AI Liability: Ensuring Accountability in the Age of Autonomous Systems

As artificial intelligence (AI) continues to advance, its integration into various industries brings significant benefits but also complex legal challenges. A critical issue is determining liability when AI systems malfunction, causing financial, reputational, or even physical harm. The traditional legal frameworks struggle to keep pace with AI’s unique characteristics, necessitating new approaches to accountability and compensation.

The Challenge of AI Liability

AI systems exhibit characteristics such as autonomous decision-making, continuous learning, and 'black box' operations, making it difficult to determine responsibility when things go wrong. Multiple stakeholders contribute to AI development and deployment, further complicating liability attribution. The primary parties potentially held accountable include:

• Manufacturers: Are there inherent design or manufacturing defects?
• Software Developers: Does the issue stem from flaws in coding or system integration?
• Deployers/Operators: Did ongoing AI learning or software updates introduce unforeseen risks?
• End Users: Were AI systems used as intended, and were cybersecurity measures properly implemented?

The idea of AI itself bearing liability has been discussed in theoretical debates, but it remains legally unrecognized.

• AI Personhood – A theoretical concept of granting AI a legal status similar to corporations, allowing it to be held accountable for its actions. However, this is unrealistic, as AI lacks consciousness, intent, and financial assets to pay damages.
• Insurance-Based Models – Instead of holding AI accountable directly, this concept suggests mandatory insurance for AI systems. Compensation for damages would be covered by insurance rather than legal battles involving developers or operators.

Currently, liability remains with human stakeholders - manufacturers, software developers, and deployers - who are responsible for ensuring AI safety and compliance.

Existing Legal Frameworks for AI Liability

Negligence

To establish negligence, plaintiffs must prove that a duty of care was breached, resulting in harm. However, AI’s autonomous nature complicates causation. If an AI system evolves beyond its original programming, tracing the source of failure becomes challenging. Courts must determine whether liability rests with the developer, operator, or another party.

Breach of Contract

If an AI system fails to perform as contractually promised, affected parties may seek redress through contract law. However, AI’s unpredictability raises concerns about defining expected performance standards. Additionally, contractual clauses often limit liability, necessitating clearer regulations on AI-related warranties and obligations.

Strict Liability and Product Liability

Under the Product Liability Directive 85/374/EC (PLD), manufacturers can be held liable for defective products, but software alone has historically not been classified as a “product.” The New Product Liability Directive 2024/2853 (New PLD, December 2024), expands this scope to include AI systems, making it easier for consumers to seek compensation for harm caused by defective AI models. This shift reflects growing recognition of AI’s potential risks, particularly regarding safety, data protection, and decision-making bias.

AI and the Issue of Plausible Deniability

One of the most significant challenges in AI liability is plausible deniability, where stakeholders - such as developers, deployers, or users - can shift or evade responsibility by blaming the AI system itself. Unlike traditional technologies with clearly defined control mechanisms, AI operates autonomously, often making decisions that even its creators cannot fully explain.

This lack of transparency allows companies and individuals to distance themselves from accountability when AI-driven actions cause harm. For instance:

• Corporations deploying AI decision-making systems may argue that unintended discrimination, biased hiring, or wrongful financial rejections were the result of an AI’s autonomous learning rather than corporate intent.
• Developers of generative AI could claim that deepfake misinformation or AI-generated fraud was an unpredictable byproduct of the system rather than a deliberate feature.
• AI-powered fraud detection tools may wrongly flag legitimate customers, yet banks or service providers could deny liability by stating that AI models operate beyond human oversight.

To combat plausible deniability, regulators are shifting the burden of proof onto AI developers and operators. The New Product Liability Directive (New PLD) and the EU AI Act introduce obligations for explainability, meaning AI providers must demonstrate reasonable foreseeability of risks and ensure accountability structures.

Proposed legal solutions include:

1. Mandatory Audit Trails: AI systems should generate logs explaining their decision-making process to allow for post-incident investigations.
2. Strict Liability for High-Risk AI: Companies deploying AI in critical sectors (healthcare, finance, criminal justice) should bear liability regardless of intent or knowledge.
3. Transparency and Explainability Standards: Developers must provide clear documentation on AI behavior to prevent liability evasion.

Addressing plausible deniability is crucial to ensuring that AI liability laws remain effective. Without clear accountability mechanisms, AI’s autonomy risks creating a legal gray zone where no party takes responsibility for harm caused by intelligent systems.

Withdrawal of the AI Liability Directive

In its 2025 Work Programme, the European Commission withdrew the proposed AI Liability Directive, citing “no foreseeable agreement” among lawmakers. This move followed significant criticism from industry leaders and policymakers at the AI Action Summit in Paris in February 2025. U.S. Vice President JD Vance strongly opposed excessive AI regulation, emphasizing the need for an innovation-friendly environment.

