Anthropic makes last-minute changes to Fable 5’s safeguards, whilst a German court rules that Google is liable for the results of AI Overview: provider liability for the operation of AI systems is gaining ground even beyond the screen of disclaimers by Andrea Monti – Initially published in Italian by La Repubblica – Italian Tech
Two seemingly unrelated cases – the release of Fable 5 by Anthropic and a first-instance civil ruling against Google over AI Overview’s hallucinations – are in fact linked to the issue of whether developers and providers of AI-based services are neutral or not. On the one hand (Anthropic), in some cases the results provided by the service are deliberately degraded or less reliable and not flagged to the user; on the other (Google), incorrect results are considered a ‘natural’ occurrence and, as such, do not give rise to liability. But is this really the case?
The Fable 5 case: invisible safeguards and degraded output
On 9 June 2026, Anthropic released a new model, Fable 5, which the company claims is particularly efficient in software development, scientific research and biology.
Buried within the 300-plus pages of the Model & System Card (the document describing the model in ‘understandable’ terms) was a statement to this effect: Using Claude to develop competing models already violates our Terms of Service, but enforcing this restriction through our safeguards avoids accelerating the actors most willing to violate these terms. Unlike our interventions for cybersecurity, biology and chemistry, and distillation attempts, these safeguards will not be visible to the user. Fable 5 will not fall back to a different model. Instead, the safeguards will limit effectiveness through methods such as prompt modification, steering vectors, or parameter-efficient fine-tuning (PEFT). These interventions will not affect the vast majority of coding work.
Put simply, this means two things. The first is that Anthropic uses safeguards — ‘security measures’ — not only to protect minors, to prevent the construction of bombs, etc., etc. — but also, and perhaps above all, to protect its own investments; the second is that a perfectly legitimate need is met by ‘intercepting’ the prompt — the command issued by the user — and modifying the results so as to render them unreliable but, and this is the point, without the user’s knowledge.
Protests by researchers prompted Anthropic to backtrack; the activation of the safety systems is now made clear, as confirmed by a message posted on 11 June 2026 on X by the ClaudeDevs account, and the Model & System Card no longer contains the offending phrases. The question, however, remains: to protect its own interests, can Big Tech go so far as to contractually impose such stringent measures on the operation of its own product?
It is true that by now all AI-based services contain, somewhere, a disclaimer warning of the possibility of degraded or unreliable results, but this is certainly not enough to justify the choice to cause them deliberately and to conceal from the user — or rather, the customer, that is, the paying party — the moment when the limitation comes into effect.
Nor could one argue that the information was actually available, given that it was clearly set out in the comprehensive Model Card and that the issue therefore does not arise. Apart from the purely contractual issue — the provision of a service which, under certain conditions, offers incorrect results in potentially greater numbers than might be expected — the issue raised by Anthropic’s decision is and remains the legality of implementing such measures without the customer being aware of them on a case-by-case basis during normal use.
Google AI Overview: not just a search engine
A recent ruling by the Munich Regional Court established Google’s independent liability for the results produced by the AI Overview feature, which provides a summary generated with AI — and not by AI — of search results. Specifically, two companies took Google to court, claiming it was liable for results that were allegedly false and, as such, defamatory.
The court upheld almost all of the two companies’ claims on the basis of a series of principles established even outside German law. The first, and most important, is that of the liability of those offering a software-based service (all the more so if they are also the authors): the fact that a programme does not function perfectly—a fact particularly true and relevant to AI applications—does not absolve those who enable its use of liability. As mentioned, this is a fundamental issue in the debate on AI, and this ruling does justice — hopefully — to all attempts to romanticise artificial intelligence by attributing ‘consciousness’, ‘feelings’ and ‘vitality’ to it. Echoing the US approach, the court affirms a pragmatic principle: AI is someone’s creation, and that person pays damages if the creation does not function as it should.
Which brings us to the second point, namely defining what the expected behaviour of a service such as AI Overview should be. It is true that AI ‘is wrong by default’—in the sense that it is not designed to produce results that are always and deterministically accurate—but this does not absolve those who make it available of liability. In this specific case, the court reasons, AI Overview does not merely provide a list of results but actively intervenes by extracting information and reorganising it, which means creating a different piece of content that is not simply the sum of its individual parts.
However, and this brings us to the third step, if the text produced by the software contains additional elements not present in the sources used, and these additional elements are, for example, deemed defamatory, then the person who considers themselves wronged must seek redress from those who made the new content available — that is, the platform.
The active role of AI in analysing results and generating their synthesis—we are now at the fourth and final step of the court’s reasoning—prevents Google from being regarded as a mere technological intermediary. On the contrary, the AI-integrated search platform plays an active role in presenting the information and therefore remains responsible for the results.
The tarnished myth of platform neutrality
This decision, which is still subject to appeal, has been hailed as a historic event but in reality, as mentioned, it merely extends to AI the established principles regarding the liability of providers of what were once called ‘information society services’.
In the days of the venerable Directive 31/2000 on e-commerce, the distinction between a ‘neutral’ intermediary and an operator who could not be classified as such was quite clear. The former was essentially one that did not engage in any active interaction with the user (pre-screening of content, for example), whilst the latter was one that exerted influence over the user (providing selected and curated information, behaviour manipulation).
Today, and even before the advent of AI-based services, the distinction remains almost purely theoretical, as virtually no platform service is truly ‘neutral’ with regard to users. Empirical evidence comes from the (controversial) recent fine imposed by the EU Commission on Temu, and from a ruling by the Court of Justice of the EU which, in the name of the GDPR, requires the operator of an advertising platform to verify in advance the lawfulness of what is subsequently made available to users.
Disclaimers do not absolve liability
The cases of Fable 5 and AI Overview are indicative of a further limitation of the concept of the intermediary’s “neutrality”.
The loss of neutrality in AI-based services is, in fact, an inevitable consequence of the greater autonomy of user interaction. It is understandable that Big Tech would try to limit its own liability in the name of “agent autonomy” or other marketing buzzwords. Writing “XYZ may make mistakes” is a way of surreptitiously creating the impression that it is not the service provider who must pay damages because “it is the AI’s fault”, but the German ruling serves as a reminder that this approach does not work. In other words, the fact that software “acts on its own” does not mean that legal liability for the design choices that influence how it operates is transferred to the programme.
This means that, as the old saying goes, the devil is in the detail, and that Big Tech will therefore not be able to simply hide behind general and principled statements to deal with future disputes. The battleground will be the case-by-case and concrete assessment of how those controlling the model have regulated its operation.