SCITT Working Group                                          V. Dawkins
Internet-Draft                                  LedgerProof Foundation
Intended status: Standards Track                         May 25, 2026
Expires: November 25, 2026


      A SCITT Profile for EU AI Act Article 50 Transparency Receipts
              draft-dawkins-scitt-ai-article50-00


Abstract

   This document defines a Supply Chain Integrity, Transparency, and
   Trust (SCITT) profile for machine-readable cryptographic
   transparency receipts addressing all four sub-obligations of
   Article 50 of Regulation (EU) 2024/1689 (the "EU AI Act"):
   interactive AI system disclosure (50(1)), machine-readable marking
   of synthetic media (50(2)), emotion recognition notification
   (50(3), referenced for completeness), and AI-generated text
   disclosure with human editorial review exemption (50(4)).

   The profile defines three SCITT statement content types
   ("ai/article-50/v1", "ai/human-review/v1", and
   "ai/chatbot-session/v1") and specifies validation, verification,
   and chain-of-custody semantics suitable for presentation to
   European Union supervisory authorities, national competent
   authorities, and judicial proceedings.

   The profile is substrate-agnostic but presumes a SCITT Transparency
   Service backed by a publicly verifiable append-only log. A reference
   implementation using the Bitcoin blockchain as the SCITT log
   substrate, via RFC 6962 Merkle aggregation anchored in OP_RETURN
   transactions, is described in companion document
   draft-dawkins-scitt-lpr-00.


Status of This Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF). Note that other groups may also distribute
   working documents as Internet-Drafts. The list of current
   Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six
   months and may be updated, replaced, or obsoleted by other documents
   at any time. It is inappropriate to use Internet-Drafts as
   reference material or to cite them other than as "work in progress."

   This Internet-Draft will expire on November 25, 2026.


Copyright Notice

   Copyright (c) 2026 IETF Trust and the persons identified as the
   document authors. All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (https://trustee.ietf.org/license-info) in effect on the date of
   publication of this document. Please review these documents
   carefully, as they describe your rights and restrictions with
   respect to this document.


Dawkins                  Expires November 25, 2026               [Page 1]

Internet-Draft        SCITT AI Article 50 Profile          May 2026


Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .  2
     1.1.  Motivation  . . . . . . . . . . . . . . . . . . . . . . .  2
     1.2.  Article 50 Sub-Obligations  . . . . . . . . . . . . . . .  3
     1.3.  Relationship to Other Standards . . . . . . . . . . . . .  3
   2.  Conventions and Definitions . . . . . . . . . . . . . . . . .  4
   3.  Profile Statement Content Types . . . . . . . . . . . . . . .  4
     3.1.  ai/article-50/v1 (Synthetic Content Receipt)  . . . . . .  4
     3.2.  ai/human-review/v1 (Editorial Review Receipt) . . . . . .  6
     3.3.  ai/chatbot-session/v1 (Interactive AI Receipt)  . . . . .  7
   4.  Validation and Verification . . . . . . . . . . . . . . . . .  8
     4.1.  Issuance Validation . . . . . . . . . . . . . . . . . . .  8
     4.2.  Article 50 Conformance Verification  . . . . . . . . . .  9
     4.3.  Article 50 Defensibility Verification  . . . . . . . . .  9
   5.  Privacy Considerations  . . . . . . . . . . . . . . . . . . . 10
     5.1.  GDPR Article 17 (Right to Erasure)  . . . . . . . . . . . 10
     5.2.  Prohibited Identifier Classes . . . . . . . . . . . . . . 10
   6.  Security Considerations . . . . . . . . . . . . . . . . . . . 11
   7.  IANA Considerations . . . . . . . . . . . . . . . . . . . . . 11
   8.  References  . . . . . . . . . . . . . . . . . . . . . . . . . 12


1.  Introduction

1.1.  Motivation

   Article 50 of Regulation (EU) 2024/1689 (the EU AI Act) imposes
   transparency obligations on providers and deployers of AI systems
   in four distinct sub-areas. Article 50(2) specifically requires
   that synthetic content be marked in "machine-readable format" that
   is "effective, interoperable, robust and reliable." As of the
   publication date of this draft, no IETF-standardized profile
   provides a complete, cryptographically verifiable, machine-readable
   record covering all four sub-obligations.

