In brief: the EU AI Act entered into force on 2 August 2024 and applies in phases: prohibited practices from February 2025, rules for general-purpose AI models from August 2025, and high-risk systems and transparency obligations from 2 August 2026. For most Lithuanian companies using chatbots or AI tools, this means the limited-risk tier: the core duty is to tell people they are interacting with AI and to label AI-generated content.

There is plenty of talk about the EU AI Act, but little of it is concrete. Many small and medium-sized business owners ask the same thing: "does this affect me if I only have a chatbot on my website or use AI to write text?" In this article we explain the regulation in plain terms — when each part takes effect, what the risk tiers are, and what you should do in practice.

Note: this is general information, not legal advice. For an assessment of your specific situation, please consult a lawyer.

What the EU AI Act is and when it took effect

The EU AI Act is the world's first comprehensive regulation of artificial intelligence. It sets out how AI systems may be developed, supplied and used within the European Union. The regulation entered into force on 2 August 2024, but its provisions do not all apply at once — they are introduced gradually over roughly 36 months.

The underlying idea is simple: the greater the risk an AI system poses to people, the stricter the requirements. This is known as a risk-based approach.

Phased application: the key dates

The regulation rolls out in waves. The most important dates for business are:

DateWhat starts to apply
2024-08-02The AI Act enters into force (transitional periods begin)
2025-02 (February)Prohibited (unacceptable-risk) practices
2025-08-02Obligations for general-purpose AI (GPAI) models
2026-08-02High-risk systems (Annex III) and transparency obligations
2027-08-02Final deadline (remaining high-risk systems, GPAI models placed on the market earlier)

For most businesses the key date is 2 August 2026, when the transparency obligations begin to apply. These are precisely the ones that affect chatbots and AI-generated content.

The four risk tiers

The AI Act sorts all systems into four categories according to potential harm:

  • Unacceptable risk — banned. For example, social scoring, manipulating people at a subconscious level, or emotion recognition in the workplace. Such systems simply may not be used.
  • High risk — permitted, but subject to strict requirements. For example, AI used in recruitment, creditworthiness assessment, or critical infrastructure. This calls for risk management, documentation, human oversight and more.
  • Limited risk — permitted with transparency obligations. This is where most everyday business tools fall: chatbots and AI content generation. The main requirement is to inform people.
  • Minimal risk — almost everything else (for example, spam filters or AI used in photo editing). No special obligations apply.

Good news for most: if you use AI for marketing, customer service or writing text, you are almost always in the limited or minimal-risk zone, rather than among the tightly regulated high-risk systems.

Transparency obligations: what they mean in practice

This is the part that affects the largest number of Lithuanian companies. From August 2026, the following core principles will apply:

  • Chatbots. A person must be clearly informed that they are interacting with artificial intelligence rather than a real member of staff — usually at the start of the conversation. In practice, a short note such as "You are chatting with an AI assistant" is enough.
  • AI-generated content. Audio, image, video or text content created or altered by artificial intelligence must be labelled so that it is recognisable as generated content (including in a machine-readable format).
  • So-called "deepfakes". If you publish artificially created or altered images, audio or video that look real, you must disclose that the content is artificial.
  • AI text on matters of public interest. If you publish AI-produced text that informs the public on matters of public interest, this too must be disclosed.

Note that there are exceptions. For example, where content is clearly artistic, creative or satirical, the obligations apply more lightly. For an ordinary business, however, the simplest route is to be transparent and hide nothing.

What an ordinary Lithuanian business should actually do

If you use AI for customer service, marketing or internal processes, it is worth starting with a few simple steps:

  • Compile a list of your AI tools. Write down where and which AI solutions you use (a chatbot on the website, AI text generation, automations).
  • Assign a risk tier. In most cases this will be limited or minimal risk. If you work with recruitment, credit or similar areas, check whether you fall into the high-risk category.
  • Add transparency notices. Indicate that the bot is AI and, where needed, label AI-generated content.
  • Train your team. So that employees know what is and isn't allowed with AI — structured AI training helps here.
  • Implement it properly. When introducing new AI features to your website or systems, it is best to build in the transparency requirements from the outset — that is what we do when delivering AI integrations.

What about general-purpose AI (ChatGPT and the like)?

The obligations for general-purpose AI models (such as large language models) fall first and foremost on their developers and providers, not on every business that uses them. This means that, as a user, the part that matters most to you remains transparency: making clear where AI is used and labelling the content it creates. The compliance of the tool itself is largely the service provider's responsibility.

Why it's worth seeing this as an opportunity

Transparency about AI is not just red tape. Customers increasingly value clarity — when they see that a company openly states that an AI assistant is replying to them, trust grows rather than diminishes. Well-organised AI automations and transparent communication become a competitive advantage, not an obstacle. Businesses that get this right early will avoid rushed fixes later on.

Frequently asked questions

When did the EU AI Act take effect?
The EU AI Act entered into force on 2 August 2024. Its provisions apply in phases: prohibited practices from February 2025, general-purpose AI models from August 2025, high-risk systems and transparency obligations from 2 August 2026, with the final deadline on 2 August 2027.
Does the AI Act affect my small business with a chatbot?
Most likely yes, but lightly. Chatbots are generally classed as limited risk, so the main obligation is to clearly inform people that they are interacting with artificial intelligence. This is usually handled with a short notice at the start of the conversation.
Do I need to label AI-generated content?
Yes. Audio, image, video and text content created or altered by AI must be recognisable as artificially generated. This matters especially for "deepfake" content and for text on matters of public interest. This obligation begins to apply from August 2026.
Which AI practices are completely banned?
Unacceptable-risk practices, such as social scoring, subconscious manipulation of people's behaviour, or emotion recognition in the workplace. These may not be used as of February 2025.
Is this article legal advice?
No. This is general information to help you get your bearings. Every case is different, so for your specific business obligations we recommend consulting a lawyer. We can help with the technical side — implementing AI transparently and training your team.