Revised Product Liability Directive (Directive (EU) 2024/2853)

Policy Window Editorial Board

Living evidence map · scoping-review idiom

Revised Product Liability Directive (Directive (EU) 2024/2853)

EU-PLD-2024 · EU

Adopted, not in force

Tools

Last verified 2026-06-21

Cite Share PDF

In force since 2026-12-09. A Binding regulation from EU. EU strict-liability regime for defective products, modernised for the digital age and explicitly extended to software and AI systems. Repeals and replaces the 1985 Product Liability Directive (85/374/EEC). Art. 4(1) redefines "product" to include "software" (and digital manufacturing files, electricity); Recital 13 confirms a "developer or producer of software, including AI system providers within the meaning of Regulation (EU) 2024/1689" is treated as a manufacturer, irrespective of delivery model (on-device, cloud, SaaS). Free and open-source software developed/supplied outside a commercial activity is excluded (Recital 14). The load-bearing topic is REDRESS: Art. 6 sets compensable damage (death/personal injury incl. medically recognised psychological harm; property; destruction/corruption of non-professional data), Art. 8 names liable economic operators (manufacturers, component makers, importers, authorised reps, fulfilment-service providers, certain distributors and online platforms), Art. 9 creates a court-ordered evidence-disclosure mechanism, and Art. 10 establishes rebuttable presumptions of defectiveness and of the causal link — including a presumption available where a claimant faces "excessive difficulties, in particular due to technical or scientific complexity" (Art. 10(4)), the provision most relevant to opaque AI systems. Art. 7(2)(c) makes the product's "ability to continue to learn or acquire new features after it is placed on the market" relevant to defectiveness; Art. 11(2) keeps manufacturers liable for defects introduced by software updates/upgrades within their control. Adopted 23 Oct 2024, in force 18 Nov 2024, but substantive liability rules apply only to products on the market after 9 Dec 2026 (Art. 2(1)), so status = adopted_not_in_force. Designed to interlock with the EU AI Act (Reg. (EU) 2024/1689): breach of AI Act obligations can feed the Art. 10 presumptions. (The separate proposed AI Liability Directive was withdrawn by the Commission in 2025; the PLD now carries the principal EU AI-liability load.) An ex-post liability instrument, deliberately silent on most ex-ante AI-governance topics (transparency mandates, biometrics, deepfakes, compute, sector-specific rules) — those are governed by the AI Act and sectoral law, not by this directive.

Coverage at a glance

governs1implicit2silent21conflicts0of 24 cells

Coverage fingerprint — color = verdict, height = confidence. One tick per tracked topic.

Adopted but not yet in force

Coverage cells below reflect this instrument's operative content once it enters into force. Time-sensitive policy briefs should also cite the source document directly and check for amendments. PW does not track legislative-progress updates within a single catalog snapshot.

Scope and obligations

EU strict-liability regime for defective products, modernised for the digital age and explicitly extended to software and AI systems. Repeals and replaces the 1985 Product Liability Directive (85/374/EEC). Art. 4(1) redefines "product" to include "software" (and digital manufacturing files, electricity); Recital 13 confirms a "developer or producer of software, including AI system providers within the meaning of Regulation (EU) 2024/1689" is treated as a manufacturer, irrespective of delivery model (on-device, cloud, SaaS). Free and open-source software developed/supplied outside a commercial activity is excluded (Recital 14). The load-bearing topic is REDRESS: Art. 6 sets compensable damage (death/personal injury incl. medically recognised psychological harm; property; destruction/corruption of non-professional data), Art. 8 names liable economic operators (manufacturers, component makers, importers, authorised reps, fulfilment-service providers, certain distributors and online platforms), Art. 9 creates a court-ordered evidence-disclosure mechanism, and Art. 10 establishes rebuttable presumptions of defectiveness and of the causal link — including a presumption available where a claimant faces "excessive difficulties, in particular due to technical or scientific complexity" (Art. 10(4)), the provision most relevant to opaque AI systems. Art. 7(2)(c) makes the product's "ability to continue to learn or acquire new features after it is placed on the market" relevant to defectiveness; Art. 11(2) keeps manufacturers liable for defects introduced by software updates/upgrades within their control. Adopted 23 Oct 2024, in force 18 Nov 2024, but substantive liability rules apply only to products on the market after 9 Dec 2026 (Art. 2(1)), so status = adopted_not_in_force. Designed to interlock with the EU AI Act (Reg. (EU) 2024/1689): breach of AI Act obligations can feed the Art. 10 presumptions. (The separate proposed AI Liability Directive was withdrawn by the Commission in 2025; the PLD now carries the principal EU AI-liability load.) An ex-post liability instrument, deliberately silent on most ex-ante AI-governance topics (transparency mandates, biometrics, deepfakes, compute, sector-specific rules) — those are governed by the AI Act and sectoral law, not by this directive.

