The proposal for a revised Product Liability Directive: The emperor's new clothes?

On September 28, 2022, the European Commission presented the long-awaited proposal for a revised Product Liability Directive (PLD). By adapting rules and concepts to digitalization and circular economy, the revised PLD aims to ensure that the damage that defective products caused can be remedied adequately. This paper provides a comprehensive analysis of the substantive and procedural harmonized rules that are reshaped in the revised PLD. The discussion shows that although the revised version makes progress, ambiguities remain about essential concepts such as ‘product’, ‘damage’, and ‘defectiveness’. Those ambiguities could generate significant legal uncertainties. In addition, it is imperative to consider whether the harmonization that results from the revised PLD strikes a balance between centralized policy goals and local preferences. Since it has been reiterated that the revised PLD will be limited to safety-related harm rather than to harm to other fundamental rights (e.g., data protection and equal treatment), it is also crucial to inquire whether harms of the latter kind can be remedied effectively by other relevant legal regimes.


Introduction
The Product Liability Directive (PLD) 1 was adopted in 1985.Its main purpose is to ensure that producers are liable for the damage that their defective products caused to individuals. 2 The idea of 1985 PLD is to provide a maximally harmonized framework through which Member States can address liability and remedy the damage that products cause.Therefore, no Member State can maintain or introduce more or less stringent rules on damage that is caused by defective products unless authorized explicitly by the text of 1985 PLD. 3 For claims that are outside the scope of the Directive, such as claims for damage that is not recoverable under the product-liability regime or claims against actors other than producers, injured persons must rely on other horizontally applicable regulations and national laws to recover their losses.
Stakeholders have expressed doubts about the suitability of the 1985 PLD for addressing the harm that defective products cause at present, particularly in the light of the significant role that digital technologies now play in disrupting production processes. 4The EU authorities also recognized the new challenges that digitalization poses.In 2018, the 1985 PLD was evaluated in order to identify discrepancies between it and the issues that digital technology has created. 5The conclusion was that while the liability rules that are laid down in the 1985 PLD are adequate on the whole, essential concepts such as 'product' are no longer fit for the transformed patterns of digitalizationdriven production and the circular economy. 6Significant legal fragmentation has occurred across the EU Member States.This fragmentation is liable not only to generate significant uncertainties about the potential liability of stakeholders but also to undermine the effective protection of consumers. 7gainst this background, on September 28, 2022, the Commission presented two proposals for adapting liability rules to the digitalization-led transformation, the circular economy and the global value chain.The first proposal is the AI Liability Directive (AILD), 8 which attempts to lay down minimally harmonized rules in order to ease the burden that (potential) claimants must discharge when claiming for fault-based harm that is caused by AI systems before a court. 9The other proposal is the revised PLD. 10 Its objective is to modernize the maximum-harmonization rules of the 1985 PLD. 11 This article focuses on the revised PLD with a question of whether the proposed revision of the 1985 PLD would properly address the challenges raised by digitalization and circular economy.Currently, there is a paucity of literature assessing the revised PLD. 12 More discussion on the new proposal is thereby needed for the purpose of evaluating its potential performance and effectiveness.This article aims to highlight the changes that the revised PLD introduces and to identify the potential ambiguities that could reduce its effectiveness.In addition, it discusses the potential tension between centralization and decentralization resulting from the revised PLD: whether the revised PLD could strike a balance between the goal of the internal market and local preferences.The structure of this article is as follows: in section 2, we explore the manner in which essential concepts such as 'product', 'damage', 'defectiveness' and 'liable actors' have been reshaped in the revised PLD.Section 3 examines the procedural rules that the revised PLD proposes in order to lessen burdens on claimants.Section 4 concludes that, despite the ambiguity that the analysis reveals, the revised PLD provides some proper reactions to new challenges.It also indicates that the pursuit of harmonization should not be the sole objective that guides future adaptations of the PLD.In order to protect consumers more adequately, the PLD should leave sufficient room for Member States to maintain and develop their own rules.In this way, the revised PLD could avoid the trap of 'the emperor's new clothes' and may come to reflect local demands and preference.

The substantive efforts to reconstruct harmonization in the revised PLD
The essence of product liability is that the producer is liable when their defective products cause damage.Several key terms, such as the concepts of 'product', 'damage', 'defectiveness' and 'producer', are crucial to determining the scope of product liability.The revised PLD adapts these core terms to the challenges that have emerged from digitalization and circular economy.This section provides a critical analysis of the manner in which the revised PLD reshapes these essential concepts.

A. Product
The concept of 'product' determines the scope of the product-liability regime.Article 2 of the 1985 PLD defines products as 'all movables'.Scholars have argued that this definition is no longer consistent with the features of contemporary production. 13Therefore, the first and most important task of the revised PLD is to clarify the scope of the term 'product' and to adapt it to a supply chain that has been reshaped by digitalization and the circular economy.
In the revised PLD, 'product' is defined in Article 4, which refers to 'all movables, even if integrated into another movable or into an immovable'.Furthermore, it states clearly that 'product' includes electricity, digital manufacturing files and software. 14A digital service could also be considered as a component of a product if it is integrated or interconnected with a product and if its absence could influence the functionality of the product. 15The discussion that follows concerns the scope of the term 'product' in the revised PLD and identifies controversial and ambiguous matters.
1. Digital data is not a product per se.Flawed information may cause a product to be unsafe (e.g., food may become poisonous if incorrect instructions are followed).In recent years, there has been an animated debate on the question of whether information can be regarded as a component of a product or even as a product in its own right.According to the 1985 PLD, information, as an intangible good, is excluded from the scope of the concept. 16Nevertheless, the literature indicates that treating information as a product in specific cases would accord with the objective of the PLD, in that it would enhance consumer protection. 17At present, information largely takes the form of digital data, which is accessed from or stored in the product and influences its performance and functioning.
The Impact Assessment of the revised PLD shows that the proposal to define digital data as only comprising information gained little support. 18In comparison, most respondents favoured a solution whereby victims would be granted redress if the damage is caused by defective data that can influence the operation of the product. 19It is unclear from the revised PLD whether digital data, either as mere information or as data that can influence the operation of a product, should be considered as a product.Therefore, pursuant to a literal interpretation, all types of digital data would not be defined as a product per se.
