Start with Article 5 before you classify risk
If an AI use case falls into a current Article 5 prohibition, there is no normal compliance route. You do not move it into a high-risk workflow. You stop, redesign, or get qualified legal advice before deployment. Article 5 violations sit in the EU AI Act's highest penalty tier under Article 99.
Current bans at a glance
The first eight rows are current Article 5 prohibitions under Regulation (EU) 2024/1689. The last row is a Digital Omnibus provisional-agreement watch item. Do not treat the last row as final legal text until formal adoption and publication.
| Ref | AI use to check | Plain-English meaning | Route |
|---|---|---|---|
| 5(1)(a) | Manipulation or deception | AI that distorts behaviour in a harmful way. | Stop / redesign |
| 5(1)(b) | Exploiting vulnerable people | AI that exploits age, disability, or socio-economic vulnerability. | Stop / redesign |
| 5(1)(c) | Public-authority social scoring | Scoring people over time and using the score unfairly. | Stop / redesign |
| 5(1)(d) | Criminal-risk prediction by profiling alone | Predicting crime risk for a person using profiling alone. | Check exception |
| 5(1)(e) | Untargeted facial scraping | Building facial-recognition databases by mass scraping. | Stop / redesign |
| 5(1)(f) | Emotion recognition at work or school | Inferring emotions of workers or students. | Check medical/safety exception |
| 5(1)(g) | Sensitive biometric categorisation | Using biometrics to infer protected attributes. | Stop / redesign |
| 5(1)(h) | Live biometric ID in public spaces | Real-time biometric identification for law enforcement. | Very narrow exceptions |
| Provisional | CSAM or non-consensual intimate-content generation systems | Digital Omnibus watch item, final scope pending. | Track final text |
Each current ban, explained
Open a card to see the simple meaning, examples, and any narrow exception.
This covers AI that uses hidden influence, deception, or manipulative design to push a person or group toward harmful behaviour. The issue is not only whether the user clicked a button. The issue is whether the AI method undermines meaningful choice and creates significant harm risk.
Examples to screen
AI persuasion systems tuned to exploit psychological profiles. Dark-pattern recommender flows that push harmful purchases or consent. AI content systems designed to covertly shift decisions without clear disclosure.
This covers AI that takes advantage of people who may be less able to resist or assess the system because of age, disability, or a specific social or economic situation. The trigger is harmful exploitation, not normal personalisation.
Examples to screen
Chatbots that pressure elderly users into financial decisions. AI toys that manipulate children through emotional attachment. Lending or gambling systems that identify and exploit financial distress or addiction risk.
This covers AI used by public authorities, or private actors carrying out public functions, to score people over time based on behaviour or personal traits, then use that score for unfair or disproportionate treatment.
Examples to screen
Citizen trust scores that affect access to public services. Welfare, housing, or public-benefit systems that penalise people using broad social-behaviour scores unrelated to the service decision.
This covers AI that predicts whether a specific person may commit a crime based only on profiling or personality characteristics. The key word is solely. If the system is based on objective and verifiable facts linked to criminal activity, the use may not fall under this ban, but it may still be high-risk.
Examples to screen
Predictive policing systems that flag individuals using demographics, neighbourhood, online behaviour, or personality signals without objective facts tied to criminal activity.
Exception to check carefully
AI that supports a human assessment based on objective, verifiable facts may fall outside this ban, but it can still trigger Annex III law-enforcement obligations.
This covers creating or expanding facial-recognition databases by indiscriminately scraping facial images from the internet or CCTV footage. The concern is mass collection without a targeted basis.
Examples to screen
Scraping social media, news sites, public websites, or CCTV feeds to build or expand a facial-recognition database.
This covers AI that tries to infer emotions in workplaces or educational institutions. It can include facial analysis, voice analysis, keystroke patterns, or other signals used to classify emotional state.
Examples to screen
Employee monitoring that scores mood or engagement from video calls. Classroom tools that infer stress or attention from webcams. Interview platforms that score candidates by emotional response.
Exception to check carefully
Medical or safety uses can be treated differently, such as fatigue detection for safety-critical operators. Other contexts may still require Article 50 transparency.
This covers AI that uses biometric data to infer or deduce sensitive attributes such as race, political opinion, trade union membership, religion or belief, sex life, or sexual orientation. The issue is sensitive inference, not every biometric use.
Examples to screen
Facial, voice, gait, or behavioural biometric analysis used to infer ethnicity, political affiliation, religious belief, sexual orientation, or similar sensitive attributes.
This covers real-time remote biometric identification in publicly accessible spaces for law-enforcement purposes. It is about live identification or near-live matching in public spaces, not ordinary identity verification by a consenting user.
Three narrow law-enforcement exceptions
Article 5 allows tightly controlled exceptions for targeted victim searches, preventing specific imminent terrorist threats, and locating or identifying suspects of serious crimes. These routes require strict necessity, proportionality, and usually prior judicial or independent administrative authorisation.
The Digital Omnibus provisional agreement adds a watch item for AI systems that create child sexual abuse material or non-consensual intimate or sexual content. It also refers to placing systems on the market without reasonable safety measures to prevent such creation, and deployer use for that purpose.
Status
This is not final Article 5 text yet. Track formal adoption and publication before treating the final scope, numbering, and duties as binding.
Banned vs high-risk vs transparency-only
Use this comparison to avoid the most common mistake: treating a banned use case as if it only needs high-risk controls.
| Dimension | Prohibited (Art. 5) | High-Risk (Annex III) | Limited Risk (Art. 50) |
|---|---|---|---|
| Status | Completely banned | Permitted with strict requirements | Permitted with transparency disclosure |
| Enforcement date | 2 Feb 2025 | 2 Aug 2026 | 2 Aug 2026 |
| Maximum fine | €35M / 7% turnover | €15M / 3% turnover | €15M / 3% turnover |
| Compliance path | Shut it down | Conformity assessment + ongoing obligations | Disclosure to users |
| Example | Social scoring system | AI hiring screening tool | Customer service chatbot |
Run a first-pass check
Not sure whether a use case crosses the line? Run the free checker as a first-pass educational screen, then get legal review for binding decisions.
Frequently Asked Questions
The eight current Article 5 prohibited practices became enforceable on 2 February 2025. They are already live under the current published EU AI Act baseline.
Article 5 violations sit in the highest EU AI Act penalty tier: up to EUR 35 million or 7% of worldwide annual turnover, whichever is higher. For SMEs and startups, the lower of the two figures applies under Article 99.
Yes. Article 5(1)(h) allows narrow law-enforcement exceptions for specific victim searches, imminent terrorist threats, and locating or identifying suspects of serious crimes. These uses require strict conditions and usually prior judicial or independent administrative authorisation.
No. The current Article 5 ban is specific to workplaces and educational institutions, with limited medical or safety exceptions. Other contexts may still trigger transparency or other compliance duties.
Use the EU AI Compass Compliance Checker as a first-pass educational screen. It helps compare your use case against the Article 5 categories and related risk routes, but it is not legal advice or a formal compliance determination.
Related resources
Next step: check, classify, then build evidence
Use the free EU AI Compass tools and guides to screen the use case, classify the risk path, and decide what evidence to keep.
Source basis and use limit
This page is provided by Move78 International Limited for education and operational planning. It is not official EU guidance, legal advice, certification, conformity assessment, or a compliance guarantee.
Primary sources: Regulation (EU) 2024/1689 · AI Act Service Desk · European Commission AI policy