ETSI TR 104 159 V1.1.1 (2026-01)

TECHNICAL REPORT
Securing Artificial Intelligence (SAI);
Understanding and Preventing Harm from Generative AI

2 ETSI TR 104 159 V1.1.1 (2026-01)

Reference
DTR/SAI-0019
Keywords
AI, cybersecurity, end-user, privacy
ETSI
650 Route des Lucioles
F-06921 Sophia Antipolis Cedex - FRANCE

Tel.: +33 4 92 94 42 00  Fax: +33 4 93 65 47 16

Siret N° 348 623 562 00017 - APE 7112B
Association à but non lucratif enregistrée à la
Sous-Préfecture de Grasse (06) N° w061004871

Important notice
The present document can be downloaded from the
ETSI Search & Browse Standards application.
The present document may be made available in electronic versions and/or in print. The content of any electronic and/or
print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any
existing or perceived difference in contents between such versions and/or in print, the prevailing version of an ETSI
deliverable is the one made publicly available in PDF format on ETSI deliver repository.
Users should be aware that the present document may be revised or have its status changed,
this information is available in the Milestones listing.
If you find errors in the present document, please send your comments to
the relevant service listed under Committee Support Staff.
If you find a security vulnerability in the present document, please report it through our
Coordinated Vulnerability Disclosure (CVD) program.
Notice of disclaimer & limitation of liability
The information provided in the present deliverable is directed solely to professionals who have the appropriate degree of
experience to understand and interpret its content in accordance with generally accepted engineering or
other professional standard and applicable regulations.
No recommendation as to products and services or vendors is made or should be implied.
No representation or warranty is made that this deliverable is technically accurate or sufficient or conforms to any law
and/or governmental rule and/or regulation and further, no representation or warranty is made of merchantability or fitness
for any particular purpose or against infringement of intellectual property rights.
In no event shall ETSI be held liable for loss of profits or any other incidental or consequential damages.

Any software contained in this deliverable is provided "AS IS" with no warranties, express or implied, including but not
limited to, the warranties of merchantability, fitness for a particular purpose and non-infringement of intellectual property
rights and ETSI shall not be held liable in any event for any damages whatsoever (including, without limitation, damages
for loss of profits, business interruption, loss of information, or any other pecuniary loss) arising out of or related to the use
of or inability to use the software.
Copyright Notification
No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and
microfilm except as authorized by written permission of ETSI.
The content of the PDF version shall not be modified without the written authorization of ETSI.
The copyright and the foregoing restriction extend to reproduction in all media.

© ETSI 2026.
All rights reserved.
ETSI
3 ETSI TR 104 159 V1.1.1 (2026-01)
Contents
Intellectual Property Rights . 5
Foreword . 5
Modal verbs terminology . 5
1 Scope . 6
2 References . 6
2.1 Normative references . 6
2.2 Informative references . 6
3 Definition of terms, symbols and abbreviations . 8
3.1 Terms . 8
3.2 Symbols . 9
3.3 Abbreviations . 9
4 Introduction . 10
4.1 What is Generative Artificial Intelligence (GenAI) . 10
4.2 Uses of GenAI . 10
4.3 Impact of Regulation and Legislation in a Global Perspective. 10
4.3.1 Introduction. 10
4.3.2 Australia - Voluntary AI Safety Standard . 10
4.3.3 Brazilian Legal Framework for Artificial Intelligence, Marco Legal da Inteligência Artificial (Bill
No. 2338/2023) . 11
4.3.4 Canada - Voluntary Code of Conduct on the Responsible Development and Management of
Advanced Generative AI Systems . 11
4.3.5 China . 12
4.3.5.1 The Interim Measures for the Management of Generative AI Services . 12
4.3.5.2 Measures for the Labelling of Artificial Intelligence-Generated and Synthetic Content . 12
4.3.5.3 GB 45438-2025 Cybersecurity Technology - Labelling Method for Content Generated by
