EU AI Liability Directive: What Was It, Why Was It Withdrawn, and What Now Applies?
AI Law · Liability Framework
EU AI Liability Directive: What Was It, Why Was It Withdrawn, and What Now Applies?
The EU AI Liability Directive was withdrawn in February 2025. Most content still discusses it as proposed law. This article covers what replaced it, what the revised PLD means for AI software providers, and what the national law gap means for your contracts.
1
AI liability timeline 2022–2026
Click each event to see business impact
2
AILD vs PLD vs national law
What was proposed · what applies now
3
What PLD means for AI providers
Strict liability · manufacturer status · deployer risk
4
What you must check now
7-item checklist · PLD + AI Act
5
Common questions
AILD revival · national law gaps · contracts
!
PLD liability cannot be contracted out
Mandatory law · Article 14 PLD
The EU AI Liability Directive was proposed in September 2022 as the civil liability complement to the EU AI Act. By February 2025, the European Commission withdrew it — acknowledging it would not pass in the current legislative term. This has created a widespread misunderstanding: many legal, compliance, and product teams continue to reference AILD provisions as if they were enacted law, or treat the withdrawal as meaning AI liability rules no longer exist. Neither is correct. The AI liability landscape in 2026 is governed by three overlapping frameworks — the revised PLD (which explicitly covers AI software), the EU AI Act (which creates obligations whose breach can ground civil claims), and national tort law in each member state. Understanding which framework applies to which scenario is now a core requirement for AI risk and liability management for any company with EU exposure.
Status correction — February 2025
The EU AI Liability Directive was withdrawn in February 2025. This does not mean AI liability rules disappeared. The revised Product Liability Directive now explicitly covers AI software as a product — with strict liability from 9 December 2026. Any article, legal brief, or compliance framework that still discusses AILD as proposed or forthcoming law is out of date.
Section 1
EU AI Liability Timeline 2022–2026
Click each event to understand what it meant for AI providers, deployers, and enterprise clients at the time — and what it means for your legal exposure today.
EU AI Liability Framework: Key Events
Click each event to expand
2022
AILD proposed by European Commission
September 2022 · fault-based liability + disclosure rights
Withdrawn
+
What was proposed
The AI Liability Directive (COM/2022/496) was proposed as the civil liability counterpart to the EU AI Act. It introduced two core mechanisms: (1) a rebuttable presumption of causality — if a claimant could show an AI system violated EU AI Act obligations and that violation was likely to have caused the damage, causation was presumed; and (2) disclosure of evidence obligations — courts could order AI providers to disclose technical documentation, logs and model information to support liability claims. The directive was fault-based: it required proof of a legal obligation breach, not just harm from an AI output. It was never enacted and has no legal effect.
Business impact: None in law. Articles still citing AILD provisions as actionable obligations are incorrect.
2024
Revised Product Liability Directive adopted — AI software explicitly included
November 2024 · Directive (EU) 2024/2853
Applies Dec 2026
+
What changed
The revised PLD (Directive 2024/2853) was adopted in November 2024, explicitly bringing software — including AI systems — within the definition of “product.” Under the original 1985 PLD, software was excluded. The revised directive removes this exclusion and treats AI systems as products for the purpose of manufacturer liability. This means AI providers are subject to strict liability for damage caused by defective AI products — claimants do not need to prove fault, only that the product was defective and caused the harm. Member states must transpose the directive by 9 December 2026, from which date it applies to all AI products placed on the EU market. The revised PLD also introduces a rebuttable presumption of defect where the provider fails to cooperate in disclosing relevant technical documentation.
Business impact: As of December 2026, AI software providers are treated as manufacturers. Contractual limitation of PLD liability is not permitted under Article 14. MSA liability clauses must address PLD exposure separately — see our AI MSA clauses guide.
Feb 2025
AILD withdrawn by European Commission
February 2025 · Commission Work Programme 2025
Withdrawn
+
What the withdrawal means
The European Commission formally withdrew the AILD in February 2025 as part of its 2025 Work Programme — a list of legislative proposals it no longer intends to pursue in the current term. The Commission cited the revised PLD’s coverage of AI software as reducing the need for AILD’s fault-based framework. The withdrawal means: no EU-level fault-based AI liability regime applies or is forthcoming in the near term. There is no AILD transition period, no national implementation requirement, and no sunset clause. The legal gap it was intended to fill (fault-based claims for AI output damage, disclosure of technical evidence in litigation) now falls to national tort law in each member state — which varies significantly across the EU.
