What AI practices are prohibited in the workplace under the EU AI Act?

Article 5(1)(f) prohibits AI systems that infer the emotions of a natural person in the workplace (and in education), except for medical or safety reasons. Article 5 also bans manipulative or exploitative AI techniques, social scoring, untargeted facial-image scraping, and biometric categorisation inferring sensitive attributes. These prohibitions have applied since 2 February 2025 and penalties have been enforceable since 2 August 2025.

What is the fine for using a prohibited AI system?

The top tier of the AI Act: up to €35 million or 7% of total worldwide annual turnover, whichever is higher (Article 99(3)). The fine applies to users (deployers) of prohibited systems, not only the vendors who sell them.

Can my company be liable if an employee uses a prohibited AI tool we never approved?

Deployer obligations attach to AI used under your authority, and work usage by staff is hard to disclaim, especially if the organisation had no measures to discover or prevent it. An employer that cannot show an inventory of the AI tools in actual use, and controls around them, is poorly positioned to argue the prohibited use wasn't its own.

How do I find out which AI tools employees actually use?

Network logs miss most of it because AI traffic is encrypted HTTPS and often routed through legitimate domains. Browser-level visibility, an extension that observes AI tool usage where it happens, produces an accurate inventory of tools in real use, plus the data categories flowing to each, without reading the content itself. AIovert provides this on-device: it inventories AI tool usage and blocks prohibited or sensitive data from reaching them, while logging events for audit.

EU RegulationJune 11, 20268 min read

Prohibited AI at Work: Article 5, the €35M Tier, and Your Shadow AI Blind Spot

Some AI uses are not high-risk, not transparency-bound, not deferred by the Omnibus. They are simply illegal. The exposure rarely comes from the tools you procured. It comes from the ones you have never heard of.

AIovert Security Team

GDPR & EU AI Act practitioners

Quick answers

What is banned at work?

AI that infers employees' emotions (except medical/safety uses), manipulative techniques, social scoring, and biometric categorisation inferring sensitive traits. Banned since 2 February 2025, penalties live since 2 August 2025.

How big is the fine?

The Act's maximum: €35 million or 7% of global turnover, whichever is higher. It applies to companies that use such systems, not just sell them.

Where is the real risk?

Unsanctioned tools. Sentiment-scoring meeting assistants and engagement-analysis add-ons adopted by individual teams can embed prohibited capabilities without anyone in compliance knowing.

The ban, in the law's own words

Article 5 lists practices the EU considers incompatible with fundamental rights. The one aimed squarely at employers is Article 5(1)(f), which prohibits:

“the placing on the market, the putting into service for this specific purpose, or the use of AI systems to infer emotions of a natural person in the areas of workplace and education institutions, except where the use of the AI system is intended to be put in place or into the market for medical or safety reasons.” Article 5(1)(f), Regulation (EU) 2024/1689

Note the operative words: “or the use”. This is not a vendor-only rule. A company that uses emotion-inferring AI on its workforce violates Article 5 just as the vendor does. The surrounding prohibitions matter to employers too: subliminal or manipulative techniques (5(1)(a)), exploiting vulnerabilities (5(1)(b)), social scoring (5(1)(c)), and biometric categorisation inferring race, political opinions, union membership, or sexual orientation (5(1)(g)).

These bans have applied since 2 February 2025, penalties have been enforceable since 2 August 2025, and the May 2026 Digital Omnibus (which softened the high-risk timeline) left every word of Article 5 intact. National authorities are staffed, and the first major workplace enforcement cases are widely expected this year.

How a prohibited system sneaks into a compliant company

No general counsel signs off on “emotion surveillance”. What actually happens looks like this:

A sales team adopts a call-analytics assistant whose feature list includes “customer and rep sentiment scoring”.
A manager trials a meeting tool that flags participants' “engagement levels” from voice and video.
An HR coordinator pilots an interview platform that grades candidates' “enthusiasm” from facial expression.

Each is a few clicks and a credit card. Each potentially “infers emotions of a natural person” in the workplace. And each lives in the blind spot every compliance programme shares: nobody can audit tools they cannot see. This is the same shadow AI gap that drives data leakage, but here the downside is not a breach notification; it is conduct the law flatly forbids, at the €35M/7% tier.

The deployer's defence is an inventory

When a regulator asks about prohibited practices, the strong answer has three layers:

“Here is every AI tool in actual use.” A live inventory, generated from real browser activity rather than procurement records, because the risky tools never went through procurement.
“Here is how we screened them.” Each discovered tool checked against the Article 5 list (and the European Commission's February 2025 guidelines on prohibited practices), with decisions documented.
“Here is the control loop.” New tools surface automatically, get screened, get sanctioned or shut down, with timestamps. A loop that runs continuously is evidence; a one-off audit from last year is an apology.

What to do this quarter

Discover. Deploy browser-level visibility across the fleet and let two weeks of data tell you which AI surfaces your organisation actually touches. Expect surprises: most companies find multiples of their approved list.
Screen. Triage the discovered list against Article 5: anything analysing employees' voice, face, or behaviour for emotional or engagement signals goes to legal immediately.
Contain. Disable or contractually restrict offending features; where a tool is sanctioned, configure data-category rules for what may flow to it.
Document. Keep the export. Inventory, screening decisions, and ongoing event log together form the file that turns “we think we're fine” into “we can show you.”

The asymmetry worth remembering

Most AI Act duties are graduated: documentation here, transparency there, deadlines that the Omnibus just stretched. Article 5 is binary. There is no conformity assessment that makes workplace emotion surveillance acceptable, and no grace period left. The only safe posture is to know (continuously, not annually) what AI is running against your people and your data.

Find the AI you didn't know about

AIovert builds your live AI inventory from real usage: every AI tool your employees touch, every sensitive-data category flowing toward it, logged into an exportable audit trail. Guard blocks the dangerous pastes outright. No proxy, no content collection, deployed in 15 minutes via Google Workspace or Intune.

Get started Get a demo