The European Commission does not plan to renew debate on draft legislation for handling artificial intelligence when it causes harms, citing a lack of agreement as the technology industry has pushed for simpler regulations.
The proposed EU AI Liability Directive was first conceived in 2022, two years before the bloc's landmark AI Act was finalized. The Commission characterized the proposal as aiming to "improve the functioning of the internal market by laying down uniform rules for certain aspects of non-contractual civil liability for damage caused with the involvement of AI systems."
The decision to abandon the proposal was noted in the Commission's 2025 work program, which was adopted 11 Feb. and presented to the European Parliament 12 Feb.
"No foreseeable agreement — the Commission will assess whether another proposal should be tabled or another type of approach should be chosen," the Commission explained in the program's annex.
The decision to move on from the proposed directive was slammed by German Member of European Parliament Axel Voss, who told the IAPP the idea the directive would have created unneeded regulation with the AI Act in place missed its purpose. The directive was a "ex post liability mechanism" only kicking in when harms occurred, versus the AI Act's aim to prevent them.
"Why the sudden U-turn? The answer likely lies in pressure from industry lobbyists who view any liability rules as an existential threat to their business models," Voss said. "Big Tech firms are terrified of a legal landscape where they could be held accountable for the harms their AI systems cause. Instead of standing up to them, the Commission has caved, throwing European businesses and consumers under the bus in the process."
Keller and Heckman Partner Peter Craddock said foregoing debate on the directive is more palatable than having to pull legislation after passage. However, Craddock called attention to how the Commission will now address the directive's intended objective to move toward harmonized liability rules rather than navigating individual laws for each member state.
"Does it mean that there is no recourse for, for instance, victims of discrimination based on the use of an AI system? Of course not, but it is important to look at the national regime," Craddock said. "Even then, though, I like to stress that this does not usually mean massive differences in terms of outcome."
The Commission's move shows a potential shift in approach to address criticisms — recent and long-standing — about the bloc's digital regulatory regime becoming overcomplicated and burdensome.
A Commission press release outlined the work program as a simpler framework to reduce administrative burdens, and "reflects the need for more opportunities, innovation, and growth for our citizens and businesses, ultimately fostering a more secure and prosperous EU." Commission President Ursula von der Leyen committed to "make it easier" for AI market growth during recent remarks at France's AI Action Summit while emphasizing the AI Act brings more straightforward compliance requirements for businesses.
"This is the purpose of the AI Act — to provide for one single set of safety rules across the European Union — 450 million people — instead of 27 different national regulations. And safety is in the interest of business," she said. "At the same time, I know, we have to make it easier, we have to cut red tape."
The summit featured a strong tone focused on investing in and bolstering the EU's AI economy, despite claims of overregulation. The Commission announced billions of dollars in AI investments while U.S. Vice President JD Vance criticized perceived innovation barriers stemming from the EU's digital rulebook, promising the U.S. would "make every effort to encourage pro-growth AI policies."
The EU's broader digital regulatory regime is being applied across the bloc, especially in the context of EU General Data Protection Regulation and the Digital Services Act enforcement. Dottir Partner Otto Lindholm said those regulations are creating an increasingly complex web for companies to comply with, and adding additional regulations does not make those efforts easier.
"When you add together the sheer number of different laws, their vagueness, the split and scattered enforcement frameworks, and unclear codependencies, the mix of all of that is just too complicated, I think. So, the idea of simplifying the gamut certainly feels welcome to me," Lindholm said.
Keller and Heckman's Craddock is having similar conversations about compliance chaos with small and medium-sized clients.
"Sometimes it is the law, sometimes it is the interpretation of the law by a regulator. But if a law's legitimacy starts to get questioned by legitimate businesses, you know something is amiss," he said.
Some think the EU should go further on deregulation. The Computer & Communications Industry Association Europe welcomed the directive's shelving but said it was still concerned by the amount of directives aimed at the digital economy in the work program.
"CCIA Europe urges the executive to review all upcoming pre-agreed legislation and focus on simplifying existing rules. Moving forward, the EU must ensure that any new digital proposals are fully justified, and not driven by institutional inertia," said Daniel Friedlaender, senior vice president and head of CCIA Europe.
But Compliance & Risks Senior Regulatory Compliance Specialist Ani Nozadze, CIPP/E, said the appearance of less rules as a boon to industries may not last.
"I think, even though at first glance deregulation seems positive for innovation, it sometimes creates more regulatory uncertainty and ambiguity, especially in terms of enforcement," she said. "In the EU, it usually also means member states regulating the issue differently, creating a patchwork of regulations which require companies to invest even more in compliance and legal costs, which is particularly burdensome for SMEs. So, in a way, this then affects competition as well."
Caitlin Andrews is a staff writer for the IAPP.