Revised Product Liability Directive (Directive (EU) 2024/2853) addresses 1 contested AI-governance topics explicitly, 2 via general principles,.

Topics governed

implicit
Transparency Obligations— Art. 9 — court-ordered disclosure of relevant evidence in the defendant's control, reinforced by the Art. 10(2)(a) adverse presumption for non-disclosure
governs
Individual Redress— Arts. 6, 8, 9, 10 — strict-liability compensation for defective products incl. software/AI: compensable damage (Art. 6), liable economic operators (Art. 8), court-ordered evidence disclosure (Art. 9), and rebuttable presumptions of defect + causation (Art. 10)
Art. 10(4)paraphrase
A national court shall presume defectiveness or the causal link where the claimant faces excessive difficulties, in particular due to technical or scientific complexity, in proving it.
source
implicit
Agentic AI Governance— Art. 7(2)(c) — defectiveness accounts for a product's ability to continue to learn or acquire new features after market placement; Art. 11(2) — post-placement software-update liability within the manufacturer's control

Cross-jurisdiction comparison

How peer instruments treat the topics Revised Product Liability Directive (Directive (EU) 2024/2853) governs.

Cross-jurisdiction coverage of the 1 topics governed by Revised Product Liability Directive (Directive (EU) 2024/2853), compared with 45 peer instruments
Topic	EU-AIA-2024	US-EO-14110	US-EO-14179	UK-WHITEPAPER-2023	CN-GENAI-2023	G7-HIROSHIMA	OECD-AI-PRIN	COE-AI-CONV	UN-RES-2024	NIST-AI-RMF	BLETCHLEY-2023	SEOUL-2024	NIST-AI-RMF-GENAI	CA-SB-1047	IN-DPDP-2023	BR-AIBILL-2024	ASEAN-AI-GUIDE-2024	AU-AI-STRATEGY-2024	ANTHROPIC-RSP-2024°	OPENAI-PREPAREDNESS-2023°	DEEPMIND-FSF-2024°	META-FRONTIER-2024°	UK-US-AISI-MOU-2024	WH-VOLUNTARY-2023	SG-MODEL-AI-2024	JP-METI-AI-2024	EU-GDPR-2016	EU-GPAI-COP-2025	OMB-M-24-10	GSA-AI-GUIDE-2024	DOD-RAI-2022	FEDRAMP-AI-2024	DFARS-252-204	CA-SB-53	CA-SB-243	CA-SB-942	UNESCO-AI-ETHICS-2021
Individual Redress	governs	silent	silent	implicit	governs	silent	governs	governs	silent	implicit	silent	silent	implicit	implicit	governs	governs	silent	silent	silent	silent	silent	silent	silent	silent	implicit	implicit	governs	silent	governs	implicit	implicit	implicit	silent	implicit	governs	silent	governs

°= industry self-imposed voluntary framework. Comparing a voluntary code's "governs" tint with a binding regulation's "governs" tint flattens the legal-force distinction; use the instrument-page banner for the operative status of each.

Evidence & methods — how this article was reviewed

Source appraisal — 48 sources across 4 types

Source type	Authority	Count
Peer-reviewed✦ 25 AI	Primary / peer-reviewed	26
Preprint✦ 6 AI	Institutional	20
Research institute✦ 1 AI	Institutional	1
Civil society✦ 1 AI	Contextual	1

Authority is an editorial classification by source type — not a quality score for any individual work, and not external peer review. ✦ AI-generated summaries are labelled, never dropped.

