Questions & Answers: AI Liability Directive

The AI Liability Directive complements and modernises the EU civil liability framework, introducing for the first time rules specific to damages caused by AI systems.

The new rules will ensure that victims of harm caused by AI technology can access reparation, in the same manner as if they were harmed under any other circumstances. The Directive introduces two main measures: the so called ‘presumption of causality’, which will relieve victims from having to explain in detail how the damage was caused by a certain fault or omission; and the access to evidence from companies or suppliers, when dealing with high-risk AI.

  1. Why do we need a new Directive?

As technological advances continue to roll-out, so must the guarantees put in place to ensure that EU consumers benefit from the highest standards of protection, even in the digital age. The Commission is committed to ensuring that pioneering technological innovation is never at the expense of safeguards for citizens. A harmonised legal framework is required at EU level to avoid the risk of legal fragmentation when filling the voids brought by these unprecedented technological advances.

Current national liability rules are not equipped to handle claims for damage caused by AI-enabled products and services. In fault-based liability claims, the victim has to identify whom to sue, and explain in detail the fault, the damage, and the causal link between the two. This is not always easy to do, particularly when AI is involved. Systems can oftentimes be complex, opaque and autonomous, making it excessively difficult, if not impossible, for the victim to meet this burden of proof. One of the most important functions of civil liability rules is to ensure that victims of damage can claim compensation. If the challenges of AI make it too difficult to access reparation, there is no effective access to justice. By guaranteeing effective compensation, these rules contribute to the protection of the right to an effective remedy and a fair trial, both included in the EU Charter of Fundamental Rights.

The new rules will ensure that any type of victim (either individuals or businesses) can have a fair chance to compensation if they are harmed by the fault or omission of a provider, developer or user of AI. Furthermore, investing in trust and establishing guarantees should something go wrong, is investing in the sector and contributing to its uptake in the EU. Effective liability rules also provide an economic incentive to comply with safety rules, therefore contributing to the prevention of damage.

  1. How will this Directive help victims?

The new rules cover national liability claims based on the fault or omission of any person (providers, developers, users), for the compensation of any type of damage covered by national law (life, health, property, privacy, etc.) and for any type of victim (individuals, companies, organisations, etc.).

The new rules introduce two main safeguards:

  • First, the AI Liability Directive alleviates the victims’ burden of proof by introducing the ‘presumption of causality’: if victims can show that someone was at fault for not complying with a certain obligation relevant to the harm, and that a causal link with the AI performance is reasonably likely, the court can presume that this non-compliance caused the damage. On the other hand, the liable person can rebut such presumption (for example, by proving that a different cause provoked the damage).
  • Second, when damage is caused because, for instance, an operator of drones delivering packages does not respect the instructions of use, or because a provider does not follow requirements when using AI-enabled recruitment services, the new AI Liability Directive will help victims to access relevant evidence. Victims will be able to ask the court to order disclosure of information about high-risk AI systems. This will allow victims to identify the person that could be held liable and to find out what went wrong. On the other hand, the disclosure will be subject to appropriate safeguards to protect sensitive information, such as trade secrets.

Together with the revised Product Liability Directive, the new rules will promote trust in AI by ensuring that victims are effectively compensated if damage occurs, despite the preventive requirements of the AI Act and other safety rules.

  1. What kind of AI is concerned by the proposal?

The Directive is focused on providing victims with the same standards of protection when harmed by AI systems as they would be if harmed under any other circumstances. The AI Liability proposal thus applies to damage caused by any type of AI systems: both high-risk and not high-risk.

  1. How will the new rules contribute to innovation and development in the field of AI?

The proposal for the AI Liability Directive balances the interests of victims of harm related to AI systems and of businesses active in the sector.

To do that, the Commission has chosen the least interventionist tool (rebuttable presumptions) for easing the burden of proof. As such, the AI Liability Directive does not suggest a reversal of the burden of proof, to avoid exposing providers, operators and users of AI systems to higher liability risks, which may hamper innovation of AI-enabled products and services.

Furthermore, by ensuring that victims of AI enjoy the same level of protection as in cases not involving AI systems, the proposal for the AI Liability Directive contributes to strengthening public trust in the AI technologies, thereby encouraging AI roll-out and uptake around the Union.

Businesses will be in a better position to anticipate how the existing liability rules will be applied, and thus to assess and insure their liability exposure. This is especially the case for businesses trading across borders, including for small and medium-sized enterprises (SMEs), which are among the most active in the AI sector.

  1. What is the relationship with the Product Liability Directive?

The revised Product Liability Directive modernises the existing EU-level strict product liability regime and will apply to claims against the manufacturer for damage caused by defective products; material losses due to loss of life, damage to health or property and data loss; and is limited to claims made by private individuals.

The new AI Liability Directive makes a targeted reform of national fault-based liability regimes and will apply to claims against any person for fault that influenced the AI system which caused the damage; any type of damage covered under national law (including resulting from discrimination or breach of fundamental rights like privacy); and claims made by any natural or legal person.

As regards alleviations to the burden of proof, the two Directives introduce similar tools (right to disclosure of evidence, rebuttable presumptions) and use similar wording to ensure consistency, regardless of the compensation route chosen.

  1. What is the relationship with the Artificial Intelligence Act?

The AI Act and the AI Liability Directive are two sides of the same coin: they apply at different moments and reinforce each other. Safety-oriented rules aim primarily to reduce risks and prevent damages, but those risks will never be eliminated entirely. Liability provisions are needed to ensure that, in the event that a risk materialises in damage, compensation is effective and realistic. While the AI Act aims at preventing damage, the AI Liability Directive lays down a safety-net for compensation in the event of damage.

The AI Liability Directive uses the same definitions as the AI Act, keeps the distinction between high-risk/non-high risk AI, recognises the documentation and transparency requirements of the AI Act by making them operational for liability through the right to disclosure of information, and incentivises providers/users of AI-systems to comply with their obligations under the AI Act. The Directive will apply to damage caused by AI systems, irrespective if they are high-risk or not according to AI Act.