New EU Directive Modernizes Defective Product Liability to Address New Technologies

5 minute read | June.16.2025

The EU Commission has adopted Directive (EU) 2024/2853, which implements a comprehensive overhaul of the 1985 Directive 85/374/EEC on defective product liability (“New PLD”). The new framework, which complements Regulation (EU) 2023/988 (General Product Safety), seeks to modernize the European product liability regime to address the emergence of new digital technologies. The directive’s overarching aim is to enhance consumer protection and simplify access to compensation for victims of defective products.

Depending on the circumstances, the manufacturer, importer, fulfillment service provider or online platform can be held liable for a defective product.

The New PLD will apply to products placed on the market or put into service in the EU after 9 December 2026, regardless of whether the relevant economic operator commercializing the product is established in the EU.

What’s New

The New PLD updates Europe’s existing product liability regime to adapt it to digital products and “related” services. In particular:

The definition of what constitutes a “product” has been expanded and will cover digital goods and related digital services.
New elements shall be taken into account to determine whether a product is defective.
Product modifications (such as product updates and evolutions) are taken into account.
Loss due to destruction or corruption of digital data may be compensated under the new regime.
New rules will make it easier for victims to prove that a product is defective.
Time limits to introduce a claim have been revised.

Broadened “Product” Definition

The New PLD significantly expands the scope of what constitutes a “product.” The new definition covers all movables, even if integrated into, or interconnected with, another movable or an immovable; it includes electricity, digital manufacturing files, raw materials and software.

The inclusion of software is a significant change from the previous product liability regime, and Recital 13 that addresses software expressly refers to firmware and artificial intelligence (AI) systems. Digital services that are integrated into, or interconnected with, a product are also covered as product components.

While AI systems are not expressly included in the definition of product in the New PLD, the recitals of the New PLD and its context of adoption suggest that the New PLD will apply to AI systems. The New PLD was part of a broader legislative package proposed alongside the AI Act and a proposal for an AI Liability New PLD—which has since been withdrawn—aimed at harmonizing rules applicable to AI technologies.

New Elements Are Taken into Account to Determine Defectiveness

The New PLD adds additional factors that will be taken into account when assessing whether a product is defective. For example, the product’s ability to learn or evolve post-sale (which is especially relevant in relation to AI systems), the foreseeable interaction with other connected products and compliance with cybersecurity standards. Here again, the objective is to adapt the law to new technologies; the entire product life cycle and the product’s evolution are taken into account.

The previous product liability regime provided for an objective assessment of the defectiveness, taking into account the level of safety that a person is entitled to expect. In the New PLD, the level of safety that a person is entitled to expect is taken into consideration, but it can now also be assessed in the context of other EU product safety laws. For instance, in relation to AI systems, compliance with the AI Act may be taken into account when assessing whether an AI system is defective.

Persons Carrying Out Substantial Modifications May Be Liable

Under the New PLD, when a substantial modification is made outside the original manufacturer’s control, the person responsible for the modification will be considered a manufacturer of the altered product and held liable as a manufacturer of the modified product. However, the person responsible for the modification may be exempted from liability if they can prove that the damage is related to a part of the product not affected by the modification. This is particularly relevant for software since modifications are frequently carried out by economic operators that integrate software in their products and/or services.

The concept of “substantial modification” covers modifications of a product after it has been placed on the market or put into service that are considered substantial under EU or national rules on product safety or—in the absence of threshold—any modification that changes the product’s original performance, purpose or type, without the change having been foreseen in the manufacturer’s initial risk assessment, and that changes the hazard, creates new hazard or increase the level of risk.

Recital 40 of the New PLD specifies that where a substantial modification is made through a software update or upgrade or due to the continuous learning of an AI system, the substantially modified product should be considered to be made available on the market or put into service at the time that modification is actually made.

Compensation for Loss Due to Destruction or Corruption of Digital Data

The New PLD adds the destruction or corruption of digital data, which is not used for professional purposes, as a new category of compensable harm. This might include compensation for the destruction or corruption of digital files deleted from a hard drive caused by a defective product, including the cost of recovering or restoring this data.

Evidentiary Reforms Favoring Victims

The New PLD introduces two reforms meant to address the information asymmetry between consumers and manufacturers and to ensure a fair allocation of risk, particularly in cases involving technically complex products. Specifically, the New PLD:

Facilitates claimants’ access to evidence by introducing new judicial powers to compel disclosure of relevant evidence if the victim presents a plausible claim; and
Creates presumptions of defect and/or causation in cases of non-compliance with safety standards, manifest malfunction during normal use and complexity preventing proof, paired with probable defect or causation.

Revised Time Limits and Latency Provisions

The New PLD retains a 3-year prescription period from the moment the victim becomes aware or should have become aware of the damage, the defect and the potentially liable party. It also keeps the 10-year long-stop deadline but adds a 25-year limit for latent injuries and specifies that the 10-year period restarts at the time the modified product or service is placed on the market or, for substantially modified products, when they are put into service.

What’s Next

EU Member States must implement the New PLD in their respective national laws by 9 December 2026. The new rules will only apply to products placed on the market after this date. The New PLD imposes maximum harmonization, which means that national laws cannot be stricter or more lenient in principle.

If you have questions, please reach out to Julia Apostle and Rami Kawkabani.

Authors

Julia Apostle Partner, Technology Transactions, Cyber, Privacy & Data Innovation

Paris

See my bio

D:+33153537500
E: japostle@orrick.com

Practice:

Technology Transactions
Cyber, Privacy & Data Innovation
Technology & Innovation
Artificial Intelligence (AI)
Strategic Advisory & Government Enforcement (SAGE)

vCard

See full bio

Julia Apostle Partner

Paris

Julia counsels on compliance issues in relation to European and French tech and data regulations, including:

the GDPR;
the Digital Services Act;
the EU AI Act and the regulation of AI more generally,
the Data Act;
the Cyber Resilience Act;
the NIS2 Directive;

and other new and emerging legislation impacting online platforms, technology developers, and eCommerce businesses. She advises companies of all sizes on a wide range of compliance matters, ranging the drafting of internal policies, to assisting with regulatory investigations, product counseling and regulatory engagement.

In the context of strategic transactions covering significant and complex technological issues, she is involved in the drafting and negotiation of agreements relating to data transfer, IT, software, content and brand licensing.

Julia is deeply familiar with the commercial considerations’ clients face, having practiced in-house at Twitter, Financial Times and CBS for more than a decade prior to joining Orrick. Julia also teaches a course on AI contracts for the Master's program in AI Law at a leading French university and acts as a mentor for students.

Rami Kawkabani Senior Associate, Technology & Innovation, Technology Transactions

Paris

See my bio

D:+33 1 5353 8157
E: rkawkabani@orrick.com

Practice:

Technology & Innovation Sector
Technology & Innovation
Technology Transactions
Strategic Advisory & Government Enforcement (SAGE)

vCard

See full bio

Rami Kawkabani Senior Associate

Paris

Rami advises clients in drafting and negotiating their contractual terms and in the context of strategic transactions covering significant and complex technological issues including in terms of liability and intellectual property.

He also regularly advises clients on compliance with tech and data European and French regulations (Digital Services Act, AI Act, GDPR, Data Act, LCEN) and in the context of their commercial practices towards consumers.

Rami has spent time in-house with major tech companies, and is able to quickly understand his client’s requirements and priorities.

Related Areas

Technology Transactions