Liability Questions in the Context of AI

Why Does This Need to Be Discussed?

Discussing the liability questions surrounding AI systems is of paramount importance because these technologies are having an ever-greater impact on our lives and on various areas of society, including the economy, healthcare, and the legal system.

Clarifying liability helps prevent abuse, ensures lawful and ethical application, and promotes the maintenance of public trust. Moreover, the establishment of appropriate regulatory frameworks makes it possible to harness the benefits of the technology while minimizing the potential harms and injustices that may arise from erroneous or discriminatory AI decision-making.

Despite the fact that this topic is of particularly great significance, legislation has not necessarily caught up with reality. Under current Hungarian law: AI (i.e., the algorithm itself) qualifies as a copyrightable work, and no special liability provisions apply to it. Since it is not a “product” in the legal sense (notwithstanding that proposals supporting such classification can already be found in the Hungarian legal literature), product liability rules cannot be applied to it. Neither the Hungarian Copyright Act (Szjt.) nor any other statute contains specific provisions on artificial intelligence. The copyright questions relating to AI systems are addressed in greater detail in the next instalment of this article series.

In the absence of specific regulation, the general civil law liability rules apply, namely:

in contractual relationships (practically, between the developer and the operator, and between the operator and the user) — contractual liability for damages;
in non-contractual relationships (for example, between the developer and the user) — general tortious liability.

What Are Legislators Doing?

The current, less-regulated situation is, however, changing. A directive is currently in the EU legislative process that will specifically govern these cases. The legislative process for the Directive on non-contractual civil liability rules for artificial intelligence (AI Liability Directive) is not moving particularly quickly — the Commission’s proposal has still not been placed before the Parliament — but since it is likely to represent the future of this legal framework, it is worth for operators and/or users of AI systems to familiarize themselves with these rules and to bear them in mind in their own procedures.

It is important to note that the proposed AI Liability Directive is a directive, as opposed to the directly applicable AI Act discussed earlier; national legislators will therefore have somewhat greater flexibility in implementing the legislation, though this is unlikely to affect the new regulation’s structure or substantive elements.

The aim of the proposed directive is to harmonize non-contractual civil liability rules applicable to harm caused by AI systems. The directive would not define the concept of AI itself, but would instead refer to the general AI definition contained in the AI Act. The same is true of several key concepts used in the directive (e.g., “high-risk AI system” or “user”) — which it does not define independently, but which reference the definitions in the AI Act. This legislative approach appears sound, as it ensures consistent use of terminology in this area, including at the EU level. The new rules would apply to harm caused by AI systems, regardless of whether those systems are classified as high-risk under the AI Act.

The AI Liability Directive covers non-contractual civil liability rules — that is, rules that provide a claim for damages regardless of whether a contractual relationship exists between the injured party and the person liable. The rules would ensure that any type of injured party (individual or business) could obtain compensation if they suffer harm — harm that qualifies as such under national law (e.g., harm to health, property, privacy, reputation, etc.) — as a result of the fault or negligence of a provider, developer, or AI user. The directive would not affect existing rules set out in other EU legislation, meaning it would need to be applied in a strictly supplementary manner in areas where no specific rule exists.

The most significant innovation of the directive is the causal presumption it seeks to introduce. The legislation would establish a causal presumption that would make it easier for injured parties to successfully assert claims for damages in cases of harm caused by AI systems. The draft establishes a rebuttable causal presumption whereby a causal link between the fault of the AI system and the harm that has occurred is presumed, provided that a breach of a duty of care under EU or national law is proven. For high-risk AI systems, the presumption would apply automatically, while for lower-risk systems it would apply only where the court considers that proving the causal link would be excessively difficult. The directive’s aim is to reduce the burden of proof given the complexity of AI systems, while the defendant can rebut the presumption by proving that their fault did not cause the harm. This approach also supports AI innovation by not reversing the burden of proof entirely.

The other significant innovation is the obligation to disclose evidence. The large number of people involved in the development and operation of high-risk AI systems makes it difficult for injured plaintiffs to identify the responsible party and prove their claim for damages. The directive would therefore empower national courts to order the disclosure of evidence relating to AI systems, helping victims identify those responsible. Companies would be required to disclose specific documentation and logging data pursuant to court orders. Requests must be addressed to parties who have obligations under the AI Act, and the plaintiff must make a proportionate effort to obtain the evidence. Courts must take into account the legitimate interests of the parties and the protection of trade secrets when ordering disclosure. If the defendant fails to comply with the court-ordered disclosure of evidence, the court may presume that the evidence would have served to prove a breach of the duty of care, though the defendant may rebut this presumption.

The changing landscape of AI liability rules represents a significant step toward the safe and ethical use of technology. The new directive would not only make it easier for injured parties to assert claims for damages, but would also ensure that developers and operators of high-risk AI systems are held accountable for any harm they may cause. This strengthens the protection of victims and increases trust in AI systems — which is indispensable for the innovations of the future and for the social acceptance of the technology.

In the next and final instalment of this series, you can read about copyright questions arising from the use of AI.

Professional mentors: dr. András Bencsik (ELTE Faculty of Law), dr. Bernadett Bocsi (Retail Client Tribe IT Chapter), and dr. Laura Bikki Kovácsné (Innovation Tribe)

The AI Act and the Financial Sector

What Counts as AI?

Is AI Ethical?