The European Union’s Product Liability Directive (PLD) has been published and will enter into force on 9 December 2024. A 24-month transition period means that the new PLD regime will apply in EU member states by 9 December 2026.
The new PLD represents a landmark reform of the EU’s existing product liability regime, which has been in place for nearly 40 years. Given the remit for reform focussed on concerns that existing laws were no longer ‘fit for purpose’ with the emergence of new technologies, including connected products and artificial intelligence (AI), online sales, and the circular economy, there is no doubt that the new PLD will have a major impact on tech companies and marketplaces. However, whilst the remit for reform was fairly narrow, the changes agreed are broad, expand the scope of claims that can be brought and the range of damages that can be recovered, and make it easier for consumers to prove their claims in all product sectors.
The reforms also have implications for product safety and cybersecurity, including how long software updates should be provided to avoid potential liability.
Background
The EU’s existing PLD established a strict liability regime for product liability claims in the EU. It was adopted in the 1980s, in the wake of high-profile cases like those concerning the drug thalidomide, with the intention of making it easier for consumers to recover for damage caused by defective products.
Because liability is strict, producers are responsible for defects in tangible products, regardless of whether the defect is their fault. As there is no need to establish fault, proving ‘defect’ is usually the biggest hurdle to bringing a claim under the PLD – and in a number of recent cases, claimants have failed to overcome this hurdle. The revisions to the PLD are likely to alter this trend and make it much easier for claimants to establish defect in future cases.
Reforms under the new PLD
Key reforms include steps to:
- Expand the scope of claims – for example, to cover not only hardware but also stand-alone software and AI systems for the first time.
- Expand the damages that can be recovered – for example, to include destruction or corruption of data and medically recognised harm to psychological health.
- Ease the burden of proof for claimants, by introducing presumptions of defect in certain circumstances and a creating a new disclosure mechanism (similar to US discovery), which will be completely new in some EU jurisdictions (e.g., Germany) which have no existing mechanism.
1. Expanded scope of application
The term ‘product’ under the new PLD will comprise software, digital manufacturing files and certain related services. Software includes operating systems, firmware, computer programs, applications or AI systems, irrespective of whether the software is stand-alone or embedded in other products, with very limited exceptions for certain free and open source software developed or supplied outside of commercial activity.
The term ‘defect’ will be expanded to cover issues arising from software updates, AI functionality and cybersecurity vulnerabilities, including where a manufacturer failed to issue software updates necessary to address vulnerabilities. Crucially, the test also will change. Under existing rules, a product is considered defective if it does not provide the level of safety that a person is entitled to expect, taking all the circumstances into account. The new PLD adds an alternative basis for a product to be considered defective – where the product does not provide the safety required under EU or national law. In other words, if a product does not comply with regulatory requirements, it could automatically be considered defective for the purposes of a product liability claim.
As well as manufacturers and importers, new actors – including authorised representatives, fulfilment service providers and online platforms – can be held liable for defects in certain circumstances. In addition, the new PLD extends the claims period (the ‘long stop’) in circumstances where symptoms are slow to emerge, from 10 years following placement of the product on the market, to 25 years. For producers of medicinal products and medical devices, in particular, this very long exposure period will significantly increase liability risks.
2. Expanded scope of recoverable damages
The definition of ‘damage’ under the new PLD will be extended to include medically recognised damage to psychological health as well as destruction or corruption of data, meaning it will be possible to bring certain data claims under either the General Data Protection Regulation (GDPR) or the new PLD going forward. At the same time, the reforms remove minimum thresholds and maximum limits for compensation claims. The impact of this change, particularly when combined with the introduction of the EU’s new class actions regime (see below), is likely to be an uptick in mass claims for relatively trivial data destruction or corruption issues.
3. Easier burden of proof for claimants seeking compensation in complex cases
To make it easier for claimants to succeed in their claims, the new PLD reverses the burden of proof in certain circumstances, so claimants no longer need to prove elements of their case. Two of these circumstances are:
- To make it easier for claimants to succeed in their claims, the new PLD reverses the burden of proof in certain circumstances, so claimants no longer need to prove elements of their case. Two of these circumstances are:
- Where there is noncompliance with relevant EU product safety regulations.
- If it is excessively difficult on account of the ‘technical or scientific complexity’ of a product for a claimant to prove either that a product is defective or the causal connection between the defect and the damage. (The recitals suggest that examples of products to which this could apply include medical devices and products that use AI technologies.)
In addition, the new PLD provides for disclosure of ‘necessary and proportionate’ evidence to claimants and defendants during proceedings to correct any asymmetry of information between the parties. As many EU countries have limited or no disclosure mechanisms under national laws, this will be an important tool for claimant law firms seeking to make their case. It also will increase the importance of stakeholders ensuring they are fully compliant from a regulatory perspective, with appropriate document and internal communications procedures in place.
Looking to the future: A fundamental shift in European risk landscape
The new PLD’s more claimant-friendly regime represents a fundamental shift in the European risk landscape. Moreover, the reforms sit alongside parallel EU policy initiatives – such as the EU’s new class actions mechanism (Representative Actions Directive), AI Act and proposed liability rules, new General Product Safety Regulation (GPSR) and regimes addressing the circular economy (Ecodesign for Sustainable Products Regulation and Empowering Consumers in the Green Transition Directive), and cybersecurity (Cyber Resilience Act).
Taken together, these reforms have the objective of bringing existing EU regimes in line with challenges presented by new digital technologies and ecommerce, and the growing focus on sustainability through the product life cycle. At the same time, they create a raft of new obligations for stakeholders – and have the potential to significantly increase the costs and risk of doing business in the EU.
Key Cooley contacts:
