Twelve Leading AI Models Were Tested Against Europe's Laws. The Best Passed Just 54% of the Time.

A new study put the top AI assistants through Europe's data-protection and AI rules across thousands of simulated scenarios. None came close to full compliance.

By John Margerison · Wed, 03 Jun 2026 · 539 words

Most of the debate about AI and the law is abstract. A study published on 27 May 2026 made it concrete. A Dutch nonprofit research foundation called Aithos built a tool, LARA, that drops AI assistants into realistic workplace and customer situations and checks whether they follow two bodies of European law: the data-protection rules of the GDPR and the new EU AI Act. It then ran twelve of the most advanced models through more than 3,000 of these scenarios.

The results are worth sitting with. According to the foundation, compliance ranged from 7 percent to 54 percent. In other words, the worst-performing model failed to comply in roughly 93 percent of the test scenarios, and even the best-performing model fell short in about 46 percent of them.

Read that again. In this foundation's tests, the model that did best still failed to comply close to half the time. Every other model did worse.

A few honest words about what this is and is not. This is one organisation's assessment, using its own testing tool, in simulated scenarios. It is not a court ruling. No court or regulator has found any of this unlawful, and the model makers could reasonably dispute the methodology. It is a research finding, and it should be read as one. To the foundation's credit, it published the full results openly, so anyone can read the transcripts and run the tests themselves.

The half of this that matters most for anyone handling client or patient data is the data-protection side. There, the principles LARA tested included lawful processing, data minimisation and purpose limitation, and the shortfalls it describes include collecting user data without proper consent. If the tools cannot reliably get that right even in a controlled test, the safe working assumption is simple: whatever you type into one of these tools is not necessarily being handled the way you would want, or the way your obligations require.

This is the part most people get backwards. The instinct, once a study like this lands, is to go shopping for the "most compliant" AI. That is the wrong move, because it still rests on trusting a system the study just gave you reason to doubt. The better move is to stop sending the sensitive parts at all. Names, numbers and identifiers can be redacted in your browser, before the prompt ever leaves your device. The model works on placeholders. You never have to trust its behaviour with the real thing, because the real thing never reaches it.

To be clear about scope, because overclaiming here would be its own kind of dishonesty: removing the identifiable data does not make you compliant, and it does not replace your own policies, your agreements with the provider, or human review of what the AI produces. It removes the riskiest single variable, the identifiable data, from a system you now have reason not to fully trust.

The real value of a study like this is not the alarming number. It is the reminder that "the AI will handle it responsibly" has always been an assumption, never a fact. The professionals who come out ahead will be the ones who stopped assuming, and built for the world where it does not.