Artificial Intelligence . 12
4.3.6 EU: Artificial Intelligence Act . 12
4.3.7 India NITI Aayog: Part 1 Principles for Responsible AI . 12
4.3.8 Japan . 13
4.3.8.1 Hiroshima AI Process: International Guiding Principles for Organizations Developing Advanced
AI Systems . 13
4.3.8.2 AI Guidelines for Business Version 1.0 . 13
4.3.9 South Korea - Framework Act on Artificial Intelligence Development and Establishment of a
Foundation for Trustworthiness (AI Framework Act) . 13
4.3.10 UK: AI Code of Practice . 14
4.3.11 USA . 14
4.3.11.1 California . 14
4.3.11.1.1 AB-2013 Generative artificial intelligence: training data transparency . 14
4.3.11.1.2 SB-942 California AI Transparency Act . 14
4.3.11.1.3 AB-1836 and AB-2602 . 15
4.3.11.2 Colorado - Colorado Artificial Intelligence Act (CAIA) . 15
4.3.11.3 Tennessee - Ensuring Likeness Image and Voice Security (ELVIS) Act . 15
4.3.11.4 Utah - Artificial Intelligence Policy Act . 16
5 Impact of GenAI on Intellectual Property Rights . 16
5.1 Overview . 16
5.2 Copyright theft and infringement . 16
5.3 Understanding the Training Material . 17
5.3.1 Data curation . 17
5.3.1.1 Overview . 17
5.3.1.2 Cleaning and filtering . 17
5.3.1.3 Data annotation and labelling . 18
5.4 Use of Open-Source Models . 18
5.5 Purposeful Data Poisoning . 18
ETSI
4 ETSI TR 104 159 V1.1.1 (2026-01)
6 Harmful Impacts from GenAI . 19
6.1 Overview . 19
6.2 Prompt Injection Attack . 19
6.2.1 Overview . 19
6.2.2 Direct Prompt Injection Attack . 19
6.2.3 Indirect Prompt Injection Attack . 19
6.3 Misinformation . 20
6.4 GenAI Hallucinations . 21
6.5 Loss of Confidentiality . 22
6.6 Malicious Code Generation . 22
6.7 Spam Generation . 23
6.7.1 Overview . 23
6.7.2 Phishing . 23
6.7.3 Mitigations . 23
6.8 Deepfakes . 24
6.8.1 Overview . 24
6.8.2 Detection and Prevention . 25
6.8.3 Reporting and Removal . 25
7 GenAI Content and Material . 26
7.1 How GenAI is shared and spreads online . 26
7.2 Best Practice Measures within GenAI Platforms / Services . 26
7.2.1 Prevention by Design . 26
7.2.2 Metadata . 27
7.2.3 Red Teaming . 28
7.3 Tackling the Content Shared from GenAI Platforms . 28
7.3.1 Detection . 28
7.3.2 Enforcement . 29
7.3.4 Reporting . 30
7.3.5 Removal . 30
8 Conclusion . 30
8.1 Overview . 30
8.2 Trustworthy AI . 31
8.2.1 Overview . 31
8.2.2 Mapping of GenAI to Trustworthy AI . 32
8.2.2.1 Overview . 32
8.2.2.2 Table of Mapping . 32
Annex A: Change history . 35
History . 36

ETSI
5 ETSI TR 104 159 V1.1.1 (2026-01)
Intellectual Property Rights
Essential patents
IPRs essential or potentially essential to normative deliverables may have been declared to ETSI. The declarations
pertaining to these essential IPRs, if any, are publicly available for ETSI members and non-members, and can be
found in ETSI SR 000 314: "Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to
ETSI in respect of ETSI standards", which is available from the ETSI Secretariat. Latest updates are available on the
ETSI IPR online database.
Pursuant to the ETSI Directives including the ETSI IPR Policy, no investigation regarding the essentiality of IPRs,
including IPR searches, has been carried out by ETSI. No guarantee can be given as to the existence of other IPRs not
referenced in ETSI SR 000 314 (or the updates on the ETSI Web server) which are, or may be, or may become,
essential to the present document.
Trademarks
The present document may include trademarks and/or tradenames which are asserted and/or registered by their owners.
ETSI claims no ownership of these except for any which are indicated as being the property of ETSI, and conveys no
right to use or reproduce any trademark and/or tradename. Mention of those trademarks in the present document does
not constitute an endorsement by ETSI of products, services or organizations associated with those trademarks.
DECT™, PLUGTESTS™, UMTS™ and the ETSI logo are trademarks of ETSI registered for the benefit of its
Members. 3GPP™, LTE™ and 5G™ logo are trademarks of ETSI registered for the benefit of its Members and of the
3GPP Organizational Partners. oneM2M™ logo is a trademark of ETSI registered for the benefit of its Members and of ®
the oneM2M Partners. GSM and the GSM logo are trademarks registered and owned by the GSM Association.
