This article summarises publicly available guidance from regulators and official sources. It is general educational information only and does not constitute legal or professional advice. Requirements vary by jurisdiction. Consult your regional authority or a qualified professional for advice specific to your situation.
If a customer is talking to an AI chatbot rather than a person, the EU AI Act requires them to know that, clearly, before or at the very start of the conversation. This isn't a suggestion for good customer service practice, it's a specific legal transparency obligation with real penalties attached, and it applies from 2 August 2026.
In short: Under Article 50 of the EU AI Act, any AI system designed to interact directly with people, chatbots, virtual assistants, must make clear that the user is interacting with AI, before or at the start of the conversation. A statement buried in terms and conditions doesn't satisfy this, the disclosure has to be perceivable within the interaction itself. Non-compliance carries penalties of up to €15 million or 3% of global annual turnover.
The plain-English answer
Yes, you have to disclose it, and the disclosure has to actually be part of the interaction, not a line in a policy document nobody reads. The good news is that meeting this requirement is genuinely simple in practice, a short, visible line at the start of the chat is enough for most ordinary customer-service chatbots. The requirement exists because studies and regulator experience both show people behave differently, and disclose more, when they believe they're talking to a person rather than software, and the Act treats that as something people are entitled to know.
Why this matters for your business
A 12-person e-commerce business rolling out its first AI chatbot faces a genuine, understandable tension: the whole appeal of a good chatbot is that it feels smooth and natural, and a disclosure can feel like it works against that. But the requirement is narrower than it might sound, it doesn't require an intrusive warning or a clunky first message, it requires the fact to be clear, not the experience to be ruined.
The businesses that get this wrong usually aren't trying to deceive anyone, they simply didn't realise a specific legal transparency duty applied to a tool that felt like a routine customer service upgrade. Getting it right from the start avoids a retrofit later, and avoids the (real, not hypothetical) penalty exposure the Act attaches to this specific obligation.
What the EU AI Act actually requires
The obligation comes from Article 50 of the EU AI Act, which requires providers and deployers of AI systems designed to interact directly with natural persons to ensure people are informed they're interacting with an AI system. For a chatbot, this notification needs to be provided before or at the very beginning of the conversation, not somewhere the user has to go looking for it.
The quality of the disclosure matters. A statement buried in terms and conditions, a small metadata watermark with no visible equivalent, or a vague label like "assistant" with nothing clarifying it's automated, doesn't satisfy the duty, the information has to be perceivable within the interaction itself. There's a narrow exception for interactions where AI involvement would be self-evident to a reasonably well-informed, observant person, but this exception is deliberately narrow and shouldn't be relied on for an ordinary customer-service chatbot styled to read like a human agent. The European Commission has also published a Code of Practice on Transparency of AI-Generated Content, covering the related obligation for AI-generated text, images, and other content your business might publish.
What this looks like in practice
Picture the customer service manager launching the new chatbot, initially set up to greet customers with a warm, casual message styled to read exactly like a real support agent, with no indication anywhere that it's automated. That's the version that doesn't clear the bar.
The fix is genuinely small: the first message becomes something like "Hi, I'm an AI assistant here to help with your order, I can hand you over to a real team member any time." That single addition satisfies the disclosure requirement, sets an honest expectation, and, in practice, doesn't damage the customer experience the way the manager initially worried it would, most customers respond fine to a chatbot that's upfront about what it is, particularly when it also makes clear a human is available.
What you can do about it
A short checklist for any customer-facing AI chatbot:
- Add a clear statement that the customer is talking to AI, at or before the very first message, not hidden in a settings menu or policy page.
- Keep the wording simple and human-readable, avoid technical or legal phrasing that reads like disclaimer boilerplate.
- Make clear how to reach a human if the customer wants one, this isn't strictly required by Article 50 itself but is good practice alongside it.
- Check any AI-generated marketing content, images, or written material your business publishes against the related content-labelling obligation, not just your chatbot.
- Don't rely on the "obvious" exception unless a reasonably observant person genuinely couldn't mistake the interaction for a human one, this exception is narrow by design.
If you're also weighing up whether your chatbot or another AI tool counts as high-risk under the Act, which brings a heavier set of obligations on top of this transparency duty, see our guide on EU AI Act risk tiers explained.
Methodology (Real-World, Verified)
We test AI tools against real SMB workflows: the tasks a 20-person business actually uses AI for, not enterprise demos. Pricing is verified at the vendor's published rates, with local-currency conversions noted where relevant. Compliance notes reference the legislation and regulatory guidance relevant to each article's region. Every tool is judged on one question: could a business with no dedicated IT department actually pick this up and use it on Monday morning.
Related reading: our AI governance by region.
Try our free AI Compliance Checker to check whether your AI tools meet your compliance obligations.
Does this apply to a simple FAQ-answering chatbot, or only more advanced AI assistants?
It applies to any AI system designed to interact directly with people, regardless of how sophisticated it is. A basic rules-based FAQ bot with no real AI behind it generally falls outside this specific obligation, but the moment genuine AI is generating or driving the responses, the disclosure duty applies.
Can we disclose it once in our website's privacy policy instead of in the chat itself?
No. The information has to be perceivable within the interaction itself, before or at the start of the conversation. A mention elsewhere on the site, even a prominent one, doesn't satisfy Article 50's specific requirement.
What happens if we don't comply with the disclosure requirement?
Non-compliance with Article 50's transparency obligations carries penalties of up to €15 million or 3% of global annual turnover, whichever is greater. This applies from 2 August 2026, giving businesses a defined window to get existing chatbots updated.
Does a well-designed disclosure actually hurt customer engagement?
Not typically, a short, honest disclosure paired with a clear path to a human when needed tends to set expectations rather than damage them. The businesses that see a negative reaction are usually the ones where the AI's answers are also poor, the disclosure itself is rarely the problem.
The information in this article is general in nature. It reflects a summary of publicly available guidance and does not constitute legal, privacy, or professional advice. Your obligations will depend on your specific situation, jurisdiction, and business circumstances. Do not rely on this article as a substitute for qualified legal or professional advice.
Not sure whether your chatbot or another AI tool counts as high-risk under the Act?
Check the risk tiers