   This profile fills that gap. It defines three SCITT statement types
   that together provide:

   o  Cryptographic proof that an AI system generated specific content,
      attributable to a named legal entity (the deployer);

   o  Cryptographic proof that a human reviewed AI-generated text,
      enabling the Article 50(4) editorial review exemption;

   o  Cryptographic proof that a user was notified of interaction with
      an AI system, addressing Article 50(1).

   The profile leverages the SCITT architecture's existing properties
   of append-only logging, independent verifiability, and global
   uniqueness of registered statements. It is substrate-agnostic with
   respect to the Transparency Service implementation.


Dawkins                  Expires November 25, 2026               [Page 2]

Internet-Draft        SCITT AI Article 50 Profile          May 2026


1.2.  Article 50 Sub-Obligations

   Article 50 of the EU AI Act contains four distinct transparency
   obligations:

   o  Article 50(1): Providers of AI systems intended to interact
      directly with natural persons shall ensure that natural persons
      are informed they are interacting with an AI system, unless
      this is obvious to a reasonably well-informed natural person.

   o  Article 50(2): Providers of AI systems generating synthetic
      audio, image, video, or text content shall ensure that outputs
      are marked in a machine-readable format and detectable as
      artificially generated or manipulated. Solutions shall be
      effective, interoperable, robust and reliable as far as is
      technically feasible.

   o  Article 50(3): Deployers of emotion recognition systems or
      biometric categorization systems shall inform natural persons
      exposed to such systems.

   o  Article 50(4): Deployers of AI systems generating or
      manipulating text published with the purpose of informing the
      public on matters of public interest shall disclose that the
      text has been artificially generated or manipulated, unless the
      AI-generated content has undergone a process of human review or
      editorial control and where a natural or legal person holds
      editorial responsibility for the publication.

   This profile addresses Article 50(1), 50(2), and 50(4) directly.
   Article 50(3) is intentionally out of scope: biometric data on a
   public transparency log raises GDPR Article 9 (special category
   data) concerns that require a Data Processing Agreement out of
   scope of this profile.

1.3.  Relationship to Other Standards

   This profile is complementary to, not competitive with, the
   Coalition for Content Provenance and Authenticity (C2PA) Content
   Credentials specification [C2PA]. C2PA defines a manifest format
   embedded in media files; this profile defines a SCITT statement
   that may be referenced from a C2PA assertion and that persists
   independently of the file, surviving metadata stripping or
   transcoding.

   A C2PA-to-SCITT mapping is provided in Appendix A. The mapping
   permits a C2PA-compliant tool to additionally register a SCITT
   statement under this profile, providing tamper-evidence properties
   that the C2PA manifest alone does not provide.

   This profile is also compatible with the eIDAS Regulation
   (EU) No 910/2014 framework for qualified electronic seals. A
   SCITT statement issued under this profile MAY be presented in
   conjunction with a qualified electronic seal where the issuer is
   a qualified trust service provider.


Dawkins                  Expires November 25, 2026               [Page 3]

Internet-Draft        SCITT AI Article 50 Profile          May 2026


2.  Conventions and Definitions

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY",
   and "OPTIONAL" in this document are to be interpreted as described
   in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in
   all capitals, as shown here.

   AI System: As defined in Article 3(1) of Regulation (EU) 2024/1689.

   Deployer: As defined in Article 3(4) of Regulation (EU) 2024/1689.
   A natural or legal person using an AI system under its authority
   in the course of a professional activity.

   Provider: As defined in Article 3(3) of Regulation (EU) 2024/1689.

   Article 50 Conformant Receipt: A SCITT statement conforming to one
   of the content types defined in Section 3 of this profile, having
   passed the validation steps in Section 4.

