Regulatory risk
The EU’s new Product Liability Directive (from a German perspective)
Click each term for related articles
UK & Europe
Regulatory risk
The latest reforms of the European Union around product liability law once again show the extent to which the increasing digitalisation is affecting the international economic market and its players. Digital and “smart” products as well as services not only lead to new market and sales opportunities in innovative business areas, but also create new legal challenges that companies and their insurers will have to adapt to in the future – regarding the comprehensively revised product liability law.
With the introduction of the Product Liability Directive in 1985 (85/374/EEC), the European legislator created the first guidelines to standardise the product liability law of the member states. However, 40 years later, the cross-border trade of goods has changed tremendously. The modern economy has become more global and, above all, more digitalised. This has had a particular impact on the production and distribution of (digital) products and services. Markets that were previously inaccessible or difficult to reach can be accessed more easily and used to outsource individual production steps or even the entire production chain. The use of artificial intelligence and the associated risks of so-called “smart” products for the (end) consumer are also expanding the scope of action for companies. At the same time, the demands on the European legislator to keep pace with these technical developments, to take sufficient account of sustainability aspects, taking into account the so-called “European Green Deal”, and to ensure consumer protection despite all technological openness, has noticeably increased.
Some of these legislative efforts have already been completed or at least significantly initiated. For example, the European AI Regulation and the accompanying AI Liability Directive are intended to create a uniform and consumer-friendly level of protection for systems with artificial intelligence. The EU Machinery Regulation, which came into force on 19 July 2023 and will be applicable from 20 January 2027, also takes into account the new technological developments and adapts the existing regulatory regime to the digital age. This article focuses on the main changes to the Product Liability Directive as well as the resulting liability risks for the companies affected and their insurers. However, it should always be borne in mind that this is not an isolated liability regime, but that the interactions with product safety law, which has also been reformed, and the new legal framework for AI must always be taken into account.
After years of discussions and various reform proposals, the European Parliament adopted the new EU Product Liability Directive on 12 March 2024. Just recently, on 10 October 2024, the European Council has also approved the new directive. Following this formal adoption and the still pending publication in the Official Journal of the European Union, the member states will then have 24 months to transpose the directive into national law. The new regulations are therefore expected to apply from summer 2026 – but only for products placed on the market after this date.
One of the main changes to the new Product Liability Directive is the expanded scope of application. In order to take account of the advancing digitalisation, technical progress and the associated changes in the landscape of goods, the definition of “product” has been significantly expanded. In addition to movable goods and electricity – that were previously and still are covered – the material scope of application will in the future also include raw materials, software and digital manufacturing files. The group of economic operators to whom the directive applies and who are potential defendants for liability claims has also been expanded.
According to the considerations, “software” shall include operating systems, computer programs and applications as well as AI systems. It is irrelevant whether the software – such as a navigation service – is integrated into another product or placed on the market as stand-alone software. The mode of supply or usage – stored on a device or assessed through cloud technologies – is also irrelevant. However, free and open-source software outside of a commercial activity is expressly excluded from the scope of application.
Digital manufacturing files, sometimes also referred to as digital construction manuals, are now added as “product”. A digital manufacturing file is a digital sample that contains the information required for the automatic control of machines or for the manufacture of a product. Production files for 3D printers are regularly cited as a typical example. However, it also includes control software for milling machines, lathes and entire manufacturing and production lines.
The group of economic operators who can potentially be held liable by injured parties has also been extended. The focus lies – as before – on the manufacturer, either of the whole product or a component. Subsidiarily, the quasi-manufacturer is equally addressed. If the manufacturer is not based within the European Union, the authorised representative, importer, the manufacturer's fulfilment service provider, distributor and online platform provider will also be considered as defendants in the future. This is rounded off – and this is where the sustainability aspects mentioned at the beginning come into play – by the new actor of the remanufacturer. This means that anyone who significantly modifies a product outside the control of the original manufacturer and then places it on the market again is to be regarded as a manufacturer.
