Revised Product Liability Directive (Directive (EU) 2024/2853)
EU-PLD-2024 · EU
EU strict-liability regime for defective products, modernised for the digital age and explicitly extended to software and AI systems. Repeals and replaces the 1985 Product Liability Directive (85/374/EEC). Art. 4(1) redefines "product" to include "software" (and digital manufacturing files, electricity); Recital 13 confirms a "developer or producer of software, including AI system providers within the meaning of Regulation (EU) 2024/1689" is treated as a manufacturer, irrespective of delivery model (on-device, cloud, SaaS). Free and open-source software developed/supplied outside a commercial activity is excluded (Recital 14). The load-bearing topic is REDRESS: Art. 6 sets compensable damage (death/personal injury incl. medically recognised psychological harm; property; destruction/corruption of non-professional data), Art. 8 names liable economic operators (manufacturers, component makers, importers, authorised reps, fulfilment-service providers, certain distributors and online platforms), Art. 9 creates a court-ordered evidence-disclosure mechanism, and Art. 10 establishes rebuttable presumptions of defectiveness and of the causal link — including a presumption available where a claimant faces "excessive difficulties, in particular due to technical or scientific complexity" (Art. 10(4)), the provision most relevant to opaque AI systems. Art. 7(2)(c) makes the product's "ability to continue to learn or acquire new features after it is placed on the market" relevant to defectiveness; Art. 11(2) keeps manufacturers liable for defects introduced by software updates/upgrades within their control. Adopted 23 Oct 2024, in force 18 Nov 2024, but substantive liability rules apply only to products on the market after 9 Dec 2026 (Art. 2(1)), so status = adopted_not_in_force. Designed to interlock with the EU AI Act (Reg. (EU) 2024/1689): breach of AI Act obligations can feed the Art. 10 presumptions. (The separate proposed AI Liability Directive was withdrawn by the Commission in 2025; the PLD now carries the principal EU AI-liability load.) An ex-post liability instrument, deliberately silent on most ex-ante AI-governance topics (transparency mandates, biometrics, deepfakes, compute, sector-specific rules) — those are governed by the AI Act and sectoral law, not by this directive.
Adopted but not yet in force
Coverage cells below reflect this instrument's operative content once it enters into force. Time-sensitive policy briefs should also cite the source document directly and check for amendments. PW does not track legislative-progress updates within a single catalog snapshot.
Background & scope
Revised Product Liability Directive (Directive (EU) 2024/2853) addresses 1 contested AI-governance topic explicitly, 2 via general principles.
Provisions & coverage
- implicitTransparency ObligationsArt. 9 — court-ordered disclosure of relevant evidence in the defendant's control, reinforced by the Art. 10(2)(a) adverse presumption for non-disclosure[8]
- governsIndividual Redress
Art. 10(4)[8] - implicitAgentic AI GovernanceArt. 7(2)(c) — defectiveness accounts for a product's ability to continue to learn or acquire new features after market placement; Art. 11(2) — post-placement software-update liability within the manufacturer's control[8]
Operative mechanics: strict liability re-engineered for software and AI
The revised Directive (EU) 2024/2853 keeps the 1985 regime's no-fault core but redefines its perimeter for the digital economy. Art. 4(1) brings "software" — including standalone AI systems — within the meaning of "product," and Recital 13 treats an AI system provider within the meaning of Regulation (EU) 2024/1689 as a manufacturer irrespective of delivery model. The redress machinery is the load-bearing element: Art. 6 fixes compensable damage (death, personal injury including medically recognised psychological harm, property, and destruction or corruption of non-professional data); Art. 8 names the chain of liable economic operators down to importers, authorised representatives, fulfilment-service providers and certain platforms; Art. 9 compels disclosure of evidence in a defendant's control; and Art. 10 supplies rebuttable presumptions of defect and causation. Liability is channelled to producers, not deployers, making it an ex-post complement to the AI Act's ex-ante duties.
