EU AI Act requires TEXT from models and providers to be watermarked 2nd August onwards. Everyone here is affected, regardless where you live.

Anyone hate the cookie banners ? Those are absolutely nothing in comparison to what is about to come. The AI Act requires lots of things, many people know it requires every AI modified or generated audiofile to be metadata tagged and fingerprint-watermarked from August on (32M$ fines) But the Act says a lot more than that and it means all good open source models are affected. Providers of AI systems generating synthetic text must make outputs machine-readable and detectable as AI-generated, using technical solutions that are effective, interoperable, robust and reliable with 2 layers Very simple OSS models are exempt, so the old llama 7B might be fine, but models of "systemic risk" are not exempt. Qwen 3.6 series, Deepseek Flash, GLM, Kimi are all systemic risk GPAI models. The AI act says that also TEXT output must be machine detectable, it only suggested "statistical methods" alongside cryptographic tagging (where possible) of the metadata (c2pa etc). So if chatGPT offers you a PDF ot TXT download -> that must have crypto signed metadata. But 2 layers must be present, not one. And they have to be "robust". A simple "AI Generated" (the label that must be added into every AI image from August on) is not enough, the text itself must be statistical watermarked. Similar to laser printed paper, that carries little invisible dots. Of course that means serious degradation in AI quality. Who is affected? Anyone who offers a tool or provides a service that can be accessed by a EU citizen. Even if it's just a single EU citizen being a tourist in Malaysia or using a VPN. LM-Studio, ollama, llama.cpp, vllm, chatgpt, claude, codex, copilot, opencode, cursor, stable diffusion Web UI, Huggingface and so on. Any AI application that modifies or generates AI images, AI text, AI music, AI speech must use the EU stamp "AI modified" or "AI generated", must metadata seal the files, must watermark the content. Must also provide risk assessment §50 documentation, compliance documentation, detection service. Any failure to do so is fined at 35,000,000 Euro (about 40 million USD) OR a few percent of the annual income (whatever is higher). They also have a huge code of conduct, you are voluntarily asked to follow - but if you don't your risk of being fined is seriously increased. That code adds a ton of more horrific additions, often technically very implausible or openly contradicting. You could say your Qwen 3.6 or gemma 4 12B does not fulfill the requirements of "GPAI with systemic risk" - maybe right if you ignore some benchmarks .. but that moves the 40M$ fine risk on you if you become a provider or distributor. So if the EU believes it IS systemic risk AI you'll face the fines at court as soon as they can catch you. But what if you are not in the EU ? You are still fully affected. Any service that offers anything into the EU is affected, including every open source project and model. Any service that offers something to an EU citizen who is just a tourist, or uses a VPN is liable. You want to code your nice new startup ? You better ensure no european can touch it. Or you better never put a foot into the EU and never grow the business too large. That means every providers out there must be compliant. Every open source tool. The regulation is so extremely invasive while simultaneously it is ridiculously shortsighted. 99% of all images on the internet will have AI content within the next years, all of them need to be watermarked visibly. 99% of all websites will be AI generated in text and code. 99% of all movies will have AI content, every marketing and sales clip. 99% of all marketing and sales voiceovers will use AI. So this is like the cookie banner, everyone warning you that they must use a cookie to serve you a website and you can accept all cookies or just all needed cookies - just that it's going to be in your face everywhere. It's a cookie banner on text, image, video and sound. Source: https://eur-lex.europa.eu/eli/reg/2024/1689/oj I've taken a look at how projects are reacting to that, and some already did. Speech & Music Elevenlabs - Teamed up with Google: SynthID for all (a strong AI based watermark from Google) Demodokos Foundry - support answered that they work on a light compliance Suno - Audible Magic content ID,support ignored me - no official statement on AI Act yet. (likely silent compliance) Udio - no official statement, support ignored me (likely silent compliance) Images and Text Open AI/ChatGPT - SynthID+c2pa comes to Codex, API, ChatGPT with "OpenAI Verification tool" Google/Gemini - SynthID for image/audio/text/video announced and expanding into C2PA and more Adobe - Full C2PA hashing and Firefly gets watermarked Microsoft Copilot/Designer - C2PA, visual and audible watermarks in 365, cryptographic signing of images Meta - visible labels, IPTC metadata, invisible watermarks,C2PA hashes for Meta AI Images Stable Diffusion - "working on implementing content credentials” with Adobe/CAI/C2PA Anthropic Claude - Intends to sign the EU General-Purpose AI Code of Practice (everything and MORE) Open Source I went through github of vLLM, Ollama, llama.cpp, lmstudio, openrouter and they appear pretty unprepared