Business impact: EU-wide harmonised fault-based AI liability does not exist. For pure economic loss claims from AI outputs, claimants must rely on national law — France, Germany and the Netherlands have the most developed national AI tort frameworks.
Aug 2026
EU AI Act high-risk obligations enforceable
2 August 2026 · Articles 6–49 in force
In force
+
Civil liability consequences of EU AI Act breach
The EU AI Act is a regulatory framework, not a civil liability instrument — it does not itself create a private right of action. However, breach of EU AI Act obligations (failure to maintain technical documentation, failure to implement risk management, failure to ensure human oversight) can be used as evidence of negligence in national tort claims, create regulatory findings that support civil litigation, and in some member states trigger civil liability directly under national administrative law. The August 2026 enforcement deadline for high-risk AI obligations therefore also marks the date from which EU AI Act non-compliance can ground civil liability claims under national law. See our August 2026 deadline overview for the regulatory enforcement framework.
Business impact: EU AI Act non-compliance from August 2026 creates a dual exposure: regulatory fines from market surveillance authorities + civil liability under national law using non-compliance as evidence of fault.
Dec 2026
Revised PLD applies to AI software — strict liability in force
9 December 2026 · Directive (EU) 2024/2853 transposition deadline
Upcoming
+
Full strict liability applies to AI software providers
From 9 December 2026, all AI systems placed on the EU market are subject to the revised PLD’s strict liability regime. Providers are treated as manufacturers. Claimants who suffer physical harm, psychological harm, property damage or data loss caused by a defective AI product can bring a claim without proving fault. The key elements are: (1) the product was defective — meaning it did not provide the safety persons are entitled to expect; (2) the claimant suffered qualifying damage; and (3) the defect caused the damage. A product is presumed defective if the provider refuses to disclose technical documentation in litigation. Liability cannot be contractually excluded under Article 14, though liability between commercial parties for pure economic loss remains outside PLD scope and must be managed through MSA liability clauses.
Action required: Review product architecture to identify where AI outputs could cause physical or psychological harm to end-users. Ensure MSA AI liability clauses address PLD interaction correctly — including the mandatory law carve-out for PLD liability.
Section 2
AILD vs PLD vs National Law: What Changed
Three frameworks must be understood in parallel. AILD was never enacted. PLD applies from December 2026. National law applies now. Each creates different obligations for AI providers.
Never enacted
AI Liability Directive (AILD)
Withdrawn Feb 2025
Applies Dec 2026
Revised PLD (2024/2853)
Strict liability
Applies now
National Tort Law
Member state dependent
Liability standard
Fault-based — breach of EU AI Act obligation required
Causation
Rebuttable presumption of causation if AI Act breach proven
Evidence disclosure
Courts could order disclosure of logs and technical docs
Contractual exclusion
Not addressed (directive never enacted)
Current status
No legal effect. Not applicable.
Liability standard
Strict liability — no fault required, defect + damage + causation
Causation
Presumed defective if provider refuses to disclose documentation
Evidence disclosure
Claimant can request technical documentation via court order
Contractual exclusion
Not permitted under Article 14 — mandatory law, cannot be contracted out
Current status
Adopted. Applies from 9 December 2026.
Liability standard
Fault-based (negligence) — varies by member state
Causation
Claimant must prove causation under national procedural rules
Evidence disclosure
National civil procedure rules apply — varies significantly
Contractual exclusion
Generally permissible between commercial parties subject to reasonableness
Current status
Applies now in all 27 member states.
Economic loss gap
The revised PLD covers physical harm, psychological harm, property damage and data loss. It does not cover pure economic loss (financial loss without physical or property damage). For pure economic loss claims — the most common AI output scenario in B2B contexts — the applicable regime is national tort law, which varies across member states. This is why AI-specific MSA liability clauses remain essential: the contractual framework governs the economic loss scenario that PLD does not reach.
Section 3
What PLD Means for AI Providers
The revised PLD changes the liability calculus for anyone who builds AI systems, integrates AI into products, or places AI-powered software on the EU market. Three consequences are particularly significant for SaaS companies and AI system providers.
Three PLD Consequences for AI Providers
Strict liability · manufacturer status · deployer risk
From Dec 2026
1
AI software = product · Provider = manufacturer
Your AI system is a product. You are the manufacturer.