The complexity presumption and the opacity problem
The Directive's signature AI adaptation is evidentiary. Art. 10(4) instructs a national court to presume defectiveness or the causal link where a claimant faces "excessive difficulties, in particular due to technical or scientific complexity," in proving them — a direct response to the black-box character of machine-learning systems whose internal logic claimants cannot reconstruct. This is reinforced by the Art. 9 disclosure duty and the Art. 10(2)(a) adverse inference when a defendant withholds ordered evidence, so opacity itself becomes a litigation cost for producers rather than for victims. The mechanism interlocks with Regulation (EU) 2024/1689: a proven breach of AI Act logging, transparency or risk-management obligations can feed the presumptions. Scholarship on visibility and identification of AI systems 12 underscores why such infrastructural evidence matters — without IDs, logs and monitoring, even a rebuttable presumption struggles for factual purchase.
Agentic systems and post-market mutability
Two provisions confront AI's dynamism. Art. 7(2)(c) makes a product's "ability to continue to learn or acquire new features after it is placed on the market" relevant to assessing defectiveness, abandoning the assumption that a product is frozen at the moment of sale. Art. 11(2) keeps manufacturers liable for defects introduced by software updates or upgrades, and by machine learning, that remain within their control — narrowing the traditional later-defect defence. These rules speak to the governance gap around autonomous and continually-adapting agents, a frontier that legal scholarship treats as distinct from static models: Kolt's agency-law framing 3 and the agent-infrastructure and delegation proposals 45 argue that attribution and remediation require external systems, while multi-agent failure modes 6 complicate the "within the manufacturer's control" line that Art. 11(2) draws.
Fault lines, status, and implementation trajectory
The Directive is adopted but not yet in force: it entered into force on 18 November 2024, yet its substantive liability rules apply only to products placed on the market after 9 December 2026 (Art. 2(1)), leaving a transposition and adaptation window for Member States and producers. Its salience grew when the Commission withdrew the separate proposed AI Liability Directive in 2025, so the PLD now carries the principal EU AI-liability load while remaining deliberately silent on ex-ante topics — biometrics, deepfakes and compute fall to Regulation (EU) 2024/1689 and sectoral law. Critics note real fault lines: the Recital 14 carve-out for non-commercial free and open-source software, the producer-not-deployer channelling that may miss harms from how systems are operated, and the limits of compensation as redress. Contestability research 7 warns that monetary liability is a thin substitute for meaningful, accessible avenues to challenge automated decisions.
Enforcement & impact
Cross-jurisdiction comparison
How peer instruments treat the topics Revised Product Liability Directive (Directive (EU) 2024/2853) governs.
| Topic | EU-AIA-2024 | US-EO-14110 | US-EO-14179 | UK-WHITEPAPER-2023 | CN-GENAI-2023 | G7-HIROSHIMA | OECD-AI-PRIN | COE-AI-CONV | UN-RES-2024 | NIST-AI-RMF | BLETCHLEY-2023 | SEOUL-2024 | NIST-AI-RMF-GENAI | CA-SB-1047 | IN-DPDP-2023 | BR-AIBILL-2024 | ASEAN-AI-GUIDE-2024 | AU-AI-STRATEGY-2024 | ANTHROPIC-RSP-2024° | OPENAI-PREPAREDNESS-2023° | DEEPMIND-FSF-2024° | META-FRONTIER-2024° | UK-US-AISI-MOU-2024 | WH-VOLUNTARY-2023 | SG-MODEL-AI-2024 | JP-METI-AI-2024 | EU-GDPR-2016 | EU-GPAI-COP-2025 | OMB-M-24-10 | GSA-AI-GUIDE-2024 | DOD-RAI-2022 | FEDRAMP-AI-2024 | DFARS-252-204 | CA-SB-53 | CA-SB-243 | CA-SB-942 | UNESCO-AI-ETHICS-2021 | EU-PWD-2024 | CN-DEEPSYN-2022 | NY-RAISE-2025 | US-TAKEITDOWN-2025 | IT-AILAW-2025 | JP-AIPROMO-2025 | UN-GDC-2024 |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Individual Redress | governs | silent | silent | implicit | governs | silent | governs | governs | silent | implicit | silent | silent | implicit | implicit | governs | governs | silent | silent | silent | silent | silent | silent | silent | silent | implicit | implicit | governs | silent | governs | implicit | implicit | implicit | silent | implicit | governs | silent | governs | governs | governs | silent | implicit | implicit | implicit | implicit |
°= industry self-imposed voluntary framework. Comparing a voluntary code's "governs" tint with a binding regulation's "governs" tint flattens the legal-force distinction; use the instrument-page banner for the operative status of each.
