Liability Will Land on the System
not the model, not the operatory, the system.
By Chris Ciappa
Founder & Chief Coherence Architect
Samirac Partners
On June 11th a German court just issued a ruling that most of the AI industry is likely to overlook, but if you look closely you may find something interesting.
The headlines are all about Google. But they’re missing the real story.
The court ruled that Google’s AI Overviews are not neutral search results, not simple links to third-party content, and not probabilistic suggestions. They are Google’s own statements.
Google’s defense was straightforward: “Users can always click through to the sources and verify the information themselves.”
The court rejected that argument outright.
The AI generated the answer. The AI presented the answer. The answer stood alone as the primary response. Therefore, Google owns it — and bears full responsibility for it.
This is more than a narrow legal decision about one product. It’s a signal of how the ground is shifting beneath the entire industry.
For years, the AI world has treated model outputs as something ephemeral — interesting suggestions, probabilistic guesses, content that exists in a gray zone where nobody truly owns it. “It’s just the model,” people say. “The user can check the sources.”
This ruling pushes hard in the opposite direction.
If your system generates a statement and delivers it directly to users as authoritative, then your organization is responsible for that statement. Full stop.
Notice what the court did not do.
It didn’t blame the training data. It didn’t blame the source websites. It didn’t blame the users who asked the question. And crucially, it didn’t blame the model itself.
It held the operator of the system accountable.
Because the model is not the system.
The model didn’t decide to appear in Google Search. The model didn’t decide how to combine and synthesize information. The model didn’t decide what to present to users. The model didn’t decide what level of authority to grant that output.
Google made those decisions.
This ruling quietly affirms something many of us have been arguing for some time: capability is not authority. Output is not execution. And responsibility doesn’t vanish just because an AI produced the content.
The deeper question has never been “Can the model produce this?”
The real question is: “Should the system have allowed this output to be presented as authoritative in the first place?”
That is an execution-boundary question. That is an admissibility question. That is a structural governance question.
And courts are increasingly arriving at the same conclusion we’ve seen in system failures time and again: the model is not the system. The operator — and the architecture they design — is.
The industry can keep obsessing over model capabilities, model safety, and model intelligence. But the future belongs to those who understand that real consequences come from the structures we build around the model — the boundaries, invariants, and coherence mechanisms that determine what is allowed to execute in the real world.
But this ruling points toward a different question entirely.
Who is responsible when capability becomes consequence?
The court’s answer appears to be clear.
Not the model or the operator, but …
The system.
Because ultimately the system and its architecture determine what the model is allowed to become.
All of this points toward a simple reality.
Organizations spend enormous effort evaluating models, yet liability rarely originates in the model itself.
Liability emerges from the decisions made around the model — what authority is granted, what actions are permitted, what controls are removed, and what execution paths are exposed.
The model may generate the output.
The system determines whether that output becomes action.
And increasingly, courts appear willing to hold the system accountable for that decision.
Make no mistake, liability looms, and its coming, but its coming to the systems not the models.
The AI Lifecycle Maturity Model™ explains how organizations mature as artificial intelligence becomes increasingly integrated into operations.
Understanding maturity, however, only answers part of the question.
Once an organization understands where it is, the next challenge becomes determining what should happen next.
Which opportunities belong now?
Which should wait?
Which require stronger governance before implementation?
Which introduce more risk than value?
AI RADAR™ was developed to answer those questions.
AI RADAR™ Assessment Framework
https://www.samirac.com/ai-radar
The question is no longer:
Can AI do this?
The question becomes:
👉 Should AI do this here?
The architecture is already defined.
Drift Stack™ Architecture
https://www.samirac.com/drift-architecture
The only question is:
👉 Does your system control what’s allowed at execution—
and is it safe, or does it just react and hope it gets it right?
Architecture Demos
https://www.samirac.com/daisy-demos
Share This Article
If you found this article valuable, share it.
Substack automatically gives every subscriber a personal referral link. When someone subscribes through your share link, it counts toward referral rewards.
Current rewards:
• 3 referrals → 1 month of paid access
• 5 referrals → 6 months of paid access
• 10 referrals → 12 months of paid access
You can share directly using the Share button on this article, or find your personal referral link here:
Chris Ciappa
Founder & Chief Architect
Samirac AI