Review methods

Review question: How does Revised Product Liability Directive (Directive (EU) 2024/2853) govern AI across the tracked governance topics, and what cited evidence supports each classification?
Review model: Living evidence mapping (scoping-review idiom) — continuously updated and source-grounded. Not a registered systematic review and not externally peer-reviewed.
Updated through: 2026-06-21
Source base: Primary legal/regulatory and standards sources; peer-reviewed and preprint academic literature (via DOI/arXiv); institutional and civil-society reports. Source types are classified in the source-appraisal table on this page.
Search & selection: Sources are identified by continuous monitoring of the primary regulators and standards bodies in the catalog, plus a literature sweep over open scholarly indexes (arXiv, Crossref) seeded from the core papers and extended by citation snowballing, refreshed to the review date below. Candidates are screened for topical relevance and source verifiability; items with broken or unverifiable links, or that do not support the claim they are attached to, are excluded. No registered protocol or PRISMA flow diagram is maintained — this is a living, continuously-updated evidence map, not a one-time date-bounded screened review.
Provenance (this article): This article charts 48 literature sources drawn from Policy Window's continuously-screened literature corpus (the full corpus is at /wiki/literature). Each was relevance-tagged to the article's topics and verifiability-checked at intake; items with broken or unverifiable links, or that do not support the claim they are attached to, are excluded. Coverage is charted per instrument×topic cell, each verdict anchored to a named provision. A one-time identified→screened→excluded tally is NOT maintained — this is a living map, refreshed to the review date below, not a date-bounded one-pass screen.
Inclusion: A claim is included only when it traces to a cited primary or published source; coverage classifications are anchored to a named provision or document.
Exclusion: Unsourced assertions, broken or unverifiable links, and sources that do not support the claim they are attached to are excluded.
Appraisal: Sources are classified by source-type authority (see the source-appraisal table) — structured editorial self-classification, not external peer review.
Synthesis: Descriptive mapping of the instrument's coverage across topics, plus its cited literature base.
Limitations: English-language and editorial-capacity coverage asymmetries; reliance on official sources for legal status; where AI-drafted or AI-assisted prose is present it is labelled inline with its drafting provenance and reviewer (charter §7.9/§7.10). This is not externally peer-reviewed scholarship.
Funding & competing interests: No external funding; produced by Policy Window editorial. No competing interests declared. AI-assisted drafting, where present, is disclosed per charter §7.9/§7.10.

How to cite this article

Cite this article

8 formats · 1-click copy

@misc{policywindow-eu-product-liability-directive,
  title  = {Revised Product Liability Directive (Directive (EU) 2024/2853)},
  author = {Policy Window},
  year   = {2024},
  howpublished = {Directive (EU) 2024/2853 of the European Parliament and of the Council of 23 October 2024 on liability for defective products and repealing Council Directive 85/374/EEC, OJ L, 2024/2853, 18.11.2024 (CELEX:32024L2853; ELI:http://data.europa.eu/eli/dir/2024/2853/oj). Entered into force 18 November 2024; applies to products placed on the market or put into service after 9 December 2026 (Art. 2(1)).},
  url    = {https://policywindow.org/wiki/eu-product-liability-directive},
  note   = {Primary source: https://eur-lex.europa.eu/eli/dir/2024/2853/oj/eng}
}

Verify the year + paste-and-refine. Primary source linked in BibTeX/RIS note.

Permalink downloads.bib .ris .csl.json

Persistent identifier: https://policywindow.org/wiki/eu-product-liability-directive — committed-stable URL with content-versioning via ?asOf= (rollout pending per methodology §7). DOIs via Zenodo are on the roadmap.

Does this instrument’s approach work? — the social-science evidence

Aggregated over the 3 topics this instrument governs: whether each harm is empirically real, and whether the peer-reviewed evidence shows governance reduces it. The badge is the epistemic status of the evidence— “thin”/“absent” efficacy evidence is itself a finding (the “second silence”). Each epistemic-status label is Policy Window's editorial assessment of the cited evidence base (a structured classification), not a verdict any single source issues.

Of the 3 governed topics with a social-science evidence review, evidence that governance reduces the harm is established for 0, contested for 0, thin for 0, and absent for 3 — for most, no replicated study yet shows this instrument's approach works (the "second silence").

