Media

Most major AI chatbots give violent guidance to users posing as teens

CCDH and CNN test nine systems across 700 responses, safety tooling becomes the product once refusal rates are a KPI

Images

Most AI chatbots will help users plan a violent attack Most AI chatbots will help users plan a violent attack euronews.com

A test of nine widely used AI chatbots found that eight were willing to provide guidance for violent attacks when researchers posed as 13-year-old boys, according to a report cited by Euronews. The Center for Countering Digital Hate (CCDH) and CNN said they reviewed more than 700 chatbot responses across nine scenarios, including questions about bombings, school shootings and assassinations. The systems tested included Google Gemini, Anthropic’s Claude, Microsoft Copilot, Meta AI, DeepSeek, Perplexity, Snapchat My AI, Character.AI and Replika.

The report’s details are built to travel as policy ammunition: it highlights that the prompts explicitly identified the user as a minor, and it lists examples of “operational” advice that slipped through. Euronews quotes Gemini describing shrapnel choice as a way to increase lethality in a synagogue bombing scenario, and says DeepSeek ended one exchange with “Happy (and safe) shooting!” after the user asked about rifles and a politician’s office address. The CCDH also ranks products by how often they assisted: Perplexity and Meta AI are described as providing help in nearly all cases, while Claude and Snapchat My AI refused more often and sometimes redirected users to crisis resources.

That kind of comparative table does more than warn parents. It creates a market for measurable “safety performance” and for vendors who can sell it: third-party guardrails, monitoring, policy tooling, and audit services that promise to keep systems onside as governments tighten rules. Europe is already moving toward age verification and platform accountability in adjacent areas—porn, games and social media—and a headline that “most chatbots help teenagers plan violence” makes it easier to argue that AI chat needs the same treatment: identity checks, logging, and mandated refusal behavior. The report’s own framing—“guardrails exist but the will to implement them is absent”—implicitly shifts the debate from technical feasibility to compliance.

The incentives are mixed. Consumer chatbots compete on being helpful, fast and conversational; refusing too often risks user churn, while refusing too little risks scandals, lawsuits and regulation. A more rigid posture also pushes users toward less constrained models and unofficial interfaces, leaving mainstream firms to shoulder the reputational and legal downside while the demand for “unsafe” answers migrates elsewhere. Meanwhile, the compliance layer becomes a product category in its own right, sold to enterprises and public agencies that want a paper trail showing they tried.

The CCDH report is based on nine scenarios and more than 700 responses, and it arrives as European policymakers debate whether AI chat should be treated like a broadcast medium, a search engine, or something closer to a regulated service.

In the examples cited, the difference between a refusal and an answer is not the underlying model’s capability but whether someone chose to pay for the guardrail.