The revised PLD indicates that a digital manufacturing file, which is a digital version or a digital template of a movable that contains the functional information that is necessary to produce a physical product, is defined as a product. 20Digital manufacturing files are quite different from digital data.One typical digital manufacturing file is the CAD file that is used for 3D printing.A CAD file is a set of instructions that can be executed in order to make a physical product. 21From this perspective, digital manufacturing files are more akin to software than to digital data.In contrast, digital data is not a digital version or a template of a movable.It contains information that can influence the function and operation of a product, but that information cannot be executed. 22ata that contains the functional information that is used to train an intelligent system is not considered to be a digital manufacturing file, but it can still raise significant safety concerns because training can cause the final product to malfunction.According to the revised PLD, despite its ability to influence the operation of a product, such functional data is excluded from the scope of the term 'product'.
Due to the maximum-harmonization nature of the Directive, the Member States cannot provide that 'digital data' will be interpreted to refer to a product in its own right, irrespective of whether that data only contains information (e.g., maps) or whether it generates specific safety issues or concerns about fundamental rights (e.g., discriminatory data).As we will show in section 2.A.3, the digital services that are related to digital data (e.g., data supply or analytics) might be considered as a component of the entire product if their absence can prevent the product from operating properly.
2. Software constitutes a product in its own right.The extent to which software can be regarded as a product is a key issue that must be addressed when the PLD is being revised.The forms that contemporary software takes are too complex to enable generalizations.Software can be integrated in or remotely connected to a product (e.g., the software that supports autonomous vehicles) and thus influence its performance, but it can also operate as a standalone application that has already been installed on a tangible product and runs without internet connection.
Policymakers considered different approaches to the legal status of software. 23One option was to require Member States to classify software as the component of an overall product. 24This approach would enable consumers to bring claims against the providers of software on an extracontractual basis if the damage is caused by a defect within the software. 25Defining software merely as a component rather than as a product in its own right, however, raises two issues.First, such a decision would mean that only the component software necessary for a tangible product to operate would be covered by product liability.If damage is caused by addon software that is not necessary for, but influences, the operation of a tangible product, it would be treated neither as the component of a product nor as a product in its own right, and its provider would not be subject to the product-liability regime. 26Second, defining software as a component of a product may distort the incentive for precaution that is allocated between the provider of the software and the manufacturer of the product.By making software a product in its own right, the software provider has a duty to update the software in a timely manner so as to ensure the adequate performance of the overall product, and the manufacturer of the product could reasonably escape liability by stating that the operation of the software and updates are outside its control. 27he other option is to define software per se as a product in its own right. 28The revised PLD follows this approach. 29In Article 4(1), software is defined as a product explicitly.The revised PLD does not contain a definition of 'software'.Instead, it merely outlines the scope of the concept by enumerating certain forms of software, such as operating systems, firmware, computer programs, applications and AI systems, in its Recitals. 30In addition, it is stated clearly that free and open-source software that is developed and supplied outside the course of commercial activities is excluded from the revised PLD. 31 In this way, the PLD strikes a balance between innovation and liability.The exemption for certain forms of open-source software is expected to protect those who develop such software. 32herefore, all types of software, whether it is used as a safety component or for other purposes that have no direct implications for safety concerns, would be considered as a product indifferently.The recognition of software as a product in its own right is an important step in the process of adapting the 1985 PLD to the demands of digitalization.Nevertheless, the lack of a definition of software would create ambiguities when one differentiates between software and related concepts, such as digital services.
By defining software as a product, the revised PLD does not completely eliminate the ambiguity from the product-service dichotomy.That dichotomy is crucial in law because it has a significant impact on the form of liability as well as on the level of consumer protection. 33The debate about the boundary between products and services, however, is interminable.One basic principle is that while services as such are excluded from the PLD, any damage that is caused by a product that is used and offered in the course of the provision of a service may fall under the scope of the product-liability regime. 34By defining software as a product, the revised PLD intends to distinguish software from services, thus retaining a distinction between product and service.Nevertheless, the legal status of some business models remains unclear.
One example is software-as-a-service (SaaS).SaaS significantly transforms the manner in which software is deliveredthe manufacturer of a product or a consumer may access and use software over the internet without installing it on their product or on a local device.SaaS is a popular and cost-efficient solution for business owners and consumers because it enables them to access software on a subscription basis.Then, software providers assume responsibility for completing all updates and upgrades in a timely manner.The emergence of SaaS, however, raises concerns about its legal statusit is not obvious whether it is a product or a service. 35The revised PLD does not include SaaS in the list of examples of software.Therefore, it remains unclear whether SaaS will be treated as software (and thus as a product in its own right) or as a digital service.
The SaaS case indicates that while the revised PLD retains the dichotomy between products and services, some digital applications and business models are not defined explicitly as either products or services.The final draft of the revised PLD should define SaaS as softwarethe treatment of software should not vary solely depending on its mode of delivery. 36 Related service can be the component of a product if certain conditions are satisfied.The revised PLD reshapes the concept of 'component'.According to the current proposal, this term refers to any item or any related service that is integrated into or interconnected with a product of the manufacturer or integrated into or interconnected with a product of another entity that is within the control of the manufacturer.37 According to Article 4(4), the term 'related service' refers to a digital service that is integrated into or interconnected with a product and whose absence would prevent the product from performing one or more of its functions.The new definition of 'component' has significant implications for the legal status of digital services as well as for the boundary between products and services.On the one hand, the product-service dichotomy is retained because a digital service, as such, would not necessarily constitute a product according to the revised PLD.On the other hand, a digital service could be recognized as a component of a product, and its providers would be subject to product liability, on condition that it is connected to the product of the manufacturer (or under its control) and that its absence could influence the functions of that product.The revised PLD thus redraws the boundary between service and product.As the discussion that follows shows, this paradigm shift could create new ambiguities.