Agentic AI Governance
- Is the harm real?evidence: thin
  The capability that agentic governance targets — autonomous multi-step action — is real and rapidly, measurably advancing: METR finds the task length AI agents complete at 50% reliability has doubled roughly every seven months for the past six years (about 50 minutes for frontier 2025 models), and the UK AI Security Institute's first Frontier AI Trends Report (Dec 2025, >30 systems) reports models now finish hour-long software tasks >40% of the time versus <5% in late 2023. The distinct realized HARM from agency (as opposed to the underlying model) is, however, thinly documented: on consequential real-world tasks agents still fail the majority — Gemini 2.5 Pro completed only 30.3% of TheAgentCompany's 175 professional tasks (OpenHands scaffold, project leaderboard) — so the agency-specific harm magnitude is early and context-dependent rather than established at scale.
  Sources: Kwa, West, Becker et al. 2025 (METR; arXiv:2503.14499, 'Measuring AI Ability to Complete Long Tasks'); UK AI Security Institute 2025 (Frontier AI Trends Report, Dec 2025); Xu, Song, Zhou et al. 2024 (TheAgentCompany, arXiv:2412.14161); 30.3% figure per TheAgentCompany leaderboard (OpenHands)
- Does governance work?evidence: absent
  There is no impact-evaluation evidence that agent-specific governance reduces agentic harm: the operative regimes — the EU GPAI Code of Practice (published July 2025, voluntary/non-binding), the Seoul Frontier AI Safety Commitments (2024, voluntary), and AISI agent evaluations — are 2024-25 vintage and have never been measured against an outcome. The scholarship itself has not settled the contested unit of regulation: Kolt (2025) argues for governing the agentic relationship via principal-agent and agency-law tools, while Chan, Ezell, Kaufmann et al. (2024) propose agent-specific visibility mechanisms (identifiers, real-time monitoring, activity logging) that remain proposal-stage and unevaluated — meaning the field has design proposals but, as with most frontier-AI rules, the evidence that any of them works is absent rather than merely thin.
  Sources: Kolt 2025 ('Governing AI Agents', 101 Notre Dame L. Rev., forthcoming; arXiv:2501.07913); Chan, Ezell, Kaufmann et al. 2024 ('Visibility into AI Agents', ACM FAccT 2024, pp. 958-973; DOI 10.1145/3630106.3658948); EU AI Office 2025 (GPAI Code of Practice, July 2025); Seoul Frontier AI Safety Commitments 2024
Individual Redress
- Is the harm real?evidence: established
  The premise behind redress — that affected people lack meaningful recourse against automated decisions — is real, but the flagship instrument is weaker than commonly assumed. Wachter, Mittelstadt & Floridi (2017) show GDPR creates only a limited 'right to be informed,' not a binding 'right to explanation' of specific decisions; and controlled work finds the explanations actually delivered do not measurably improve lay decision accuracy over showing the bare AI prediction (Alufaisan et al. 2021; and a 2022 meta-analysis by Schemmer et al. — screening 393 articles down to 9 in the final analysis — reports 'no effect of explanations on users' performance compared to sole AI predictions,' even though XAI overall had a positive effect). Honest caveat: the legitimacy/dignity value of being heard is empirically well established in the procedural-justice tradition even where outcome accuracy is unchanged, so 'redress fails' depends on which aim is measured.
  Sources: Wachter, Mittelstadt & Floridi 2017 (International Data Privacy Law 7(2):76); Alufaisan, Marusich, Bakdash, Zhou & Kantarcioglu 2021 (Proceedings of the AAAI Conference on AI 35(8):6618); Schemmer, Hemmer, Nitsche, Kühl & Vössing 2022 (AAAI/ACM AIES '22, meta-analysis)
- Does governance work?evidence: absent
  There is no rigorous impact evaluation showing that mandated redress mechanisms (right-to-explanation, appeal, human-in-the-loop review) actually reduce erroneous or unfair automated decisions — the evidence that the rule works is itself missing. The closest experimental analogues are discouraging: explanations increase humans' acceptance of AI recommendations regardless of correctness (Bansal et al. 2021), and algorithm-in-the-loop oversight can introduce racial disparities and exhibit automation bias rather than reliably catching model errors (Green & Chen 2019). The procedural-justice literature (Tyler 1990; Lind & Tyler 1988) robustly supports a legitimacy and compliance benefit of fair process, but it measures perceived fairness, not reduction of the substantive decision harm redress is meant to cure.
  Sources: Bansal, Wu, Zhou, Fok, Nushi, Kamar, Ribeiro & Weld 2021 (CHI '21); Green & Chen 2019 (Disparate Interactions, ACM FAT* '19); Tyler 1990 (Why People Obey the Law, Yale Univ. Press); Lind & Tyler 1988 (The Social Psychology of Procedural Justice, Plenum Press)
Transparency Obligations
- Is the harm real?evidence: contested
  Documentation artifacts (model cards, datasheets) are well-specified as proposals and are genuinely adopted, but the empirical premise that mandated disclosure produces meaningful transparency is contested. Selbst & Barocas (2018) argue inscrutability and non-intuitiveness are distinct problems and that disclosing rules does not resolve the latter, and large-scale audits find documentation is sparsely and unevenly completed: a systematic analysis of 32,111 Hugging Face model cards (Liang et al. 2024) found environmental-impact, limitations and evaluation sections least often filled, and Bhat et al. (2023, 45 practitioners) found a substantial gap between the documentation proposal and actual practice. Honest caveat: the documentation frameworks themselves are real and adopted, so the dispute is about whether disclosure conveys decision-relevant information, not whether the artifacts exist.
  Sources: Selbst & Barocas 2018 (Fordham Law Review 87:1085-1139); Liang et al. 2024 (Nature Machine Intelligence, s42256-024-00857-z, 'Systematic analysis of 32,111 AI model cards'); Bhat et al. 2023 (CHI '23, 'Aspirations and Practice of ML Model Documentation', DOI 10.1145/3544548.3581518); Mitchell et al. 2019 (FAccT, Model Cards for Model Reporting); Gebru et al. 2021 (CACM 64(12):86-92, Datasheets for Datasets)
- Does governance work?evidence: absent
  There is no rigorous impact evaluation showing that AI transparency mandates (model cards, training-data summaries) measurably reduce bias, misuse or accidents — the central regulatory assumption is empirically untested, partly because flagship mandates like EU AI Act Art. 53(1)(d) GPAI training-data summaries are only subject to AI Office enforcement/verification from 2 August 2026 (the obligation itself began 2 August 2025 for new models). The closest analogue, mandated consumer disclosure, shows small and context-dependent effects: Bollinger, Leslie & Sorensen (2011) found mandatory calorie posting cut average calories per transaction by about 6%, while Loewenstein, Sunstein & Golman (2014) review evidence that disclosure effects are frequently diminished or even reversed by limited attention and often change provider rather than recipient behavior. These are analogues, not AI studies; no study demonstrates that AI transparency disclosure achieves its stated downstream safety aims.
  Sources: Bollinger, Leslie & Sorensen 2011 (AEJ: Economic Policy 3(1):91-128); Loewenstein, Sunstein & Golman 2014 (Annual Review of Economics 6:391-419, 'Disclosure: Psychology Changes Everything'); EU AI Act Art. 53(1)(d) GPAI training-data summary (obligation from 2 Aug 2025; AI Office enforcement from 2 Aug 2026)