   Article 50 Defensible Receipt: An Article 50 Conformant Receipt
   that additionally satisfies the defensibility criteria in
   Section 4.3, suitable for evidentiary use in adversarial
   proceedings.

   Public Interest Content: Content of the kind described in
   Article 50(4) — text published with the purpose of informing the
   public on matters of public interest. The determination is made
   by the deployer at issuance time and is recorded in the receipt.


3.  Profile Statement Content Types

3.1.  ai/article-50/v1 (Synthetic Content Receipt)

   The content type "ai/article-50/v1" is the primary statement type
   for Article 50(2) and Article 50(4) compliance. It records the
   binding of synthetic content to its generating AI system and the
   legal entity that caused the content to be generated.

   The content payload is a JSON object with the following fields:

   ai_system_id (string, REQUIRED)
     Identifier of the AI system that produced the artifact. SHOULD
     follow the format "<provider>/<model>/<version>", e.g.,
     "openai/gpt-4o/2024-11-20". A URL resolving to a model card or
     a Decentralized Identifier (DID) MAY be used. Maximum 512
     octets.

   ai_system_version (string, OPTIONAL)
     Additional version identifier when ai_system_id alone is
     insufficient (e.g., fine-tuned variants).


Dawkins                  Expires November 25, 2026               [Page 4]

Internet-Draft        SCITT AI Article 50 Profile          May 2026


   deployer_id (string, REQUIRED)
     Legal entity identifier of the deployer. MUST be a legal-entity
     identifier (LEI, EUID, VAT number, or DID). MUST NOT be a
     natural-person identifier such as an email address or personal
     name. This requirement prevents inadvertent processing of
     personal data under GDPR Article 6 lawful basis requirements.

   deployer_name (string, REQUIRED)
     Human-readable legal name of the deployer organization.

   deployer_country (string, REQUIRED)
     ISO 3166-1 alpha-2 country code of the deployer's registered
     office. Exactly two uppercase ASCII letters.

   content_category (enum, REQUIRED)
     Category of synthetic content. MUST be one of:
     "SYNTHETIC_TEXT", "SYNTHETIC_IMAGE", "SYNTHETIC_AUDIO",
     "SYNTHETIC_VIDEO", "DEEPFAKE", "SYNTHETIC_MULTIMODAL", or
     "AI_ASSISTED_DOCUMENT".

   artifact_hash (string, REQUIRED)
     SHA-256 hash of the artifact, hex-encoded in lowercase, exactly
     64 hex characters. The artifact itself MUST NOT be included in
     the statement.

   artifact_content_type (string, REQUIRED)
     IANA media type of the artifact, e.g., "text/plain", "image/png".

   artifact_bytes (integer, REQUIRED)
     Size of the artifact in octets. MUST be greater than zero.

   generation_type (enum, RECOMMENDED)
     Generation modality. One of:
     "FULLY_GENERATED" — content created entirely by AI from a prompt;
     "AI_MANIPULATED" — AI applied to real source content (deepfake,
       voice clone, image manipulation);
     "AI_ASSISTED" — human-created content with AI assistance.
     If absent, behavior is unspecified and verifiers SHOULD treat
     the receipt as having reduced evidentiary weight.

   source_content_hash (string, OPTIONAL)
     For generation_type == "AI_MANIPULATED": SHA-256 hash of the
     original source material that was modified. Enables deepfake
     accountability — the original is proven to exist without being
     transmitted or stored.

   perceptual_hash (object, OPTIONAL)
     Perceptual hash structure for image, audio, or video content,
     enabling matching of content after transcoding or compression.
     Object fields: "algorithm" (string, e.g., "pHash", "chromaprint"),
     "value" (hex-encoded string), "bits" (integer, hash length).


