Hey Henry and Jonah,
I wanted to get your thoughts on the new EU Product Liability Directive and its implications:
-
Liability for Software Vendors: The directive makes software vendors responsible for defective software, including security flaws that can lead to data breaches. Do you think this will encourage companies to focus more on user privacy as well as security?
-
Open-Source Software: While open-source software is exempt from direct liability, companies that use it can still be held accountable. Could this lead to more businesses investing in improving open-source tools?
-
Impact on AI Systems: The directive also applies to AI systems, meaning providers could be liable if their systems cause harm, like spreading false information. How do you think this will affect AI safety and transparency?
-
Global Influence: Since the directive applies to any company selling in the EU, including those from Asia and the US, do you think it could impact global markets or encourage other regions to adopt similar regulations?
Note: EU member states will have 24 months to transpose the directive into their national laws, so we can expect these new regulations to be applicable by the end of 2026.
While the new EU PLD states “This Directive does not apply to free and open-source software that is developed or supplied outside the course of a commercial activity.”, I’m unsure how this will affect software that is Open-source but has a paid version or accepts donations. Hopefully, when EU countries ratify this law, it will be clearer and won’t harm software that depends on donations.
Looking forward to hearing your thoughts!
Source:
https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=OJ:L_202402853