EU Product Liability Directive 2026: What Every Global Brand Must Do Before December

The most significant change to European product liability law in 40 years — and why your legal, compliance, and quality teams need to act now.

A 40-Year Framework, Fundamentally Rewritten

For four decades, the EU's product liability landscape was governed by Directive 85/374/EEC — a framework designed for a world of physical products, analogue manufacturing, and relatively contained distribution chains. The framework was coherent for its era. It is no longer adequate for the world manufacturers operate in today.

In November 2024, the European Parliament and Council adopted Directive 2024/2853/EU — the new EU Product Liability Directive (EU PLD). Member states are required to transpose it into national law by December 9, 2026. For any company distributing products in the European Union, this is one of the most consequential regulatory developments of the decade.

This guide examines the material changes introduced by the new directive, the specific compliance obligations they create, and the operational steps quality, legal, and regulatory affairs teams must begin now.

The Five Changes That Matter Most

1. Software, AI Systems, and Digital Services Are Now Covered

The old directive applied only to physical products. The new EU PLD explicitly extends product liability to:

• Standalone software (operating systems, firmware, applications)
• AI systems — including AI systems integrated into physical products and standalone AI services
• Digital manufacturing files used in production (relevant for additive manufacturing and generative design)
• Related services where the service is necessary for the product to function as intended

For manufacturers of connected devices, medical technology, consumer electronics, and any product with embedded software, this is transformative. A software update that introduces a defect, an AI-driven product feature that causes harm, or a digital service that malfunctions can now create product liability exposure under the same framework as a physical product defect.

What this means operationally: Software quality processes, version control, update management, and post-market monitoring for software-enabled products must now be managed with the same rigour as physical product quality systems. A vulnerability disclosure that should have triggered a software patch — and didn't — now carries direct product liability implications.

2. Circular Economy and Refurbished Products Are In Scope

The old directive was ambiguous on whether refurbished or substantially modified products created new liability exposure. The new EU PLD resolves this: a product that has been substantially modified in the course of an economic activity, such that the modification creates a new safety risk, creates liability exposure equivalent to a newly placed product.

For manufacturers operating refurbishment, remanufacturing, or product-as-a-service models — increasingly common in electronics, medical equipment, and industrial goods — this creates important supply chain and quality management implications. Modification scope analysis, quality control over refurbishment processes, and updated post-market surveillance coverage for modified product populations are now compliance obligations, not optional risk management.

3. The Burden of Proof Is Shifted in Complex Cases

Under the old directive, the claimant (injured party) bore the burden of proving the defect, the damage, and the causal link between them. This was workable for straightforward physical product failures but created nearly insurmountable barriers for claimants dealing with complex technical products — pharmaceutical interactions, AI-driven decision errors, medical device software failures.

The new EU PLD introduces a disclosure obligation requiring defendants to disclose relevant information in their possession during proceedings. It also establishes presumptions of causality in complex cases: where it is considered excessively difficult for the claimant to prove causation due to technical or scientific complexity, national courts may presume the causal link between a product defect and the claimed damage — shifting the burden to the defendant to rebut.

What this means operationally: Manufacturers can no longer rely on information asymmetry as a litigation defence strategy. Internal quality records, post-market surveillance data, CAPA documentation, complaint trending analyses, and any internal communications about known quality risks are potentially discoverable and will be scrutinised in liability proceedings. The discipline of your documentation practices is now a direct legal risk variable.

4. Liability Caps Are Removed for Personal Injury Claims

The old directive set a €500 million cap per incident on personal injury claims. The new directive removes this cap for personal injury and death claims. Financial caps are retained only for property damage claims.

For manufacturers of high-risk products — particularly Class II and Class III medical devices, pharmaceutical products with significant adverse event profiles, and automotive safety systems — the uncapping of personal injury liability creates a fundamentally different financial risk exposure. A single Class I recall event involving multiple serious adverse outcomes now carries theoretically unlimited EU personal injury liability.

This change alone justifies a comprehensive review of product liability insurance coverage for any company distributing in EU markets. Most policies written before 2025 were priced against the €500M cap framework and may be inadequate for the new exposure.

