Regulation • Updated June 11, 2026
EU AI Content Labels: The New Icons and C2PA
Quick Reference: The EU's June 2026 AI-Labelling Package
| What launched | A voluntary Code of Practice on Transparency of AI-Generated Content, plus an official icon set, published June 10, 2026 by the European Commission's AI Office. |
| The icons | Three icons (basic, fully AI-generated, partially AI-modified), in four colour and transparency variants, as SVG and PNG. Free to use, no attribution required. |
| The law behind it | EU AI Act Article 50. Transparency duties enforceable August 2, 2026. Machine-readable marking under Article 50(2) has a transitional deadline of December 2, 2026 for pre-existing systems. |
| C2PA's role | The signed-metadata layer the icons sit on top of. Reported to be the only existing technology that meets the Code's digitally-signed, time-stamped marking bar. |
| First endorser | OpenAI, on June 11, 2026. Full signatory list expected July 2026. |
The EU now has official AI content labels. On June 10, 2026, the European Commission's AI Office published its Code of Practice on Transparency of AI-Generated Content, together with a standardised set of icons for marking AI-made and AI-edited media. The icons are the part people will see. Underneath them sits a machine-verifiable layer, and the Code points squarely at one technology to provide it: C2PA Content Credentials. Here is how the label and the proof fit together, what is actually required, and what it means if you publish AI content.
What did the EU publish on June 10, 2026?
The EU released two things at once: a voluntary Code of Practice that explains how to disclose AI-generated content, and an official icon set that gives everyone the same visual vocabulary for doing it. Both implement Article 50 of the EU AI Act, the transparency chapter of the regulation. The Commission is explicit that the Code "does not impose obligations beyond the AI Act," calling it "a voluntary tool to help providers and deployers meet obligations under the AI Act."
The official icons page publishes the artwork directly. The aim is a single recognisable label across platforms, the way a recycling symbol or an allergy warning works, so a viewer does not have to learn a different mark on every site.
What are the three EU AI labelling icons?
The set has three icons, each tied to a different kind of AI involvement. All three ship in four variants (black, white, and two semi-transparent versions) and in both SVG and PNG, so they stay legible over any background.
| Icon | When to use it |
|---|---|
| Basic | AI was involved, for example a deepfake or AI-written public-interest text, or where a custom label or interactive layer is used. |
| Fully AI-generated | Content created entirely by AI with no human-made source, such as a wholly synthetic video or an AI-written news summary. |
| Partially AI-modified | Pre-existing human content altered with AI, such as a face-swapped photograph or a room digitally restaged by a generator. |
The Commission asks that the label be "clearly perceivable and distinguishable at the latest at the time of first exposure," embedded in the content rather than buried in a settings menu, and paired with accessible features like plain-language text and alt text. Evidently artistic, satirical, or fictional work gets a lighter, less intrusive disclosure rather than a full pass.
Are the EU AI labels mandatory?
The icons and the Code are voluntary. The duty behind them is not. Article 50 of the EU AI Act makes transparency a legal obligation, and those rules become enforceable on August 2, 2026. Providers of generative systems must mark their output in a machine-readable way, and deployers must disclose deepfakes and AI-generated public-interest text. Signing the Code is one way to demonstrate compliance, but a company can also meet the requirement "by other means" if it can show those means offer an equivalent level of protection.
One date moved. Under the AI Omnibus simplification deal, the machine-readable marking duty in Article 50(2) gained a transitional deadline of December 2, 2026, but only for generative systems already on the market before August 2, 2026. New systems comply from day one. A separate target for interoperable detection mechanisms follows on February 2, 2027. Penalties for breaching the transparency rules can reach 15 million euros or 3 percent of global annual turnover.
For the full breakdown of who counts as a provider versus a deployer and which content is in scope, see our guide to what Article 50 requires for AI content.
The label and the proof are two different things
An EU icon is a human-facing claim. Anyone can paint it on, leave it off, or attach it to the wrong file. A C2PA manifest is a signed claim: a cryptographically verifiable record of how a file was made, bound to the file itself. The Code treats the icon as the surface and signed metadata as the substrate beneath it. When you want to know whether a label is telling the truth, you do not check the icon. You check the credential under it.
How do the EU icons relate to C2PA Content Credentials?
The Code asks that the fact of AI generation be recorded in a way a machine can trust. In its words, "all recorded information will be digitally signed and time-stamped (on systems where time information is available) in a secure and tamper-evident manner." That is a precise technical bar, and according to standards body IPTC's analysis, C2PA is the only existing technology that meets it.
C2PA does this with a C2PA manifest, a signed record embedded in the file that states which tool created or edited it and whether the output was AI-generated. The AI Office goes further and encourages CAWG (Creator Assertions Working Group) assertions inside C2PA manifests for richer provenance detail, such as who created the content and how. The icon a viewer sees and the manifest a verifier reads can carry the same fact, but only one of them can be checked.
The Code does not stop at metadata. It endorses a multi-layer approach: signed C2PA metadata, plus an imperceptible watermark such as Google DeepMind's SynthID, plus optional fingerprinting or registry logging. Its own position is that no single technique is sufficient, because each one fails in a different way. C2PA and SynthID are the two layers most platforms are converging on, and we cover how they differ in how to verify an AI-generated image.
