Experts’ report on AI: new rules on liability are needed

The Expert Group of the European Commission on Liability and New Technologies has recently released a report on Liability for Artificial Intelligence (AI). The experts recommend adjusting the current liability framework to new technologies, such as AI.

Background

Ursula von der Leyen, new European Commission President, has committed to present an initiative on AI within the first 100 days of her mandate. However, the exact shape of this initiative remains unclear. Thierry Breton, Commissioner for the Internal Market, is not in favour of regulating, while Margrethe Vestager, Executive Vice-President, stated that it could be a consultation paper.

Key points of the report on liability

Existing national liability regimes (law of tort) remain largely non-harmonised and do not generally contain applicable rules for AI-based technologies.

At the European level, liability is covered by
- Directive 85/374/EC – Product Liability Directive
- Article 82 of the General Data Protection Regulation (GDPR) that tackles some aspects of liability for infringing data protection
- Liability for infringing competition law (Directive 2014/104/EU)
- Liability insurance with regard to damage caused by the use of motor vehicles (Directive 2009/103/EC)

It is yet possible to apply existing liability regimes to emerging digital technologies, but due to the limitations of existing regimes and their related technical challenges, victims may remain under- or uncompensated.

Limits of the current regimes:

Loss of Data

Regarding data: damage or destruction of data is not considered as a property loss throughout. Likewise, the recognition of personality rights, such as privacy, diverges from one legal framework to another. For instance, Damage caused by self-learning algorithms on financial markets, for example, will therefore often remain uncompensated.

The need to prove the causal link

One of the most essential requirements for establishing liability is a causal link between the victim’s harm and the defendant’s sphere (for instance the manufacturers or operators of AI systems/devices). In other words, the victim must prove that the damage originated from some conduct or risk attributable to the defendant. Proving this causal link in the case of AI is particularly hard, as, for example, it is difficult to establish that the cause of the harm was some flawed algorithm. This is even harder in cases of machine learning and deep learning, where the technology develops without direct human control.

Recommendations from the Expert Group:

-     Strict liability should apply when a person operates a technology that carries an increased risk of harm to others, for example, AI-driven robots in public spaces. Strict liability exempts the victim from having to prove any wrongdoing within the defendant’s sphere. The victim only needs to claim that the risk brought about by the technology materialised. Strict liability of producers for defective products is already harmonised at EU level by the Product Liability Directive.

-     In cases of strict liability, manufacturers or operators will need to get an insurance to cover the potential costs. To keep emerging digital technology as safe as possible, this insurance should limit its impact on the duty of care.

-     Even if a person is using a technology which has a certain degree of autonomy, this person is not less accountable for ensuing harm than if such harm has been caused by a human auxiliary.

-     Manufacturers of products or digital content should be liable for damage caused by their products, even if the defect was caused by changes made to the product after it had been placed on the market.

-     The destruction of the victim’s data should be regarded as damage, which should be compensable under certain conditions.

-     There is no need to give autonomous systems or devices a legal personality. The harm should be attributable to existing persons or bodies.