According to Article 4(4) of the revised PLD, functionality serves as a necessary criterion when one seeks to determine whether a specific digital service can be regarded as a 'related service'.If a digital service is found to have no impact on the functionality of the overall product, it is not covered by the revised PLD.There are, however, two ways of interpreting the meaning of 'functionality'.The first is literalany influence on the performance of the product is functional. 38The other approach is based on objective interpretation.As Recital 15 indicates, functionality is linked to the safety of a product. 39Therefore, if such an objective interpretation is employed, digital services that have no impact on the safety of the connected product are excluded.For example, if the performance of a product depends on certain digital services such as the supply of data, which is used to decide whether an individual can access certain financial services 40 or to assess the recidivism risk of a criminal, 41 and it transpires that the data that is supplied is discriminatory (e.g., it only includes data for males or white individuals), then those digital services may not be considered as components of the product.The service providers that supply and analyse such data would therefore not be considered component manufacturers and, consequently, would not be subject to product liability.The final definition of the revised PLD should define 'functionality' more clearly.
Besides the requirement of functionality, it must also be determined whether it is integrated into or interconnected with the product of the manufacturer or within the control of the manufacturer. 4236.Ibid.37. Recital (15)  Therefore, product liability would not be extended to a digital service if it is not linked to a product.This link can be established by the interconnection of the related service with the overall product or their integration carried out by the manufacturer of that product (e.g., within the production process) or alternatively authorized by the manufacturer.Therefore, despite the possibility of digital service being defined as components of products and becoming subject to product liability, the revised PLD is still intended to differentiate between products and services.

B. Damage
Harm is a concrete disadvantage that a person suffers; it can be material 43 and non-material. 44Damage refers to the recoverable harm as defined by lawit is a legal concept.Therefore, a sort of harm suffered by the victim is not necessarily recognized as the tort damage and becomes recoverable in a specific law. 45There is no universal rule that defines the scope of damage in particular liability regimes. 46he extent to which specific harms are recognized as forms of damage in specific liability regimes depends on various cultural, economic and political factors that vary across Member States. 47As a result, the scope of damage in one specific law could be different from the one outlined in another law, and the scope of damage in similar situations could diverge from one country to another.The EU has traditionally shown little interest in intervening to harmonize the scope of the concept of damage via directives and regulations. 48The 1985 PLD, nevertheless, was an attempt by the EU to define the types of damage that can be recovered in product-liability claims in all Member States.In essence, the scope of the concept of damage in specific legislation is restricted on two dimensions: the legal rights and interests that are protected (e.g., property security, bodily integrity, personality interests, or pure economic benefits) and the type of recoverable loss and harm (material loss or non-material loss).Some types of damage are closely linked to the safety issue of a product (e.g., personal injury and property loss), while some others are remote (e.g., personality-related issues).
According to the 1985 PLD, the term 'damage' refers to the material loss that results from death or personal injury and to property loss (other than of the defective product itself) that exceeds €500 and is caused by a defective product. 49Since the 1985 PLD is a maximum-harmonization measure, the Member States cannot provide for more, or less, stringent protection than that which is afforded to consumers by the exhaustive list of protected interests in the Directive. 50As a result, the harm that results from the infringement of rights and interests other than those in the list is excluded from the scope of the PLD.Compensation for such harms and losses is therefore left to other domestic regimes of the Member States, which might be largely in the form of the general fault-based liability.
Non-material harm from defective products, however, is an exception. 51This is a domain in which opinions about the extent and type of legal protection vary considerably across Member States.Various rules existed prior to the 1985 PLD, which made it difficult to find common ground.Consequently, remedying non-material damage to protected interests that is caused by a defective product is a matter that has been left to the Member States.The diversity of the rights and interests that are protected by the PLD as well as by other legal rules will not be altered by the revised PLD.
Since defective products are increasingly linked with the harm to legal interests (e.g., privacy and discrimination) that are not safety-relevant (e.g., property loss and personal injury), in recent years, questions have been raised about the scope of the damage that can be compensated under the PLD. 52The revision of the PLD should decide the extent to which such new harms could be remedied by product liability.The discussion that follows explains and critiques the reshaped scope of damage.
1. Psychological wellbeing as an explicit protected legal interest in the PLD.Unlike products from the period when the 1985 PLD was drafted, modern products are increasingly being linked to psychological harm in humans. 53According to the revised PLD, material losses 'resulting from death and personal injury, including medically recognized harm to psychological health' will be qualified as a kind of recoverable damage. 54Evidently, policymakers are beginning to explicitly acknowledge psychological wellbeing, which can be affected by a defective product, as a protected legal interest within the PLD. 55The protection of psychological wellbeing via the PLD, however, is not unlimited.There are three restrictions.
Firstly, the expanded legal interest that the revised PLD recognizes is limited to psychological health resulting from personal injury and property loss rather than from the harm to personality rights. 56If the material loss results from the harm to other entitlements, such as the rights to equal treatment, dignity or privacy, the PLD would prevent the Member States from allowing recovery through their product-liability regimes.In this regard, policymakers intend to control the protected interests to the extent of safety-relevant but not to other implications.For example, if a patient's health data is leaked due to the lack of safety updates for a health robot and they have 50.Case C-203/99 Veedfald v. Århus Amtskommune, para.32   Recital (17), revised PLD.56.During the impact assessment, policymakers de facto considered an option to expand the recoverable damage to include material and non-material damage resulting from all fundamental rights infringements (e.g.data breaches, privacy infringements and discrimination) rather than only safety-related harm.This option was welcomed by consumer protection association, but its effect was considered too far-reaching.This option would also tremendously expand the scope of strict liability.Relevant operators and insurers considered that this option would significantly increase their costs.As a result, this option was not adopted in the current version of the revised PLD.See Commission, Impact Assessment (2022), p. 44-45  to undergo psychotherapy to relieve the mental suffering that results from this incident, the PLD would not be the appropriate legal regime for recovering the relevant damage because the safekeeping of personal data is not legal interest that the PLD mandates Member States to protect via product liability regime.Therefore, material loss, including loss that is related to medically recognized forms of psychological wellbeing, which has to do with personal data must be remedied through private enforcement via other legal mechanisms (e.g., data-protection law).In a similar vein, when a female is unfairly denied a job interview due to a malfunction of an intelligent recruitment system and she claims for suffering due to the affront to her human dignity, the PLD would not be applicable.Instead, the private enforcement within anti-discrimination law would be the appropriate regime for seeking the recovery of the claimed loss.Although restricting the scope of the protected rights and interests to the extent of safety-relevance is a helpful means of limiting the applicability of the PLD, the literature has highlighted the problems that emerge when victims attempt to use data-protection law (e.g., the General Data Protection Regulation, GDPR) and anti-discrimination law to recover for the harm that they have suffered. 57econdly, harm to psychological health must take the form of material loss in order to be recoverable.The use of the term 'material loss' means that it should be possible to link the harm explicitly to an objective market price. 58If a claimant only experiences mental suffering as a result of using a product and cannot link it to a calculable price, the harm is deemed to be non-material, and compensation for it can be determined by the Member States. 59In that case, Member States enjoy a discretion in protecting those who suffer such harm through product liability or other legal regimes.In addition, pure economic losses that result from defective products are not remedied by the product-liability regime. 60For example, if a businessman loses a chance to conclude a contract with his business partner due to an accident caused by defective autonomous vehicles, the loss, which would be defined as 'ricochet loss', would be treated as pure economic loss. 61Unlike in the context of non-material damage, the revised PLD does not even provide for an exception that would raise the possibility of protecting pure economic loss through the product-liability rules.Given the maximum-harmonization nature of the PLD, the recoverability and the form of the remedy for pure economic loss would be determined by national provisions on matters other than product liability (e.g., such damages may be compensable under contract or fault-based laws).
