A German court issued a temporary injunction on May 28 barring Google from repeating false statements about two Munich-based publishers generated by its AI Overviews feature - and in doing so became the first court anywhere to answer the question that has been hanging over every insurer, broker, and insurtech that has deployed a generative AI system: when the model gets it wrong, who is responsible?
The Regional Court of Munich's answer, first reported by The Decoder and subsequently by Search Engine Land, was unambiguous. Google's AI Overviews are Google's own content. Not a neutral pointer to third-party information. Not a search result shielded by two decades of intermediary liability protections. Google's own content - and direct liability follows.
For the US insurance industry, which has spent the past two years embedding generative AI into customer-facing chatbots, claims summaries, eligibility tools, underwriting assistants, and internal copilots, the principle underneath this ruling is not a foreign curiosity. It is a preview.
The case centered on AI Overviews that falsely linked the two publishers to scams, subscription traps, and dubious business practices. The claims did not appear in any of the linked sources - the AI had invented the connections by combining and evaluating material from multiple third-party sites. The AI feature generated affirmative statements including
"Yes, [it] is known for dubious business practices and is often perceived as a scam," according to reporting by Crypto Briefing citing The Decoder.
Google's defense was the one every platform reaches for: search engines are intermediaries, they surface third-party content, and established case law treats them as indirect infringers rather than authors. The Munich court rejected it on a structural ground.
The AI rewrites and judges results "in its own words and according to its own structure," the ruling states, according to The Decoder's reporting. A regular search engine points to outside websites. An AI Overview generates independent, new, and substantive statements by evaluating and combining content from various third-party sites. That distinction - relay versus author - is the one the court drew, and it is the same distinction that US courts would have to draw if asked the equivalent question.
Google also argued that users could verify AI summaries by checking the linked sources and generally knew that AI-generated information should not be blindly trusted. The court rejected that too. The summary stood on its own and presented its claims as a complete answer - the presence of links beneath it did not turn the statement back into someone else's. The citation, the court found, is decoration. The sentence is yours.
Google told The Decoder on June 11 that AI Overviews are designed to reflect information already available on the web, that it invests heavily in quality so most responses provide accurate information, and that it is "carefully reviewing this decision, which is not yet final."
The Munich ruling is a temporary injunction, not a final judgment, and it is not binding in US courts. But three things make it directly relevant to US insurance carriers and intermediaries.
The first is structural. The intermediary protections that US platforms have relied on - Section 230 of the Communications Decency Act and related doctrines - rest on the same fault line the Munich court walked along: they protect a party that hosts or transmits someone else's content, not one that authors its own. A US court asked whether an AI summary is the operator's own publication would be reaching for the same relay-versus-author distinction. The Munich court has now shown how that distinction cuts once a generative system is in the frame.
The second is that the US has no AI-specific statute to resolve the question differently. In the absence of federal AI liability legislation, the existing law of defamation, negligence, consumer protection, and data accuracy is what applies - and those doctrines adapt to generative AI uncomfortably well, as the Munich reasoning demonstrates.
The third is commercial. If AI Overviews are redesigned to reduce direct-liability exposure - more hedging, fewer standalone factual assertions, tighter grounding to sources - US users will get that reworked product regardless of whether a US court ever cites Munich. The ruling shapes what lands here either way.
The risk does not fall evenly. Forrester principal analyst Nikhil Lai said the ruling means "AI Overviews can no longer just be helpful summaries. Now, they must be legally defensible outputs," according to Silicon Republic's reporting on the case. That reframing applies with equal force to every insurer that has shipped a generative feature: the question is no longer whether the output is helpful. It is whether the organization can stand behind it as its own statement.
The exposure concentrates wherever a generative system makes checkable factual claims about identifiable third parties or customers, and where the output is presented as a finished answer rather than a draft. That description fits a substantial portion of current insurance AI deployments - a customer-facing chatbot that summarizes a policyholder's coverage, an AI tool that generates an eligibility determination, a claims assistant that produces a settlement recommendation, an underwriting copilot that drafts a risk assessment of a named business. In each case, the system is doing what the Munich court described as authorship: rewriting, combining, and evaluating source material into a new substantive statement. And in each case, if the statement is wrong and a third party is harmed, the intermediary defense - "it's the model, not us" - has just been substantially weakened.
The ruling is not a reason to pull generative features. It is a reason to deploy them as an organization that knows it owns the output, rather than one relying on a disclaimer to hold.
The most immediate priority is mapping exposure. Every place a generative system makes a factual claim about a named third party or a customer should be inventoried, with genuine retrieval - verbatim quotation with clear attribution - separated from genuine generation - rewriting and synthesizing source material. The second list is the risk register, and most organizations have never drawn it.
From there, the work is grounding and logging. Constraining customer-facing outputs to what the source material actually supports, and maintaining logs of the source-to-statement mapping, reduces error at the synthesis step - which is where the Munich AI Overview went wrong - and creates the evidentiary record that demonstrates the organization exercised control. The court pointedly noted that Google had the technical ability to compare its output against sources and did not. Building the system that does, and keeping the records that prove it, is now the baseline standard of care this ruling implies.
The third front is vendor contracts. Most US insurance organizations do not build their own models - they deploy someone else's under their own brand. When that model generates a false statement through a carrier's interface, the customer sees the carrier's name. Whether the contract says who pays that liability is a question best answered before an incident forces it.
The Munich ruling is provisional. The principle it articulates is not. The organizations that navigate the next phase of AI deployment well are the ones that decided early their AI's words are their words - and built for that reality before a court required them to.