Dawkins                  Expires November 25, 2026               [Page 5]

Internet-Draft        SCITT AI Article 50 Profile          May 2026


   transparency_marker (string, REQUIRED, default: "LPR-EU-AI-ACT-50")
     Machine-readable disclosure marker that SHOULD be embedded in or
     alongside the content (e.g., in EXIF metadata, HTML meta tag,
     C2PA assertion). Default value satisfies Article 50(2) "machine-
     readable format" requirement when present in a valid registered
     SCITT statement.

   is_public_interest (boolean, OPTIONAL)
     Deployer assertion that this content touches matters of public
     interest within the meaning of Article 50(4). RECOMMENDED to set
     explicitly for news, public affairs, political content, and
     regulatory disclosures.

   enforcement_date (string, REQUIRED, default: "2026-08-02")
     ISO 8601 calendar date (YYYY-MM-DD) of the regulation under which
     the receipt is issued.

   profile_version (string, REQUIRED, default: "EU-AI-ACT-50-v1.1")
     Pins the receipt to a specific profile revision for forward
     compatibility.

   supervisory_authority (string, OPTIONAL)
     Named EU supervisory authority with jurisdiction over the
     deployer, e.g., "BaFin (DE)", "AMF (FR)".

3.2.  ai/human-review/v1 (Editorial Review Receipt)

   The content type "ai/human-review/v1" supports invocation of the
   Article 50(4) human editorial review exemption. It MUST be issued
   by the same deployer that issued the corresponding
   "ai/article-50/v1" receipt, after substantive human review of the
   generated text.

   The content payload is a JSON object with the following fields:

   original_entry_hash (string, REQUIRED)
     Hash of the SCITT statement registration of the original
     "ai/article-50/v1" receipt being reviewed. Cryptographically
     binds this receipt to the original generation event.

   original_sequence (integer, REQUIRED)
     Sequence number of the original receipt within the Transparency
     Service log.

   reviewer_role (string, REQUIRED)
     Role identifier of the human reviewer. MUST be a role identifier
     (e.g., "senior-editor", "legal-counsel", "compliance-officer"),
     NOT a personal name or email. GDPR-safe by construction.

   reviewer_country (string, REQUIRED)
     ISO 3166-1 alpha-2 country code of the reviewer's organization.

   review_timestamp (string, REQUIRED)
     ISO 8601 datetime of the review event.


Dawkins                  Expires November 25, 2026               [Page 6]

Internet-Draft        SCITT AI Article 50 Profile          May 2026


   review_type (enum, REQUIRED)
     One of: "SUBSTANTIAL_EDIT", "FACTUAL_REVIEW", "APPROVAL_ONLY".

   reviewed_artifact_hash (string, REQUIRED)
     SHA-256 hash of the post-review content. For review_type ==
     "SUBSTANTIAL_EDIT", this MUST differ from the artifact_hash of
     the original receipt; otherwise the claim of substantial edit
     is provably false.

   is_public_interest (boolean, REQUIRED)
     Deployer assertion that the content is public interest under
     Article 50(4). If false, the 50(4) exemption is moot and this
     receipt has reduced evidentiary value.

   review_rationale (string, OPTIONAL)
     Free-text rationale (RECOMMENDED for legal defensibility). MUST
     NOT contain personal data.

3.3.  ai/chatbot-session/v1 (Interactive AI Receipt)

   The content type "ai/chatbot-session/v1" supports Article 50(1)
   compliance for interactive AI systems. It records that a user was
   informed of interaction with an AI system at a specific time, or
   that the "obvious to a reasonably well-informed natural person"
   exemption was claimed.

   The content payload is a JSON object with the following fields:

   session_id_hash (string, REQUIRED)
     SHA-256 hash of an opaque session identifier. The raw session
     identifier MUST NOT be transmitted or stored. The hash provides
     unlinkability while permitting the deployer to demonstrate that
     a particular session was notified.

   ai_system_id (string, REQUIRED)
     As in Section 3.1.

   deployer_id (string, REQUIRED)
   deployer_name (string, REQUIRED)
   deployer_country (string, REQUIRED)
     As in Section 3.1.

   notification_timestamp (string, REQUIRED)
     ISO 8601 datetime of the AI-interaction notification, or the
     session start time if obvious_exemption_claimed is true.

   notification_method (enum, REQUIRED)
     One of: "INITIAL_BANNER", "INLINE_MESSAGE",
     "AUDIO_ANNOUNCEMENT", "PRE_PROMPT_DISCLOSURE".

   notification_text_hash (string, REQUIRED)
     SHA-256 hash of the disclosure text shown to the user. Enables
     proof of disclosure content without storing it.


