Free public scan · shallow inspection · no auth
Does this site declare its AI?
Paste any URL. We do a shallow HTML inspection of the landing page and a few key subpages and return a public scorecard mapped to the four Article 50 obligations. No login, no email gate. Useful as a starting point — not as a legal opinion.
What we check
AI disclosure on entry surfaces.
We look at the landing page and the most-linked product page for visible disclosure copy mentioning AI, machine learning, or generated content — and check whether it renders before user interaction.
Synthetic-content marking signals.
We inspect outgoing image and document responses for C2PA manifests, IPTC provenance metadata, and common watermark headers. Absence is not proof of non-compliance — it is a flag for the operator.
AI-content meta tags.
We check for the emerging set of HTML conventions: meta name="ai-content", meta name="ai-disclosure", JSON-LD provenance, and the well-known endpoints at /llms.txt and /.well-known/ai-policy.
Public policy presence.
We grep the footer and the Privacy / Terms / AI / Trust pages for the phrases a regulator would expect — what AI does, what data it sees, who the controller is.
What the scan does not do
- ×Crawl behind authentication. We see the public surface only.
- ×Inspect server-side event logs, retention policy, or integrity hashes.
- ×Replace a lawyer’s review of your specific obligations.
- ×Penalise sites where AI use is genuinely obvious — Art. 50(1) has an exemption that the scan cannot infer from HTML alone.
From scan to evidence
A scorecard is the start. An audit pack is the answer.
The scan tells you what a regulator could see in five seconds. Sign up free, install the widget on the surfaces that flagged, and start a timestamped, hashed event log you can export as an audit pack later.