Evidence base

48 academic & grey-literature sources on the topics this instrument addresses (not commentary on the instrument itself) — catalogued metadata with a primary link; one-line findings are ✦ AI-generated summaries, labeled as such (charter §7.9). Browse the full literature index.

Governing AI Agents Preprint✦ AIUses "agency law and theory to identify and characterize problems arising from AI agents" and proposes governance infrastructure built on inclusivity, visibility, and liability.
Infrastructure for AI Agents Peer-reviewed✦ AIProposes "agent infrastructure": external technical systems for attributing actions "to specific agents, their users, or other actors," shaping interactions, and remediating harms.
Multi-Agent Risks from Advanced AI Research institute✦ AIIdentifies three failure modes of advanced multi-agent systems — "miscoordination, conflict, and collusion" — plus seven risk factors, posing challenges distinct from single-agent AI.
Identifying Algorithmic Decision Subjects' Needs for Meaningful Contestability Peer-reviewed✦ AIEmpirically elicits what decision subjects need for contestation to be 'meaningful', informing the design of effective remedies and appeal mechanisms for ADM.
Two Means to an End Goal: Connecting Explainability and Contestability in the Regulation of Public Sector AI Preprint✦ AIInterview study with 14 regulation experts distinguishes judicial vs non-judicial and individual vs collective contestation channels for public-sector AI remedies.
Authenticated Delegation and Authorized AI Agents Preprint✦ AIIntroduces a framework for authenticated, authorized, and auditable delegation to AI agents by extending OAuth 2.0/OpenID Connect, maintaining accountability chains for agent actions.
AgentHarm: A Benchmark for Measuring Harmfulness of LLM Agents Peer-reviewed✦ AIProvides a 440-task benchmark across 11 harm categories measuring whether LLM agents resist or comply with harmful multi-step tool-use tasks, grounding safety-evaluation regimes for agents.
Better together? Human oversight as means to achieve fairness in the European AI Act governance Peer-reviewed✦ AIExamines whether Article-14 human oversight of high-risk/autonomous AI can actually deliver fairness, probing the limits of human-in-the-loop as a governance mechanism.
Visibility into AI Agents Peer-reviewed✦ AIProposes agent identifiers, real-time monitoring and activity logs to give governance actors visibility — "where, why, how, and by whom certain AI agents are used."
The Right to Transparency in Public Governance: Freedom of Information and the Use of Artificial Intelligence by Public Agencies Peer-reviewed✦ AIFinds freedom-of-information regimes "generally only grant access to existing documents" and that with "no mature standard for documenting AI models," public-sector AI transparency is limited.
On the Quest for Effectiveness in Human Oversight: Interdisciplinary Perspectives Peer-reviewed✦ AISynthesises interdisciplinary evidence to argue that legally mandated human oversight of AI is often ineffective ('rubber-stamp') unless effectiveness conditions are explicitly designed for.
Law and the Emerging Political Economy of Algorithmic Audits Peer-reviewed✦ AIAnalyses how AI-audit mandates create a new political economy of auditing, warning that audit markets can entrench rather than constrain power without underlying governance.

+ 36more across this instrument's topics — see the literature index.