See also
Per-audience views
- Provisions →Article-by-article obligation breakdown for procurement + RFP authors.
- Disclosure form →Vendor-disclosure questionnaire derived from this instrument's operative obligations.
- Harm narratives →Documented harms relevant to this instrument's topics, for civil-society advocacy.
- Briefing pack →Journalist-ready summary with quotes + dates + primary-source links.
Article tools — track changes, suggest an edit
View history — every captured revision of this article · What links here
Further reading
48 academic & grey-literature sources on the topics this instrument addresses (not commentary on the instrument itself) — catalogued metadata with a primary link; one-line findings are ✦ AI-generated summaries, labeled as such (charter §7.9). Browse the full literature index.
- Governing AI Agents Preprint✦ AIUses "agency law and theory to identify and characterize problems arising from AI agents" and proposes governance infrastructure built on inclusivity, visibility, and liability.
- Infrastructure for AI Agents Peer-reviewed✦ AIProposes "agent infrastructure": external technical systems for attributing actions "to specific agents, their users, or other actors," shaping interactions, and remediating harms.
- Multi-Agent Risks from Advanced AI Research institute✦ AIIdentifies three failure modes of advanced multi-agent systems — "miscoordination, conflict, and collusion" — plus seven risk factors, posing challenges distinct from single-agent AI.
- Identifying Algorithmic Decision Subjects' Needs for Meaningful Contestability Peer-reviewed✦ AIEmpirically elicits what decision subjects need for contestation to be 'meaningful', informing the design of effective remedies and appeal mechanisms for ADM.
- Two Means to an End Goal: Connecting Explainability and Contestability in the Regulation of Public Sector AI Preprint✦ AIInterview study with 14 regulation experts distinguishes judicial vs non-judicial and individual vs collective contestation channels for public-sector AI remedies.
- Authenticated Delegation and Authorized AI Agents Preprint✦ AIIntroduces a framework for authenticated, authorized, and auditable delegation to AI agents by extending OAuth 2.0/OpenID Connect, maintaining accountability chains for agent actions.
- AgentHarm: A Benchmark for Measuring Harmfulness of LLM Agents Peer-reviewed✦ AIProvides a 440-task benchmark across 11 harm categories measuring whether LLM agents resist or comply with harmful multi-step tool-use tasks, grounding safety-evaluation regimes for agents.
- Better together? Human oversight as means to achieve fairness in the European AI Act governance Peer-reviewed✦ AIExamines whether Article-14 human oversight of high-risk/autonomous AI can actually deliver fairness, probing the limits of human-in-the-loop as a governance mechanism.
- Visibility into AI Agents Peer-reviewed✦ AIProposes agent identifiers, real-time monitoring and activity logs to give governance actors visibility — "where, why, how, and by whom certain AI agents are used."
- The Right to Transparency in Public Governance: Freedom of Information and the Use of Artificial Intelligence by Public Agencies Peer-reviewed✦ AIFinds freedom-of-information regimes "generally only grant access to existing documents" and that with "no mature standard for documenting AI models," public-sector AI transparency is limited.
- On the Quest for Effectiveness in Human Oversight: Interdisciplinary Perspectives Peer-reviewed✦ AISynthesises interdisciplinary evidence to argue that legally mandated human oversight of AI is often ineffective ('rubber-stamp') unless effectiveness conditions are explicitly designed for.
- Law and the Emerging Political Economy of Algorithmic Audits Peer-reviewed✦ AIAnalyses how AI-audit mandates create a new political economy of auditing, warning that audit markets can entrench rather than constrain power without underlying governance.
+ 36 more across this instrument's topics — see the literature index.
References
Sources cited inline in the analysis (linked from the superscript markers), then the primary instrument sources behind the classifications.
