Legal Update: EU Modernises Product Liability Rules for the Digital Age

On October 10, 2024, the European Union (EU) updated its product liability framework with the new Product Liability Directive (2022/0302 (COD)) (Directive), modernising the 1985 Directive (85/374/EEC) for the digital age. This update aims to address the challenges posed by the digital age, circular economy and global value chains. The Directive is EU law. As the UK has left the EU, the UK is not required to change its law in response to the Directive, but due to the operation of the Northern Ireland Protocol, the Directive is likely to apply in Northern Ireland. Further, the Directive is likely to have a direct impact on UK manufacturers exporting to the EU. 

Key Highlights of the Directive:

1. Stricter Regulations for AI and Connected Devices: New provisions address risks from AI and connected products, ensuring clear compensation paths for consumers in case of malfunctions or harm.
2. Enhanced Liability for Digital Products: Manufacturers are now accountable for defects in both physical products and digital components. In particular, the Directive has expanded the definition of “product” to include software and digital manufacturing files. 

Why does this matter? 

Non-compliance with the Directive can have significant consequences for businesses who fall within its ambit. Here are some key points:

1. Legal Liability: Companies can be held liable for damages caused by defective products, including personal injury, property damage and data loss. This includes liability for defective software, AI systems and digital services.
2. Financial Penalties: Non-compliance can result in substantial financial penalties. Companies may be required to compensate affected individuals, which can be costly, especially if multiple claims are involved.
3. Reputational Damage: Failing to comply with the directive can harm a company’s reputation. Consumers are increasingly aware of their rights and may avoid businesses that do not adhere to safety and liability standards.
4. Increased Scrutiny: Regulatory bodies may subject non-compliant companies to increased scrutiny and audits, leading to further legal and administrative challenges.
5. Operational Disruptions: Addressing non-compliance issues can disrupt business operations, as companies may need to recall products, implement corrective measures and engage in lengthy legal processes.

What do businesses need to do? 

The first thing to say is that, whilst this is an EU directive, it may still impact UK businesses (despite Brexit). Where the manufacturer is established outside the EU, the Directive extends to the "importer of the product and the authorised representative of the manufacturer". This may capture UK businesses' dealings and, for example, it could clearly impact their agreements with importers and representatives.

Even where that is not the case (e.g. UK businesses that only operate in the UK), the Directive may have an indirect impact. If the Directive sets the standard for product liability, UK businesses that do not adopt practices in line with the Directive may fall behind their European counterparts.

So what should businesses do to comply? 

• Review how they contract with importers, representatives, and/or non-EU manufacturers (as the case may be). This includes considering changes for new contracts and examining existing contracts to determine if changes are needed as a result of the Directive. In particular, will the Directive have an impact on the risk and liability allocation between parties?
• Conduct thorough reviews and/or audits of their internal and business practices to ensure compliance, implementing updates as needed.  For example, safety protocols, product designs, liability insurance, and/or marketing practices may all need to be adjusted or updated.
• Carry out assessments of their products to determine if any that previously were not captured within the definition of "product" under the 1985 Directive (85/374/EEC) are now considered "products" under the Directive.
• For any newly-captured products, businesses should ensure such products meet the requirements of the Directive, including that digital products conform with the Directive's safety and quality requirements and that the business implements stricter vetting processes for online platform sales. 
• Consider if changes are required to product designs and processes to ensure that their products that are durable, repairable and recyclable.  (The Directive’s focus on circular economy principles aligns with EU goals to enhance sustainability, reduce waste and support responsible consumption, ultimately aiding long-term environmental objectives.)
• Review and update complaint handling procedures, and establish how this will be dealt with in relevant contracts, i.e. how the parties will handle this? Consider if updates are required to data protection provisions in relation to this. 

Conclusion & Next Steps 

As the Directive is integrated into EU Member States' national laws, businesses must reassess practices to ensure compliance. This is a complex area and engaging legal advisors in relevant jurisdictions may well be necessary to navigate changes, mitigate risks and enhance global competitiveness. Non-compliance can have significant consequences, making adherence essential for long-term success. Businesses should consider conducting thorough reviews, audits and staying updated on EU and UK guidance, especially for digital products and AI.