The European Union’s AI Act has moved from broad legal framework to practical compliance pressure. After the first compliance deadline kicked in a couple of days ago, the Commission has issued draft guidance for developers on the AI uses that are banned under the law.
The focus is narrow but important: the AI Act’s prohibited use cases, described as forms of “unacceptable risk.” For companies building or deploying artificial intelligence in the region, this is the part of the rule book with the highest potential penalties.
What the new guidance covers
The AI Act is built around risk. Rather than treating every use of artificial intelligence the same way, it singles out certain applications as too harmful to permit. The source article points to a narrow selection of banned use cases, including social scoring that could lead to detrimental or unfavourable treatment and harmful manipulation using “subliminal techniques.”
On Tuesday, the Commission followed the first compliance deadline with guidance aimed at developers. Its purpose is to explain how this prohibited-use section of the AI Act should be understood in practice.
According to the Commission, the guidelines are intended to support “the consistent, effective, and uniform application of the AI Act across the European Union.” That matters because artificial intelligence systems can be built in one place, deployed in another, and used across several markets at once.
The Commission also said the guidance gives legal explanations and practical examples to help stakeholders understand and comply with the AI Act’s requirements. In plain terms, the document is meant to turn a legal prohibition into something product teams, compliance leads, and developers can actually evaluate against planned AI systems.
Why developers need to pay attention
The stakes are unusually high for this part of the AI Act. Breaches of the rules on prohibited use cases can lead to penalties of up to 7% of global turnover (or €35 million, whichever is greater).
That penalty structure makes the banned-use guidance more than a policy reference. It is a risk-management document for any developer or company applying artificial intelligence in the region.
The source article makes clear that developers are likely to examine the advice closely because it touches the boundary between lawful AI deployment and conduct that could trigger the law’s strongest sanctions. That boundary is especially important where systems involve treatment of people, decision-making about individuals, or techniques that may influence behavior in harmful ways.
The guidance does not turn every risky AI system into a banned system. The article describes the prohibited category as a narrow selection. But narrow does not mean minor. The examples cited, including social scoring and harmful manipulation using “subliminal techniques,” point to uses where the concern is not just technical performance but the effect on people.
The draft status matters
The guidance has been published in draft form. Formal adoption and application are still pending because the EU needs to produce translations in the bloc’s myriad official languages.
That draft status creates an important practical distinction. The guidance can help developers understand the Commission’s view, but it is not the final step in the legal process. The Commission acknowledged that the guidance is not legally binding.
That means companies should not treat the document as a substitute for the law itself, or for future decisions by the bodies responsible for enforcement. Instead, it should be read as a signal of how the Commission is explaining the AI Act’s prohibited-use rules at this stage of implementation.
For teams working on AI compliance, the useful approach is to use the guidance as a structured checkpoint:
- Identify whether an AI system could fall into an “unacceptable risk” category.
- Review whether planned features resemble the examples in the guidance.
- Assess whether the system could produce detrimental or unfavourable treatment.
- Document decisions while the broader AI Act implementation continues.
Enforcement is still taking shape
The AI Act became law across the region last year, but implementation is continuing. Additional compliance deadlines are set to arrive over the coming months and years.
Even for prohibited use cases, enforcement is likely to be further staggered. EU Member States have until August 2 to designate the bodies responsible for overseeing the rule book.
This means the legal framework is already active in important ways, while the operational machinery around enforcement is still being assembled. Regulators and courts will ultimately enforce and adjudicate the AI Act, not the guidance document itself.
For developers, that combination can feel complicated: a compliance deadline has arrived, draft guidance is available, translations are still pending, and oversight bodies are still being designated. But the direction is clear. The European Union is moving the AI Act from legislative text into applied governance.
The immediate message for artificial intelligence developers is straightforward. If a system might involve social scoring, harmful manipulation, or another prohibited use case under the AI Act, it needs careful review before being applied in the region. The Commission’s draft guidance is not legally binding, but it is now a key reference point for understanding how the EU expects the banned-use rules to be read.