The withdrawal raises concerns about legal fragmentation across EU member states. Without an overarching AI liability framework, national courts may develop conflicting approaches, leading to legal uncertainty for businesses and consumers alike. The European Commission has stated that it will reassess alternative solutions, balancing innovation with the need for accountability.

However, this decision highlights a growing tension between regulatory oversight and economic competitiveness. While reducing legal constraints may attract investment and foster AI innovation, it also risks weakening consumer protections and leaving gaps in accountability. The central challenge lies in striking a balance between fostering responsible innovation among AI companies and ensuring the protection of consumers from potential harm.

Critics argue that abandoning the AI Liability Directive could undermine the EU’s position as a leader in ethical AI regulation. The bloc has historically championed stringent digital rights and data protection laws, including the General Data Protection Regulation (GDPR) and the Digital Services Act (DSA). The sudden shift away from AI-specific liability rules raises the question: Is the EU sacrificing its leadership in ethical AI for the sake of global competitiveness?

While the European Commission has promised to reassess potential regulatory alternatives, the lack of immediate legal clarity creates uncertainty for businesses and consumers alike. Legal experts caution that, in the absence of a unified framework, AI-related liability disputes will likely be handled inconsistently across member states, potentially leading to regulatory fragmentation and increased litigation.

Practical Steps to Mitigate AI Liability Risks

Given the evolving regulatory landscape, organizations deploying AI should take proactive steps to mitigate liability risks:

• Comprehensive Risk Assessments: Regularly evaluate AI systems for biases, security vulnerabilities, and compliance with applicable regulations.
• Clear Usage Guidelines: Provide detailed user instructions to minimize misapplication.
• Transparency and Explainability: Implement AI explainability measures to clarify decision-making processes.
• Robust Security Protocols: Protect AI systems against cyberattacks and unauthorized alterations.
• Legal and Compliance Strategies: Work with legal experts to ensure contracts, warranties, and liability disclaimers reflect AI-specific risks.
• Insurance Coverage: Secure AI liability insurance to mitigate financial risks arising from AI failures.
• Ethical AI Governance: Establish internal oversight committees to review AI applications for ethical concerns.

Future Outlook

As AI technology continues to advance, the debate over liability is expected to intensify. Policymakers will need to strike a balance between fostering innovation and ensuring that victims of AI malfunctions receive fair compensation. The EU AI Act imposes risk-based regulatory obligations on AI developers and deployers, but its interaction with existing liability laws is still uncertain.

Courts worldwide will play a pivotal role in shaping the jurisprudence of AI liability. Landmark cases are anticipated to establish important precedents for resolving AI-related disputes, which will, in turn, guide future legislative efforts. International cooperation may be essential for standardizing AI liability principles across jurisdictions.

The complexity of AI liability necessitates new legal interpretations and regulatory adjustments. Businesses must remain vigilant in observing emerging legal trends to minimize risks while still promoting responsible AI innovation. The recent withdrawal of the AI Liability Directive highlights the challenges in achieving consensus. However, ongoing initiatives such as the New Product Liability Directive and the AI Act indicate that AI liability will remain a focal point for lawmakers in the coming years.

By adopting best practices for AI governance, transparency, and compliance, organizations can effectively navigate this ambiguous landscape and contribute to the ethical and responsible advancement of AI technologies.

Neven Dujmovic, February 2025

?

References

• Directive (EU) 2024/2853 of the European Parliament and of the Council of 23 October 2024 on liability for defective products and repealing Council Directive 85/374/EEC, https://eur-lex.europa.eu/eli/dir/2024/2853/oj/eng
• New Product Liability Directive 2024/2853: New product liability risks for products in the EU, https://www.taylorwessing.com/en/insights-and-events/insights/2025/01/di-new-product-liability-directive
• AI liability – who is accountable when artificial intelligence malfunctions, https://www.taylorwessing.com/en/insights-and-events/insights/2025/01/ai-liability-who-is-accountable-when-artificial-intelligence-malfunctions
• 6 The Legal Personhood of Artificial Intelligences, https://academic.oup.com/book/35026/chapter/298856312
• A new liability framework for products and AI, https://kennedyslaw.com/en/thought-leadership/article/2024/a-new-liability-framework-for-products-and-ai/
• Commission work programme 2025, https://commission.europa.eu/strategy-and-policy/strategy-documents/commission-work-programme/commission-work-programme-2025_en
• JD Vance to EU: deregulate or die trying, https://www.euractiv.com/section/politics/news/jd-vance-to-eu-deregulate-or-die-trying/
• Commission plans to withdraw AI Liability Directive draw mixed reactions, https://www.euractiv.com/section/tech/news/commission-plans-to-withdraw-ai-liability-directive-draw-mixed-reactions/

#AI #ArtificialIntelligence #AILiability #Accountability #AICompliance #AIGovernance #EthicalAI #AIRegulation #EUAIAct #AIAct

?