Thirdly, the material losses that result from harm to psychological wellbeing must be medically recognized.In this regard, the claimant must prove that they have taken medication or undergone psychotherapy.The medical-recognition qualification can be problematic: if a person claims that they have suffered psychological harm but there is no need for medical intervention, then, even  (18), revised PLD 60.Pure economic loss arises due to the increasing interconnection among people in the society.In general, it is not a consequential cost directly from an accident, but specific parties that are not directly involved in that accident may suffer economic losses due to its occurrence.The recoverability of pure economic loss is a complex issue which can be varies among countries.For an overview of the discussion on damage liability for pure economic losses, see in general M. Bussani  if material loss has been established, the Member States would not be allowed to provide remedies for the psychological harm in question.In other words, if the medical-recognition limitation is intended simply to ensure that only material losses from psychological harm can be remedied under the revised PLD, the scope of the protection that is afforded to consumers would be significantly narrower than expected.
To summarize the findings from this part of the exposition, the revised PLD provides a remedy for material losses that are caused by harm to medically recognized forms of psychological wellbeing.This is a maximum-harmonization provision.Therefore, Member States cannot extend or limit the protection that it grants.For example, they cannot introduce new protected rights and interests through their product-liability laws.Compensation for non-material harm, however, is an exception.Member States can determine, in accordance with their legal traditions, how to remedy such forms of harm.
2. The removal of the €500 threshold for property damage.According to the 1985 PLD, an individual cannot recover property loss if its value is lower than €500. 62This threshold, which is applicable to property damage, may allow the manufacturers of products that are only likely to cause small-scale property damage to avoid liability.The fact that the current 1985 PLD does not sanction the misbehaviour of such manufacturers distorts their incentive to exercise due care in adopting measures that improve product safety. 63Even worse, consumer organizations have confirmed that this threshold prevents consumers from obtaining effective remedies for their losses. 64Considering the widespread use of deductibles in insurance contracts, it is highly likely that a consumer who suffers property loss that is valued at less than €500 will receive no compensation at all under the product-liability regime.This outcome is not consistent with the principle of effective compensation. 65gainst this background, the revised PLD removes the €500 threshold in order to ensure that the distorted incentives of product manufacturers can be rectified and that consumers who suffer property losses that are lower than €500 in value can be compensated effectively.However, it remains to be seen whether this change will lead to excessive litigation, which would increase the burden on the judicial system.
3. The recognition of the loss and corruption of data.At time when the 1985 PLD was drafted, damage to property was understood as an act of destroying a physical object or reducing its value.Digitalization is a challenge to the concept of property.That digital goods, such as data, have become an asset that is valued highly raises the questions of whether they should be treated as a type of property and how to protect them.
The concept of property and its scope are defined in domestic law.Civil-law countries usually adopt a numerus clausus principle whereby the scope of property is defined exhaustively by law. 66ndividuals cannot define that scope as they please.Although damage to property is recognized in the PLD, its scope can vary from one Member State to another.No common ground for treating data as property has been formulated in the digital age because some basic questions, such as who owns the data, can be inordinately difficult.This issue explains why relying on property rules to protect data is not easy and why liability rules should play a fundamental role in this domain. 67By admitting data as a protected interest under the PLD, whenever a person suffers loss of data, they are able to claim for that loss before a court.Nevertheless, the issue is how to identify the kind of liability regime that applies to such losses.The revised PLD indicates that material losses from the loss or corruption of data that is not used exclusively for professional purposes will be recognized as damage. 68However, Member States retain the competence to determine whether and to what extent data is considered property.In addition, if a defective product causes data that is used commercially to be lost, the resulting damage would not be recoverable under the proposed PLD.This decision reflects the emphasis on the role of the product-liability framework as consumer-protection legislation: companies and individuals who act in a professional capacity cannot claim damage on the basis of the PLD. 69t is noteworthy that the PLD and the GDPR are both focusing on the damage relating to data to some extent.However, their applicable contexts could be very different.Firstly, the scope of data is different.The revised PLD aligns the definition of data with the one that is used in the Digital Governance Act 70 (DGA). 71The term 'data' therefore refers to 'any digital representation of acts, facts or information and any compilation of such acts, facts or information, including in the form of sound, visual or audiovisual recording'. 72Any type of data, personal or non-personal, are thus included.In comparison, the GDPR only protects personal data.Second, the protected interests are different.The revised PLD protects proprietary value of data that results from loss or destruction, while the GDPR covers the damage resulting from the loss of control over personal data.In this sense, a loss of control of personal data does not necessarily diminish the economic value of such data.Third, the cause of damage is different.The material damage resulting from a loss of data could be recovered by the revised PLD only if it was caused by a defective product.In contrast, the cause of damage under GDPR is the violation of data protection rules.
