A year ago, the European Commission introduced two correlated legislative proposals: one on liability for defective products (‘the PLD Proposal’), and another on non-contractual civil liability rules for artificial intelligence (‘the AILD Proposal’). These proposals aim to modernize liability regulations, ensuring individuals harmed by AI systems receive adequate protection. While the PLD proposal extends liability to defective software and clarifies when related products fall under liability rules, the AILD proposal addresses liability claims related to AI systems, introducing procedural safeguards and disclosure requirements. Most significantly, the draft AILD recommends that the burden of proof – to substantiate the non-connection between damage and AI systems - falls on the companies placing such products on EU markets, via a rebuttable legal presumption. This initiative is closely linked to the draft AI Act  because of the definition of Artificial Intelligence and systems and products using such systems. 

While a clear objective is to adapt liability rules to the digital age for persons harmed by AI products or services and enhance consumer protection, it is easily recognized that AI system characteristics (opacity, autonomy, complexity, continuous adaptation, lack of predictability) hinder remedies for harm experienced by end-users. 

While the European Parliament and the Council are negotiating both AI-related initiatives, the European Data Protection Supervisor – as an important stakeholder in the process – has issued its observations on the draft legislation, the EDPS recommendations – as the main EU patron of data privacy – focus on aspects, which are known from and the enforcement experience that of the GDPR. 

EDPS Recommendations:

1. Broader Application of Safeguards: Procedural safeguards in the AILD Proposal should apply universally to all AI system damage cases, regardless of risk classification.
2. Clear and Understandable Disclosure: Providers and users must disclose information in a clear and comprehensive manner, enhancing accessibility for all affected parties. 
3. Clarity on Data Protection: The AILD Proposal should explicitly state that it does not override Union data protection laws, ensuring consistency across regulations. (It is without prejudice to the Union data protection law)
4. Reducing the Burden of Proof: Additional measures should be explored to alleviate the burden of proof for victims, particularly given the complexity of AI systems.
5. Importance of Harmonization: The EDPS emphasizes the need for harmonizing AI liability rules with existing data protection regulations. The alignment ensures a cohesive legal framework, providing comprehensive protection for individuals affected by AI technologies. Coverage for Non-High-Risk AI Systems: the EPDS underlines the significance of extending liability rules to cover AI systems not classified as high-risk. These systems, while posing lower societal risks, can still cause significant harm and should be addressed within the proposed regulations.

Hungary’s Artificial Intelligence Strategy (2020-2030) outlines the establishment of the so-called foundation pillars: such pillars include support for the data economy (ensuring access to public and private data), the set-up of an ecosystem that supports the use of AI-related skills, the availability of software and hardware, and regulations that support further development and innovation. It also defines the so-called transformative programs: long-term points of orientation of strategic relevance to Hungary related to Artificial Intelligence. This includes (energy and agricultural) challenges induced by climate change, the labor market, the relation between citizens and the data-based economy, and the development of a modern digital service provider state.

Certainly, both the EDPS opinion and Hungary’s AI Strategy advocate for clear and transparent regulations in the field of Artificial Intelligence. They both emphasize harmonization of rules and the importance of inclusive coverage, extending liability rules even to non-high risk AI systems. Additionally, they both underline the need for skill development to ensure the responsible and effective use of AI technologies across sectors. On 16 June 2023, the European Parliament passed the text of the proposed AI EU regulation, which is currently in the trialogue process. Once adopted, the AI regulation will be directly applicable and have direct effect also in Hungary. Should the AI related draft directive be adopted, the Hungarian legislator will have to bond by harmonizing existing national legislation within the given deadline. Such changes would undoubtedly mean a period of adoption for companies as well. 

Companies in almost all sectors must keep their eyes on these AI related regulative developments, as the usage of AI has been expanding in many segments of their operations. Therefore, the preparation for a new legislative era is vitally important. In our view, the preparation for AI regulations is not just a compliance matter but it may improve the performance of AI thus the overall effectiveness of the businesses.