Product liability and the internet of things
UK product liability law (derived from the Consumer Protection Act 1987 (CPA) which in turn incorporated into UK law EU Directive 85/374/EEC (the Directive)) is now over thirty years old. Putting that into context, the CPA was enacted over a decade before the internet was beginning to see mainstream use and at a time when the Sony Walkman was in its pomp and the Nintendo Game Boy was still to be released.
In the light of the rapid pace of technological development, it is no surprise that in January 2017 the European Commission launched a public consultation to evaluate the Directive and its fitness for purpose.
Internet of Things
One of the key areas of focus for the consultation is the ‘Internet of Things’ (IoT). For the uninitiated, the IoT is the interconnection via the internet of computing devices embedded in everyday objects, enabling them to send and receive data.
Our lives are already littered with examples of IoT technology (more than we would care to admit or perhaps would recognise) such as activity trackers, smart lighting, automated household appliances and self-driving cars. This trend will undoubtedly continue.
A study by the European Commission has predicted that the number of IoT connections within EU member states will rise to almost 6 billion in 2020 from approximately 1.8 billion in 2013. Whilst there are undoubted benefits from these technological advancements (dependent on your perspective) what is evident is that they raise thorny legal issues in areas such as product liability.
Product Liability Issues
If a self-driving car crashed or an automated household device caused a fire, where would liability rest? Under the CPA, liability primarily lies with the producer of the product (including the producers of component parts), any person who has held themselves out as being the producer of the product (such as putting their name on the product) and any person who has imported the product into an EU member state from outside the EU to supply it to another in the course of business.
However, the presence of IoT technology will likely complicate matters. A causal link is required between the defect and the damage it caused and it may become more difficult to determine whether an IoT device was at fault. There is also a more fundamental question of whether under CPA in its current form software falls within the definition of product.
Another issue relates to CPA s3(2)(c) which states that one of the relevant factors in determining the safety levels that people are generally entitled to expect is at the time the product was supplied by the producer. If a producer supplies updates to IoT devices, does this mean that the time period for determining safety at supply runs from each and every update? Approaching it from the other angle, would the consumer then be liable for failing to download such updates?
This on-going relationship between the producer and its device will also raise issues under one of the CPA defences which provides a producer with a defence if it can prove “that the state of scientific and technical knowledge at the relevant time was not such that a producer of products of the same description as the product in question might be expected to have discovered the defect if it had existed in his products while they were under his control”. For producers who monitor IoT devices, and therefore become aware of defects at a later date, it may be said that the device remains under the producer’s control effectively obligating continuing updates and continuing exposure to product liability claims.
The big issue which has hit the headlines on a number of occasions is that since IoT devices are connected to the internet they are vulnerable to the possibility of hacking. Under the CPA there is a defect if the safety of the product is not such as persons generally are entitled to expect. In relation to hacking, the question will be what level of security are people generally entitled to expect to protect them against hacking? The expectation of safety may vary dependent on the market the IoT device operates in.
Developments
The UK government is already looking at the issue of self-driving cars through the Vehicle Technology and Aviation Bill (VTAB). In its current form, the VTAB proposes that where an accident is caused by an insured automated vehicle driving itself, the insurer is liable for the accident. If there is no insurance the owner is liable instead. This is intended to avoid the need for a potentially complex product liability claim for the victim. However if an accident occurs as a direct result of prohibited alterations to the vehicle’s operation system or failure to install software updates, the insurer can recover from the person responsible, showing recognition that the product may not always be at fault. Additionally, an insurer or owner is not liable to the driver where the accident was caused due to the driver allowing the car to drive itself in an inappropriate situation. This brings back to focus driver negligence.
Should the VTAB be enacted, it will provide much-needed clarity in respect of self-driving cars. However, there are still a wealth of other IoT devices which continue to raise product liability issues for both producers and consumers meaning that this area of law still has plenty of room for development (even before you throw Brexit into the pot) and the response to the public consultation on the Directive will be very interesting.
This article was written by Jamie Cartwright. For more information please contact Jamie on +4401483252618 or at jamie.cartwright@crsblaw.com
Our thinking
Grégoire Uldry
New Swiss succession law on the transfer of businesses
On 10 June 2022, the Federal Council adopted its Message amending the Civil Code on the transfer of businesses by succession.
Joshua Green
Joshua Green writes for Spear's Magazine on Wagatha Christie’s lessons for HNWs
Wagatha Christie’s lessons for HNWs
Stephanie Bonnello
Stephanie Bonnello writes for the Practical Law Dispute Resolution blog on witness evidence
When are witness summaries permitted instead of witness statements and when should material be struck out from a witness statement?
Emma Humphreys
Emma Humphreys and Paul McCarthy write for Property Week on the new landlord digital ID checks
Emma Humphreys and Paul McCarthy write for Property Week on new landlord digital ID checks
Louise Paterson
Artnet quotes Louise Paterson on the Ivory Act
UK’s Ivory Act comes into force
Nick Hawkins
Nick Hawkins writes for Employment Law Journal on demystifying employment contracts
Key considerations for drafting effective post- termination restrictions
Pei Li Kew
Pei Li Kew writes for Pharmacy Business on the link between pharmacy and IP
Pei Li Kew writes for Pharmacy Business on the link between pharmacy and IP
Mark Howard
Charles Russell Speechlys advises Acora on its acquisition of Secrutiny
Charles Russell Speechlys advises Acora on its acquisition of Secrutiny
Jonathan McDonald
Jonathan McDonald provides comment for City AM on the Data Reform Bill announced in the Queen's Speech
Jonathan McDonald provides comment for City AM on the Data Reform Bill announced in the Queen's Speech
Nick White
Charles Russell Speechlys advises Symphony Holdings Limited on the sale of its PONY trade mark portfolio for USD $28 million
Charles Russell Speechlys advises Symphony Holdings Limited on the sale of its PONY trade mark portfolio for USD $28 million.
Simon Ridpath
Simon Ridpath featured in the Lawyer’s Hot 100 list
Simon Ridpath features in The Lawyer’s Hot 100 list
Natalie Batra
Patents and Peppa Pig: What is happening to intellectual property rights in Russia?
Certain Russian individuals and businesses can now use patents, utility models and industrial designs without obtaining prior permission.
Simon Green
International Bar Association quotes Simon Green on the future of the legal sector in Hong Kong
International Bar Association quote Simon Green on the future of Hong Kong's legal sector
Charlotte Duly
Charlotte Duly quoted in Retail Gazette on House of Zana trademark dispute
Charlotte Duly quoted in Retail Gazette on House of Zana trademark dispute
Keir Gordon
Charles Russell Speechlys celebrates this year’s Sports Technology Awards finalists
The Sports Technology Awards celebrates tech-led innovation in sports, globally.
Mark Hill
Mark Hill quoted in The Times on the Ed Sheeran High Court copyright case win
Mark Hill quoted in The Times on the Ed Sheeran High Court copyright case win
Caroline Greenwell
Nowhere to hide for greenwashing brands
In the UK, regulators are cracking down, with many companies now at risk of financial and other penalties.
Jamie Cartwright
Weighing up the Plastic Packaging Tax
The Plastic Packaging Tax came into force on 1 April 2022.
Jamie Cartwright
Crunching numbers - Mandatory calorie laws come into force
The Calorie Labelling (Out of Home Sector) (England) Regulations 2021 (the Regulations) are now in force.
Mark Hill
Mark Hill quoted in the Daily Mail discussing Ed Sheeran’s copyright court case win
Mark Hill quoted in the Daily Mail discussing Ed Sheeran’s copyright court case win