It should be noted that only the material losses that result from loss of data caused by a defective product will be recoverable under the revised PLD.If a defective hard drive causes an individual to lose all of their digital learning materials, the damage can be linked to an objective market price, and the individual can quantify their material losses.In another case, for example if the defect of a hard drive caused a loss of digital photos of significant emotional value, whether a person can claim for non-material losses (e.g., distress) would be determined by reference to domestic provisions.Loss of a chance is another example.If a digital professional certificate is lost due to defective document management system and its holder therefore cannot complete a job application form on time, domestic rules will determine whether they can rely on the product-liability regime to obtain compensation. 73

C. Defectiveness
According to the 1985 PLD, a product is defective if it does not provide the safety that a person is entitled to expect. 74Similarly, in the revised PLD, a product is defective if it does not provide the safety that the public at large are entitled to expect when all circumstances are taken into account. 75In both legal texts, the consumer expectations test serves as the criterion for determining whether a product is defective or not.According to the test, 'the defectiveness of a product should be determined by reference not to its fitness for use but to the lack of the safety that the public at large is entitled to expect'. 76Therefore, safety is the only criterion that is used for ascertaining whether a product meets the expectation of consumers.Whether it is fit for its intended purposes remains a matter to be solved by national rules on the sale of goods. 77In addition, the expectation of safety should be based on an objective standard rather than the preferences of specific consumers.In order to identify the expectations of the public at large accurately, the courts must consider a variety of factors, such as the intended purpose of the product, its objective characteristics and its properties. 78If the product is intended to be available to specific groups of individuals (e.g., patients), the specific requirements of those individuals should also be taken into account. 79ursuant to the consumer expectations test, a product should not be considered defective solely because a superior product exists or is subsequently placed on the market. 80In this regard, the PLD respects the best knowledge that the manufacturer can possess when it places the product on the market.While numerous manufacturers may work simultaneously on the same product, the law should admit that they may have different knowledge backgrounds, work in various ways and adopt different techniques to achieve similar goals.The barriers that prevent them from acquiring information from their competitors can be varied, ranging from trade secrets to intellectual-property issues.As long as their products comply with industrial standards and are free of defects when put into circulation, they should not be defined as defective for the sole reason that superior versions exist or are designed after the launch of the product.In brief, as a criterion for assessing defectiveness, the consumer expectations test prioritizes the diversity of consumer choice as well as incentives for innovation for producers. 81he 1985 PLD lists three factors that should be taken to indicate whether a product is defective or not: its presentation, its reasonable expected use, and the time when it is put into circulation. 82The revised PLD adjusts this list by including new factors that account for the challenges of digitalization and the circular economy.The following subsections analyse the changes critically.
1. Learning ability.First and foremost, the revised PLD adapts the definition of 'defectiveness' by accounting for products that have learning after deployment as one of their features. 83In this scenario, the assessment of the defectiveness should account not only for expectation that are based on the version of the product that is placed on the market but also for expectations about the product's learning from the data that it collects during its use.

Cybersecurity.
In addition, a product might be defined defective, if it fails to satisfy product safety requirements, including safety-relevant cybersecurity requirements. 84In the context of the Internet of Things (IoTs), machines are connected both to the internet and to each other.An attack that is directed at one machine may also affect other devices in the same IoT system, which can result in significant property loss (e.g., data loss) or even in personal injury. 85Therefore, a product can be considered defective if it fails to meet the expectations of the public at large about cybersecurity.
This principle could incentivize manufacturers to adopt adequate measures to prevent their products from being affected by cyberattacks.The recently issued Cybersecurity Act 86 and the proposal for a Cyber-Resilience Act 87 focus on the means of reducing cybersecurity risks from an ex ante perspective.The revised PLD would ensure that producers that fail to take diligent measures will be held liable if cybersecurity vulnerabilities produce harm. 88It should be noted that the cybersecurity requirement for defining defectiveness under the PLD is only limited to safety-relevance.If the consequence of failing to comply with a cybersecurity requirement generates harm other than the interests protected by the PLD (e.g., personal injury and property loss), it would not be considered as a defect recognized by the PLD.
Conventionally, the condition of the product at the time when it is placed on the market is the benchmark against which defectiveness is assessed. 93The provider is exempted from liability if the defect that causes damage did not exist at the time when the product was placed on the market and if it only came into being thereafter. 94This means of obtaining an exemption from product liability is called the 'later-defect defence'.The rationale behind it has been challenged by digital technologies.Specifically, consumers are sometimes not provided with the final version of a product that is placed on the market, which means that their experience largely depends on subsequent updates and upgrades.The safety patches for software applications that are issued when a new cybersecurity threat has been detected provide a germane example.The manufacturer of a product with digital elements may retain substantial control over the product; in such cases, they are optimally placed to prevent damage from occurring.