References

Directive (EU) 2024/2853 of the European Parliament and of the Council of 23 October 2024 on liability for defective products and repealing Council Directive 85/374/EEC, OJ L, 2024/2853, 18.11.2024 (CELEX:32024L2853; ELI:http://data.europa.eu/eli/dir/2024/2853/oj). Entered into force 18 November 2024; applies to products placed on the market or put into service after 9 December 2026 (Art. 2(1)).
Art. 9 — court-ordered disclosure of relevant evidence in the defendant's control, reinforced by the Art. 10(2)(a) adverse presumption for non-disclosure
Arts. 6, 8, 9, 10 — strict-liability compensation for defective products incl. software/AI: compensable damage (Art. 6), liable economic operators (Art. 8), court-ordered evidence disclosure (Art. 9), and rebuttable presumptions of defect + causation (Art. 10)
Art. 7(2)(c) — defectiveness accounts for a product's ability to continue to learn or acquire new features after market placement; Art. 11(2) — post-placement software-update liability within the manufacturer's control

Article tools — track changes, suggest an edit

View history — every captured revision of this article · What links here

Source: Edit on GitHub (search for `EU-PLD-2024`)

Per-audience views

Provisions →Article-by-article obligation breakdown for procurement + RFP authors.
Disclosure form →Vendor-disclosure questionnaire derived from this instrument's operative obligations.
Harm narratives →Documented harms relevant to this instrument's topics, for civil-society advocacy.
Briefing pack →Journalist-ready summary with quotes + dates + primary-source links.

Scope and obligations

Revised Product Liability Directive (Directive (EU) 2024/2853) addresses 1 contested AI-governance topics explicitly, 2 via general principles,.

Topics governed

implicit

Transparency Obligations— Art. 9 — court-ordered disclosure of relevant evidence in the defendant's control, reinforced by the Art. 10(2)(a) adverse presumption for non-disclosure

governs

Individual Redress— Arts. 6, 8, 9, 10 — strict-liability compensation for defective products incl. software/AI: compensable damage (Art. 6), liable economic operators (Art. 8), court-ordered evidence disclosure (Art. 9), and rebuttable presumptions of defect + causation (Art. 10)

Art. 10(4)paraphrase

A national court shall presume defectiveness or the causal link where the claimant faces excessive difficulties, in particular due to technical or scientific complexity, in proving it.

source

implicit

Agentic AI Governance— Art. 7(2)(c) — defectiveness accounts for a product's ability to continue to learn or acquire new features after market placement; Art. 11(2) — post-placement software-update liability within the manufacturer's control

Topic

EU-AIA-2024

US-EO-14110

US-EO-14179

UK-WHITEPAPER-2023

CN-GENAI-2023

G7-HIROSHIMA

OECD-AI-PRIN

COE-AI-CONV

UN-RES-2024

NIST-AI-RMF

BLETCHLEY-2023

SEOUL-2024

NIST-AI-RMF-GENAI

CA-SB-1047

IN-DPDP-2023

BR-AIBILL-2024

ASEAN-AI-GUIDE-2024

AU-AI-STRATEGY-2024

ANTHROPIC-RSP-2024°

OPENAI-PREPAREDNESS-2023°

DEEPMIND-FSF-2024°

META-FRONTIER-2024°

UK-US-AISI-MOU-2024

WH-VOLUNTARY-2023

SG-MODEL-AI-2024

JP-METI-AI-2024

EU-GDPR-2016

EU-GPAI-COP-2025

OMB-M-24-10

GSA-AI-GUIDE-2024

DOD-RAI-2022

FEDRAMP-AI-2024

DFARS-252-204

CA-SB-53

CA-SB-243

CA-SB-942

UNESCO-AI-ETHICS-2021

Individual Redress

governs

silent

implicit

governs

silent

governs

silent

implicit

silent

implicit

governs

silent

implicit

governs

silent

governs

implicit

silent

implicit

governs

silent

governs

Source type

Authority

Count

Peer-reviewed✦ 25 AI

Primary / peer-reviewed

Preprint✦ 6 AI

Institutional

Research institute✦ 1 AI

Institutional

Civil society✦ 1 AI

Contextual

How to cite this article

Cite this article

8 formats · 1-click copy

@misc{policywindow-eu-product-liability-directive,
  title  = {Revised Product Liability Directive (Directive (EU) 2024/2853)},
  author = {Policy Window},
  year   = {2024},
  howpublished = {Directive (EU) 2024/2853 of the European Parliament and of the Council of 23 October 2024 on liability for defective products and repealing Council Directive 85/374/EEC, OJ L, 2024/2853, 18.11.2024 (CELEX:32024L2853; ELI:http://data.europa.eu/eli/dir/2024/2853/oj). Entered into force 18 November 2024; applies to products placed on the market or put into service after 9 December 2026 (Art. 2(1)).},
  url    = {https://policywindow.org/wiki/eu-product-liability-directive},
  note   = {Primary source: https://eur-lex.europa.eu/eli/dir/2024/2853/oj/eng}
}

Verify the year + paste-and-refine. Primary source linked in BibTeX/RIS note.

