New rules on liability for artificial intelligence and product liability

The EU Commission's proposal COM (2022) 495 on product liability includes common rules for companies' liability for damage caused by defective products. The proposed directive is set to replace the current product liability directive. The main purpose of the proposed directive is to ensure that the current legislation is in line with the digital development and to provide a high level of consumer protection.

The proposed directive contains 20 articles of which many are similar to current product liability laws. The proposed rules retain focus on a strict liability for damage caused by defective products but includes several amendments to the definitions. It is specified that a "product" also shall include digital production files and software. Further, the scope of potential liability subjects is expanded. The proposed directive also introduces new rules of evidence such as provisions presuming that a product is defective and that there is a causal link between the product's defect and the caused damage.

The EU Commission's proposed directive COM (2022) 496 on liability for AI concerns civil law liability in tort for damages caused by an AI system. The proposed directive sets out common rules concerning presentation of documentation related to high-risk AI systems to make it possible for a plaintiff to substantiate a potential claim for damages. Further, the proposed directive introduces common rules for the burden of proof in case of culpable damages caused by an AI system. The intended result is that the AI is presumed liable where the AI causes economic loss and the risk was substantial but not handled with the standard of care that reasonable person would have observed.

As for the proposed directive on product liability, it is suggested to include provisions presuming that the use of AI was culpable (e.g. the AI is held legally responsible for actions or inactions that could have been controlled but was not) unless proven otherwise. The purpose is to give the defendant an incentive to provide the documentation related to the AI system to refute an allegation of negligence and liability. Furthermore, it is suggested to include provisions presuming that defendant has the right to produce evidence contradicting that there is a causal link between the AI user's action (or inaction) and the AI system's lack of output.

The Norwegian Ministry of Justice emphasizes that implementing the proposed directives may entail more cases going to the courts. As regards the product liability directive, the Ministry further assumes that companies will have a reason to obtain and store larger amounts of data to avoid and protect themselves from potential lawsuits. However, in its impact assessment, the EU Commission holds that the proposed directive will provide both companies and consumers more predictability and give consumers better protection, by clarifying the scope of product liability in light of digitalization. As regards the AI liability directive, the Ministry assumes that the proposal will ensure that individuals to which damages are inflicted will have a possibility to claim compensation for damages caused by AI systems as effective as for damages caused by other products.

Although it might take some time for the rules to become effective in Norway, companies should start their preparations now. Risk mitigation through internal documentation will be essential. In particular, companies offering digital products such as software should assess the potential risks their digital products might cause. Further, companies using AI systems should implement internal routines that make it easy to produce potentially requested documentation related to the AI system in case of legal claims or lawsuits.

As regards litigation and potential costs, companies should be prepared that more cases will be taken to court. Thus, companies should be well-equipped to win the case and ensure that documentation is readily available.

Schjødt's technology lawyers assist in legal matters related to digitalisation and AI and follow the legislative developments in Norway and Europe closely. We assist clients in drafting technology contracts, assessing liability issues, verifying compliance and developing routines and policies. Our work includes infrastructure and digitalization projects, development and commercialization of advanced digital services, ecommerce and data utilization and data protection. We advise on all types of disputes, commercial litigation and arbitration. Our litigation team is recognized as a first-tier practice by all the respected legal directories and publications.