The recently published Product Liability Directive (EU) 2024/2853 introduces extensive changes to modernize the rules and adapt them to the digital era and new technologies such as Artificial Intelligence (AI). This new directive replaces the previous Directive 85/374/EEC and will come into effect on December 9, 2026.
The new legislation aims to provide stronger protection for consumers and increased liability for manufacturers, importers, representatives, and retailers.
Expanded liability for software
One of the most significant changes is that software, including digital manufacturing files and AI functionalities, is now classified as “products” under the directive. This means that if software causes damage to property, persons, or data due to a safety defect, the manufacturer or supplier can be held liable. Consumers will no longer need to prove negligence by the manufacturer, making it easier to claim compensation for damages caused by technical faults.
New responsibilities for software providers
Previously, the Product Liability Directive primarily covered hardware manufacturers, but the new rules extend to software providers and suppliers of digital services connected to products, including AI-driven functionalities. If a piece of software, such as an update for a smart device, affects the product’s safety, the provider can now be held accountable.
This is particularly relevant for services that directly impact a product’s functionality, AI features, security updates, or cybersecurity measures.
Liability for modifications to existing products
The changes also introduce liability for products that are placed on the market after December 9, 2026, but are subsequently modified. For instance, products subject to ‘substantial modifications’ after their sale, such as through software updates, will be treated as new products and may incur new liabilities.
If a manufacturer implements an update to improve an existing product, they can now be held responsible for any safety issues arising from those changes. This encourages companies to thoroughly test updates before rolling them out to consumers.
Tighter rules for online platforms
Online platforms (e.g., Amazon) will have clearer responsibilities for product safety. If they present themselves as sellers, they may be held liable if they fail to identify the manufacturer or importer. Responsibility will also extend to authorized representatives, importers, and distributors, ensuring a broader accountability across the supply chain.
Cybersecurity and personal data
Products that fail to meet cybersecurity requirements may be deemed defective and unsafe. Companies must consider these requirements during product development. The updated directive also includes protections for personal data, allowing compensation for data loss or corruption for personal use. This expands consumer protection to include digital aspects of product safety.
Sustainability and environmental claims
Another critical aspect of the directive involves companies making green or sustainability-related claims about their products. Businesses must now substantiate their environmental claims with realistic action plans and verifiable data, such as carbon neutrality metrics. This includes risks related to “greenwashing,” aiming to ensure consumers can make informed decisions when choosing environmentally friendly options.
What does this mean for businesses?
The new rules require manufacturers and suppliers to review their products and services to ensure compliance with the updated safety requirements. This may involve additional testing, documentation, and procedures for handling digital updates and safety issues.
Companies will also need to integrate cybersecurity measures into product design and maintain documentation of safety testing, including AI-related risks. Additionally, businesses must be more transparent about their sustainability claims to avoid sanctions.
Liability period
Although the standard liability period is 10 years, it may extend up to 25 years for products with latent health risks. This means companies must consider long-term health risks that may emerge long after the product is placed on the market, emphasizing the importance of managing chemical risks in products.
When does the new directive take effect?
The revised Product Liability Directive will apply in all member states no later than December 9, 2026, 24 months after the legislation was published. Until then, countries like Sweden must implement updated national laws to incorporate the new rules.
Summary
The updated Product Liability Directive requires businesses to take broader responsibility for both physical and digital components of their products. This represents a significant step towards creating a safer and more sustainable digital marketplace, where consumers are better protected against potential safety defects and technological failures.
Are you uncertain whether your company is ready for the new directive? Don’t hesitate to contact us for guidance.
Updated: 2024-12-05