Permalink downloads.bib .ris .csl.json

Does this instrument’s approach work? — the social-science evidence

Agentic AI Governance

Is the harm real?evidence: thin
The capability that agentic governance targets — autonomous multi-step action — is real and rapidly, measurably advancing: METR finds the task length AI agents complete at 50% reliability has doubled roughly every seven months for the past six years (about 50 minutes for frontier 2025 models), and the UK AI Security Institute's first Frontier AI Trends Report (Dec 2025, >30 systems) reports models now finish hour-long software tasks >40% of the time versus <5% in late 2023. The distinct realized HARM from agency (as opposed to the underlying model) is, however, thinly documented: on consequential real-world tasks agents still fail the majority — Gemini 2.5 Pro completed only 30.3% of TheAgentCompany's 175 professional tasks (OpenHands scaffold, project leaderboard) — so the agency-specific harm magnitude is early and context-dependent rather than established at scale.
Sources: Kwa, West, Becker et al. 2025 (METR; arXiv:2503.14499, 'Measuring AI Ability to Complete Long Tasks'); UK AI Security Institute 2025 (Frontier AI Trends Report, Dec 2025); Xu, Song, Zhou et al. 2024 (TheAgentCompany, arXiv:2412.14161); 30.3% figure per TheAgentCompany leaderboard (OpenHands)
Does governance work?evidence: absent
There is no impact-evaluation evidence that agent-specific governance reduces agentic harm: the operative regimes — the EU GPAI Code of Practice (published July 2025, voluntary/non-binding), the Seoul Frontier AI Safety Commitments (2024, voluntary), and AISI agent evaluations — are 2024-25 vintage and have never been measured against an outcome. The scholarship itself has not settled the contested unit of regulation: Kolt (2025) argues for governing the agentic relationship via principal-agent and agency-law tools, while Chan, Ezell, Kaufmann et al. (2024) propose agent-specific visibility mechanisms (identifiers, real-time monitoring, activity logging) that remain proposal-stage and unevaluated — meaning the field has design proposals but, as with most frontier-AI rules, the evidence that any of them works is absent rather than merely thin.
Sources: Kolt 2025 ('Governing AI Agents', 101 Notre Dame L. Rev., forthcoming; arXiv:2501.07913); Chan, Ezell, Kaufmann et al. 2024 ('Visibility into AI Agents', ACM FAccT 2024, pp. 958-973; DOI 10.1145/3630106.3658948); EU AI Office 2025 (GPAI Code of Practice, July 2025); Seoul Frontier AI Safety Commitments 2024

Individual Redress

Is the harm real?evidence: established
The premise behind redress — that affected people lack meaningful recourse against automated decisions — is real, but the flagship instrument is weaker than commonly assumed. Wachter, Mittelstadt & Floridi (2017) show GDPR creates only a limited 'right to be informed,' not a binding 'right to explanation' of specific decisions; and controlled work finds the explanations actually delivered do not measurably improve lay decision accuracy over showing the bare AI prediction (Alufaisan et al. 2021; and a 2022 meta-analysis by Schemmer et al. — screening 393 articles down to 9 in the final analysis — reports 'no effect of explanations on users' performance compared to sole AI predictions,' even though XAI overall had a positive effect). Honest caveat: the legitimacy/dignity value of being heard is empirically well established in the procedural-justice tradition even where outcome accuracy is unchanged, so 'redress fails' depends on which aim is measured.
Sources: Wachter, Mittelstadt & Floridi 2017 (International Data Privacy Law 7(2):76); Alufaisan, Marusich, Bakdash, Zhou & Kantarcioglu 2021 (Proceedings of the AAAI Conference on AI 35(8):6618); Schemmer, Hemmer, Nitsche, Kühl & Vössing 2022 (AAAI/ACM AIES '22, meta-analysis)
Does governance work?evidence: absent
There is no rigorous impact evaluation showing that mandated redress mechanisms (right-to-explanation, appeal, human-in-the-loop review) actually reduce erroneous or unfair automated decisions — the evidence that the rule works is itself missing. The closest experimental analogues are discouraging: explanations increase humans' acceptance of AI recommendations regardless of correctness (Bansal et al. 2021), and algorithm-in-the-loop oversight can introduce racial disparities and exhibit automation bias rather than reliably catching model errors (Green & Chen 2019). The procedural-justice literature (Tyler 1990; Lind & Tyler 1988) robustly supports a legitimacy and compliance benefit of fair process, but it measures perceived fairness, not reduction of the substantive decision harm redress is meant to cure.
Sources: Bansal, Wu, Zhou, Fok, Nushi, Kamar, Ribeiro & Weld 2021 (CHI '21); Green & Chen 2019 (Disparate Interactions, ACM FAT* '19); Tyler 1990 (Why People Obey the Law, Yale Univ. Press); Lind & Tyler 1988 (The Social Psychology of Procedural Justice, Plenum Press)

