This article summarises publicly available guidance from regulators and official sources. It is general educational information only and does not constitute legal or professional advice. Requirements vary by jurisdiction. Consult your regional authority or a qualified professional for advice specific to your situation.
The EU's proposed AI Liability Directive, once expected to define how businesses would be held liable for AI-related harm, was formally withdrawn by the European Commission in 2025. If you've been tracking it as the framework that will eventually govern your exposure, that framework no longer exists, but a different one already does.
In short: The AI Liability Directive was withdrawn after EU legislators couldn't reach agreement, with the formal withdrawal notice published in the Official Journal in October 2025. Instead, the revised Product Liability Directive (Directive (EU) 2024/2853) already applies, and it explicitly treats software and AI systems as "products" subject to strict liability. EU member states must transpose it into national law by 9 December 2026.
What happened to the AI Liability Directive
The European Commission proposed the AI Liability Directive in September 2022, aiming to make it easier for people harmed by an AI system to bring a claim, including rules on disclosure of evidence and a presumption of causality in certain cases. EU legislative bodies were unable to reach agreement on the text, and the Commission formally withdrew the proposal, with the withdrawal notice published in the Official Journal on 6 October 2025. The Commission's stated reasoning pointed to the risk of fragmented rules across member states if agreement couldn't be reached.
What actually applies instead
The founder of a 15-person EU startup building an AI-powered diagnostic add-on for physiotherapy clinics had been loosely tracking the AI Liability Directive as the framework that would eventually define her liability exposure. What she'd missed is that the revised Product Liability Directive, Directive (EU) 2024/2853, already covers much of the same ground. It modernises the EU's decades-old product liability rules and explicitly extends the definition of a "product" to include software and AI systems, meaning a defective AI system can trigger the same kind of strict liability that's long applied to a faulty physical product.
Under strict liability, an injured party generally doesn't need to prove the manufacturer was negligent, only that the product was defective and caused the harm. This is a materially different, and in some ways lower, bar for a claimant than the fault-based liability rules that would otherwise apply, which is part of why the shift matters for any business building or selling AI-driven products into the EU.
The transposition deadline
EU member states are required to transpose the revised Product Liability Directive into their own national law by 9 December 2026. Because it's a directive rather than a directly-applicable regulation (unlike the EU AI Act), the exact implementing detail can vary slightly by member state, though the core "software and AI as product" principle is set at the EU level and won't vary. Businesses selling into multiple EU countries should expect broadly consistent treatment, with country-specific procedural detail worth checking closer to the transposition date.
What this means in practice
If your business builds or embeds an AI system into a product sold in the EU, whether that's a standalone AI tool or AI features layered onto an existing physical or software product, the revised Directive is the liability framework to actually prepare for, not a directive that no longer exists. Practical steps worth taking ahead of the December 2026 transposition deadline: document the AI system's intended use, known limitations, and testing evidence (this documentation becomes relevant if a defect claim is ever made), review product liability insurance coverage to confirm it extends to AI-related defects specifically, and check supply chain contracts if you're integrating a third-party AI model, since liability can flow through a supply chain under the revised rules.
How this relates to the EU AI Act
The revised Product Liability Directive and the EU AI Act are separate, parallel frameworks doing different jobs. The AI Act sets rules for how AI systems must be designed and deployed, risk classification, conformity assessment, transparency obligations, and so on, aimed at preventing harm before it happens. The Product Liability Directive governs who pays and under what standard once harm has actually occurred. A business can be fully compliant with the AI Act's design and deployment obligations and still face a product liability claim if its AI system turns out to be defective in a way that causes harm, the two frameworks aren't mutually exclusive or substitutes for each other.
In practice, evidence of AI Act compliance, documented risk management, testing records, conformity assessment where required, can be genuinely useful in a product liability defence, since it demonstrates the kind of due diligence a court is likely to weigh when assessing whether a product was defective. Treating AI Act compliance work and product liability preparation as one connected documentation effort, rather than two unrelated compliance projects, is a more efficient way to approach both.
Methodology (Real-World, Verified)
We test AI tools against real SMB workflows: the tasks a 20-person business actually uses AI for, not enterprise demos. Pricing is verified at the vendor's published rates, with local-currency conversions noted where relevant. Compliance notes reference the legislation and regulatory guidance relevant to each article's region. Every tool is judged on one question: could a business with no dedicated IT department actually pick this up and use it on Monday morning.
Related reading: our AI governance by region.
Is the EU AI Liability Directive still coming?
No. The European Commission formally withdrew the proposed AI Liability Directive, with the withdrawal notice published in the Official Journal in October 2025, after EU legislators couldn't reach agreement on the text.
What governs AI product liability in the EU now?
The revised Product Liability Directive (Directive (EU) 2024/2853), which explicitly treats software and AI systems as "products" subject to strict liability. Member states must transpose it into national law by 9 December 2026.
Does the revised Product Liability Directive apply the same way in every EU country?
The core principle, that software and AI count as products subject to strict liability, is set at EU level and applies consistently. As a directive rather than a regulation, some implementing detail can vary by member state once each transposes it into national law.
Does this affect businesses that only use AI tools, not build them?
The Directive is primarily aimed at manufacturers and providers who place a defective AI-driven product on the market. A business that only uses a third-party AI tool internally, without building or selling an AI-driven product itself, is less directly exposed, though it's still worth understanding how liability could flow through a vendor relationship.
The information in this article is general in nature. It reflects a summary of publicly available guidance and does not constitute legal, privacy, or professional advice. Your obligations will depend on your specific situation, jurisdiction, and business circumstances. Do not rely on this article as a substitute for qualified legal or professional advice.
Building an AI-driven product for the EU market? See what the EU AI Act itself requires, separately from product liability.
Check the EU AI Act Risk Tiers