Why OpenAI endorsed the Code (and which Code this is)
On June 11, 2026, OpenAI announced its support for the Code, calling it "an important step in implementing the EU AI Act and building a more transparent digital ecosystem." That makes OpenAI the first confirmed endorser of this specific Code. The full signatory list is expected in July 2026.
OpenAI tied the endorsement to work it has been doing since 2024, when it began adding C2PA metadata to images from DALL-E 3. It joined the C2PA Steering Committee that year, now ships both C2PA metadata and SynthID watermarks on images from ChatGPT, Codex, and the API, and runs a public verification tool at openai.com/verify. We traced that alignment when it happened in OpenAI and Google align on C2PA and SynthID.
One thing to keep straight: this transparency Code is not the 2025 General-Purpose AI Code of Practice. Reports of companies signing or declining that earlier instrument refer to a different document. As of mid-June 2026, OpenAI's endorsement is the only one confirmed for the transparency Code, and the other major model makers have not yet stated a public position on it.
Why a label alone is not proof
A standard label is a real step forward, but the research community is blunt about its limits, and those limits are exactly why a verification step still matters. The Mozilla Foundation evaluated seven disclosure methods and rated none of them "Good." Human-facing labels, it found, "rely heavily on the perception of the recipient," which makes them easy to overlook once they become routine.
The layers underneath have their own failure modes. Researchers at NeurIPS 2024 showed that invisible image watermarks are provably removable with a regeneration attack that adds noise and rebuilds the image with a diffusion model. And C2PA, the strongest layer, breaks when content travels: the World Privacy Forum notes that manifests "are often stripped" on upload to social platforms, and warns that C2PA "does not deter bad actors" because a valid signature can be attached to forged content just as easily as to genuine content.
Labels are still worth having. They are just a starting point rather than a verdict. When the icon, the watermark, and the manifest can each be wrong in a different way, the reliable move is to read the signed credential yourself and see what the file actually declares. That is the gap platforms reading C2PA manifests are starting to close, and the one a verifier closes for everyone else.
What creators and publishers should do now
If you publish AI-generated or AI-edited media that reaches EU audiences, the August 2, 2026 deadline is close enough to plan against. A short checklist:
- Use the official icons if they fit. They are free, need no attribution, and give your audience a label they will start to recognise everywhere. One caveat from the Commission: if you have not signed the Code, do not present the icons in a way that implies you are a signatory.
- Know what your tools write into the manifest. Many generators now embed C2PA Content Credentials automatically. The icon is only as good as the signed metadata beneath it, so confirm your pipeline actually produces a clean, signed manifest rather than just a painted-on badge.
- Verify before you publish. Drop the file into C2PA Viewer to read its manifest locally, with no upload, and confirm it says what you expect. If the asset lives at a URL, the "From URL" option fetches and inspects it the same way.
- Keep the credential intact downstream. Re-encoding, resizing, and most social uploads strip C2PA metadata. If provenance matters for a given asset, check that it survives wherever the file is going to live.
Note: This is a fast-moving area. The Code of Practice is days old as of June 11, 2026, the signatory list is not yet published, and enforcement guidance is still being finalised. Treat the dates and figures here as the current published position and confirm against the primary sources before relying on them for compliance work.
Frequently Asked Questions
What did the EU launch on June 10, 2026?
The European Commission's AI Office published its Code of Practice on Transparency of AI-Generated Content, along with an official set of icons for labelling AI-made and AI-edited media. The Code is a voluntary tool that helps providers and deployers meet the binding transparency duties in Article 50 of the EU AI Act.
Are the EU AI content labels mandatory?
The icons and the Code of Practice are voluntary. The underlying obligation is not. Article 50 of the EU AI Act requires AI-generated content to be disclosed and marked, and those duties become enforceable on August 2, 2026. The machine-readable marking duty under Article 50(2) has a transitional deadline of December 2, 2026 for systems already on the market before August 2.
Can anyone use the EU AI labelling icons?
Yes. The icons are freely available in SVG and PNG with no attribution required to the Commission or the AI Office. The one caveat: an organisation that has not signed the Code of Practice should not use the icons in a way that implies it is a signatory.
How do the EU icons relate to C2PA Content Credentials?
The icon is the human-facing label. C2PA Content Credentials are the machine-verifiable layer underneath. The Code calls for information about whether content is AI-generated to be digitally signed and time-stamped in a tamper-evident way, and C2PA is reported to be the only existing technology that meets that signed-metadata bar.
Does an EU AI label prove a file is authentic?
No. A visible icon is a claim, not proof. It can be added, removed, or applied to the wrong file. The trustworthy part is the signed C2PA manifest beneath it, which a verifier can check cryptographically. Even that has limits, because manifests are often stripped when files are uploaded to social platforms, so the label and the underlying credential should always be read together.
Did OpenAI sign the EU Code of Practice?
OpenAI announced its support for the Code of Practice on Transparency of AI-Generated Content on June 11, 2026, making it the first confirmed endorser of this specific Code. The full signatory list is expected in July 2026. This is a different instrument from the 2025 General-Purpose AI Code of Practice, which some companies declined to sign.
Read the Credential, Not Just the Label
An EU icon tells you what a file claims about itself. C2PA Viewer shows you whether the claim is signed and verifiable. Drop in any image or video to read its full Content Credentials, including whether it is marked AI-generated, entirely in your browser. No upload, no account. Paste a URL or drop a file to check it before you trust it.
Open the Inspector →