03 · Prohibited AI Practices (Article 5)
- EC Digital Strategy – Prohibited Practices Guidelines + FLI High-level Summary
- In force since: 2 February 2025
- Penalty: up to €35M or 7% of global annual turnover (whichever is higher)
In force since 2 February 2025. Fines: up to €35M or 7% of global annual turnover (whichever is higher).
The 8 banned practices in force, plus Omnibus additions from 2 December 2026
1. Subliminal / manipulative / deceptive techniques
AI that deploys techniques operating below conscious awareness, or uses deceptive or manipulative methods, to distort a person's behaviour in a way that causes or is likely to cause significant harm to that person or another. This covers both subliminal techniques and broader manipulation/deception that bypasses rational agency.
2. Exploitation of vulnerabilities
AI that exploits vulnerabilities of specific groups — due to age, disability, or socio-economic circumstances — to distort behaviour in a way that causes significant harm. Targets predatory AI directed at children, people with cognitive impairments, or those in financial distress.
3. Biometric categorisation to infer sensitive attributes
AI systems that categorise individuals based on their biometric data to infer or deduce their race, political opinions, trade union membership, religious or philosophical beliefs, sex life, or sexual orientation. Exception: lawful filtering/labelling of acquired biometric datasets and law enforcement biometric categorisation already covered by other provisions.
4. Social scoring
AI used by public authorities (or acting on their behalf) to evaluate or classify individuals based on social behaviour or personal characteristics, where it leads to detrimental or unfavourable treatment of those people — either in unrelated contexts or disproportionate to the original behaviour.
5. Individual criminal risk assessment from profiling alone
AI that assesses the risk of an individual committing criminal offences based solely on profiling or personality traits. Exception: AI that augments human assessments based on objective, verifiable facts directly linked to criminal activity is permitted.
6. Untargeted facial recognition database scraping
AI that compiles facial recognition databases by scraping facial images from the internet or CCTV footage without targeting a specific individual. Covers both building new databases and expanding existing ones.
7. Emotion recognition in workplaces and educational institutions
AI systems that infer emotions of natural persons in workplace or educational institution contexts. Exception: AI used for medical or safety reasons (e.g. monitoring driver fatigue).
8. Real-time remote biometric identification (RBI) in public spaces for law enforcement
AI used by law enforcement for real-time remote biometric identification of individuals in publicly accessible spaces. Three narrow exceptions:
- Searching for missing persons, abduction victims, victims of human trafficking or sexual exploitation
- Preventing a substantial and imminent threat to life, or a foreseeable terrorist attack
- Identifying a suspect in a serious crime (enumerated list: murder, rape, armed robbery, drug/weapons trafficking, organised crime, environmental crime, etc.)
For the exceptions: requires prior fundamental rights impact assessment, registration in EU database, and prior authorisation from a judicial or independent administrative authority. Emergency deployment without authorisation is possible but must be sought within 24 hours — rejection triggers immediate cessation.
Omnibus additions — non-consensual intimate material and CSAM (pending OJ)
PE-CONS 30/26 adds Article 5 prohibitions for AI systems that generate or manipulate realistic intimate or sexually explicit material of an identifiable person without that person's explicit consent, and for AI systems that generate or manipulate child sexual abuse material or performance, subject to the text's provider/deployer limits and lawful-defence carve-out. These new points apply from 2 December 2026, not from 2 February 2025.
Supporting Commission documents
| Document | What it covers |
|---|---|
| Guidelines on prohibited AI practices | Legal explanations + practical examples for the 8 base Article 5 categories in force from 2 February 2025; does not yet cover the Omnibus intimate-material/CSAM additions. |
| Guidelines on AI system definition | Helps determine whether something is an "AI system" in scope at all. |
| Three studies on Article 5 (May 2026) | Deeper technical and legal analysis of each prohibited practice |
| Report on review of prohibitions (May 2026) | Commission's first annual review — signals whether the list will expand |