Foreword
This Technical Report (TR) has been produced by ETSI Technical Committee Securing Artificial Intelligence (SAI)
(SRdAP).
Modal verbs terminology
In the present document "should", "should not", "may", "need not", "will", "will not", "can" and "cannot" are to be
interpreted as described in clause 3.2 of the ETSI Drafting Rules (Verbal forms for the expression of provisions).
"must" and "must not" are NOT allowed in ETSI deliverables except when used in direct citation.

ETSI
6 ETSI TR 104 159 V1.1.1 (2026-01)
1 Scope
The present document provides an understanding of the harm from Generative AI, along with presenting the different
ways to prevent that harm. This includes but is not limited to malicious code generation, deepfakes, spam messages,
disinformation, etc. The areas also covered are the issues of AI hallucinations, loss of confidentiality and IPR
infringements. The types of methods to counter the harm from Generative AI to be included are detection, enforcement,
reporting and removal.
2 References
2.1 Normative references
Normative references are not applicable in the present document.
2.2 Informative references
References are either specific (identified by date of publication and/or edition number or version number) or
non-specific. For specific references, only the cited version applies. For non-specific references, the latest version of the
referenced document (including any amendments) applies.
NOTE: While any hyperlinks included in this clause were valid at the time of publication, ETSI cannot guarantee
their long-term validity.
The following referenced documents may be useful in implementing an ETSI deliverable or add to the reader's
understanding, but are not required for conformance to the present document.
[i.1] What is Gen AI? Generative AI explained.
[i.2] Voluntary AI Safety Standard: The 10 guardrails.
[i.3] Bill No. 2338/2023: "Regulatory framework for artificial intelligence passes in Brazil's Senate".
[i.4] Voluntary Code of Conduct on the Responsible Development and Management of Advanced
Generative AI Systems.
[i.5] AI Watch: Global regulatory tracker – China.
[i.6] Regulation (EU) 2024/1689 of the European Parliament and of the Council of 13 June 2024 laying
down harmonised rules on artificial intelligence and amending Regulations (EC) No 300/2008,
(EU) No 167/2013, (EU) No 168/2013, (EU) 2018/858, (EU) 2018/1139 and (EU) 2019/2144 and
Directives 2014/90/EU, (EU) 2016/797 and (EU) 2020/1828 (Artificial Intelligence Act) (Text
with EEA relevance).
[i.7] RESPONSIBLE AI #AIFORALL; Approach Document for India Part 1 – Principles for
Responsible AI.
[i.8] Hiroshima Process International Guiding Principles for Organizations Developing Advanced AI
System.
[i.9] AI Guidelines for Business Ver1.0; April 19, 2024; Ministry of Internal Affairs and
Communications Ministry of Economy, Trade and Industry.
[i.10] A New Era for AI: Republic of Korea Takes a Bold Step with AI Regulation.
[i.11] Code of Practice for the Cyber Security of AI; 2025; UK GOV Department for Science,
Innovation & Technology.
[i.12] California's AB 2013: "Generative artificial intelligence: training data transparency".
[i.13] SB-942 California AI Transparency Act.
ETSI
7 ETSI TR 104 159 V1.1.1 (2026-01)

[i.14] AB-2602 Contracts against public policy: personal or professional services: digital replicas.
[i.15] Colorado's Landmark AI Act: What Companies Need To Know.
[i.16] Tennessee Law Addresses Proliferation of Deepfakes.
[i.17] Utah Enacts AI-Focused Consumer Protection Bill.
[i.18] Generative AI Navigating Intellectual Property.
[i.19] Artificial intelligence and copyright: use of generative AI tools to develop new content; European
Innovation Council and SMEs Executive Agency.
[i.20] ETSI TR 104 048 (V1.1.1): "Securing Artificial Intelligence (SAI); Data Supply Chain Security".
[i.21] What are AI hallucinations?
[i.22] Data poisoning: how artists are sabotaging AI to take revenge on image generators.
[i.23] Indirect Prompt Injection: Generative AI's Greatest Security Flaw; Matt Sutton, Damian Ruck;
2024; Centre for Emerging Technology and Security at The Alan Turing Institute.
[i.24] Security Guidelines for Generative Artificial Intelligence Application Service; ITU-T SG17.