In order to ensure that the relevant economic operators can exercise due care throughout the lifespan of the product, the revised PLD adjusts the assessment of defectiveness by reshaping the laterdefect defence.Specifically, the defectiveness of a product is no longer determined by reference to the time when it is placed on the market; instead, the relevant time is that at which the product ceases to be under the control of the manufacturer. 95The manufacturer of the product is considered to retain control over it in the following scenarios: (i) when the functions of the product are partially determined by a digital service provider that is related to the manufacturer of the overall product or by another entity, provided that integration or interconnection remain under the manufacturer's control, and (ii) when the product is a type of software that must be updated in a timely manner after being placed on the market.The relevant economic operators will not be exempted from liability if damage occurs in the aforementioned scenarios.In contrast, if manufacturer of the final product uses add-on software from a third party and its updates are out of the control of the manufacturer, they may invoke the later-defect defence to avoid liability. 96raditionally, the legal consequence of failing to update and upgrade software has largely depended on the terms of the contracts between the software provider, the manufacturer of the product and consumers. 97By reshaping the concept of defectiveness and the later-defect defence, the revised PLD enables victims to pursue non-contractual claims against software providers and the manufacturers of final products when software updates are defective or when updates or upgrades are not provided on time. 98This paradigm shift would have significant implications for the software industry and its business model.That software should be updated and upgraded so that emerging risks are addressed after it is placed on the market does not mean that the lifespan of software is unlimited.Rapid digital development, the pursuit of new comparative advantages and the escalating cost of maintaining old versions of software mean that providers may choose to stop providing updates after a limited period of time. 99Under a contract-based regime, software providers can decide when to stop updating or upgrading their product, and consumers can choose freely whether or not to receive updates or upgrades.The introduction of the extra-contractual regime for software updates and upgrades may place an excessive burden on software providers, which may be forced to maintain old versions of software.Such a development would impede innovation to some extent. 100Furthermore, the autonomy of consumers may be violatedthey would be forced to update or upgrade the software whenever updates or upgrades become available because the liability of the software manufacturer would otherwise be reduced or extinguished. 101

D. Liable parties
Having outlined key concepts such as 'product', 'damage' and 'defectiveness', we turn to the identification of the parties that are subject to product liability.The definition of liable parties not only sets behavioural incentives for the parties concerned but also ensures that victims can claim for damages smoothly. 102he 1985 PLD required all Member States to ensure that the producer would be liable for the damage that a defective product causes. 103The term 'producer', as the 1985 PLD clarifies, includes manufacturers of finished products or component parts, producers of raw materials, importers and any person who represents themselves as a producer. 104Moreover, suppliers are recognized as producers if the victim can identify none of the aforementioned parties. 105onsistently with the draft AI Act 106 , a new term, 'economic operator', appears in the revised PLD, replacing 'producer'. 107Additional actors, such as software providers, service providers, authorized representatives and fulfilment service providers, are explicitly said to be 'economic operators' under the revised PLD.Remarkably, online intermediary platforms and repairment service providers can be regarded as economic operators and be subject to product liability if certain conditions are met.The following part provides a critical analysis of the scope of liable persons.
Identically to the 1985 PLD, the manufacturer of a defective product or a component thereof is liable for damage caused by that product or component. 108It should be noted that, since the definition of 'product' has been expanded to include software and digital manufacturing files, the set of manufacturers that may be caught by the provisions of the revised PLD is also largerit also includes software developers and providers of digital manufacturing files (e.g., providers of data with functional implications for the product).Likewise, since a digital service that has a functional impact on the performance of a product is also defined as a 'component' thereof, 109 its provider would be considered as a component manufacturer and may be subject to strict product liability if their service causes damage.
The revised PLD also adapts the set of parties that may be liable to the context of cross-border transactions, that is, to the possibility that a local manufacturer cannot be identified.If the manufacturer is established outside of the EU, which would mean that the victim cannot easily bring a claim against it before the national court where they reside, the importer of the defective product into the territory of the EU is liable. 110In addition, the authorized representative that acts on behalf of the overseas manufacturer when handling specific tasks in the EU would also be subject to product liability in such instances. 111f the victim can identify neither importers nor authorized representatives, the revised PLD requires the 'fulfilment service provider' to assume liability. 112By holding the fulfilment service provider liable, the EU policymakers are seeking to ensure that the victim has a higher likelihood of identifying an EU-based entity against which to claim for the damage that the defective product causes.According to Article 4 (14), it refers to 'any natural or legal person offering, in the course of commercial activity, at least two of the following services: warehousing, packaging, addressing and dispatching of a product, without having ownership of the product, with the exception of postal services as defined in Article 2, point (1), of Directive 97/67/EC of the European Parliament and of the Council'.It seems that the revised PLD is intended to exclude actors that merely offer postal services and to only capture actors with a close and ongoing relationship with manufacturers, importers or authorized representatives. 113For instance, if an online platform is responsible for storing and dispatching products from third-party manufacturers, it would be considered as a fulfilment service provider under the revised PLD. 114In comparison, if a party only stores the products of third-party manufacturers while packaging and dispatching are undertaken by postal companies, it would not be considered a fulfilment service provider because it only provides one of the services to which Article 4(14) refers.
The revised PLD requires the distributor that makes a defective product available on the market would be liable unless they disclose the identity of one of the aforementioned actors within a month of receiving a request to that effect from the victim. 115Normally, online platforms might not be considered distributors because they merely offer intermediary services (i.e., they serve as mere conduits or as catching and/or hosting services) that facilitate the conclusion of distance contracts between consumers and distributors or manufacturers.According to the revised PLD, however, a provider of online intermediation can be regarded as a distributor, provided that the average consumer believes that the product is provided by the online intermediary in question. 116In brief, online platforms will be subject to product liability if (i) the average consumer believes that the product is provided by them and if (ii) they fail to identify the liable upstream actors, such as manufacturers, importers, authorized representatives and fulfilment service providers.By including online intermediaries as distributors and requiring them to bear product liability when certain conditions are met, the PLD adapts itself to the transformed global value chain, enhancing the protection of EU consumers.
The revised PLD also adapts the concept of economic providers to the features of the circular economy by introducing liability for actors that substantially modify an existing product.After a product has been placed on the market, any actor that introduces a substantial modification that is outside of the control of the original manufacturer is considered to be the manufacturer of the modified product.They are subject to the same liability rules (i.e., strict product liability) as the original manufacturers. 117Whether a modification is 'substantial' will be determined by the relevant EU and national laws.The typical examples include an upgrade that changes the original intended functions of a product or affects the compliance of the product with the applicable safety requirements. 118In contrast, an agent that only carries out necessary repairs in order to restore or maintain the functions of a product would not be defined as an economic operator that makes substantial modifications. 119Economic operators that make substantial modifications will be exempted from product liability if they can prove that the damage in dispute is related to a part of the original product which was not affected by their modifications. 120

Simplifying access to justice
As a general rule, the claimant must prove (i) defectiveness, (ii) damage and (iii) a causal link between defectiveness and damage. 121In practice, claimants may encounter several procedural obstacles in proving these elements of the claim. 122As a result, Member States may develop different measures to ease the burden that claimants bear.The current 1985 PLD does not contain any harmonized rules on procedural issues.Considering the new challenges that digital technologies have created, the revised PLD, besides refining the scope of strict product liability, is also intended to alleviate the claimant's burden of proof. 123uring the preparation of the proposal, the lawmakers considered two options.One suggested that the burden of proof remained with the claimant, but they should be provided with additional measures to obtain necessary information.What is more, under certain conditions, defectiveness and causation can be presumed. 124A more drastic approach would be to reverse the burden of proof together with a removal of the development-risk defence.Consequently, according to this second option, the producer would be liable even if, at the time when the product was placed on the market, state-of-the-art knowledge could not have enabled defectiveness to be detected. 125After assessing the potential implications of the two approaches, the drafters of the proposal for a revised PLD adopted the first one.This subsection contains a critical analysis of the measures in the revised PLD that alleviate the burden of proof that claimants bear.

