Prohibited AI Practices Under Article 5 Explained
At the very top of the EU AI Act's risk pyramid sits a short list of practices that are simply banned — no conformity assessment, no mitigation, no exceptions to buy. These are the prohibited AI practices in Article 5, and unlike most of the Act, they have been in force since 2 February 2025. This guide walks through exactly what is prohibited, the penalties for getting it wrong, and how to check your own systems.
Why some AI is banned outright
The EU AI Act is risk-based: the higher the risk to health, safety and fundamental rights, the heavier the obligation. The four tiers are prohibited, high-risk, limited-risk (transparency) and minimal. Article 5 defines the top tier — practices judged to carry an unacceptable risk that no safeguards can adequately contain.
These practices are not regulated; they are forbidden. There is no compliance route that makes them lawful, and the ban applies extraterritorially — if the system or its output is used in the EU, it is caught wherever the provider sits.
The full list of prohibited practices
Article 5 prohibits the placing on the market, putting into service or use of AI systems that involve:
- Harmful manipulation and deception — subliminal, manipulative or deceptive techniques that materially distort behaviour and cause significant harm.
- Exploitation of vulnerabilities — targeting people's age, disability or specific social or economic situation to distort their behaviour.
- Social scoring — evaluating or classifying people over time based on behaviour or personal traits, leading to detrimental or disproportionate treatment.
- Predictive policing of individuals — assessing the risk of someone committing a crime based solely on profiling or personality traits.
- Untargeted facial scraping — creating or expanding facial-recognition databases through untargeted scraping of images from the internet or CCTV.
- Emotion recognition in the workplace and education, except for medical or safety reasons.
- Biometric categorisation that infers sensitive traits such as race, political opinions, trade-union membership, religion or sexual orientation.
- Real-time remote biometric identification in publicly accessible spaces for law-enforcement purposes, subject to narrow, authorised exceptions.
Several of these carry limited, tightly drawn exceptions — but the default is a hard prohibition.
In force since 2 February 2025
Under the phased timeline in Article 113, the Article 5 prohibitions were the first provisions to apply — from 2 February 2025, alongside the AI literacy obligations.
That matters for two reasons:
- The other deadlines are later, but this one has passed. GPAI obligations applied from 2 August 2025; Article 50 transparency applies from 2 August 2026; high-risk (Annex III) from 2 December 2027. The prohibitions are already live. See the full deadlines timeline.
- There is no grandfathering for banned practices. Any prohibited system on the market must be withdrawn now, not phased out later.
Penalties for breach
Article 5 breaches attract the Act's highest penalty band under Article 99:
- Up to €35 million, or
- Up to 7% of total worldwide annual turnover for the preceding financial year,
whichever is higher. This exceeds the top tier of GDPR fines and dwarfs the penalties for other AI Act obligations, which cap at €15M or 3% for most breaches and €7.5M or 1% for supplying incorrect information. For a full breakdown see the penalties guide.
How to check your systems
Screening for prohibited practices should be the first step in any AI compliance review — because a system that is banned cannot be fixed:
- Inventory every AI system in use and in development, including third-party and embedded tools.
- Flag anything touching biometrics, emotion inference, behavioural scoring or manipulation for detailed Article 5 review.
- Scrutinise HR and edtech tools specifically — emotion recognition in workplaces and education is a common inadvertent breach.
- Check vendor claims: 'AI-powered engagement' or 'sentiment' features can quietly cross the line.
- Document your screening so you can demonstrate diligence to authorities.
Run your systems through the free risk checker to flag Article 5 exposure quickly, then read the complete guide for the wider programme.
Frequently asked questions
When did the Article 5 prohibitions take effect?
They applied from 2 February 2025, making them the first substantive obligations of the EU AI Act to enter into force — six months after the Regulation itself. There is no transition or grandfathering period for banned practices, so any prohibited system must already have been withdrawn.
Is all facial recognition banned by Article 5?
No. Article 5 bans untargeted scraping of facial images to build recognition databases, and restricts real-time remote biometric identification in public spaces for law enforcement to narrow authorised exceptions. Other biometric uses may still be permitted but often fall into the high-risk category with heavy obligations.
What is the penalty for using a prohibited AI system?
Breaching Article 5 carries the Act's highest fines under Article 99: up to €35 million or 7% of total worldwide annual turnover, whichever is higher. This is a larger maximum than GDPR and far exceeds the penalties for other AI Act obligations.
Is emotion recognition always prohibited?
Not always. Emotion recognition is prohibited specifically in the workplace and in education, except for medical or safety reasons. Outside those settings it may be permitted but is frequently classified as high-risk, triggering the full Article 9–15 obligations.
Free, no sign-up. Deterministic — not a chatbot.