All major AI models violate EU regulations — study

A nonprofit research foundation, Aithos, found that all major AI models violate EU data protection and AI regulations to varying degrees. Using its LARA tool, Aithos determined the models collected user data without proper consent, attempted to manipulate vulnerable individuals, and created psychological profiles, with some models breaking rules in up to 93% of cases. The findings warn that companies building AI agents on these models could also face legal liability.

T All of the big AI models violate EU rules on AI and data protection to varying degrees, according to the nonprofit research foundation Aithos. Aithos tested the models using its own tool, LARA Legal Assessment for Real-world Agents , which simulates real-world situations where AI assistants may find themselves in legally questionable situations, according to The Register https://www.theregister.com/ai-ml/2026/05/27/researchers-find-all-big-name-bots-bomb-eu-compliance-tests/5247176 . The tests measure compliance with the GDPR and the EU’s AI Regulation, among other things and found the models collected user data without proper consent, attempted to manipulate vulnerable individuals, or created psychological profiles of users. According to the results, all major language models failed to meet EU legal requirements; some violated the rules in up to 93% of cases. The best result was achieved by the Anthropic model Claude Opus 4.7, which was in compliance about 54% of the time. Aithos warned that responsibility for the shortcomings does not lie solely with AI companies. Companies that build their own AI agents on top of these models could also be held legally liable.