[i.25] Implementation guidelines for digital watermarking; ITU-T SG17.
[i.26] Notice on Issuing the Measures for Identifying Synthetic Content Generated by Artificial
Intelligence.
[i.27] Cybersecurity technology — Labelling method for content generated by artificial intelligence;
2025; tc260.
[i.28] AB-1836 Use of likeness: digital replica.
[i.29] ETSI TS 102 165-1 (V5.3.1): "Cyber Security (CYBER); Methods and protocols; Part 1: Method
and pro forma for Threat, Vulnerability, Risk Analysis (TVRA)".
[i.30] ETSI TS 104 102: "Cyber Security (CYBER); Encrypted Traffic Integration (ETI); ZT-Kipling
methodology".
[i.31] Tackling deepfakes in European policy; 2021; European Parliamentary Research Service.
[i.32] Increasing Threat of Deepfake Identities.
[i.33] GenAI and the battle against misinformation; 2024; Yash Shreshtha; Duke Corporate Education.
[i.34] LLM09:2025 Misinformation.
[i.35] AI and GDPR: the CNIL publishes new recommendations to support responsible innovation.
[i.36] Adversarial Misuse of Generative AI; 2025; Google Threat Intelligence Group.
[i.37] Evaluating Malicious Generative AI Capabilities; 2024 Centre for Emerging Technology and
Security; The Alan Turing Institute.
[i.38] Hackers exploit generative AI; 2024; Centre for Cyber Security.
[i.39] ETSI TS 104 119: "Methods for Testing & Specification (MTS); AI Testing Guidelines for
Documentation of AI-enabled Systems".
[i.40] Red Teaming for GenAI Harms; 2024; Ofcom.
[i.41] Data Authenticity, Consent, and Provenance for AI Are All Broken: What Will It Take to Fix
Them?
[i.42] Deepfake Defences; 2024; Ofcom.
ETSI
8 ETSI TR 104 159 V1.1.1 (2026-01)
[i.43] ETSI TS 102 232 (all parts): "Lawful Interception (LI); Handover Interface and Service-Specific
Details (SSD) for IP delivery".
[i.44] ETSI TS 104 223: "Securing Artificial Intelligence (SAI); Baseline Cyber Security Requirements
for AI Models and Systems".
[i.45] ETSI TR 104 128: "Securing Artificial Intelligence (SAI); Guide to Cyber Security for AI Models
and Systems".
[i.46] ETSI EN 304 223: "Securing Artificial Intelligence (SAI); Baseline Cyber Security Requirements
for AI Models and Systems".
[i.47] Tennessee Personal Rights Protection Act of 1984.
[i.48] Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the
protection of natural persons with regard to the processing of personal data and on the free
movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
3 Definition of terms, symbols and abbreviations
3.1 Terms
For the purposes of the present document, the following terms apply:
agentic AI: small, specialized pieces of software that can make decisions and operate cooperatively or independently to
achieve system objectives
NOTE: Agentic AI refers to AI systems composed of agents that can behave and interact autonomously to
achieve their objectives.
confidentiality: preserving authorized restrictions on access and disclosure, including means for protecting personal
privacy and proprietary information
copyright: protection for original works of authorship as soon as an author fixes the work in a tangible form of
expression
detection: fact of noticing or discovering something
generative artificial intelligence: deep-learning models that can generate high-quality text, images, and other content
based on the data they were trained on
harm: to hurt someone or damage something
intellectual property rights: any and all rights associated with intangible assets owned by a person or company and
protected against use without consent
legislation: rules or laws relating to a particular activity that are made by a government
malicious: intent to cause harm or damage
misinformation: wrong information or information intended to deceive
open-source model: binaries of machine learning algorithms pre-trained on often-large datasets to achieve state-of-the-
art performance in a machine learning application that are released to the public for everyone to use, for either model
inference or transfer learning
prevention: act of stopping something from happening or of stopping someone from doing something
regulation:rule or directive made and maintained by an authority
spam: unwanted email or messages
ETSI
9 ETSI TR 104 159 V1.1.1 (2026-01)
3.2 Symbols
Void.
