The EU will make vendors liable for bugs
The EU has updated product liability laws to include software, holding vendors accountable for security flaws and planned obsolescence. The directive takes effect in fall 2026, exempting open-source software.
Read original article
The European Union has revised its product liability laws to include software and associated risks, such as security flaws and planned obsolescence. The new Directive on Liability for Defective Products, which replaces an older directive, allows consumers to hold companies accountable for selling defective software products. Key changes include extending liability to vendors for software with security flaws that cause consumer damage, both physical and material. The directive also mandates that vendors must provide a software update mechanism and prohibits withholding information about negative impacts of updates. Companies can be held liable for planned obsolescence practices, such as intentionally degrading product performance to encourage upgrades. While consumers must prove product defectiveness, the directive introduces mechanisms to compel vendors to provide necessary evidence. Notably, free and open-source software is exempt from these requirements. The directive was approved by the EU Parliament and Council and will take effect in 24 months, in the fall of 2026.
- The EU's new directive includes software in product liability laws.
- Vendors are liable for security flaws in software that cause consumer damage.
- Companies must provide update mechanisms and cannot withhold negative update information.
- Planned obsolescence practices can lead to vendor liability.
- Free and open-source software is exempt from the new liability requirements.
Related
Microsoft points finger at the EU for not being able to lock down Windows
Microsoft blames the EU for hindering Windows security due to an agreement allowing security software access. Recent disruptions affected 8.5 million PCs. EU restrictions differ for tech giants like Apple and Google.
Europe is in danger of regulating its tech market out of existence
Tech companies, including Apple, Meta, and Nvidia, face challenges in Europe due to strict regulations like the EU's Digital Markets Act, risking innovation and investment in the region's tech landscape.
CA law inspired by Ubisoft, Sony requires warning that games can be taken away
California's AB 2426, effective in 2025, mandates retailers to warn consumers about the revocability of digital purchases, inspired by issues with Sony and Ubisoft, potentially influencing other states.
Understanding the EU AI Act's Impact and Ripple Effects in the US
The EU AI Act establishes a global framework for responsible AI, categorizing systems by risk, requiring compliance from companies, and encouraging practical implementation while serving as a model for U.S. lawmakers.
The New EU Product Liability Directive: Software as a Product
The EU is revising the Product Liability Directive to classify software as a product, expanding liability to more parties and including immaterial damage, with a 24-month implementation period for member states.
4 commentsThat condition makes sense, at least at first.
That's a tricky one. Is it limited to connected software, or the software in my Christmas lights?
Related
Microsoft points finger at the EU for not being able to lock down Windows
Microsoft blames the EU for hindering Windows security due to an agreement allowing security software access. Recent disruptions affected 8.5 million PCs. EU restrictions differ for tech giants like Apple and Google.
Europe is in danger of regulating its tech market out of existence
Tech companies, including Apple, Meta, and Nvidia, face challenges in Europe due to strict regulations like the EU's Digital Markets Act, risking innovation and investment in the region's tech landscape.
CA law inspired by Ubisoft, Sony requires warning that games can be taken away
California's AB 2426, effective in 2025, mandates retailers to warn consumers about the revocability of digital purchases, inspired by issues with Sony and Ubisoft, potentially influencing other states.
Understanding the EU AI Act's Impact and Ripple Effects in the US
The EU AI Act establishes a global framework for responsible AI, categorizing systems by risk, requiring compliance from companies, and encouraging practical implementation while serving as a model for U.S. lawmakers.
The New EU Product Liability Directive: Software as a Product
The EU is revising the Product Liability Directive to classify software as a product, expanding liability to more parties and including immaterial damage, with a 24-month implementation period for member states.