Dawkins                  Expires November 25, 2026               [Page 7]

Internet-Draft        SCITT AI Article 50 Profile          May 2026


   obvious_exemption_claimed (boolean, REQUIRED)
     If true, the deployer is asserting that AI interaction was
     obvious within the meaning of Article 50(1) and explicit
     notification was therefore not required. The receipt then
     functions as evidence of the deployer's good-faith determination
     that the exemption applied at the time of interaction.


4.  Validation and Verification

4.1.  Issuance Validation

   Before registering a statement under this profile, the SCITT
   Transparency Service MUST validate:

   1.  The statement content_type is one of the three defined in
       Section 3.

   2.  All REQUIRED fields are present and well-formed per Section 3.

   3.  The deployer_id (and, for human-review, reviewer_role) does
       not contain prohibited identifier patterns (Section 5.2).

   4.  artifact_hash, source_content_hash, reviewed_artifact_hash,
       session_id_hash, and notification_text_hash are 64 lowercase
       hex characters each.

   5.  deployer_country and reviewer_country are exactly two
       uppercase ASCII letters (ISO 3166-1 alpha-2).

   6.  For ai/human-review/v1: a registered statement matching
       original_entry_hash exists, was issued by the same deployer_id
       (cross-checked against the SCITT issuer identity), and has
       content_type "ai/article-50/v1".

   A statement failing any validation step MUST NOT be registered.

4.2.  Article 50 Conformance Verification

   To verify that a statement registered under this profile is
   Article 50 Conformant, a verifier MUST:

   1.  Resolve the SCITT statement and confirm its registration in
       the Transparency Service's append-only log.

   2.  Verify the signature on the statement.

   3.  Confirm transparency_marker is present and non-empty.

   4.  For ai/article-50/v1: confirm generation_type, if present,
       is one of the permitted enum values.


Dawkins                  Expires November 25, 2026               [Page 8]

Internet-Draft        SCITT AI Article 50 Profile          May 2026


   5.  For ai/human-review/v1: independently verify the referenced
       original receipt and confirm chain-of-custody invariants
       (same deployer, original predates review).

   6.  For ai/chatbot-session/v1: confirm notification_method and
       notification_text_hash are present.

   7.  Confirm the SCITT log substrate's anchoring evidence (e.g.,
       Bitcoin block inclusion, qualified timestamp).

   A receipt passing all conformance checks MAY be presented to
   supervisory authorities as evidence of Article 50 compliance for
   the artifact identified.

4.3.  Article 50 Defensibility Verification

   For evidentiary use in adversarial proceedings, a verifier
   SHOULD additionally confirm:

   1.  For image/audio/video content: perceptual_hash is populated.

   2.  For AI_MANIPULATED content: source_content_hash is populated.

   3.  For text where is_public_interest == true: if the deployer
       claims the Article 50(4) editorial exemption, a corresponding
       ai/human-review/v1 receipt is found, properly chained, and
       review_type is SUBSTANTIAL_EDIT or FACTUAL_REVIEW.

   4.  The SCITT log anchoring depth is sufficient to deter
       reorganization attacks on the substrate (e.g., 6+ Bitcoin
       confirmations for a Bitcoin-backed log).

   A receipt failing one or more defensibility checks remains
   Article 50 Conformant but MAY be challenged on evidentiary
   grounds in proceedings.


5.  Privacy Considerations

5.1.  GDPR Article 17 (Right to Erasure)

   SCITT statements registered under this profile are intended to
   carry no personal data (see Section 5.2). However, the artifact
   identified by artifact_hash may itself contain personal data, in
   which case the data subject's right to erasure may impose
   obligations on the deployer.