The revised PLD brings AI software within the definition of “product” for the first time in EU law. The provider of an AI system — the entity that develops and places it on the market — is treated as the manufacturer for PLD purposes. This means you are subject to strict liability for defects in your AI product that cause qualifying damage to users or third parties. You do not need to have been negligent. The claimant does not need to prove that you breached a duty of care. They need to show the AI system was defective (did not provide the safety persons are entitled to expect), that they suffered qualifying damage, and that the defect caused the damage. For complex AI systems with probabilistic outputs, the defect concept requires careful mapping to product architecture and intended use documentation.
2
Strict liability · No fault required · Disclosure presumption
Claimants do not need to prove fault — and silence is dangerous
Under strict liability, a claimant does not need to prove that you made a mistake or were careless — only that your AI product was defective and caused their harm. This is a materially higher risk than the fault-based framework AILD proposed. The revised PLD also introduces a critical evidence mechanism: if an AI provider refuses to disclose technical documentation, logs, or system information requested via court order in litigation, the court may presume the product was defective. This creates a strong incentive to maintain comprehensive technical documentation — not just for EU AI Act compliance, but as a litigation defence. Providers who have invested in Annex IV technical documentation under the EU AI Act will be better positioned to rebut the defect presumption. Those who have not will face a presumption they cannot rebut.
3
Article 25 EU AI Act · Substantial modification
A deployer who substantially modifies a high-risk AI system becomes the manufacturer under PLD
Under Article 25 of the EU AI Act, a deployer who substantially modifies a high-risk AI system becomes a provider for EU AI Act purposes and must comply with all provider obligations. Under the revised PLD, the same logic applies: a deployer who substantially modifies an AI system and places the modified system on the market (or continues to use it in a way that makes the modification relevant) takes on manufacturer liability for the modified system. This is the critical risk for SaaS companies that fine-tune, retrain, or materially customise third-party AI systems before deploying them to their clients. The original provider’s compliance documentation does not cover the modified system — the deployer-turned-manufacturer must maintain their own. See our provider vs deployer guide for the full analysis.
Section 4
What You Must Check Now
With the PLD transposition deadline approaching and national AI tort law already applying, these are the seven checks every AI provider with EU exposure should complete before December 2026.
AI Liability Readiness Checklist
PLD + EU AI Act + national law · click to mark as complete
0 / 7
Map which AI systems are “products” under revised PLD
Identify AI systems placed on the EU market · confirm provider = manufacturer status for each · assess which outputs could cause physical harm, psychological harm, property damage or data loss
PLD Art. 4
Review technical documentation readiness as PLD litigation defence
Annex IV documentation (EU AI Act) functions as evidence against the PLD defect presumption · gaps in documentation = gaps in defence · see Annex IV guide
PLD Art. 9
Confirm provider/deployer status for each AI system in your stack
Where you substantially modify a third-party AI system, you take on manufacturer liability under PLD · run this analysis per system · see provider vs deployer guide
Art. 25 EUAIA
Update MSA liability clauses to address PLD interaction
General SaaS liability caps do not address PLD mandatory liability · MSA must include PLD carve-out and AI-specific cap structure · see AI MSA clauses guide
PLD Art. 14
Assess national tort law exposure for pure economic loss scenarios
PLD does not cover pure economic loss · B2B AI output errors causing financial loss are governed by national tort law in each relevant member state · France, Germany, Netherlands have most developed frameworks
National law
Obtain AI Regulatory Opinion covering liability exposure
A formal legal opinion covering PLD manufacturer status, EU AI Act compliance position, and contractual liability framework · used for investor DD and enterprise client questionnaires · see AI Regulatory Opinions
Best practice
Verify EU AI Act compliance programme covers the August 2026 deadline
EU AI Act non-compliance from August 2026 creates dual exposure: regulatory fines + civil liability under national law using non-compliance as evidence of fault · see deadline overview
Art. 16 EUAIA
AI liability exposure mapped and managed. WCR Legal provides AI Risk & Liability advice covering PLD manufacturer status analysis, EU AI Act compliance, and MSA contract risk — for AI providers, deployers, and enterprise clients with EU exposure.
Talk to us about AI liability →
Frequently Asked Questions
EU AI Liability Directive · PLD · national law
1
Could the EU AI Liability Directive be reintroduced in a future legislative term?
