AI Risk and Governance

AI Opacity Now Counts Against You

From December 2026, EU law treats your software and AI as products under strict liability, and complexity no longer shields you. The court can presume the defect.

By Leon Soliman · 2026-06-25 · 3 min read

Software and AI Are Now Products

The EU Product Liability Directive (EU) 2024/2853 has entered into force and must be transposed by member states by 9 December 2026. For the first time, software counts as a product whether it is embedded in a device, downloaded, or delivered as a service, and AI systems are treated as a form of software. The strict liability regime that has long applied to a faulty brake or a defective appliance now applies to the model and the application you ship.

This closes a gap that producers have relied on for years. The European Commission withdrew its separate AI Liability Directive in early 2025, so the Product Liability Directive is now the main civil route for anyone harmed by an AI system. The rules apply to products placed on the market or put into service after the deadline, which means the regime you design for today is the one a court will judge tomorrow.

Complexity No Longer Protects You

The change that matters most is procedural. A claimant still has to show a defect, the damage, and the link between them, but the directive eases that burden precisely where AI is hardest to challenge. Where proof is excessively difficult because of the technical or scientific complexity of the product, and a defect is at least probable, the court can presume both the defect and the causal link.

Read that against how AI actually behaves. The opacity of a model used to be an informal defense, since no outsider could prove how an output was produced. Under the new regime that same opacity triggers the presumption. The argument that no one can prove the system failed now works against the producer, not for it.

Disclosure Is the New Front Line

The directive pairs the presumption with a disclosure duty. When a claimant presents a plausible case, the economic operator must disclose the necessary and proportionate evidence in its control, subject to protection of genuine trade secrets. Refuse, and the court may presume the product was defective. Withholding your logs, model documentation, and test records is no longer a neutral act; it becomes evidence against you.

For any company that builds, integrates, or deploys AI, this turns documentation into a legal asset. The records that prove how a system was trained, tested, monitored, and corrected are what you will produce when a claim arrives, and their absence is what a court will hold against you. Germany is moving in the same direction with a reform of its Produkthaftungsgesetz, its first fundamental revision since 1989, aimed squarely at software and AI.

Frequently asked questions

Does this apply if we only use AI, rather than build it?

Often, yes. The directive reaches a chain of economic operators, including those who substantially modify a product or place it on the EU market, so an integrator or deployer can carry liability alongside the original developer. The practical question is not whether you wrote the model but whether you put the product into use, and what you can show about how you controlled it.

When do we need to be ready?

The rules must be transposed across the EU by 9 December 2026 and apply to products placed on the market or put into service after that date. Because liability is judged against the state of a product when it enters the market, the documentation and disclosure practices you build now are what will be tested later, so readiness is a present task rather than a future one.

The law has stopped treating AI as something too novel to judge. It now treats it as a product, and it expects you to prove you built it with care. The companies that can show their work will defend themselves, and the ones that hid behind complexity will find it pointing the other way.

Product Liability AI Liability EU AI Act Compliance Germany Mittelstand

More from the Servola Journal

AI Risk and Governance

If Apple Decided It Could Not Build Its Own AI, Why Do You Think You Can?

2026-06-21 · 3 min read

Read the article →

AI Risk and Governance

Your AI Vendor Just Became Your Competitor. What Now?

2026-06-21 · 3 min read

Read the article →

AI Risk and Governance

Can 13 Words Poison What AI Says About Your Company? Reportedly, Yes.

2026-06-20 · 2 min read

Read the article →

Servola

Servola helps companies map where the new product-liability regime touches their software and AI, and build the disclosure and documentation that holds up in court, in German and English.

Request a private introduction About Servola →

Servola is technology counsel for a small number of families and offices. When a decision cannot be delegated, we sit on your side of the table.

Servola Systems GmbH · Ludwigshafen, Germany · [email protected]

← All articles