“The New EU Product Liability Directive: Overview

On December 9, 2024, the European Union enacted Directive 2024/2853, a significant overhaul of its product liability framework, replacing the nearly four-decade-old 1985 directive, which applies in France and is the backbone of the French law on defective products.

The main objective of this modernization is to address the complexities introduced by digitalization, artificial intelligence (AI), and globalized supply chains.

Let us examine briefly the main changes:

Expanded Scope of ‘Product’

The directive broadens the definition of “product” to encompass not only tangible goods but also intangible assets like software, digital manufacturing files, and AI systems. This includes standalone software, embedded applications, and services accessed via cloud technologies.

There were already a few decisions of French courts recognizing that a software is a product with the meaning of the Directive; however, the new directive will bring clarity on this subject.

Inclusion of Digital and AI Components

Recognizing the proliferation of smart devices and AI-driven products, the directive holds manufacturers accountable for defects arising from software updates, cybersecurity vulnerabilities, and AI behavior. This ensures that digital components meet safety expectations throughout the product’s lifecycle .

Broadened Definition of Damage

Beyond physical injury and property damage, the directive now acknowledges psychological harm and data loss as compensable damages, provided the psychological harm is medically recognized . This reflects the increasing value and sensitivity of personal data in the digital age.

Again, this is consistent with the current position of French jurisprudence on defective products.

Extended Liability Periods

While the standard limitation period remains three years, the directive extends the long-stop period to 25 years for latent personal injuries. Additionally, significant product modifications, such as software updates or AI learning, can reset the limitation period, acknowledging the evolving nature of modern products .

Implications for Businesses

Companies must adapt to these changes by implementing robust quality assurance processes, ensuring cybersecurity measures are in place, and maintaining comprehensive documentation. With the directive’s broader scope and stricter liability provisions, businesses face increased litigation risks and must proactively manage compliance.”