3.3 Abbreviations
For the purposes of the present document, the following abbreviations apply:
AI Artificial Intelligence
AB Assembly Bill
C2PA Coalition for Content Provenance and Authenticity
CAIA Colorado Artificial Intelligence Act
CNIL Commission Nationale de l'Informatique et des Libertés
CSAM Child Sexual Abuse Material
DKIM DomainKeys Identified Mail
DMARC Domain-based Message Authentication Reporting and Conformance
DMA Diffusion Model Architecture
ELVIS Ensuring Likeness Image and Voice Security
EU European Union
FBI Federal Bureau of Investigation
GAN Generative Adversarial Network
GDPR General Data Protection Regulation
GenAI Generative Artificial Intelligence
HAIP  Hiroshima AI Process
HIC Human Interaction Component
HITL Human in the Loop
HOTL Human on the Loop
HTTPS Hypertext Transfer Protocol Secure
IC3 Internet Crime Complaint Centre
ICT Information and Communications Technology
IP Intellectual Property
IP Internet Protocol
ISCC International Standard Content Code
ISO International Organization for Standardization
LMM Large Language Models
MFA Multi-Factor Authentication
NCII Non-Consensual Intimate Image
NLP Natural Language Processing
NSFW Not Safe For Work
PET Parameter-Efficient Tuning
RAG Retrieval-Augmented Generation
SB Senate Bill
SSD Service Specific Details
S/MIME Secure/Multipurpose Internet Mail Extensions
SMTPS Simple Mail Transfer Protocol Secure
SPF Sender Policy Framework
SSL Secures Sockets Layer
TLS Transport Layer Security
TVRA Threat, Vulnerability, Risk Analysis
UK United Kingdom
US/USA United States of America
ZT Zero Trust
ETSI
10 ETSI TR 104 159 V1.1.1 (2026-01)
4 Introduction
4.1 What is Generative Artificial Intelligence (GenAI)
Generative Artificial Intelligence (generative AI, GenAI, or GAI) is a subset of artificial intelligence that can use
Generative Adversarial Models (GANs) or Diffusion Model Architecture (DMAs) to produce text, images, videos, or
other forms of data [i.1]. Instead of being based on the input, these models learn the underlying patterns and structures
of their training data and use them to produce new data, instead of being based on the input, often in the form of natural
language prompts. In general, Gen AI uses algorithms to organize large, complex data sets into potentially meaningful
clusters of information to create new content, including text, images and audio, in response to a query or prompt.
NOTE: The issues of harm, the threats and mitigations that apply to GenAI are also relevant to Agentic AI as
Agentic AI is an evolution of GenAI.
Related work is also under development in ITU-T SG17 [i.25] on 'Security guidelines for Generative Artificial
Intelligence Application Service' [i.24] and 'Implementation guidelines for digital watermarking', which complement the
subjects discussed in the present document.
4.2 Uses of GenAI
Generative AI is used across various industries, including - but not limited to - software development, healthcare,
finance, entertainment, customer service, sales and marketing, art, writing, fashion, and product design. Some examples
of use cases of GenAI are:
1) Text: capable of natural language processing, machine translation, and natural language generation and can be
used as a foundation model for other tasks.
2) Code: Generate source code for programs.
3) Images: Commonly used for text-to-image generation and neural style transfer.
4) Audio: produces natural-sounding speech synthesis and text-to-speech capabilities.
5) Video: Can generate temporally coherent, detailed and photorealistic video clips.
4.3 Impact of Regulation and Legislation in a Global
Perspective
4.3.1 Introduction
Due to the rapid development of generative AI in a short period of time, numerous regulations and legislation have been
passed to prevent harm from AI and ensure responsible use and development. Some of these are broad measures while
others have a narrower focus. This clause will highlight their impact on generative AI and the measures developers may
have to take to be compliant. There is an overlap between these different measures which means if an organization is
compliant with one it could be compliant or partially compliant with another. The following clauses are a
non-exhaustive list and represent a snapshot of existing regulations and legislation at the time of publication.
4.3.2 Australia - Voluntary AI Safety Standard
The Voluntary AI Safety Standard [i.2] gives practical guidance to all Australian organizations on how to safely and
responsibly use and innovate with Artificial Intelligence (AI). The standard consists of 10 voluntary guardrails that
apply to all organizations throughout the AI supply chain. They include transparency and accountability requirements
across the supply chain. They also explain what developers and deployers of AI systems need to do. The guardrails are
to help organizations benefit from AI while mitigating and managing the risks that AI may pose to organizations, people
and groups.