+
It is possible but not currently a stated legislative priority. The Commission’s withdrawal of AILD was explicitly linked to the revised PLD covering AI software as a product. The Commission’s 2025 Work Programme indicates no near-term intention to replace AILD with an equivalent instrument. A future Commission could propose a new AI civil liability directive, particularly if PLD case law reveals the pure economic loss gap as a significant problem in practice — but this would be a multi-year legislative process. For planning purposes, the operative framework for the foreseeable future is revised PLD (for physical harm, psychological harm, property damage, data loss) plus national tort law (for pure economic loss). Compliance programmes and contract frameworks should be designed for this reality, not for a hypothetical future AILD.
2
What does “defective” mean for an AI system under the revised PLD?
+
The revised PLD uses the same defect standard as the original directive: a product is defective when it does not provide the safety which a person is entitled to expect, taking into account all circumstances — including the presentation of the product, the reasonably expected use, and the time of placing on the market. For AI systems, the application of this standard is nuanced. Key factors include: whether the provider’s documentation accurately characterised the system’s accuracy and limitations; whether the AI system behaved within its documented intended use parameters; whether the output that caused harm was a reasonably foreseeable type of output given the system’s design; and whether adequate instructions for use (including human oversight requirements) were provided. An AI system that accurately discloses its probabilistic nature, accuracy ranges, and human oversight requirements — and whose output caused harm despite the user following those requirements — is better positioned to contest the defect finding than one with no documentation. EU AI Act Annex IV technical documentation is directly relevant to this analysis.
3
Which EU member states have the most active national AI tort law frameworks?
+
As of 2026, France, Germany and the Netherlands have the most developed national frameworks for AI-related tort claims. Germany’s product liability act (Produkthaftungsgesetz) was an early transposer of the original 1985 PLD and has a well-developed case law body on software defects that courts are beginning to apply to AI systems. France has applied its general negligence framework (Article 1240 Code civil) to AI output claims, with several commercial court decisions in the financial services sector. The Netherlands has seen active litigation in the context of automated decision-making, partly driven by the GDPR Article 22 case law that preceded the EU AI Act. For AI providers with significant exposure in specific member states, jurisdiction-specific legal advice is recommended — particularly for pure economic loss scenarios that fall outside PLD scope.
4
We are a non-EU company. Does the revised PLD apply to us if we sell AI software to EU customers?
+
Yes, with a nuance. The revised PLD applies to products placed on the EU market. If a non-EU company places AI software on the EU market — directly, through a subsidiary, or through a distributor — the manufacturer liability framework applies to that company as the producer. However, where the non-EU manufacturer cannot be identified or is not present in the EU, the importer (the EU-established entity that first places the product on the EU market) and the distributor (who makes it available in the EU) can be treated as the manufacturer for liability purposes. This is the same structure as physical product imports. For non-EU AI software companies with EU enterprise clients, this means: (a) PLD manufacturer liability applies to your AI products sold to EU customers; and (b) if you do not have an EU-established legal presence, your EU-based importer or distributor takes on that liability exposure — which will affect how they structure their contractual relationship with you.
5
Does the EU AI Act itself create a private right of action for affected individuals?
+
No — the EU AI Act is a regulatory instrument, not a civil liability directive. It does not create a direct private right of action for individuals harmed by AI systems. Enforcement is through market surveillance authorities at national level and the European AI Office for GPAI models. However, the EU AI Act creates civil liability exposure indirectly in two ways: first, breach of EU AI Act obligations can be used as evidence of negligence (fault) in national tort claims, particularly from August 2026 when high-risk AI obligations become enforceable; second, in member states with general administrative liability frameworks (including France and Germany), regulatory findings of EU AI Act non-compliance can trigger compensation claims under national administrative law. The combination of EU AI Act non-compliance, PLD manufacturer liability from December 2026, and national tort law creates a layered exposure that requires integrated legal advice covering all three frameworks. WCR Legal’s AI Risk & Liability service is designed to address this integrated exposure.
Understand Your AI Liability Exposure Before December 2026
WCR Legal provides integrated AI liability advice covering PLD manufacturer status, EU AI Act compliance obligations, national tort law exposure, and MSA contract frameworks. Our AI Regulatory Opinions document your liability position for investor DD and enterprise client requirements.
Post Comment