The Product Liability Directive 2024 is a decisive turning point for software providers in the EU. Never before has it been so important to address the new liability requirements for digital products – from traditional software to AI systems and cloud-based services. With the entry into force of this revised directive, topics of product liability, secure provision and quality assurance of digital applications are coming to the fore. This law is based on a modern understanding of liability that also includes complex digital supply chains and fulfillment service providers. For software providers, this means that those who fail to meet the new requirements risk not only legal consequences, but also a massive loss of trust in the market.
In this article, you will get a comprehensive overview of the EU Product Liability Directive and find out what specific changes the Product Liability Directive 2024 will bring. We shed light on the new regulations, explain their scope and show how software providers can prepare in good time. We also take a look at the national implementation in Germany, address specific legislation such as the ProdHaftG (short for Product Liability Act, German abbreviation) and show practical approaches for quality assurance, documentation and risk management.
Overview: The most important changes to the Product Liability Directive 2024
The updated EU Product Liability Directive is the result of a lengthy legislative process in which Member States, the Council and legislators worked together. The aim of this new version is to adapt the outdated product liability law, which dates back to the times before the digital revolution, to the realities of modern manufacturing and production. The expansion of the definition of compensable damage now also includes the loss and falsification of data, and the product concept has been extended to include software and digital services. The dynamic movement of digital products, in which a quasi-manufacturer or digital service provider plays an essential role, requires new and clearer legislation to better protect aggrieved parties.
New product concept: focus on software, AI systems and product safety
A key innovation is the expanded definition of a product. The clarification of the new regulations emphasizes the inclusion of software as a product. Whereas previously the focus was primarily on physical objects, the new regulations of the Product Liability Directive 2024 now also cover software, AI systems and other digital solutions. The use of artificial intelligence in the form of algorithms or machine learning in particular poses new challenges in terms of liability. This is because the manufacturer (or quasi-manufacturer, for example if a company sells a third-party product under its own name) must now ensure that digital updates, patches and algorithms do not contain any errors that could lead to damage.
Liability for updates and digital services
Another important point is liability for defective products, which is now also extended to digital services and updates. For example, if a software provider provides an update that unexpectedly leads to property damage or harm, they can be held liable under the Product Liability Directive 2024. The clauses and obligations for compensation no longer only apply to the original production, but to the entire life cycle of a digital product - from initial release to maintenance, patches, security updates and final decommissioning.
The limitation periods and conditions for liability claims begin at the time the damage is discovered and can be suspended under certain circumstances.
Impact of the Product Liability Directive 2024 on software providers
For software providers who sell their products and services in the EU, it is now a top priority to understand the new requirements in detail. Products must be compliant with the new product liability law – this applies not only to the actual software, but also to the integration of external services, online platforms, cloud and AI functionalities and cooperation with external service providers such as fulfillment service providers. Anyone involved in the sale of software should ensure that all requirements of the new directive are met. There is also an obligation to disclose relevant evidence in court proceedings in order to ensure that evidence is presented fairly.
Liability for errors in software and algorithms
Digital errors, for example due to code that contains defects or insufficiently tested algorithms, could have far-reaching consequences in the future. Errors that lead to the loss of important data or the failure of a critical application could be legally classified as a defective product.
The Product Liability Directive 2024 sets clear standards here: a software provider is liable if a product – regardless of whether it is a physical end device with integrated software or a purely digital application – does not offer the level of safety that can be expected taking into account all circumstances, including the state of the art in science and technology. Particularly in the case of AI systems, in which algorithms continue to develop independently, the requirements for quality assurance and continuous monitoring increase enormously.
Significance for SaaS, platforms and cloud providers
The new amendments are relevant for everyone who offers digital services – from traditional software solutions and SaaS models to platforms and cloud providers. For example, anyone who provides cloud software or distributes third-party apps via online platforms will be under greater obligation in future to ensure that no malfunctions occur that could result in compensation for damages.
The handling of user data, the reliable provision of services and security in the production and maintenance of software are now also under closer scrutiny. Careful contract design, professional quality management and clear internal processes are essential in order to comply with the new legal situation. The automatic control of machines or tools through digital design documents, especially with modern technologies such as 3D printers and the integration of software into physical products that can be operated by voice assistants, plays an important role here.