- Alan Chan, Noam Kolt, Peter Wills, Usman Anwar, Christian Schroeder de Witt, Nitarshan Rajkumar, Lewis Hammond, David Krueger, Lennart Heim, Markus Anderljung (2024) IDs for AI Systems, arXiv (cs.CY; GovAI/MILA). arXiv:2406.12137 — Proposes ascribing IDs to instances of AI systems so users can verify safety certifications, investigate incidents, and enable oversight of agentic deployments. ↩
- Alan Chan, Carson Ezell, Max Kaufmann, Kevin Wei, Lewis Hammond, Herbie Bradley, Emma Bluemke, Nitarshan Rajkumar, David Krueger, Noam Kolt, Lennart Heim, Markus Anderljung (2024) Visibility into AI Agents, ACM FAccT. 10.1145/3630106.3658948 — Proposes agent identifiers, real-time monitoring and activity logs to give governance actors visibility — "where, why, how, and by whom certain AI agents are used." ↩
- Noam Kolt (2025) Governing AI Agents, Notre Dame Law Review (forthcoming). arXiv:2501.07913 — Uses "agency law and theory to identify and characterize problems arising from AI agents" and proposes governance infrastructure built on inclusivity, visibility, and liability. ↩
- Alan Chan, Kevin Wei, Sihao Huang, Nitarshan Rajkumar, Elija Perrier, Seth Lazar, Gillian K. Hadfield, Markus Anderljung (2025) Infrastructure for AI Agents, Transactions on Machine Learning Research. arXiv:2501.10114 — Proposes "agent infrastructure": external technical systems for attributing actions "to specific agents, their users, or other actors," shaping interactions, and remediating harms. ↩
- Tobin South, Samuele Marro, Thomas Hardjono, Robert Mahari, Cedric Deslandes Whitney, Dazza Greenwood, Alan Chan, Alex Pentland (2025) Authenticated Delegation and Authorized AI Agents, arXiv (cs.CY; MIT). arXiv:2501.09674 — Introduces a framework for authenticated, authorized, and auditable delegation to AI agents by extending OAuth 2.0/OpenID Connect, maintaining accountability chains for agent actions. ↩
- Lewis Hammond, Alan Chan, Jesse Clifton, et al. (Cooperative AI Foundation) (2025) Multi-Agent Risks from Advanced AI, Cooperative AI Foundation. arXiv:2502.14143 — Identifies three failure modes of advanced multi-agent systems — "miscoordination, conflict, and collusion" — plus seven risk factors, posing challenges distinct from single-agent AI. ↩
- Mireia Yurrita, Himanshu Verma, Agathe Balayn, Kars Alfrink, Ujwal Gadiraju, and Alessandro Bozzon (2025) Identifying Algorithmic Decision Subjects' Needs for Meaningful Contestability, Proceedings of the ACM on Human-Computer Interaction (CSCW). 10.1145/3757415 — Empirically elicits what decision subjects need for contestation to be 'meaningful', informing the design of effective remedies and appeal mechanisms for ADM. ↩
- Directive (EU) 2024/2853 of the European Parliament and of the Council of 23 October 2024 on liability for defective products and repealing Council Directive 85/374/EEC, OJ L, 2024/2853, 18.11.2024 (CELEX:32024L2853; ELI:http://data.europa.eu/eli/dir/2024/2853/oj). Entered into force 18 November 2024; applies to products placed on the market or put into service after 9 December 2026 (Art. 2(1)).
- Art. 9 — court-ordered disclosure of relevant evidence in the defendant's control, reinforced by the Art. 10(2)(a) adverse presumption for non-disclosure
- Arts. 6, 8, 9, 10 — strict-liability compensation for defective products incl. software/AI: compensable damage (Art. 6), liable economic operators (Art. 8), court-ordered evidence disclosure (Art. 9), and rebuttable presumptions of defect + causation (Art. 10)
- Art. 7(2)(c) — defectiveness accounts for a product's ability to continue to learn or acquire new features after market placement; Art. 11(2) — post-placement software-update liability within the manufacturer's control
How to cite this article
Cite this article 8 formats · BibTeX, RIS, APA, Chicago, … · 1-click copy
Persistent identifier: https://policywindow.org/wiki/eu-product-liability-directive — committed-stable URL with content-versioning via ?asOf= (rollout pending per methodology §7). DOIs via Zenodo are on the roadmap.