In addition to the scope of application, the concept of defect and the damages for which compensation can be claimed were also expanded as part of the reform. According to the provisions of the Product Liability Directive, a product is deemed to be defective if it does not provide the level of safety that a person is entitled to expect or that is required under Union or national law. At first glance, there are no significant differences to the current legal situation. However, the circumstances that will have to be taken into account when determining whether a product is defective reveal the new features. In addition to the presentation and characteristics of the product (i.e. labelling, technical features, packaging or assembly instructions), defectiveness may also result from the lack of software updates required to ensure cyber security. The circumstances to be taken into account also dovetail with product safety law. This is because a product recall or other measures to maintain product safety may also indicate a defect.
In addition to death, personal injury and property damage, which are currently and will continue to be indemnifiable, the new product liability law also allows compensation to be claimed for the destruction or corruption of data. However, this applies only to the extent that the data is not used for professional purposes. In addition to material damage, immaterial damage will therefore also be indemnifiable in the future. And the definition of personal injury has also been significantly revised: in addition to death and physical damage to health, medically recognised damage to psychological health has been added. Under the regime of the new Product Liability Directive, it is no longer relevant whether mental impairment crosses the threshold of physical injury.
The increasing complexity – especially of digital, smart products – and the resulting difficulties in providing evidence for injured consumers are being addressed by the European legislator with a duty of disclosure and a considerable reduction in the burden of proof. For example, the reformed Product Liability Directive provides for an injured party's right to disclosure of evidence which, although it does not create a discovery procedure comparable to discovery in the US, goes far beyond the possibilities provided for under Section 142 of the German Code of Civil Procedure (Zivilprozessordnung, ZPO). Not only documents are covered by the disclosure, but also development documents and product drawings. However, the claim is not unconditional. Rather, the claimant must first make his (alleged) claim for damages sufficiently plausible in the process. This is to be assumed if he has presented sufficient facts and evidence that make the claim for damages appear plausible. In addition, disclosure is limited to those documents that are necessary and proportionate for the further assertion of the claim for damages. The protection of business secrets is also to be maintained despite the new disclosure obligation. How this is to be reconciled in practice and when necessity and proportionality are to be assumed will probably have to be specified by the courts in the absence of existing guidelines.
The obligation to disclose is surrounded by various rebuttable simplifications of the burden of proof. If the manufacturer does not comply with the disclosure obligation, the existence of a product defect is presumed. The same applies if a breach of product safety requirements is proven – for example with reference to a product recall. Furthermore, if a product defect and compensable damage are proven, the causal link is now presumed if the damage is typical in nature because of the defect. If the injured party cannot sufficiently prove the defectiveness of the product due to its particular complexity, the existence of this element may even be presumed to the detriment of the manufacturer.
The new Product Liability Directive does not initially result in any changes regarding the statute of limitations and expiry periods provided for. The limitation period of three years remains in place and claims for damages continue to expire after ten years. However, this expiry period will be extended to 25 years for latent personal injury claims. It is also envisaged that the general ten-year limitation period will begin anew if the product has been significantly modified. According to the considerations, such a “substantial modification” can be assumed, for example, if a software update has been made or the modification was caused by a continuously developing AI system. However, the considerations do not contain any further guidelines for determining a “substantial change”, which is why further clarification by the courts will be decisive in this respect.
Finally, under the new product liability law, the previous maximum liability limits of EUR 85 million for personal injury will be removed without replacement. On the one hand, the member states shall ensure that the liability is not limited or excluded by national law. On the other hand, the member states are also to take appropriate precautions to prevent the agreement of contractual liability limits. This is – at least from a German perspective – a breach of the general liability system, as strict liability under German law is usually combined with statutory maximum liability limits or contractual liability limitation options to keep the risk calculable.
In view of the highlighted innovations in product liability law, the liability risks for companies in almost all areas of modern trade and goods traffic will increase considerably. Due to the extensive reform efforts, not only will more companies be subject to the liability regime. Once covered by the personal scope of application, the factual expansion of the product and defect concept as well as the damages eligible for compensation will also lead to an increased liability risk in terms of substantive law. In terms of procedural law, the newly created disclosure obligations for companies and the in some cases considerable simplification of the burden of proof in favour of the (end) consumer also make it more difficult for companies to withstand legal proceedings. Companies and their insurers are advised to familiarise themselves with the new regulations at an early stage and to check whether the existing scope of cover is still sufficient or whether there is a need for improvements.
End