A. Disclosure of evidence
The increasing sophistication of products exacerbates the information asymmetry between producers and consumers.The recent digitalization revolution in production has aggravated the problem.From an ex ante perspective, the New Legislative Framework (NLF)126 contains a bundle of requirements that are intended to ensure that only safe products can be placed on the internal market.Accordingly, a variety of safety regulations require producers to affix CE markings onto their products and to provide the necessary information about them to authorities and consumers. 127owever, these ex ante requirements do not provide a clear indication of the means of disclosing relevant information ex post, that is, when a claimant attempts to prove that the damage that they suffered was caused by a specific product.
Article 8 of the revised PLD comprises rules on the disclosure of evidence.It stipulates that the Member States shall ensure that national courts are empowered, upon receiving a request from an injured person, to order defendants to disclose the evidence at their disposal, on condition that the injured person has presented 'facts and evidence sufficient to support the plausibility' of their claim. 128he principle of proportionality in the disclosure of evidence is emphasized.Not every request by the victim will lead to disclosure.If the claimant requests disclosure, the national court must inspect the facts and the evidence in order to decide whether they are sufficient to support the plausibility of a claim for compensation.The courts should decline a request if they consider that the alleged facts are not plausible.Only actual defendants, that is, parties to the lawsuit, can be ordered to disclose evidence, and the duty only extends to evidence that is 'at their disposal'.In other words, if the evidence is at the disposal of third parties, claimants cannot request the court to order such evidence to be furnished unless those parties can be jointed into the proceedings.In addition, once the national court decides to order disclosure, it must limit it to what is necessary and proportionate. 129Furthermore, the national courts should consider the legitimate interests of all parties, in particular the interest in retaining confidential information and trade secrets. 130n particular, if the information that is to be disclosed is (alleged to be) a trade secret, the Member States must ensure that the national court is empowered to take specific measures to preserve its confidentiality. 131. Article 9(4) as a last resort.Although Article 9(2) and (3) set out the conditions under which defectiveness and the existence of a causal link can be presumed, the claimant may still find the burden of proof to be unusually difficult to discharge.For example, if the product is driven by machine-learning models, algorithmic opacity can make it impossible to determine whether the product complies with the relevant mandatory requirements or whether the damage in dispute was caused by an obvious malfunction, even if the relevant economic operator provides the necessary evidence as ordered.To ensure access to justice for claimants, the revised PLD also relaxes the conditions under which defectiveness and the existence of a causal link may be presumed.
According to Article 9(4), in the case that the claimant can only demonstrate that 'the product contributed to the damage' and that defectiveness or causation is likely, the Member States must ensure that defectiveness and/or the existence of a causal link can still be presumed.This should be the case when the national court judges that 'the claimant faces excessive difficulties, due to technical or scientific complexity'. 138This rule significantly relaxes the conditions for presuming defectiveness and causation.However, its clarity and efficacity may be questioned.For instance, Wagner wrote that the term 'contribution' is ambiguous: if it is the only standard, there is nothing left to presume.Therefore, it would be more appropriate to focus on relaxing the standard of proof than to establish a non-existent presumption. 139ince national courts have margins of discretion, explicit guidelines should be provided to guarantee that the rule will neither be abused by national courts to empower claimants or defendants unfairly nor result in fragmented decisions across Member States.According to Recital (34), various factors should be taken into account when national courts assess technical or scientific complexity.These factors include the complex nature of the product, the complex nature of the technology, the complex nature of information and data, and such like.This explanation, however, is very unclear. 140

Discussion
In brief, the revised PLD deserves praise for moving in the right direction.However, several controversies and ambiguities remain in its current version.This section discusses how those issues could reduce the effectiveness of the revised PLD.

A. In the right direction, but not perfect
It is obvious that the revised PLD will significantly extend the scope of product liability and impact the industries that are driven by digitalization.Defining software as a product in its own right will enable injured persons to claim for damage that is caused by defective software on the basis of the product-liability regime.Moreover, digital service providers will be considered as manufacturers of components if their services are interconnected with the product and capable of affecting its functionality.The definition of damage will be extended to include material harm to psychological wellbeing and data.More factors (e.g., the learning ability of the product, cybersecurity and the manufacturers' control after the product has been put into circulation) will be considered when assessing defectiveness, which is justified by the role of the manufacturer as the least cost avoider when those factors are in play.By reshaping these essential concepts, the revised PLD can be expected to be more adequate in tackling novel challenges, especially those of digitalization.Entities such as software providers that are not explicitly treated as liable parties at present will be covered by the revised PLD.As a result, they will be incentivized to exercise adequate care in the course of their activities.In addition, due to the lower burden of proof that all Member States will be required to adopt under the revised PLD, consumers are expected to find it easier to claim for damage caused by defective products, and they will not suffer additional procedural obstacles simply because the damage that they have suffered was caused by new technologies, such as AI systems.
Some problems remain in the current version of the revised PLD.Without further clarification, new legal uncertainties could reduce the effectiveness of the revised PLD.Firstly, while software is clearly categorized as a product, it is not defined explicitly.Consequently, it is not obvious whether certain business models, such as SaaS, will be regarded as digital services or as software.In addition, it is unclear what related services can be regarded as componentsthe extent to which a related service is 'functional' is unknowable.Worse still, the treatment of failure to update or upgrade software as a factor in defectiveness determinations means that the legal consequences of such failures will fall to be determined by mandatory law rather than the terms and conditions that have been agreed by the relevant parties.This is a significant paradigm shift for the software industry, and it may overburden software developers and impede innovation.