   Implementations SHOULD support a soft-delete pattern in which the
   content payload is nulled while preserving the registered
   statement's cryptographic identity (entry_hash, signature, log
   inclusion proof). This preserves the historical record of
   issuance while removing the content reference, satisfying GDPR
   Article 17 without compromising the integrity of the log.


Dawkins                  Expires November 25, 2026               [Page 9]

Internet-Draft        SCITT AI Article 50 Profile          May 2026


5.2.  Prohibited Identifier Classes

   The following identifier classes MUST NOT appear in any field of
   a statement registered under this profile:

   o  Email addresses (detected by presence of "@");

   o  Personal names;

   o  National identification numbers, social security numbers, or
      equivalents;

   o  Biometric data of any kind;

   o  Direct identifiers of natural persons.

   The deployer_id and reviewer_role fields MUST be legal-entity
   identifiers and role identifiers respectively. Implementations
   MUST reject statements containing prohibited identifiers at
   validation time.


6.  Security Considerations

   The integrity of an Article 50 Conformant Receipt rests on the
   integrity of:

   o  The signing key controlled by the issuer;

   o  The SCITT Transparency Service log;

   o  The anchoring substrate (where applicable).

   Key compromise enables forgery of receipts. Implementations
   SHOULD support hardware-protected signing keys, key rotation,
   and revocation of compromised keys with retroactive
   identification of statements signed under compromised keys.

   The artifact_hash field commits to specific content. A receipt
   for content C does not authenticate any other content C', even
   if C and C' are perceptually similar. The perceptual_hash field,
   when populated, enables similarity matching but is not
   cryptographically binding.

   Forward secrecy is not provided. A statement registered today
   remains verifiable in the future; this is a feature of the
   transparency log architecture, not a weakness.


7.  IANA Considerations

   This document requests registration of three media types under
   the IANA media types registry:


Dawkins                  Expires November 25, 2026              [Page 10]

Internet-Draft        SCITT AI Article 50 Profile          May 2026


   o  ai/article-50+json
   o  ai/human-review+json
   o  ai/chatbot-session+json

   Registration template details to be provided in a future revision.


8.  References

8.1.  Normative References

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119, March 1997.

   [RFC8174]  Leiba, B., "Ambiguity of Uppercase vs Lowercase in
              RFC 2119 Key Words", BCP 14, RFC 8174, May 2017.

   [RFC6962]  Laurie, B., Langley, A., and E. Kasper, "Certificate
              Transparency", RFC 6962, June 2013.

   [I-D.ietf-scitt-architecture]
              Birkholz, H., Delignat-Lavaud, A., Fournet, C., Deshpande,
              Y., and S. Lasker, "An Architecture for Trustworthy and
              Transparent Digital Supply Chains", draft-ietf-scitt-
              architecture (work in progress).

8.2.  Informative References

   [EU-AIA]   Regulation (EU) 2024/1689 of the European Parliament
              and of the Council of 13 June 2024 laying down
              harmonised rules on artificial intelligence
              (Artificial Intelligence Act), OJ L 2024/1689,
              12 July 2024.

   [C2PA]     Coalition for Content Provenance and Authenticity,
              "C2PA Technical Specification, Version 2.1",
              <https://spec.c2pa.org/>.

   [eIDAS]    Regulation (EU) No 910/2014 of the European Parliament
              and of the Council on electronic identification and
              trust services for electronic transactions in the
              internal market.

   [draft-dawkins-scitt-lpr-00]
              Dawkins, V., "A Bitcoin-Anchored SCITT Transparency
              Profile: The LedgerProof Receipt (LPR), Version 1.0",
              draft-dawkins-scitt-lpr-00, July 2026.


Author's Address

   Veronica S. Dawkins
   LedgerProof Foundation
   Email: spec@ledgerproofhq.io


Dawkins                  Expires November 25, 2026              [Page 11]