5. Extended Liability Period for Latent Harms

The old directive included a 10-year cut-off period from the date a product was placed on the market. The new EU PLD maintains this general rule but adds a 25-year exposure period for cases involving latent harms — personal injuries or deaths where symptoms manifest later, as in long-latency medical device complications, chemical exposure injuries, and pharmaceutical long-term effects.

For medical device and pharmaceutical manufacturers, 25-year liability horizons require a fundamental rethinking of long-term post-market surveillance obligations, clinical follow-up study commitments, and product record retention policies.

The Four New Disclosure Obligations

Beyond liability changes, the new EU PLD creates four specific obligations that affect compliance processes:

1. Document Availability for Proceedings

Defendants must be prepared to disclose relevant product documentation — design specifications, quality records, testing data, adverse event reports, internal risk assessments — in litigation proceedings. This is not a new concept for US products liability practice, but represents a significant change for EU litigation.

2. Post-Market Surveillance Records

Manufacturers must maintain structured post-market surveillance records that document ongoing safety monitoring — because under the new framework, evidence of inadequate post-market surveillance itself constitutes grounds for a defect presumption.

3. AI-Specific Documentation

For AI-enabled products, manufacturers must maintain documentation of the AI system's training data scope, intended use parameters, validation and testing records, and material updates to the AI system — all of which are directly relevant to the "defect" determination in AI product liability cases.

4. Incident Response Records

Evidence of how a manufacturer responded when notified of potential defects — including timeliness of investigation initiation, quality of root cause analysis, and speed of recall or field safety action initiation — is now formally relevant to liability determination. A delayed response that allowed additional consumer harm is directly relevant to damages.

What Compliance Teams Must Do Before December 2026

Immediate Priority Actions (Q1 2026)

Legal entity and policy review. Legal and risk management teams should initiate an EU PLD gap analysis against current product liability policies, insurance programmes, and litigation readiness frameworks. The deadline is December 2026, but insurance renewal cycles mean many companies need to address coverage changes within the next six months.

Software and AI product audit. Identify all products distributed in EU markets that incorporate software, AI systems, or digital services components. For each, assess current software quality management maturity, post-market monitoring coverage, update management processes, and documentation standards.

Refurbished / remanufactured product review. If any product lines involve refurbishment, remanufacturing, or modification, conduct a modification scope analysis to assess EU PLD exposure.

Operational Priority Actions (Q2–Q3 2026)

Post-market surveillance uplift. Ensure post-market surveillance systems provide documented, continuous monitoring of field performance — not just annual reviews. For medical device manufacturers, this aligns directly with EU MDR post-market surveillance requirements. For consumer goods and electronics manufacturers, this may require new investment.

Documentation infrastructure. Quality records, CAPA documentation, complaint trending analyses, and internal safety assessments must be maintained in a format suitable for potential disclosure in EU proceedings. Document retention policies should be reviewed against the new 25-year latent harm exposure period.

Incident response protocol review. Response timeliness and quality are now formally relevant to EU product liability outcomes. Recall management processes should be reviewed against the standard of "what would we defend in an EU court?"

Insurance programme review. EU product liability insurance written against the old €500M cap framework may be materially inadequate for uncapped personal injury exposure. Specialist brokers in product recall and product liability should review policy terms against the new directive before the next renewal.

The Opportunity Hidden in the Compliance Obligation

Every regulatory uplift creates a competitive opportunity. The companies that prepare proactively — investing in post-market surveillance capability, documentation rigour, and incident response speed — will not only be better positioned in EU liability proceedings. They will also be demonstrably better at preventing the defects and adverse events that generate liability in the first place.

The new EU PLD creates strong financial incentives for the same operational investments that reduce recall probability and severity: robust post-market surveillance, rigorous CAPA, end-to-end supply chain traceability, and fast incident response. The regulatory framework is now explicitly rewarding the quality practices that reduce consumer harm.

---

SuperRecall.ai helps global brands operating in EU and international markets build the post-market surveillance, recall management, and documentation infrastructure that the new EU Product Liability Directive demands. To see how our platform supports pharmaceutical, medical device, and consumer goods compliance teams, request a demonstration or explore our compliance capabilities.