Does this instrument’s approach work? — the social-science evidence
Aggregated over the 3 topics this instrument governs: whether each harm is empirically real, and whether the peer-reviewed evidence shows governance reduces it. The badge is the epistemic status of the evidence— “thin”/“absent” efficacy evidence is itself a finding (the “second silence”). Each epistemic-status label is Policy Window's editorial assessment of the cited evidence base (a structured classification), not a verdict any single source issues.
Of the 3 governed topics with a social-science evidence review, evidence that governance reduces the harm is established for 0, contested for 0, thin for 0, and absent for 3 — for most, no replicated study yet shows this instrument's approach works (the "second silence").
Agentic AI Governance
The capability that agentic governance targets — autonomous multi-step action — is real and rapidly, measurably advancing: METR finds the task length AI agents complete at 50% reliability has doubled roughly every seven months for the past six years (about 50 minutes for frontier 2025 models), and the UK AI Security Institute's first Frontier AI Trends Report (Dec 2025, >30 systems) reports models now finish hour-long software tasks >40% of the time versus <5% in late 2023. The distinct realized HARM from agency (as opposed to the underlying model) is, however, thinly documented: on consequential real-world tasks agents still fail the majority — Gemini 2.5 Pro completed only 30.3% of TheAgentCompany's 175 professional tasks (OpenHands scaffold, project leaderboard) — so the agency-specific harm magnitude is early and context-dependent rather than established at scale.
Sources: Kwa, West, Becker et al. 2025 (METR; arXiv:2503.14499, 'Measuring AI Ability to Complete Long Tasks'); UK AI Security Institute 2025 (Frontier AI Trends Report, Dec 2025); Xu, Song, Zhou et al. 2024 (TheAgentCompany, arXiv:2412.14161); 30.3% figure per TheAgentCompany leaderboard (OpenHands)
There is no impact-evaluation evidence that agent-specific governance reduces agentic harm: the operative regimes — the EU GPAI Code of Practice (published July 2025, voluntary/non-binding), the Seoul Frontier AI Safety Commitments (2024, voluntary), and AISI agent evaluations — are 2024-25 vintage and have never been measured against an outcome. The scholarship itself has not settled the contested unit of regulation: Kolt (2025) argues for governing the agentic relationship via principal-agent and agency-law tools, while Chan, Ezell, Kaufmann et al. (2024) propose agent-specific visibility mechanisms (identifiers, real-time monitoring, activity logging) that remain proposal-stage and unevaluated — meaning the field has design proposals but, as with most frontier-AI rules, the evidence that any of them works is absent rather than merely thin.
Sources: Kolt 2025 ('Governing AI Agents', 101 Notre Dame L. Rev., forthcoming; arXiv:2501.07913); Chan, Ezell, Kaufmann et al. 2024 ('Visibility into AI Agents', ACM FAccT 2024, pp. 958-973; DOI 10.1145/3630106.3658948); EU AI Office 2025 (GPAI Code of Practice, July 2025); Seoul Frontier AI Safety Commitments 2024
Individual Redress
The premise behind redress — that affected people lack meaningful recourse against automated decisions — is real, but the flagship instrument is weaker than commonly assumed. Wachter, Mittelstadt & Floridi (2017) show GDPR creates only a limited 'right to be informed,' not a binding 'right to explanation' of specific decisions; and controlled work finds the explanations actually delivered do not measurably improve lay decision accuracy over showing the bare AI prediction (Alufaisan et al. 2021; and a 2022 meta-analysis by Schemmer et al. — screening 393 articles down to 9 in the final analysis — reports 'no effect of explanations on users' performance compared to sole AI predictions,' even though XAI overall had a positive effect). Honest caveat: the legitimacy/dignity value of being heard is empirically well established in the procedural-justice tradition even where outcome accuracy is unchanged, so 'redress fails' depends on which aim is measured.