ETSI
11 ETSI TR 104 159 V1.1.1 (2026-01)
An example guardrail from the Voluntary AI Safety Standard [i.2]: "Inform end-users regarding AI-enabled decisions,
interactions with AI and AI-generated content. - Create trust with users. Give people, society and other organizations
confidence that you are using AI safely and responsibly. Disclose when you use AI, its role and when you are
generating content using AI. Disclosure can occur in many ways. It is up to the organization to identify the most
appropriate mechanism based on the use case, stakeholders and technology used".
4.3.3 Brazilian Legal Framework for Artificial Intelligence, Marco Legal da
Inteligência Artificial (Bill No. 2338/2023)
Bill No. 2338/2023 [i.3] to establish a national regulatory framework covering the development, use, and governance of
AI systems in Brazil. The text reflects a commitment to the centrality of the human person, responsible innovation, AI
market competitiveness, and the implementation of safe and reliable systems. The regulatory framework defines a set of
rights designed to protect individuals or groups affected by AI systems, including generative AI, such as:
• The right to clear, accessible information about the use of AI in their interactions with such systems.
• The right to request reviews of automated decisions by humans in certain circumstances.
• The right to non-discrimination (illicit or abusive), as well as the right to have direct or indirect discriminatory
bias corrected.
4.3.4 Canada - Voluntary Code of Conduct on the Responsible
Development and Management of Advanced Generative AI Systems
The code [i.4] identifies measures that should be applied by all organizations developing or managing the operations of
a generative AI system with general-purpose capabilities, as well as additional measures that should be taken by
organizations developing or managing the operations of these systems that are made widely available for use, and which
are therefore subject to a wider range of potentially harmful or inappropriate use. Organizations developing and
managing the operations of these systems both have important and complementary roles. Developers and managers
need to share relevant information to ensure that adverse impacts can be addressed by the appropriate actor.
In undertaking this voluntary commitment, developers and managers of advanced generative systems commit to
working to achieve the following outcomes:
1) Accountability - Organizations understand their role with regard to the systems they develop or manage, put in
place appropriate risk management systems, and share information with other organizations as needed to avoid
gaps.
2) Safety - Systems are subject to risk assessments, and mitigations needed to ensure safe operation are put in
place before deployment.
3) Fairness and Equity - Potential impacts concerning fairness and equity are assessed and addressed at different
phases of the development and deployment of the systems.
4) Transparency - Sufficient information is published to allow consumers to make informed decisions and for
experts to evaluate whether risks have been adequately addressed.
5) Human Oversight and Monitoring - System use is monitored after deployment, and updates are implemented
as needed to address any risks that materialize.
6) Validity and Robustness - Systems operate as intended, are secure against cyber-attacks, and their behaviour in
response to the range of tasks or situations to which they are likely to be exposed is understood.
ETSI
12 ETSI TR 104 159 V1.1.1 (2026-01)
4.3.5 China
4.3.5.1 The Interim Measures for the Management of Generative AI Services
Under the AI Measures, "generative AI technology" [i.5] refers to models and related technology that have the ability to
generate text, images, audio, videos, or other content. The key roles under the AI Measures are Generative AI service
providers and users. "Generative AI service provider" refers to any organization or individual that utilizes generative AI
technology to provide generative AI services (including providing such services through the provision of a
programmable interface or other means).
"User of Generative AI services" refers to any organization or individual that uses Generative AI services to generate
content. The AI Measures do not apply if an organization or institution engages in research, development, or application
of generative AI technology but does not offer Generative AI services to the domestic public in China.
Examples of the key compliance requirements:
1) Content moderation: Generative AI service providers are required to promptly remove any illegal content,
employ measures for model optimization training, and report cases to the relevant authorities.
2) Reporting mechanism: Generative AI service providers need to establish a complaints and reporting
mechanism, where they accept and handle complaints and reports from the public and provide feedback on the
outcome of these cases.
4.3.5.2 Measures for the Labelling of Artificial Intelligence-Generated and Synthetic
Content
The Measures standardize requirements for providers of generation and synthesis services to add explicit and implicit
labels (as applicable) to generated synthetic content, including texts, images, audio, videos and virtual scenes. The use
of explicit labels (which are clearly visible to users) and implicit labels (which are embedded in the content's metadata)
in the Measures [i.26].
4.3.5.3 GB 45438-2025 Cybersecurity Technology - Labelling Method for Content
Generated by Artificial Intelligence
This reference [i.27] is a complement to the Measures [i.5] (see clause 4.3.5.2) as a mandatory standard. It specifies the
format of explicit labels required by the measures, such as inserting "AI" by text, superscript, voice and rhythm, as well
as the metadata to be added as implicit labels.
