Justice Ministry: New liability rules set for software and AI product makers

In Germany, there will soon be a broad framework for claims for damages for defective products, including in the area of software and hardware. The Federal Ministry of Justice and Consumer Protection (BMJV) published a draft law on the modernization of product liability law on Thursday. The new rules relate in particular to damage caused by faulty computer programs – including software in the field of artificial intelligence (AI) –. Accidents involving autonomous vehicles are a relevant example of this.

According to the draft bill, injured parties who suffer property damage or bodily injury as a result of a defective product will also be able to receive compensation from the manufacturer more easily in future. With this initiative, the BMJV wants to transpose the provisions of the new EU Product Liability Directive, which comes into force at the end of 2024, "1:1" into German law. This must be done by the beginning of December 2026. The aim of the EU requirements is to adapt product liability law to the requirements of digitalization, the circular economy and global value chains.

The draft, which still has to pass the Federal Cabinet, Bundestag and Bundesrat, provides for several significant changes. In future, software – is to be generally included in product liability regardless of the way it is provided and used –. AI systems are also covered by this provision, especially if they are "adaptive".

Open source and updates

Open source software that is developed or provided outside of a business activity is excluded. The BMJV explains this in the explanatory memorandum: If such programs with freely available source code were integrated into a product as a component by a manufacturer as part of a business activity, the latter would be liable for damages caused by software errors. The provision of open source by non-profit organizations is generally not part of a business activity. However, if programs are provided for a fee or in return for personal data that is used in a way other than exclusively to improve the security, compatibility or interoperability of the software, this would constitute a commercial activity.

According to the plan, manufacturers may also be liable in future for errors caused by updates or upgrades. The same applies to the absence of software patches that would be necessary to maintain security. Furthermore, connected digital services, such as traffic data for the navigation system of an autonomous vehicle, are also to be taken into account in future. If this steering aid suddenly fails and the robo-car then causes an accident, "both the vehicle manufacturer and the provider of the navigation service are liable", according to the draft.

The prerequisite is that the service was connected to the car with the consent of the vehicle manufacturer and causes a serious fault. Damage resulting from physical injury or damage to health or defects in items that are not used exclusively for professional purposes and which are not the faulty product itself are eligible for compensation. In this case, the liability of the manufacturer of the autonomous vehicle and the provider of the connected service should apply in addition to that of the vehicle owner and the driver under the Road Traffic Act.

Platform operators are included

The BMJV provides for the circular economy: If a product is significantly redesigned after being placed on the market, for example through upcycling, the manufacturer making the changes is to be deemed liable in future. If the producer is located outside the EU in global value chains and is not tangible, importers, fulfillment service providers, suppliers and providers of online platforms should also be liable under certain circumstances. The latter applies if consumers can assume that the product is provided either by a portal itself or by a user under their supervision.

If a product defect is established and the injury suffered is typically attributable to it, the causal link between the defect and the damage is generally presumed under the project. Courts could also order companies to disclose evidence. The protection of trade secrets should remain guaranteed. These adjustments are a reaction to the increasing complexity of modern products such as networked devices and software.

The BMJV has sent the draft to the federal states and associations. Interested parties have until October 10 to submit their comments. Justice Minister Stefanie Hubig (SPD) emphasized: "Whether a faulty AI causes damage or a loose screw – should make no difference to consumer claims." The reform would ultimately also benefit companies "that bring safe products onto the market".

(vbr)