA, registration evidenceMRF-119
Article 3(1) AI-system test (entry condition)section 2; see Commission guidance on the definitionAI System Classification (app)MRF-38
Article 50 transparency (interaction)section 2addressed separately on Prohibited practices and transparency(separate requirement)

The MRF-119 evidence captures the per-system screening assessment: the eight-prohibition walk-through, the determination per prohibition, and the documentation rationale. Where a system invokes the Article 5(2)–(7) authorisation regime, the authorisation record, the FRIA, the EU-database registration, and the annual reports sit as control-level evidence on the same requirement.

For full template details see Operationalizing the EU AI Act in Modulos.

Cross-framework mapping (preview)

Article 5 prohibitionAdjacent reading
5(1)(a) manipulationUCPD (Directive 2005/29/EC) unfair commercial practices; DSA Article 25 dark patterns.
5(1)(b) exploitation of vulnerabilitiesUCPD vulnerable-consumer test; consumer-credit directive (Directive 2008/48/EC).
5(1)(c) social scoringOECD AI Principles; UNESCO Recommendation on the Ethics of AI; GDPR Article 22 (right against decisions based solely on automated processing).
5(1)(d) criminal-offence predictionLaw Enforcement Directive (Directive (EU) 2016/680) Article 11.
5(1)(e) facial-image scrapingGDPR Articles 5, 6, 9; ePrivacy Directive; national CCTV laws.
5(1)(f) workplace emotion recognitionWorking Time Directive (national implementation); GDPR Articles 5, 6, 9; data-protection-authority guidance on workplace monitoring.
5(1)(g) sensitive-attribute biometric categorisationGDPR Article 9 special-category data; Charter Article 21 non-discrimination.
5(1)(h) real-time RBILaw Enforcement Directive Article 10; ECHR Article 8; Council of Europe Framework Convention on AI.
Commission guidance overview

Hub: legal status of Commission guidance, the source documents, how to use them

Definition of an AI system (Commission guidance)

The Article 3(1) entry test — must be met before Article 5 applies

High-risk classification (Commission guidance)

For systems outside Article 5 that may still be high-risk under Article 6 (draft guidance)

Prohibited practices and transparency

The underlying Regulation text on Article 5 and Article 50

EU AI Act overview

The Regulation: four obligation regimes, phased application, AI Omnibus

Operationalizing in Modulos

OFF-1 + MFF-1; the scoping questionnaire that records the Article 5 analysis

Source attribution

Commission Communication C(2025) 5052 final, Brussels, 29 July 2025 — Commission Guidelines on prohibited artificial intelligence practices established by Regulation (EU) 2024/1689 (AI Act). © European Union. Adopted under Article 96(1)(b) AI Act. PDF available via the AI Act Service Desk. Section references on this page (e.g. "section 3", "section 10.2.2") are to the numbered sections of that Communication; paragraph references in the form (N) are to the Commission's paragraph numbering. The underlying Regulation (EU) 2024/1689 is published in the OJ L of 12 July 2024 under CELEX 32024R1689.

Disclaimer

This page is for general informational purposes and does not constitute legal advice.