Furthermore, the effectiveness of the new procedural measures remains unclear due to the ambiguous text of the current version of the revised PLD.For instance, before ordering the disclosure of evidence, a national court must determine whether the facts and the evidence that the victim has presented are 'sufficient to support the plausibility' of the claim for compensation.In addition, a causal link can only be presumed if 'the damage caused is of a kind typically consistent with the defect in question', and when the court evaluates a presumption, it has to determine what 'technical or scientific complexity' is, as well as estimate the 'likelihood' that a product is defective and that it caused the damage that is in dispute.The ambiguity of those provisions could generate much legal uncertainty.We thereby anticipate that these issues might be referred to the Court of Justice for a preliminary ruling to examine whether the domestic standards are consistent with the values and principles laid down by the EU laws.

B. The emperor's new clothes?
The analysis in this article reveals that the revised PLD echoes some of the crucial transformations of the digital age.At the end of the day, the PLD is a type of consumer-protection law, and its revision should be sensitive not only to market-integration issues but also to the preferences of local residents.The revised PLD should reflect this balance in order to avoid the trap of the emperor's new clothes, that is, of promoting harmonization at the expense of domestic preferences.
Obviously, the current version of the revised PLD takes this balance into account.Remarkably, despite the expansion of its scope through the reformulation of essential concepts, the Explanatory Memorandum reiterates that the revised PLD will only address safety-relevant damage suffered by natural persons.To that end, the heads of damages are limited to material losses that result from the infringement of certain protected interests.Harm that has other implications would therefore be determined by the sectoral laws that provide for fully harmonized private enforcement 141 or, when such fully harmonized frameworks are absent, which is usually the case, by national rules.In addition, the revised PLD maintains the position whereby the remedy for non-material damage remains a matter for each Member State.In this way, local preferences about the recoverability of non-material damage and the attendant remedies will be respected.That damage with implications for fundamental rights and non-material damage are not recoverable under the revised PLD does not mean that such harms should not be remedied.Their exclusion only indicates that other objectives (e.g., local preferences, economic conditions, cultural traditions) are being prioritized over the objective of the legal harmonization of product liability.
Nevertheless, our analysis implies that the balance between centralized rules and decentralized preferences could be disrupted in certain areas according to the current revised version.The PLD lays down maximum-harmonization rules for the Member States, which cannot adopt more stringent rules, including on alleviating the burden of proof.In this sense, the PLD neglects the possibility that (i) a nation may prefer to adopt or maintain stricter procedural rules in order to accommodate the preference of local residents and that (ii) a nation may prefer to adopt less stringent ones.As a result, the newly included harmonized procedural rules may either reduce local protections for consumers or unreasonably force a Member State to adopt more stringent measures that the domestic population opposes.
The relationship between the PLD and the newly proposed AILD should also be further clarified.The PLD, in spite of reflecting the challenges that AI systems pose, provides a private enforcement for the damage caused by defective products, which are much broader than AI systems.However, it is noted that not every harm caused by an AI system could/should be recovered by the PLD.It could turn out that damage occurs despite the AI system being non-defective or it is the damage to certain protected interests (e.g., the damage to equal treatment) that beyond the PLD outlines.In these circumstances, the claimant may rely on national rules to remedy their damage.The proposed AILD targets this latter situation that the revised PLD cannot reach: when the damage caused by an AI system has to be remedied on a non-contractual fault-based rule, the AILD requires the Member States to provide some minimum-harmonized procedural rules to alleviate the burden of proof sustained by the claimant.In principle, the PLD and the AILD are on different tracks.However, the future of the AILD might bring some challenges to the consistency between the two mechanisms.As the Explanatory Memorandum of the AILD indicates, the AILD in the future might harmonize the liability rules for different AI systems, meaning that it is anticipated to enumerate that strict liability will apply to AI systems with certain risk profiles. 142This approach would significantly influence the local preferences and blur the borderline between the PLD and the AILD.For example, if the damage is caused by a defective AI system without a high-risk profile, the liability of its provider would be different under the PLD (i.e., strict liability) and the AILD (i.e., fault liability).

Conclusion
The analysis that we presented in this article shows that, by virtue of reshaping the meaning of key concepts (e.g., 'product', 'damage', 'defectiveness' and 'liable parties'), the revised PLD is adapted to the challenges that digitalization and the circular economy pose.There are still controversies and ambiguities throughout the text, but it generally provides a proper reaction to the emerging problems.The revised PLD establishes more centralized rules on damage that is caused by defective 141.For example, GDPR provides a fully harmonized private enforcement in Article 82 toward the damage caused by the violation of data protection.142.Explanatory Memorandum, AILD, p. 9.
products.Nevertheless, the intention of policymakers was not to expand the application of the PLD to address all kinds of damage that a product may cause.Harms that are not safety-relevant (e.g., damage other than personal injury, damage to property and data, and harm to psychological wellbeing) are thereby excluded from the PLD.Recovery for such harms should be addressed by other sectoral laws (data-protection laws and anti-discrimination laws) and, as a last resort, by national rules.Our analysis further indicates that the revised PLD may distort the local preferences to some extent and there could be a tension in the light the consistency between the PLD and the AILD in the future.Our article finally encourages policymakers to examine the effectiveness of the private enforcement mechanisms that EU and domestic laws provide in order to ensure that all harm caused by products can be recovered, even if the PLD is not the appropriate legal basis for the consumer's claim.
93. Article 6(1), Directive 85/374/EEC.94.Article 7(b), Directive 85/374/EEC.95.Article 6(1)(e), revised PLD.The meaning of the 'manufacturer's control' refers to the situations where a manufacturer authorizes software updates or upgrades, or the modification of the product.Article 4(5), revised PLD.96.Article 10(2), revised PLD.97.For example, The Directive (EU) 2019/770 on the contracts for the supply of digital content and digital services provides the rules to protect consumers when purchasing digital content and services, including software.Consumers will be protected when digital content and digital services are faulty and they will have the right to remedies.For example, they could ask providers to fix the problem or terminate the contract and get a refund.See: Directive (EU) 2019/770 of the European Parliament and of the Council of 20 May 2019 on certain aspects concerning contracts for the supply of digital content and digital services, OJ L 136, 22.5.2019,p. 1-27.98. Hacker, 51 Computer Law and Security Review (2023), p. 28.