In July 2025, the European Commission enacted the “Commission Guidelines on prohibited artificial intelligence practices established by Regulation (EU) 2024/1689 (AI Act)”, with the aim of explaining how to interpret and expect practical implementation of the AI Act’s Article 5 prohibitions, which target AI practices considered to pose an “unacceptable risk”. The guidelines are non-binding, but they are intended to guide providers, deployers, regulators, and market surveillance authorities.
EU - European Commission – Guidelines on prohibited artificial intelligence practices established by Regulation (EU) 2024/1689 (AI Act)
Anno 2025
The guidelines aim to provide legal clarity on Article 5, giving a first interpretation that may be updated based on practical experience, market developments, enforcement actions, stakeholder input, and future rulings from the Court of Justice of the EU. The guidelines repeatedly stress that the prohibitions require a case-by-case assessment, because many AI uses that resemble a prohibited practice may still fall outside Article 5 if they lack a required element, such as significant harm, use in a specific context, or a prohibited purpose.
The document lists the prohibited AI practices under Article 5, clarifying their scope.
- Prohibited AI practices because of harmful manipulation or deception [art. 5(1)(a)]: the prohibition applies only when several conditions are met: the AI system must deploy subliminal, purposefully manipulative, or deceptive techniques; those techniques must materially distort a person’s or group’s behaviour; and the distortion must cause or be reasonably likely to cause significant harm.
- Prohibited AI practices because of exploitation of vulnerabilities [art. 5(1)(b)]: the prohibition focuses on vulnerable persons or groups due to age, disability, or a specific social or economic situation. Examples include children, older people, persons with disabilities, migrants, refugees, and people in extreme poverty. Again, the practice must materially distort behaviour and cause or be likely to cause significant harm. The guidelines distinguish these prohibited practices from lawful persuasion, legitimate advertising, therapeutic uses, safety tools, and other AI systems that do not create significant harm.
- Social scoring [art. 5(1)(c)]: The guidelines make clear that not all scoring is banned. Credit scoring, fraud detection, insurance underwriting, platform safety scoring, and similar practices may remain lawful if they are for a legitimate purpose, use relevant data, comply with other law, and produce proportionate outcomes.
- Criminal-offence risk assessment and prediction [art. 5(1)(d)]: the guidelines clarify that the AI Act prohibits this kind of risk-assessments when realised solely on the basis of profiling or personality traits and characteristics, because people should be judged on actual behaviour. However, AI systems may still support human assessments where the assessment is based on objective and verifiable facts directly linked to criminal activity. Such systems are generally treated as high-risk, not automatically prohibited. The guidelines also explain that purely location-based crime prediction, such as predicting where burglaries may occur, is generally outside this specific prohibition because it does not assess a named individual’s criminal risk.
- Untargeted scraping of facial images [art. 5(1)(e)]: the guidelines describe untargeted scraping as a broad “vacuum cleaner” approach that indiscriminately collects facial images. Targeted collection, for example searching for a specific victim or suspect, may fall outside this prohibition, although other laws still apply. The section also clarifies that the ban concerns databases used for facial recognition. It does not generally cover facial-image datasets used only for training or testing systems that do not identify real people.
- Emotion recognition in workplaces and education [art. 5(1)(f)]: the guidelines outline the scientific and rights-based concerns behind this prohibition, including doubts about reliability, possible discriminatory effects, and the power imbalance between employers and workers or institutions and students. The exception for medical or safety reasons is interpreted narrowly. For example, systems used to detect general employee wellbeing, motivation, boredom, stress, or job satisfaction would generally not qualify. Uses for medical support or strict safety needs may be allowed, but they remain subject to safeguards and other laws.
- Biometric categorisation of sensitive characteristics [art. 5(1)(g)]: The guidelines distinguish this from lawful labelling or filtering of biometric datasets, for example to reduce bias or ensure dataset representativeness, including in some law-enforcement contexts.
- Real-time remote biometric identification for law enforcement [art. 5(1)(h)]: the guidelines clarify the core legal concepts of this provision. “Remote biometric identification” means identifying people without their active involvement, typically at a distance, by comparing biometric data with a reference database; “Real-time” means instant or near-instant processing without significant delay; and “Publicly accessible spaces” include physical spaces accessible to an undetermined number of people, even if access conditions apply, such as tickets or registration. The prohibition applies only to law-enforcement use. Other uses may still be high-risk or regulated by other laws, but they are not automatically covered by this specific ban.
The guidelines emphasize that Member States are not required to allow exceptional uses listed by the AI Act for law enforcement purposes. If a Member State has not adopted a national law authorising such use, then law-enforcement authorities cannot rely on the AI Act exceptions.
The guidelines then set out safeguards under Article 5(2) to 5(7), clarifying that real-time biometric identification may be used only to confirm the identity of a specifically targeted individual, not for broad mass surveillance. Key safeguards include:
- Strict necessity and proportionality assessment;
- Limits on time, geography and personal scope;
- A fundamental rights impact assessment;
- Registration in the Eu database;
- Prior authorization by a judicial or independent administrative authority;
- Limited urgency exception, with authorization requested within 24 hours;
- Immediate stopping and deletion of data if authorization is refused;
- Notification to market surveillance and data protection authorities;
- National laws specifying detailed rules and limits;
- Annual reporting by national authorities and the Commission.
The AI Act does not apply to AI systems used exclusively for military, defence, or national-security purposes, certain research and development activities before market placement, purely personal non-professional use, and some free and open-source systems, unless those systems fall under Article 5 or other regulated categories.
The guidelines then explain that Article 5 can apply to both systems with a specific intended purpose and general-purpose AI systems. Providers of general-purpose AI systems are expected to implement safeguards, usage restrictions, and instructions to reduce foreseeable prohibited uses. Deployers must not bypass those safeguards or use systems for prohibited purposes.
The document emphasizes that compliance with the AI Act is not enough by itself, but providers and deployers of AI systems must comply with other EU laws. In these terms, A practice may therefore be prohibited or unlawful under another EU framework even if it does not meet all conditions of Article 5.
Market surveillance authorities, designated by the Member States, as well as the European Data Protection Supervisor, for EU institutions and bodies, are responsible for the enforcement of the rules in the AI Act for AI systems, including the prohibitions. The violations of article 5 may lead to fines of up to EUR 35 million or 7% of total worldwide annual turnover, whichever is higher, for undertakings.
Finally, the guidelines clarify that only the Court of Justice of the EU can give an authoritative interpretation of the AI Act.
The guidelines are available at the following link and in the download box.
Marta Fasan, UNITN
Pubblicato il: Martedì, 29 Luglio 2025 - Ultima modifica: Mercoledì, 13 Maggio 2026
