Guides · Article 50 · EU AI Act
Who is a provider under the EU AI Act?
Two of Article 50's four transparency duties fall on providers, so knowing whether you hold that role is often the first scope question. This guide looks at the provider role in general terms and what Article 50 asks of it. The working descriptions here are simplifications, not the full legal definitions — confirm your role for each system with qualified counsel. Informational only — not legal advice.
A working description of 'provider'
At a general level, a provider is roughly the party that develops an AI system or places it on the market — the one behind the system, as opposed to the deployer, who uses a system under its own authority. The Regulation's actual definitions carry more conditions than that one-line description, and the role is assessed per system: a business can be the provider of the chatbot it built and, at the same time, a deployer of the third-party analytics tool it merely uses. Treat the description here as an orientation, not the test.
Some situations make the role genuinely hard to call from the outside — offering a rebranded or white-labeled system, substantially modifying someone else's system, or building products on top of general-purpose models. Those boundary cases are exactly where the full legal definitions and counsel's judgment matter; this guide flags them rather than resolves them.
The two provider-side duties in Article 50
- Article 50(1) — providers must ensure AI systems intended to interact directly with natural persons are designed and developed so people are informed they are interacting with an AI system, unless that is obvious in context.
- Article 50(2) — providers of AI systems generating synthetic audio, image, video, or text must ensure outputs are marked in a machine-readable format and detectable as artificially generated or manipulated, with solutions that are effective, interoperable, robust, and reliable as far as technically feasible.
Why pinning down the role early pays off
Provider-side duties in Article 50 are design-and-development duties — informing users is meant to be built into the system, and marking is meant to be applied to outputs at generation. That is much cheaper to plan than to retrofit, which is why teams map roles per system before drafting anything. Our free scope check gives an informational indication of which paragraphs may be in play; it does not decide your role. For the deployer side of the split, see our provider-vs-deployer guide.
Common questions
If I build my product on a third-party AI model, am I the provider?
It depends on the facts — how the system is offered, under whose name, and how much you change it all bear on the role, and the Regulation's definitions are more detailed than any summary here. Boundary cases like white-labeling or substantial modification are precisely where qualified counsel should confirm the role before you rely on it.
See what may apply to your business
Answer seven quick questions for an automated, informational indication of which Article 50 obligations appear likely to apply — free, and not legal advice.