AI-Built Website and GBA Complaint: Who Pays in Belgium?

A freelancer in Antwerp delivered your e-shop in three days, built with Cursor and Claude. Eight months later the Litigation Chamber of the Belgian Data Protection Authority opens a file against your company after a complaint reaches the office at Drukpersstraat in Brussels. The cookie banner loads Google analytics cookies before the visitor clicks anything. Your freelancer sends a prompt to ChatGPT asking whether the AI can be named as defendant. The answer is short. Belgian law parks that claim with you, not with the American corporation that hosts the tool. This article explains why and what the Product Liability Directive of 9 December 2026 adds to the picture.

The short version under Belgian law

The Gegevensbeschermingsautoriteit (GBA), established by the law of 3 December 2017, is the institution that enforces the GDPR in Belgium. Under Article 4(7) GDPR the controller is whoever determines the purpose and means of the processing. On a Belgian business site that is the operator behind the KBO number at the bottom of the page. Book XII of the Code of Economic Law (WER) on electronic economy makes the same operator responsible for identifying the business on the site. The AI tool that assembled the code is, in the Belgian framework, neither controller, nor processor, nor a party to the processing of visitor data. The tool processed the developer's prompt. That is a separate transaction, unrelated to your website.

In practice a GBA file starts from one of two channels. A citizen files a complaint through the online form at gegevensbeschermingsautoriteit.be, or the Litigation Chamber opens an investigation on its own initiative through the Inspection Service. Both paths end at whoever the KBO extract names as legal entity. Not at OpenAI in San Francisco and not at Anthropic in London.

Why the AI vendor stays out of the Belgian file

Three elements remove the AI vendor from the Belgian file.

The first is contractual. The terms of Cursor, GitHub Copilot, Anthropic and OpenAI consistently place output risk on the tool's user. The user accepts that suggestions are delivered "as is", that the output itself must be verified and that the vendor is indemnified against third-party claims. The moment your Antwerp or Ghent builder commits a Cursor suggestion, the legal weight shifts to your builder, not to the American corporation that hosts the tool.

The second is data-protection architecture. The AI vendor is, for your website visitors, neither controller nor processor. The EDPB Opinion 28/2024 on AI models of December 2024 repeats that roles and responsibilities must be established before processing and that the party deploying an AI model carries its own accountability under Article 5(2) GDPR. The deployer in this file is your company, your domain name and the visitors who open the page from Brussels, Antwerp or Charleroi. The GBA confirmed that line in its Decision 21/2022 of 2 February 2022 on IAB Europe and the Transparency and Consent Framework, where the Litigation Chamber imposed a fine of EUR 250,000 and ordered corrective measures against the party that operated the framework, not the adtech subcontractors below it.

The third element is the European legislative agenda. The Commission proposal for an AI Liability Directive, which would have shifted the burden of proof between AI vendor and victim, was on the withdrawal list of 11 February 2025 and was formally withdrawn on 6 October 2025 when the notice was published in OJ C/2025/5423. The clean 2026 framework is not coming. What remains is the existing distribution: you are the controller and the GBA enforces against that role.

And the agency that deployed the AI

The customer-agency chain has existed in Belgium long before AI tools entered the picture. The same reasoning that applied to a builder who processed an unlicensed photo applies to a builder who used an AI assistant for code generation. To the outside world, in particular to the GBA and Test-Achats in a consumer complaint, you are the defendant. Between you and your builder, the assignment contract applies, typically a contract for services under book 5 of the Belgian Civil Code.

The AI layer adds one structural element. The contract between the agency and the AI vendor indemnifies, in almost all cases, the AI vendor, not your agency and certainly not you. You signed no agreement with OpenAI or Anthropic. Your agency did. The agency has contractually promised that it, the agency, carries the output risk. That promise does not flow through to you and gives you no recourse against the American legal department of the tool.

The assignment contract with your agency is therefore the only document that counts when you want to recover the loss. Without a compliance warranty, AI-disclosure obligation or indemnity clause, you stand on weak ground. With those clauses, you stand as strongly as in any other dispute over breach of contract in a services agreement. The Belgian ondernemingsrechtbank (business court, replacing the former rechtbank van koophandel) hears such disputes between traders.

What changes on 9 December 2026 and what does not

Directive (EU) 2024/2853, the new Product Liability Directive, qualifies software and AI systems for the first time as products in the sense of Article 4. Belgium must transpose the directive by 9 December 2026 (Article 24). The Belgian transposition will most likely move through an amendment to Book XVII WER, which already implemented Directive 85/374/EEC of 1985 through the law of 25 February 1991 on product liability. From the transition date the new regime applies to products placed on the market after that date. Products from before 9 December 2026 stay under the 1991 law.

For the AI-website question this opens a narrow extra track. A natural person who suffers material harm from a defective AI tool can, from late 2026, address the tool's provider directly under a strict-liability regime, without having to prove fault. Open-source software developed outside a commercial activity stays excluded under Article 2(2), but the commercial code assistants of OpenAI, Anthropic and GitHub fall fully within scope. The claim covers harm to natural persons. It is not a route to recover your GBA fine from an AI vendor and it does not work retroactively for sites built before the transition.

What does not change on 9 December 2026: who is controller, against whom the Litigation Chamber of the GBA rules and who pays a GDPR fine. That remains you, before and after that date. The PLD adds a claim path against the AI vendor for a narrow category of harm. It does not remove the existing liability line against you. The directive deserves its own treatment, see our Product Liability Directive 2024/2853 deep dive.