Increased burden of proof: What changes for affected parties and manufacturers
One important change resulting from the new directive is the altered burden of proof. These innovations in German civil procedure law have parallels with common law procedures, especially with regard to the obligation to disclose relevant evidence. In the future, aggrieved parties will have a better chance of enforcing their claims, as the legislature intends to demand a fairer distribution of the burden of proof. Whereas previously the victim often had to prove that a product was faulty, the burden of proof will now shift to the manufacturer in some cases. Software providers are therefore required to design their test procedures, audits and documentation in such a way that, in the event of damage, they can prove at any time that they have taken all necessary measures to avoid liability for defective products.
Stay up to date with product liability and software quality! Visit the Agile Testing Days 2025 and deepen your knowledge with leading experts!
Legal implementation in Germany
The EU provides a binding framework with the Product Liability Directive 2024, but the specific implementation is the responsibility of the individual member states. In Germany, this is done via the national Product Liability Act - ProdHaftG for short - which is being adapted to the new requirements. The aim here is to clearly define the scope of application and ensure that national legislation and policy decisions are in line with the European regulations.
An important reason for the liability of manufacturers and suppliers is that a supplier is not liable if it has manufactured a faultless product which has resulted in a faulty end product due to design defects on the part of the manufacturer.
Amendments to the Product Liability Act (ProdHaftG)
Fristen, Verjährung, Übergangsregelungen und nationale Besonderheiten
Time limits, limitation periods, transitional provisions and national particularities
When the Product Liability Directive came into force in 2024, new regulations were introduced that will not take effect overnight. There will be deadlines and transitional arrangements to give companies time to implement them. In the course of these adjustments, Germany may make its own fine adjustments to take account of country-specific requirements. This could include additional reporting obligations, documentation requirements or special legal provisions. The role of fulfilment service providers who supply products to end customers could also come under greater scrutiny, as they can be considered a quasi-manufacturer if they have a significant influence on the characteristics of the product.
Ensure the quality of your software and meet new liability requirements with ease! Our ISTQB and IREB training courses make you fit for the challenges of software testing.
Conclusion: The Product Liability Directive 2024 as a milestone for software quality
The Product Liability Directive 2024 marks an important turning point in the digital manufacturing industry. It shows that the EU is willing to create a modern and holistic product liability law that meets the requirements of a connected world. New product safety requirements emphasize that a product can be considered defective if it does not meet general safety expectations. For software providers, it is becoming clear that it is no longer enough to provide a functioning product. Security, stability, regular maintenance and clear documentation are becoming the key to surviving in an increasingly competitive environment and minimizing legal risks.
Companies that address the new situation at an early stage have the opportunity to use the new requirements not only as an obligation, but also as a strategic advantage. Those who optimize their testing and quality assurance processes, for example, can build a higher level of trust with customers and gain a competitive advantage in the long term. The Product Liability Directive 2024 is therefore not only a law for greater safety, but also a driver for innovation and professional product development.
Frequently asked questions: New EU Product Liability Directive 2024
When is the new Product Liability Directive coming?
The Product Liability Directive 2024 will be published in the EU Official Journal once the legislative process has been completed and will enter into force after a certain transitional period. The exact date of entry into force may vary depending on the progress of implementation in the member states and the specific national features. Companies should follow the process closely and start adapting their processes in good time.
What does the Product Liability Act say?
In Germany, the Product Liability Act (ProdHaftG) regulates liability for defective products. It specifies the conditions under which a manufacturer, quasi-manufacturer or importer is liable for damage caused by a defective product. Due to the amendments made as part of the Product Liability Directive 2024, the ProdHaftG will now also be extended to software and digital services.
How long is a manufacturer liable for its product?
The duration of liability depends on the applicable legislation. The Directive provides that, under certain circumstances, a manufacturer can still be held liable years after the sale of a product. This applies in particular if a defect is only discovered later or if claims for damages arise from prolonged use. The exact deadlines and regulations are set out in the German Product Liability Act (ProdHaftG) and the other national implementing acts.
For which damages can product liability be asserted?
Product liability applies in the event of physical injury to a person, damage to property and, under certain conditions, other financial losses. It is important that a defective product has directly caused the damage. The Product Liability Directive 2024 also extends this concept of damage to digital products where, for example, a faulty update can lead to data loss or the failure of critical systems.
