From chunky cell phones without touchscreens, but with telescopic antennas to software‑infused everything and a shift in liability landscape
Unlike yesterday, today’s products are mini‑computers, software-defined: cars update themselves over the air, smartwatches track your health, and 3D printers build from digital manufacturing files.
In this context, legal instruments regulating product liability were forced to finally upgrade to match our new developing reality. And thus, the EU’s new Product Liability Directive — Directive (EU) 2024/2853 (PLD Directive) has appeared.
As per the European Commission, the PLD Directive aims to ensure that (a) the rules are adapted to the newest technologies, (b) there is always an EU – based liable party, (c) there is a claimant friendly climate by easing burden of proof.
The PLD Directive is already in force and must be transposed by Member States in their internal legislation by 9 December 2026. For products placed on the market after that date, the liability game changes. However, for products placed on the market before 9 December 2026, the Directive 85/374 on product liability (1985 Directive) remains applicable.
Key takeaways on the new product liability regime
- Products are no longer just hardware in the eyes of the law – The definition of product is seriously expanded and now encompasses any software (including artificial intelligence (AI) systems), either standalone or embedded in other products. Thus, we’re talking about any type of software, but also about digital services integrated and necessary for the product to function.
An important carve‑out remains: non‑commercial open‑source software (OSS) is excluded. This exemption is narrow – where OSS is distributed in the course of a business or monetised you are back in scope.
- How “defectiveness” will be judged? A product shall be considered defective where it does not provide the safety that a person is entitled to expect or that is required under Union or national law.
Courts look at the full context— presentation and characteristics of the product, real world use: not just ideal operation, but reasonably foreseeable use, any ability to keep learning or gain features post market and how that affects safety, expected interaction with other products/services (including via inter connection), when it was placed on the market, compliance with relevant product safety requirements, expressly including safety relevant cybersecurity, any recall or other safety action by authorities or economic operators, the specific needs of the target user group, in the case of a product whose very purpose is to prevent damage, any failure of the product to fulfil that purpose.
However, do not worry, under the PLD Directive it is expressly provided that your product is not defective just because a better product (or an update/upgrade) is already out or comes later.
- Burden of proof gets lighter — disclosure & presumptions
The PLD Directive strengthens access to evidence in product liability disputes by giving courts the power to order targeted disclosure from either side. Where a claimant can make a credible case, defendants may be required to produce relevant evidence in their possession; equally, claimants may be ordered to disclose evidence needed for the defence. That mechanism is framed by strict limits of necessity and proportionality.
With respect to the proof which must be brought by the claimant, the base line remains: the claimant must show defect, damage, and a causal link between the two.
Nonetheless, the PLD Directive provides a set of rebuttable presumptions of defectiveness: (a) if the defendant fails to disclose relevant evidence ordered under the PLD Directive’s disclosure rules, (b) if the claimant shows non‑compliance with mandatory product‑safety requirements intended to guard against the very risk that materialised, (c) if the product obviously malfunctions in reasonably foreseeable use or under ordinary conditions.
Things got easier also when it comes to prove the casual link between the defectiveness of the product and the damage. The PLD Directive provides that such causal link between shall be presumed where it has been established that the product is defective and that the damage caused is of a kind typically consistent with the defect in question.
Further on, the defectiveness of the product or the causal link between its defectiveness and the damage, or both may be presumed by the courts where despite the disclosure of evidence (i) the claimant faces excessive difficulties due to technical/scientific complexity, and (ii) the claimant shows that it is likely the product was defective and/or that a causal link exists.
- A broader pool of liable parties (an EU defendant, always)– The claimant will always find an EU‑based defendant. If the manufacturer sits outside the EU, importers, authorised representatives, and even fulfilment service providers can be on the hook. Also, online platforms can be liable where they act as an economic operator (not mere intermediary).
Also, anyone who substantially modifies a product (including via software updates) can be treated as a manufacturer.
- Exemption from liability? More than limited – An economic operator can avoid liability only by proving a statutory defence: it didn’t place or make the product available; the defect probably wasn’t present at release and arose later; the defect results from mandatory legal compliance; the state‑of‑the‑art meant the defect couldn’t be discovered at the time (including while the product remained under the manufacturer’s control); a component maker is shielded where the integrator’s design or instructions caused the defect; and a modifier is shielded where the defect concerns a part they didn’t touch.
But the “defect came later” defence does not apply if the issue was within the manufacturer’s control — namely a related service, software (including updates/upgrades), a lack of safety‑critical updates, or a substantial modification of the product.
- What losses are compensable? New entry = psychological harm – The PLD Directive covers all range of damages (a) personal injury — includes death and medically recognised psychological harm, (b) property damage — compensation for damage to or destruction of property, without any minimum threshold of the damage as in the 1985 Directive and (c) data loss — destruction or corruption of data used for non-professional purposes.
- What the compensation covers? Compensation covers all material losses flowing from the above categories of damage, but also no material losses (e.g., pain and suffering), insofar as national law allows such compensation
- Statute of limitation – The PLD Directive applies a dual limitation framework. As a starting point, claims must generally be brought within three years from the date on which the injured party became aware of the damage, the defect, and the identity of the relevant economic operator. At the same time, liability is subject to a long-stop period of 10 years, running from the date the defective product — or a substantially modified product — was first placed on the market or put into service.
As a novelty, for latent personal injuries, however, that outer limit may be extended to 25 years, where the harm could not reasonably have been discovered in time.
By Mihaela Ion