Transparency Obligations

Is the harm real?evidence: contested
Documentation artifacts (model cards, datasheets) are well-specified as proposals and are genuinely adopted, but the empirical premise that mandated disclosure produces meaningful transparency is contested. Selbst & Barocas (2018) argue inscrutability and non-intuitiveness are distinct problems and that disclosing rules does not resolve the latter, and large-scale audits find documentation is sparsely and unevenly completed: a systematic analysis of 32,111 Hugging Face model cards (Liang et al. 2024) found environmental-impact, limitations and evaluation sections least often filled, and Bhat et al. (2023, 45 practitioners) found a substantial gap between the documentation proposal and actual practice. Honest caveat: the documentation frameworks themselves are real and adopted, so the dispute is about whether disclosure conveys decision-relevant information, not whether the artifacts exist.
Sources: Selbst & Barocas 2018 (Fordham Law Review 87:1085-1139); Liang et al. 2024 (Nature Machine Intelligence, s42256-024-00857-z, 'Systematic analysis of 32,111 AI model cards'); Bhat et al. 2023 (CHI '23, 'Aspirations and Practice of ML Model Documentation', DOI 10.1145/3544548.3581518); Mitchell et al. 2019 (FAccT, Model Cards for Model Reporting); Gebru et al. 2021 (CACM 64(12):86-92, Datasheets for Datasets)
Does governance work?evidence: absent
There is no rigorous impact evaluation showing that AI transparency mandates (model cards, training-data summaries) measurably reduce bias, misuse or accidents — the central regulatory assumption is empirically untested, partly because flagship mandates like EU AI Act Art. 53(1)(d) GPAI training-data summaries are only subject to AI Office enforcement/verification from 2 August 2026 (the obligation itself began 2 August 2025 for new models). The closest analogue, mandated consumer disclosure, shows small and context-dependent effects: Bollinger, Leslie & Sorensen (2011) found mandatory calorie posting cut average calories per transaction by about 6%, while Loewenstein, Sunstein & Golman (2014) review evidence that disclosure effects are frequently diminished or even reversed by limited attention and often change provider rather than recipient behavior. These are analogues, not AI studies; no study demonstrates that AI transparency disclosure achieves its stated downstream safety aims.
Sources: Bollinger, Leslie & Sorensen 2011 (AEJ: Economic Policy 3(1):91-128); Loewenstein, Sunstein & Golman 2014 (Annual Review of Economics 6:391-419, 'Disclosure: Psychology Changes Everything'); EU AI Act Art. 53(1)(d) GPAI training-data summary (obligation from 2 Aug 2025; AI Office enforcement from 2 Aug 2026)

References

Directive (EU) 2024/2853 of the European Parliament and of the Council of 23 October 2024 on liability for defective products and repealing Council Directive 85/374/EEC, OJ L, 2024/2853, 18.11.2024 (CELEX:32024L2853; ELI:http://data.europa.eu/eli/dir/2024/2853/oj). Entered into force 18 November 2024; applies to products placed on the market or put into service after 9 December 2026 (Art. 2(1)).

Art. 9 — court-ordered disclosure of relevant evidence in the defendant's control, reinforced by the Art. 10(2)(a) adverse presumption for non-disclosure

Arts. 6, 8, 9, 10 — strict-liability compensation for defective products incl. software/AI: compensable damage (Art. 6), liable economic operators (Art. 8), court-ordered evidence disclosure (Art. 9), and rebuttable presumptions of defect + causation (Art. 10)

Art. 7(2)(c) — defectiveness accounts for a product's ability to continue to learn or acquire new features after market placement; Art. 11(2) — post-placement software-update liability within the manufacturer's control

[1] Directive (EU) 2024/2853 of the European Parliament and of the Council of 23 October 2024 on liability for defective products and repealing Council Directive 85/374/EEC, OJ L, 2024/2853, 18.11.2024 (CELEX:32024L2853; ELI:http://data.europa.eu/eli/dir/2024/2853/oj). Entered into force 18 November 2024; applies to products placed on the market or put into service after 9 December 2026 (Art. 2(1)).

[2] Art. 9 — court-ordered disclosure of relevant evidence in the defendant's control, reinforced by the Art. 10(2)(a) adverse presumption for non-disclosure

[3] Arts. 6, 8, 9, 10 — strict-liability compensation for defective products incl. software/AI: compensable damage (Art. 6), liable economic operators (Art. 8), court-ordered evidence disclosure (Art. 9), and rebuttable presumptions of defect + causation (Art. 10)

[4] Art. 7(2)(c) — defectiveness accounts for a product's ability to continue to learn or acquire new features after market placement; Art. 11(2) — post-placement software-update liability within the manufacturer's control