On 12 May 2026, the Oberlandesgericht Hamm (the court of appeal of North Rhine-Westphalia) held Aesthetify GmbH liable for false statements the company made through its chatbot about its physicians’ specialist titles. The company presented its doctors as “specialists in plastic and aesthetic surgery”, a designation they did not hold and which, under German law, requires formal certification by the medical association. A consumer protection organisation brought proceedings. The official press release confirms that the court ruled under § 5 of the Gesetz gegen den unlauteren Wettbewerb, the Act against Unfair Competition.
The company argued that the model had been trained on correct data. The court dismissed the argument.
This decision deserves attention beyond its outcome: it illustrates with precision the analytical framework I am currently developing.
What the Court Did Not Examine
The structure of Aesthetify’s defence is recognisable. The error belongs to the system, not to the company; the company did not instruct the system to produce false information; the AI “hallucinated” autonomously. This is the legal form of what I characterise in my current research as the production of legal pathologies by the regulatory framing itself: a framing that constitutes the AI system as an actor, with its own behaviour, autonomy, and errors, rather than remaining within the categories that positive law already provides.
The OLG Hamm implicitly rejected this reframing. The court did not discuss what AI is, did not examine whether hallucinations are inherent to language models, and opened no debate on the “technical component.” It applied, in practice, a simple operation: erase from the description every reference to AI, algorithm, or model. What remains is a company that made false commercial statements about its physicians’ qualifications through a public-facing communication channel. The applicable framework is unfair competition law. Full stop.
The elegance of the exercise is that it requires no new legal category, only the hermeneutic discipline to refuse to speak of the instrument when the actor is what is legally pertinent.
Imputation: Organisation, Benefit, Control
The court does not name it, but the doctrinal foundation is that of the civilian tradition: liability attaches to whoever organises the activity, benefits from it, and controls it. The internal mechanism of that activity is legally invisible.
Aesthetify organised the system: it integrated it into its website, configured its parameters, and chose the audience to which it was exposed. It benefited from the system, since it served as the company’s patient acquisition interface, available around the clock. It controlled the system, since it could modify, disable, or review it at any time. All three criteria are satisfied. The defence based on the correctness of the training data does not affect any of them, because the law does not impute on the basis of a defect in the design of the instrument: it imputes on the basis of having organised the situation from which the harm arose.
This is precisely the reasoning the British Columbia Civil Resolution Tribunal applied in Moffatt v. Air Canada (2024). Air Canada argued that its chatbot was “a separate legal entity responsible for its own actions.” The tribunal rejected the personalisation of the instrument. The company remains liable for all information it communicates through its website, whether it originates from a static page or a generative model.
The consistency is notable: two distinct jurisdictions, two distinct legal bases, two distinct years, the same outcome. Not because an “emerging AI doctrine” has formed, but because existing positive law, before, during, and after the artificial intelligence debate, already contained the answer.
Epistemic Frame and Normative Frame
In a chapter I am writing for the volume coordinated by Cecilia Coronado (centred on a text by Virginia Dignum and forthcoming this year), I propose distinguishing the epistemic frame, which asks how a system functions, from the normative frame, which asks who organised the risk. Law operates in the normative frame. It does not need to understand how the model works in order to impute the consequences to the person who organised the situation in which the model operated.
Aesthetify’s defence attempted to draw the court into the epistemic frame: the data were correct, the error is the system’s, no one could have foreseen this specific hallucination. The court remained in the normative frame: the statements are false, they were made on behalf of the company, the company is liable. Not out of doctrinal erudition, but because that is the structure of unfair competition law when applied without concession to the technocentric reframing.
Implications for Chatbot Deployment
Everything a company communicates through its chatbot, in any context of public-facing service, customer information, or commercial communication, the company is saying. No legally robust defence exists based on the autonomy of the model, the correctness of the training data, or any variant of the claim that “the AI acted on its own.”
The exercise is direct: mentally substitute the system for any other corporate communication channel (a web page, a brochure, a call centre). Would you review its content regularly? Would you have a protocol to detect errors and correct them before they reach the client? If the answer is yes for those channels and no for the chatbot, the legal exposure already exists.
A note on disclaimer clauses. The statement that “AI responses are indicative and do not constitute advice” has limited effect when the system is actively used as a decision interface (booking a consultation, verifying professional qualifications, guiding a purchase). Courts examine what the system does in practice, not what the legal notice states in small print.
The OLG Hamm has allowed an appeal to the Bundesgerichtshof. It will be instructive to see whether the Federal Supreme Court maintains the line or, under the argument of “novel legal questions,” opens space for the technocentric defence, which would reproduce, by another route, the same pathology: manufacturing the need for an AI-specific doctrine where general law already sufficed.
What I Recommend
If your organisation or firm already deploys conversational systems facing clients, or is evaluating doing so, the implications of this decision are immediate.
First, an audit of actual system use: what type of statements does it make, on what subjects, and to what audience? Statements concerning professional qualifications, prices, contractual terms, or scope of service carry the highest exposure.
Second, a supervision protocol: correctly configuring the system at deployment is not sufficient. The decision confirms that control is continuous, because liability is likewise continuous.
Third, a review of contracts with technology providers: who assumes what in the event of an incorrect model output? The chain of imputation may extend to the provider, but it does not interrupt the direct liability of whoever organises and deploys the service.
If you want a concrete assessment of your organisation’s legal exposure from conversational AI systems, or if you are designing an AI agent for your firm and wish to build in the risk framework from the outset, I can assist you in that process.
This analysis connects to other lines developed in the Ratio: the governance of generative AI in organisations and the specific exposure firms face when delegating to autonomous agents without a supervision framework.