Three real situations under Belgian supervision

The AI-built cookie banner has no working reject-all button. The GBA enforces against you under Article 4(11) GDPR and Article 129 of the law of 13 June 2005 on electronic communications, the Belgian ePrivacy transposition. The Inspection Service can open an investigation and the Litigation Chamber decides on corrective measures and fines. The agency may be liable internally to you on a breach-of-contract basis within the services contract, but only when your scope of work linked delivery to a working cookie banner. Our GBA cookie banner rules deep dive is the cheapest question to answer correctly in advance, alongside the broader cookie banner requirements checklist.

The AI-built contact form sends data to an American service without standard contractual clauses. That is a Chapter V GDPR violation and the GBA enforces against you as controller. Belgian controllers have since Schrems II faced the same hard line as elsewhere in the EU. Keep in mind too that the bookkeeping retention periods under Book III WER and the coordinated law on bookkeeping are seven years for most SMB documents, so your Article 30 GDPR record of processing activities must be aligned. The agency may have copied a standard Cursor or Claude pattern in which a third party is hard-coded. The agency owes you a fix and, if your contract is right, reimbursement of the fine.

The AI-generated alt texts are wrong or missing on most images. The European Accessibility Act was transposed in Belgium through the law of 19 July 2022 on accessibility requirements for products and services, effective since 28 June 2025. The FOD Economie via its General Directorate Economic Inspection supervises market operators and the FOD BOSA supervises accessibility of public websites. For B2C webshops above the SMB threshold, WCAG 2.1 AA alt text on functional images is mandatory. Our EAA penalties guide lands the fines on you, not on the AI. AI-generated alt text that hallucinates is in this context worse than no alt text at all, because a screen reader reads it with conviction to a blind visitor.

Shifting the risk back to your agency

The assignment contract is your only lever. Before signing, ask for:

• An indemnity clause that names your company by name and covers third-party claims about non-conformity of the delivered site.
• A compliance warranty: the agency warrants that the site at hand-over meets GDPR, the law of 13 June 2005, the accessibility law of 19 July 2022 and Book VI WER on market practices and consumer protection.
• An AI-disclosure obligation: the agency states which AI tools generated which parts. Not as a legal shield for the agency, but as input for your own transparency obligation under Article 50 of the AI Regulation from 2 August 2026 if AI-generated text or images appear on the site. See our AI Act for Belgian website owners.
• A scan right: you may run a compliance scan before final hand-over and critical findings must be fixed at the agency's expense.
• An after-care period: the agency fixes compliance defects discovered in the first 90 days after hand-over at its own cost.

An agency that pushes back on these clauses gives you a signal: it is not confident about what it delivers.

What you can check on your own site today

Five checks without a developer. Two minutes each.

1. Does the cookie banner have a reject-all button equally visible as accept-all, with nothing pre-ticked?
2. Do analytics and marketing scripts only load after the visitor has given consent?
3. Does the privacy policy show your actual company name and KBO number, not a placeholder like [Your company] from an AI template? Book XII WER requires the company number on every page anyway.
4. Are there descriptive alt texts on the important product images, not "image of"?
5. Can a visitor with keyboard only navigate the main pages and the checkout without a mouse?

Unsure about any of these? Our free compliance scan checks GDPR, cookies, accessibility and copyright. The scan does not judge whether your AI tools are legal. It judges whether the site they helped build is.

Frequently asked questions

My web builder used Lovable or Bolt. Am I liable for the GDPR failures on my site?

Yes. Under Article 4(7) GDPR you are the controller for the personal data your site processes, whether the code was written by a human or an AI. The GBA pursues the controller, not the tool.

Can I hold OpenAI or Anthropic liable if their tool produced non-compliant code?

Almost never. You have no contract with them. Your builder does, and those contracts place output responsibility on the tool's user. From 9 December 2026 the new Product Liability Directive opens a narrow path but only for harm to natural persons and only for products placed on the market after that date.

Does the AI Act require labels on my AI-built site in Belgium?

It depends on what the AI generated. From 2 August 2026, Article 50 of the AI Regulation requires labels on AI-generated images, audio, video and text that may mislead, plus mandatory deepfake labels. Code is not covered. For AI-generated text or images on your site, plan a labelling approach.

What changes on 9 December 2026 with Directive 2024/2853?

Belgium must have the new Product Liability Directive transposed by that date. From then on the directive treats software and AI systems as products and opens a strict-liability path against the producer for harm to natural persons, but only for products placed on the market after 9 December 2026. Your GDPR obligations as controller do not change.

My web builder excludes AI use in the contract. Does that protect me?

Not against the GBA. The regulator looks at the controller, and that is you. An exclusion between you and your builder only allocates internal compensation. Replace any AI-exclusion clause with a compliance warranty: the builder warrants that the delivered site meets GDPR, the cookie law and the EAA at hand-over.

Further reading

If you want to go deeper on the questions this article touched:

• The 9 December 2026 turn. Our Product Liability Directive 2024/2853 deep dive for Belgian SMBs covers scope and exclusions.
• AI Regulation transparency obligations from 2 August 2026. Our AI Act for Belgian website owners is the sister article.
• The cookie banner is where AI-built sites in Belgium fall over first. Our GBA cookie enforcement deep dive is the cheapest question to answer correctly.
• For a general GDPR check of your site, our Belgian GDPR checklist walks through every requirement.
• AI-generated images and copyright. Our AI-generated images guide covers the Getty v. Stability AI ruling and the Belgian originality threshold.

This article is technical analysis, not legal advice. The author is not your lawyer and is not the controller for your site. For a binding view, speak with one of those two.