Liability for Artificial Intelligence: explanations on the Expert Group’s report

During a parliamentary meeting of the Legal Affairs committee (JURI) on 9 January, a representative from the European Commission gave explanations on the report on “Liability for Artificial Intelligence and other emerging technologies”.

Dirk Staudenmayer, Head of the Contract Law Unit at DG JUST, underlined that this report is not the official line of the Commission -as it is an Expert Group’s report. The Commission still does not have a position on this issue. However, an initiative on AI is expected in the coming months.

A problematic burden of proof

The main issue when analysing the current liability framework is the ability for victims to claim compensation. In the current regime, the general principle is that victims need to prove that a fault caused the damage. Proving such a causal link might result extremely problematic when it comes to artificial intelligence systems. It is indeed difficult to identify the liable person and to assess whether an AI system behaved normally because of its autonomy, opacity and interconnections with other systems. Therefore, amendments of current rules might be needed to ensure victims’ access to justice.

Distinction high-risk applications/low-risk applications

The experts recommend to distinguish high risk applications and low risk applications.

- High risk applications: these are such applications where 1) the public at large is exposed to a risk, 2) a legal interest of high value is at stake (for instance the citizens’ lives). It also needs to be a fully autonomous AI. Typically, autonomous vehicles and drones fit into this category.

In this case, the expert group suggests applying a strict liability regime, coupled with mandatory insurance. This means that victims would not have to prove any wrongdoing on the manufacturer/operator’s side, they only have to prove that certain risks materialised in a damage. This type of liability regime is widely used in the car industry.

- Low risk applications: they cover most of AI uses, such as smart homes. Medical surgery devices would also fit into this category as they do not expose the public at large but “only” the patient.

In this case, experts recommend sticking to the current tort law, but with slight amendments. For instance, the burden of proof could be shifted or alleviated in certain situations.

Cybersecurity aspects

Dirk Staudenmayer underlined that product safety rules will need to be adapted to AI in order to include cybersecurity risks. He mentioned the case of an operator who did not update a software and hence did not comply with cybersecurity rules. In this case, there must be a shift in the burden of proof or alleviated burden, i.e. the operator becomes responsible for proving that he is not in fault. On the contrary, if the operator complied with cybersecurity rules, victims need to prove their claim.

The representative stated that cybersecurity and IoT are important aspects to consider. These aspects make it harder to find the liable person -as a third party, such as a hacker, might have caused the problem. If a hacker can be identified, then there might be solutions. Experts did not come to a sharp conclusion in this respect.

No legal personality for AI systems

Experts do not recommend giving a legal personality to AI systems. If given legal personality, AI systems would need to have their own financial funds, and ultimately the question of who pays (who gives these funds) remains.

N.B: a previous briefing on this matter was sent last December. See here.