EU: Report on Liability for Artificial Intelligence and Other Emerging Digital Technologies – Part 3

January 21, 2020

By Zayed Al Jamil, Counsel, and Holly Tunnah, Knowledge Paralegal and AI Specialist for LIBOR

The New Technologies Formation (NTF) of the Expert Group on Liability and New Technologies, set up by the European Commission, was convened in June 2018. After analysing the relevant national laws and looking at specific use cases, its 2019 report compared various aspects of existing liability regimes and discussed how emerging digital technologies could fit into the pre-existing framework. The NTF decided that certain adjustments need to be made to EU and national liability regimes to allow for just and equitable results for those affected.

The NTF considered both artificial intelligence (AI), and more broadly, “emerging digital technologies”, including the internet of things (IoT), distributed ledger technology (DLT), advanced robotics and autonomous systems. This means that the conclusions reached in the report could have implications for a broad range of technologies, sectors and individual businesses, even where, on the face of it, a particular technology (to pick an example from the report, an IoT-enabled kettle) does not immediately appear to be on the technological cutting edge.

In this series of three Blog Posts, we discuss the key points addressed in the report, and in particular, the potential implications for businesses that are procuring, developing and/or deploying emerging digital technologies.

The current legal framework – issues and potential solutions

In Blog Post 2 we examined some of the potential changes to the existing legal framework recommended by the NTF  that we believe would have the most significant implications for businesses that are procuring, developing and/or deploying emerging digital technologies.  We conclude our examination of such potential changes in this Blog Post 3. 

Commercial and technological units

One of the challenges for victims suffering loss from emerging digital technologies is that of showing which part of the digital ecosystem caused the damage. The NTF considers that this challenge will be made more difficult where multiple developers have contributed to the various elements of the technology. The risk here is that the victim attempts to sue the wrong party, ending up with no compensation and high litigation costs.

As a result, the NTF takes the view that it is justified to have special rules where two or more parties cooperate on a contractual or similar basis on the provision of different elements of one and the same digital ecosystem, forming a commercial and technological unit.

The NTF’s proposed solution:

Where two or more persons cooperate on a contractual or similar basis in the provision of different elements of a commercial and technological unit, and where the victim can demonstrate that at least one element has caused the damage in a way triggering liability but not which element, all potential tortfeasors should be jointly and severally liable vis-à-vis the victim.

As a result of this rule, the NTF believes that victims would not be forced to bear the risk of an internal commercial structure that could have alternatively been a single provider. It considers that this is also a more efficient way of holding those who potentially cause injury liable, as they are in the best position to control risks of interaction and interoperability, as well as being free to agree upfront the distribution of the cost of accidents.

Accordingly the NTF is of the view that it is therefore justified to have special rules where two or more parties cooperate on a contractual or similar basis on the provision of different elements of one and the same digital ecosystem, forming a commercial and technological unit.

In our view:

  • this principle may be particularly important for systems integrators and businesses that employ tower structures in their technology stack.
  • in these circumstances, suppliers may find themselves jointly and severally liable to third parties in circumstances that they would not normally anticipate.
  • providers and customers in these structures may need to agree how claims will be managed, given that they may have an impact on others within the structure.

Vicarious liability

Vicarious liability allows for someone to be held liable on behalf their human helper. It follows then that the beneficiary of such support should be held equally liable where they outsource their duties to a non-human helper instead.

At least in respect of those jurisdictions that consider vicarious liability to be a variant of fault liability, the NTF notes that, in holding the principal liable for the wrongdoing of another, it may be challenging to identify the benchmark against which the operations of non-human helpers will be assessed.

The potential benchmark should take into account that, in many areas of application, non-human auxiliaries are safer (because they are perhaps less likely to cause damage to others than human actors), and that the law should at least not discourage their use.

The NTF’s proposed solution:

If harm is caused by autonomous technology used in a way that is functionally equivalent to the employment of human auxiliaries, the operator’s liability for making use of the technology should correspond to the otherwise existing vicarious liability regime of a principal for such auxiliaries.

The benchmark for assessing performance by autonomous technology in the context of vicarious liability is primarily the one accepted for human auxiliaries. However, once autonomous technology outperforms human auxiliaries, this will be determined by the performance of comparable available technology which the operator could be expected to use, taking into account the operator’s duties of care.

The development of emerging digital technologies, in particular systems with a high degree of decision-making autonomy, requires that the requirements of equivalence should be respected. Where the use of a human auxiliary would give rise to the liability of a principal, the use of a digital technology tool instead should not allow the principal to avoid liability. Rather, it should give rise to such liability to the same extent.

In our view, the scope of the “comparable available technology” benchmark may be particularly challenging for businesses, because it places an onus on them to continually update their technology, while business imperatives may require the pace of change to be balanced against cost or the broader impact on its technology stack (for example, where older legacy systems remain in use).