4.3.6 EU: Artificial Intelligence Act
The AI Act (Regulation (EU) 2024/1689 laying down harmonised rules on artificial intelligence) [i.6] is a legal
framework for AI worldwide. The rules aim to foster trustworthy AI in Europe. The AI Act sets out a clear set of risk-
based rules for AI developers and deployers regarding specific uses of AI.
It includes requirements to disclose copyrighted material used to train generative AI systems and to label any AI-
generated output as such.
NOTE: Before the AI Act was passed, several EU countries produced their own regulation on AI. These have
been deprecated in favour of the AI Act upon its coming into force.
4.3.7 India NITI Aayog: Part 1 Principles for Responsible AI
It identifies the following broad principles for responsible management of AI [i.7]:
1) Principle of Safety and Reliability.
2) Principle of Equality.
3) Principle of Inclusivity and Non-discrimination.
4) Principle of Privacy and Security.
ETSI
13 ETSI TR 104 159 V1.1.1 (2026-01)
5) Principle of Transparency.
6) Principle of Accountability.
7) Principle of protection and reinforcement of positive human values.
4.3.8 Japan
4.3.8.1 Hiroshima AI Process: International Guiding Principles for Organizations
Developing Advanced AI Systems
The Hiroshima AI Process (HAIP) is a set of guidelines and principles for developing and using AI systems safely and
responsibly.
The Hiroshima Process International Guiding Principles for Organizations Developing Advanced AI Systems [i.8] aims
to promote safe, secure, and trustworthy AI worldwide and provides guidance for organizations developing and using
the most advanced AI systems, including the most advanced foundation models and generative AI systems.
Organizations may include, among others, entities from academia, civil society, the private sector, and the public sector.
Examples of the principles include:
• Develop and deploy reliable content authentication and provenance mechanisms, where technically feasible,
such as watermarking or other techniques to enable users to identify AI-generated content.
• Prioritize research to mitigate societal, safety and security risks and prioritize investment in effective
mitigation measures.
• Implement appropriate data input measures and protections for personal data and intellectual property.
4.3.8.2 AI Guidelines for Business Version 1.0
The Guidelines [i.9] present unified guiding principles in AI governance in Japan to promote the safe and secure use of
AI. It is intended to help people who use AI in various businesses to fully recognize AI risks based on international
trends and stakeholders' concerns and to voluntarily take the necessary countermeasures across the entire lifecycle.
One of the key guiding principles is the Human-Centric use of AI. This includes when developing, providing, or using
an AI system or service, each AI business actor should act in a way that does not violate the human rights guaranteed by
the Constitution of Japan or granted internationally:
1) Respect human dignity and the autonomy of individuals.
2) Paying attention to manipulations by AI on decision-making and emotions.
3) Countermeasures against disinformation, misinformation, and biased information generated by AI.
4) Ensuring diversity/inclusion for example adopting universal design, ensuring accessibility, and providing
relevant stakeholders with education and support.
5) Providing user support.
6) Ensuring sustainability.
4.3.9 South Korea - Framework Act on Artificial Intelligence Development
and Establishment of a Foundation for Trustworthiness (AI
Framework Act)
The act [i.10] aims to protect citizens' rights and dignity, improve their quality of life, and strengthen national
competitiveness by regulating fundamental matters necessary for the sound development of AI and the establishment of
a foundation of trust.
ETSI
14 ETSI TR 104 159 V1.1.1 (2026-01)
It defines AI as "the electronic implementation of human intellectual abilities such as learning, reasoning, perception,
judgment, and language understanding" and AI systems as "AI-based systems that infer outputs such as predictions,
recommendations, and decisions that affect real and virtual environments for given objectives, with varying levels of
autonomy and adaptability".
Generative AI is one of the key provisions of this act. Which is defined as systems producing text, images, videos, or
other outputs based on the structure and characteristics of the input data. It specifies requirements for AI safety and
trustworthiness for generative AI as when providing products or services utilizing generative AI, AI businesses need to
notify users in advance of such fact. AI businesses also need to label the outputs of such products or services clearly as
AI-generated, particularly when the outputs mimic real-world sounds, images, or videos. For artistic or creative
expressions, this obligation
...