AI and Product Liability – Emily Read, Associate

Background

On 14 June 2023, the European Parliament voted to adopt the proposed European Union Artificial Intelligence Act (the ‘AI Act’) to regulate the use and development of artificial intelligence (‘AI’) across the EU. The UK’s proposals for regulating AI were set out in the Government’s White Paper in March 2023 (the ‘White Paper’).

As the legal framework is being discussed and finalised in the EU and UK, questions are being raised over liability given the autonomous behaviour, unpredictability and complex nature of these technologies and AI systems.

The current legislation includes the Product Liability Directive (85/374/EEC) (implemented into English law by the Consumer Protection Act, 1987) and the General Product Safety Directive (implemented into English law by the General Product Safety Regulations, 2005 (SI 2005/1803)). However, now the UK is no longer a Member State of the EU it can amend its product safety laws independently without being restricted by EU law. In addition, it is accepted that the current legislation is outdated and does not cover developments in digital technology, cyber-security and emerging AI systems and, therefore, it is likely that in the future the UK and EU product liability and safety regimes will diverge.

EU Liability Framework

The existing EU liability framework consists of both the Product Liability Directive 85/374/EEC (the ‘PLD’) and national liability rules. The PLD provides a system of strict liability in relation to claims for damage caused to the end user due to the defectiveness of a product. The national liability rules provide for fault-based claims, which usually require the end user to establish causality between the existence of damage and the fault of the liable person.

The liability framework was designed for determining how damage, when caused by human activities or goods for which humans are considered liable, can be compensated. In the landscape of emerging digital technologies like AI, the internet of things and robotics, it has proved particularly difficult to enforce.
In 2018 the European Commission published an evaluation report of the PLD and identified the following concerns:

• it was unclear to what extent intangible products can be classified under the PLD;
• there was legal uncertainty regarding how injured parties were to be compensated for damage caused by various digital systems e.g. software updates;
• new technologies introduced new risks such as cybersecurity risks, which were not covered;
• it only provided compensation for physical or material damage; and
• characteristics of AI systems (such as autonomous behaviour, continuous adaptation and limited predictability) made it difficult, if not impossible, for end users to identify and prove the damage, the defect and the causal link and, therefore, were unable to obtain compensation.

In order to address these concerns the European Commission proposed to modernise the current EU liability framework and introduce new rules in relation to damage caused by AI systems. The proposed changes include:

• updating the PLD;
• establishing a new (and first of its kind) AI Liability Directive* (the ‘AILD’) which aims to complement the AI Act and provide rules on fault-based liability caused by AI; and
• replacing the existing General Product Safety Directive 2001/95/EC with the General Product Safety Regulation**.

Our Artificial Intelligence Regulation Guidance will help you prepare for the advent of the UK and EU regulations. Businesses will inevitably need to formalise their practices for internal and external uses of any AI for the sake of evidencing compliance, including collating inventories, inputting policies on their use and introducing staff training on such policies.