Sources: Wachter, Mittelstadt & Floridi 2017 (International Data Privacy Law 7(2):76); Alufaisan, Marusich, Bakdash, Zhou & Kantarcioglu 2021 (Proceedings of the AAAI Conference on AI 35(8):6618); Schemmer, Hemmer, Nitsche, Kühl & Vössing 2022 (AAAI/ACM AIES '22, meta-analysis)
There is no rigorous impact evaluation showing that mandated redress mechanisms (right-to-explanation, appeal, human-in-the-loop review) actually reduce erroneous or unfair automated decisions — the evidence that the rule works is itself missing. The closest experimental analogues are discouraging: explanations increase humans' acceptance of AI recommendations regardless of correctness (Bansal et al. 2021), and algorithm-in-the-loop oversight can introduce racial disparities and exhibit automation bias rather than reliably catching model errors (Green & Chen 2019). The procedural-justice literature (Tyler 1990; Lind & Tyler 1988) robustly supports a legitimacy and compliance benefit of fair process, but it measures perceived fairness, not reduction of the substantive decision harm redress is meant to cure.
Sources: Bansal, Wu, Zhou, Fok, Nushi, Kamar, Ribeiro & Weld 2021 (CHI '21); Green & Chen 2019 (Disparate Interactions, ACM FAT* '19); Tyler 1990 (Why People Obey the Law, Yale Univ. Press); Lind & Tyler 1988 (The Social Psychology of Procedural Justice, Plenum Press)
Transparency Obligations
Documentation artifacts (model cards, datasheets) are well-specified as proposals and are genuinely adopted, but the empirical premise that mandated disclosure produces meaningful transparency is contested. Selbst & Barocas (2018) argue inscrutability and non-intuitiveness are distinct problems and that disclosing rules does not resolve the latter, and large-scale audits find documentation is sparsely and unevenly completed: a systematic analysis of 32,111 Hugging Face model cards (Liang et al. 2024) found environmental-impact, limitations and evaluation sections least often filled, and Bhat et al. (2023, 45 practitioners) found a substantial gap between the documentation proposal and actual practice. Honest caveat: the documentation frameworks themselves are real and adopted, so the dispute is about whether disclosure conveys decision-relevant information, not whether the artifacts exist.
Sources: Selbst & Barocas 2018 (Fordham Law Review 87:1085-1139); Liang et al. 2024 (Nature Machine Intelligence, s42256-024-00857-z, 'Systematic analysis of 32,111 AI model cards'); Bhat et al. 2023 (CHI '23, 'Aspirations and Practice of ML Model Documentation', DOI 10.1145/3544548.3581518); Mitchell et al. 2019 (FAccT, Model Cards for Model Reporting); Gebru et al. 2021 (CACM 64(12):86-92, Datasheets for Datasets)
There is no rigorous impact evaluation showing that AI transparency mandates (model cards, training-data summaries) measurably reduce bias, misuse or accidents — the central regulatory assumption is empirically untested, partly because flagship mandates like EU AI Act Art. 53(1)(d) GPAI training-data summaries are only subject to AI Office enforcement/verification from 2 August 2026 (the obligation itself began 2 August 2025 for new models). The closest analogue, mandated consumer disclosure, shows small and context-dependent effects: Bollinger, Leslie & Sorensen (2011) found mandatory calorie posting cut average calories per transaction by about 6%, while Loewenstein, Sunstein & Golman (2014) review evidence that disclosure effects are frequently diminished or even reversed by limited attention and often change provider rather than recipient behavior. These are analogues, not AI studies; no study demonstrates that AI transparency disclosure achieves its stated downstream safety aims.
Sources: Bollinger, Leslie & Sorensen 2011 (AEJ: Economic Policy 3(1):91-128); Loewenstein, Sunstein & Golman 2014 (Annual Review of Economics 6:391-419, 'Disclosure: Psychology Changes Everything'); EU AI Act Art. 53(1)(d) GPAI training-data summary (obligation from 2 Aug 2025; AI Office enforcement from 2 Aug 2026)