The NTF observes that an obligatory insurance scheme for certain categories of AI/robots has been proposed in the past at EU level as a possible solution to the problem of allocating liability for damage caused by such systems. However, the NTF’s view is that an obligatory insurance scheme cannot be considered to be the only answer to the problem of how to allocate liability, and cannot completely replace clear and fair liability rules.

For example, insurance companies form a part of the whole social ecosystem, and they themselves need liability rules to protect their own interests in relation to other entities.

Moreover the NTF believes that, in order to keep emerging digital technologies as safe as possible, and therefore trustworthy, a duty of care should be affected by insurance as little as possible. At the same time, cases of very high or catastrophic risks need to be insured in order to secure compensation for potentially serious damage.

The NTF’s proposed solution:

The more frequent or severe potential harm resulting from emerging digital technology, and the less likely the operator is able to indemnify victims individually, the more suitable mandatory liability insurance for such risks may be.

The NTF considers that it may be advisable to make liability insurance cover compulsory for certain emerging digital technologies. This is particularly true for highly significant risks (which may either lead to substantial harm and/or cause frequent losses), where it seems unlikely that potential injurers will be capable of compensating all victims themselves (either out of their own funds, with the help of alternative financial securities, or through voluntary self-insurance).

Compensation funds

The NTF raises the possibility that compensation funds may be used to protect tort victims.

The NTF’s proposed solution

Compensation funds may be used to protect tort victims who are entitled to compensation according to the applicable liability rules, but whose claims cannot be satisfied.

The NTF also considers that:

  • there is a need to ensure that, in the areas where compulsory liability insurance is introduced, a compensation fund is also in place to redress damage caused by an unidentified or uninsured technology.
  • Article 10 of the Motor Insurance Directive may serve as a model for such a scheme.

Legal personality

The NTF is clear that, for the purposes of liability, it is not necessary to give autonomous systems a legal personality.  It argues that:

  • theoretically, a legal personality could consist solely of obligations. Such an approach, however, would not be practically useful, since civil liability is a property liability, requiring its bearer to have assets.
  • any sort of legal personality for emerging digital technologies may give rise to a number of ethical issues. More importantly, it would only make sense to go down that road if it helps legal systems to tackle the challenges of emerging digital technologies.
  • any additional personality should go hand-in-hand with funds assigned to such electronic persons, so that claims can be effectively brought against them. This would amount to putting a cap on liability and – as experience with corporations has shown – subsequent attempts to circumvent such restrictions (say, by pursuing claims against natural or legal persons to whom electronic persons can be attributed) would effectively require “piercing of the electronic veil” (in company law, analogous attempts to piece the corporate veil can be costly with uncertainty of outcome). 

Damage to data

The NTF notes that damage caused to data may lead to liability where:

  • liability arises from contract; or
  • liability arises from interference with a property right in the medium on which the data was stored or with another interest protected as a property right under the applicable law; or
  • the damage was caused by conduct infringing criminal law or other legally binding rules whose purpose is to avoid such damage; or
  • there was an intention to cause harm.

In defining such conduct-related rules, the NTF’s view is the law should give due consideration to the ubiquity of data and its significance as an asset. While it would theoretically be possible to introduce, for example, a standard stating very broadly that it is generally prohibited to access, modify etc. any data controlled by another person (and to attach liability if this standard is breached), this might result in excessive liability risks because all of us are, in one way or another, constantly accessing and modifying data controlled by others.

In our view, to some extent the risk of loss and damage to data is not new to emerging digital technologies, and it has been a consistent theme for some time that the law in this area lacks clarity. However, the extent to which emerging digital technologies use, generate and rely on data means that this risk will only grow over time.  

Our observations

In light of the NTF’s report and the recent rapid development of emerging digital technologies, it is safe to assume that the legal framework surrounding liability will be evolving in the near future to ensure that victims are protected against the risks of such development.

While the changes are focused on ensuring that victims of damage caused by emerging digital technologies are provided with equivalent redress to that which is caused by a human equivalent, this will inevitably affect businesses, not just in their relationships with their customers and the public, but also with their suppliers and partners.

The process for contracting for emerging digital technologies and the requirements for adequate governance of these technologies will have to adapt to the new liability landscape. Suppliers and customers are likely to propose different solutions and it is likely to take time for market practice to settle into new norms.

In general terms, the allocation of liability for emerging digital technology is an issue with which many businesses are already grappling (see our analysis of the existing liability position in our Inside Tech Law website of the following emerging digital technologies: Artificial intelligence, Autonomous vehicles and the Internet of things). The recommendations in the NTF’s report present challenges for business, insofar as the victim-centric approach, with a focus on equivalence and effective access to justice, could potentially broaden liability for both providers and users of emerging digital technologies, but they would also provide some certainty as to the liability landscape for business given that the application of existing rules is uncertain. 

Although a European initiative, from the UK perspective (despite Brexit) the outlook and proposals discussed in this report will remain relevant to the UK, and are also likely to influence the regulatory debate beyond the EU.

For more information

For more information on emerging digital technologies, see the following Norton Rose Fulbright resources: