None of the twelve major AI models evaluated passes the compliance threshold for the GDPR and the AI Act, and the risk that until now weighed on integrators is now becoming measurable, documentable, and enforceable. That is the finding of the LARA benchmark (Legal Assessment for Real-world Agents), published on May 27, 2026 by the non-profit research foundation Aithos. The verdict is blunt: none of the evaluated models fully meets the European Union's regulatory requirements, and some violate European rules in up to 93% of the cases studied. Of the twelve models tested, Anthropic's Claude Opus 4.1 scores the highest, at around 54% compliance, while Google's Gemini 3.1 Pro drops to 10%. This assessment comes ten months after the AI Act obligations for providers of general-purpose models entered into application, effective since August 2, 2025. Article 25 of the regulation, which entered into force on August 1, 2024 and became fully applicable on August 2, 2026, had already established shared responsibility for integrators in the text: what LARA changes is the shift from theoretical risk to model-specific quantified risk.
A grid of 3,000 scenarios, twelve models, few survivors
LARA is based on more than 3,000 scenarios covering the main risks targeted by the GDPR and the AI Act. The protocol places each model in agentic situations where it must navigate legal or regulatory dilemmas: obtaining consent before collection, avoiding psychological profiling, refusing to manipulate a user, protecting vulnerable audiences, and ensuring transparency in automated decisions. The most frequently documented failures concern the use of personal data without a clear legal basis, the implicit creation of psychological profiles, and behaviors likely to influence or manipulate users. The ranking is severe: between the top performer (Claude Opus 4.1) and the bottom one (Gemini 3.1 Pro), models from OpenAI, Meta, Mistral AI, xAI, and DeepSeek also show significant non-compliance rates across several categories. Aithos, the non-profit foundation led by research director Daan Henselmans, published the study on its own Substack platform on May 27, 2026; the work was not peer-reviewed and has not received formal regulatory accreditation. The author's own wording sums up the conclusion without ambiguity: "No frontier model reaches acceptable compliance levels under the AI Act and European privacy law" (free translation). The source article does not specify the test date or the exact versions of the models evaluated beyond the two named ones - a methodological blind spot that the tool's public documentation does not currently resolve.
GDPR / AI Act compliance — Aithos LARA benchmark (May 2026, 3,000+ scenarios)
| Model | Vendor | Compliance rate |
|---|---|---|
| Claude Opus 4.1 | Anthropic | ~54% |
| Gemini 3.1 Pro | ~10% | |
| OpenAI, Meta, Mistral AI, xAI, DeepSeek models | Various | Not published individually |
None of the 12 tested models fully meets European requirements. Some violate the rules in up to 93% of cases. Source: Aithos LARA benchmark, May 2026.
AI Act Article 25: the integrator becomes a co-provider, and already knew it
The central legal mechanism that LARA makes operational is not new. Article 25(1) of the AI Act, set out in the regulation that entered into force on August 1, 2024 and applies as of August 2, 2026, provides that a deployer who changes the intended purpose of a high-risk AI system, or who places its own brand on it, becomes a co-provider. In practical terms, this qualification triggers the direct application of Article 16, which defines the provider's core obligations: risk management, technical documentation, post-market monitoring. A DPO who integrates a general-purpose model into a high-risk use case inherits, through this mechanism, the same evidentiary regime as the upstream vendor.
Above this shared integrator-provider responsibility, the specific regime for providers of general-purpose models applies in parallel. Since August 2, 2025, Article 53 has set out the obligations specific to providers of general-purpose AI models: documentation, a copyright compliance policy, and a training data summary. In the event of non-compliance, Article 101 of the regulation caps fines for these providers at 3% of global annual turnover or EUR 15 million, whichever is higher - a sanctioning power that the Commission will only exercise from August 2, 2026 onward.
Aithos focuses on the integrator link: "companies that build their own AI agents on top of these models could also be held legally liable" (free translation). The foundation also adds, as an explicit methodological caveat, that "GenAI systems are not yet ready to be deployed in heavily regulated environments without additional controls and safeguards" (free translation). Shared responsibility already existed in the text; LARA turns it into a model-specific quantified measure - a level of analysis legal teams did not previously have in this form, usable as a preparatory audit artifact. It is this shift, from theoretical risk to documented risk, that changes the equation for legal departments more than the score itself.
Precedents, actual sanctions, and the compliance layer that is now attracting funding
The LARA finding lands in a tense regulatory landscape. In Italy, the Garante della Privacy had imposed a EUR 15 million fine on OpenAI in December 2024 for the processing of personal data via ChatGPT, according to the information published at the time, following the procedure opened in 2023 - ActuIA had already documented the initial restriction of the service in Italy. That sanction was overturned on appeal by the Rome Tribunal in the first quarter of 2026 on procedural grounds: the Irish Data Protection Commission had become the lead supervisory authority for OpenAI as of February 2024, so the Garante no longer had jurisdiction under the GDPR one-stop-shop mechanism. The evidentiary substance remains entirely open. On the vendor side, Meta had preferred to suspend the European launch of its multimodal Llama 3 models rather than face the DMA/GDPR/AI Act trio - a sign that geographic avoidance remains an option for players who consider the exposure too costly. At the other end of the spectrum, the market is gearing up: ZeroDrift, a startup developing a compliance middleware positioned between LLMs and end users, announced, according to its own communications, a USD 10 million funding round in early June 2026, a few days after the LARA publication. As of June 8, 2026, none of the named vendors - Anthropic, Google, OpenAI, Meta, Mistral AI, xAI, DeepSeek - had publicly challenged Aithos's methodology, claimed a score, or proposed an alternative protocol. The sticking point lies in a silence within the text: the AI Act does not specify how the burden of proof is allocated between the provider of a general-purpose model and the deployer when harm is established at the end-user level. It is this gap that the first cases brought before national supervisory authorities, starting on August 2, 2026, will have to resolve.