Scope

The revised Product Liability Directive will apply to economic operators, such as manufacturers, importers and distributors, of “products”. Providers of online platforms that allow consumers to conclude contracts with traders, are also subject to the Directive.

The revised Product Liability Directive will apply to products placed on the market or put into service after 9 December 2026.

The revision of the Directive extends the scope of potentially liable entities by defining software, digital manufacturing files and certain digital services as “products” in the meaning of the Directive. Therefore, the proposal will be of relevance for technology companies offering digital products.

The scope of the revised Directive does not extend to the source code itself and non-commercial open source-software.

Relevance

The overarching goal of the revision is to bring the EU product liability regime up to speed with the digital age, circular economy and global value chains. While the revised Directive has many similarities with the previous Directive, it introduces important changes for the technology sector by introducing new provisions that clarifies the scope of product liability for digital products (software etc.).

Key obligations

Entities covered by the revised Directive are subject to a strict liability (liability regardless of fault) for damages caused by defective products, including defective software and digital manufacturing files. Liability arises when an injured person proves that the product was defective, he/she has suffered damages, and there is a casual link between the damage and the product’s defectiveness.

According to the revised Directive, product defectiveness may extend to the lack of software updates under the manufacturer’s control as well as the failure to address cybersecurity vulnerabilities.

The revised Directive extends the nature of damages to loss and corruption of data that is not used exclusively for professional purposes. Hence, the revision may affect limitations of liability for the customers loss of data in B2C-contracts.

Furthermore, the revised Directive introduces new rules on evidence, which alleviate the burden of proof for example when the claimant meets excessive difficulty in proving defectiveness or a casual link because of the scientific or technical complexity of the product (e.g. AI-systems).