AI in Media and Entertainment
Media and entertainment organizations are deploying AI for content generation, deepfake production, content moderation, recommendation algorithms, and rights management. These applications sit at the intersection of several fast-moving regulatory areas: the EU AI Act's transparency obligations for synthetic content, emerging deepfake disclosure laws, copyright questions around AI-generated works and training data, and platform obligations under the EU Digital Services Act. Synthetic media governance is an area of active regulatory development globally.
Key board-level questions
- 1.Do we label AI-generated or AI-manipulated content in compliance with applicable disclosure requirements?
- 2.How do we manage intellectual property risk when AI systems generate content trained on third-party works?
- 3.Are our content recommendation algorithms subject to algorithmic transparency or non-discrimination obligations under applicable law?
- 4.What governance controls exist around deepfake and synthetic media creation tools accessible through our platforms or products?
Regulatory frameworks
EU AI Act: AI Literacy and Prohibited AI Systems Provisions (Applicable 2 February 2026)
The EU AI Act's first major compliance deadline takes effect on 2 February 2026, requiring all organizations that develop or deploy AI within the EU to establish AI literacy measures for their workforce. As of this date, the Act's prohibitions on AI systems deemed to pose unacceptable risks also become enforceable. Organizations must have ceased operation of any prohibited AI practices and demonstrated adequate staff competency with AI systems by this date.
NIST AI 600-1 Generative AI Profile
A companion resource to the NIST AI RMF 1.0 that provides structured guidance for managing the unique risks presented by generative AI systems, including large language models and multimodal foundation models.
UK ICO Guidance on Artificial Intelligence and Data Protection
The UK ICO's guidance on AI and data protection establishes how the UK GDPR and Data Protection Act 2018 apply to the design, development, and deployment of AI systems that process personal data.
EU Data Act
The EU Data Act establishes harmonised rules on access to and use of data generated by connected products and related services across the EU, addressing both personal and non-personal data. It creates new obligations for data holders to share data with users and third parties, and sets conditions for public sector bodies to access privately held data in exceptional circumstances.