ARTICLE
16 January 2026

New German Product Liability Regime: Broader Scope, Potentially Higher Exposure

GT
Greenberg Traurig, LLP

Contributor

Greenberg Traurig, LLP logo
Greenberg Traurig, LLP has more than 3000 attorneys across 51 locations in the United States, Europe, the Middle East, Latin America, and Asia. The firm’s broad geographic and practice range enables the delivery of innovative and strategic legal services across borders and industries. Recognized as a 2025 BTI “Best of the Best Recommended Law Firm” by general counsel for trust and relationship management, Greenberg Traurig is consistently ranked among the top firms on the Am Law Global 100, NLJ 500, and Law360 400. Greenberg Traurig is also known for its philanthropic giving, culture, innovation, and pro bono work. Web: www.gtlaw.com.
Explore Firm Details
The German Federal Ministry of Justice and Consumer Protection (BMJV) has proposed a draft bill revising the German Product Liability Act (ProdHaftG-E)...
Germany Consumer Protection
Carsten Kociok,Ricarda Seifert, and Jurij Müller
Carsten Kociok’s articles from Greenberg Traurig, LLP are most popular:
  • within Consumer Protection topic(s)

The German Federal Ministry of Justice and Consumer Protection (BMJV) has proposed a draft bill revising the German Product Liability Act (ProdHaftG-E), which has been adopted by the Federal Cabinet on December 17 and is currently undergoing the parliamentary legislative process. The draft bill implements the European Product Liability Directive (EU) 2024/2853 and would represent the first major reform of German product liability law since 1989. It is intended to modernize Germany's product liability framework for the digital age, the circular economy, and global supply chains. The bill also aims to facilitate private individuals' enforcement of damage claims.

Expanded Scope of Application

The ProdHaftG-E expands the scope of product liability to include software in addition to physical products. Software is covered regardless of how it is supplied or used – whether installed on a device, accessed via cloud services, embedded as firmware, or functioning as an AI application. The definition also includes connected digital services that are essential for a product to function, such as the navigation service used in an autonomous vehicle. Only open-source software developed or provided outside any commercial activity is excluded from the scope. The draft clarifies that a commercial activity is already assumed where software is offered in exchange for personal data. This means that the open-source exemption applies only in genuinely non-commercial contexts.

Compared to the current law, the ProdHaftG-E significantly expands the group of liable parties:

  • Manufacturers would remain subject to strict, no-fault liability, including those who develop products themselves or have them developed or manufactured. Component manufacturers may also be liable if they have consented to their component being integrated into the final product and if that component caused damage. Components may also include connected digital services, which may extend strict liability to service providers.
  • Anyone who substantially modifies a product (upcycling) becomes liable as a manufacturer. Liability is excluded only if the defect relates exclusively to a part of the product that was not affected by the modification. Thorough documentation of all modifications is therefore essential.
  • In addition to importers and suppliers already covered under current law, so-called fulfillment service providers may also be liable if they perform at least two of the following activities within the EU: storage, packaging, addressing, or shipping. In certain cases, online marketplace operators may also be held liable if they present themselves as offering the product.

Revised Concept of Defectiveness and Manufacturer's Control

A central change in the ProdHaftG-E is the revised concept of defectiveness. Under current law, a product is considered defective if it does not provide the level of safety required by German or EU law or that can reasonably be expected. The draft, however, specifies additional factors that must be considered in the case-by-case assessment of the product, including:

  • the product's self-learning capabilities;
  • safety-relevant cybersecurity requirements; and
  • the reasonably foreseeable effects that other products, which can be expected to be used together with the product, may have.

The general rule remains that defectiveness is assessed at the time the product is placed on the EU market or put into service in the EU. However, the ProdHaftG-E now recognizes that many products – especially digital or connected products – may remain under the manufacturer's control even after hitting the market. In such cases, the relevant point in time is when the product leaves the manufacturer's control.

Under the ProdHaftG-E, a manufacturer retains control if:

  1. The manufacturer, or a third party with the manufacturer's consent, integrates, connects, or provides a component, including software updates or upgrades, or modifies the product; or
  2. the manufacturer is able to supply software updates or upgrades, including via a third party.

Take, for example, a smart TV marketed as hosting a specific video application, which the user must download from a third party's website after purchase. If the ProdHaftG-E passes, the manufacturer may be deemed to have authorized the integration of the service. In this same example, control may not exist merely because the manufacturer enables the technical possibility of integration, recommends certain brands, or does not prohibit potential connected services or components.

Because the ability to provide safety-relevant software updates or upgrades constitutes control under the ProdHaftG-E, the draft effectively creates an indirect obligation for manufacturers to supply such updates or upgrades. Otherwise, they may remain liable for defects that could have been remedied through an update. It remains unclear whether this indirect obligation would end only upon the expiration of damage claims – generally 10 years after the product is placed on the market or put into operation – or whether an earlier end of support would be permissible.

By comparison, the Cyber Resilience Act (EU) 2024/2847 requires manufacturers to provide security updates for at least five years, highlighting a broader regulatory trend toward long-term update and maintenance obligations for digital and connected products.

Recoverable Damage and Liability Exposure

Regarding the scope of recoverable damage, future claims will also cover damage to data not used for professional purposes. However, this applies only to economic loss, such as the cost of restoring data or repurchasing multimedia files. In this respect, the bill partially overlaps with the claim for damages under Article 82(1) of the General Data Privacy Regulation (GDPR). However, the ProdHaftG-E goes further in that it also applies to non-personal data and even where the manufacturer is not the data controller. At the same time, it is narrower because it does not cover non-material damage.

The ProdHaftG-E also removes both the €500 deductible for property damage and the €85 million overall liability cap under the current Product Liability Act. With the ProdHaftG-E's proposed removal of these limitations, even low-value property damage will become fully compensable, and liability in large-scale or serial defect scenarios may be substantially higher than under the current regime. This is particularly relevant for digital and connected products that are widely distributed on the EU market, where a defect may affect large numbers of units simultaneously. For manufacturers, and indirectly also for importers, distributors, and fulfillment service providers, this may increase the potential financial and litigation risk.

Simplified Burden of Proof and Facilitated Legal Claims

The ProdHaftG-E aims to simplify the burden of proof. If courts consider a claim plausible, they may require the defendant (i.e. the manufacturer, importer, supplier, etc.) to disclose relevant technical information, with appropriate safeguards for confidential data. Failure to provide such information results in a presumption of the product's defectiveness.

A presumption also applies if statutory safety requirements were not met, if an obvious malfunction occurred, or – where evidence would be excessively difficult to obtain – if defectiveness and causation are shown to be likely.

Key Consideration for Companies

Companies may wish to act promptly in light of the ProdHaftG-E's proposed expansion of substantive liability, combined with its proposed simplification of enforcement mechanisms. A variety of considerations, like whether a product is defective, which safety expectations are justified, how long safety-relevant updates must be provided, and whether the various presumptions and simplifications of the burden of proof apply will depend on the circumstances of the individual case. Companies may consider reviewing their product development, documentation practices, update strategies, and supply chain structures at an early stage.

The ProdHaftG-E is intended to apply to all products placed on the market or put into service after Dec. 9, 2026. Because the draft bill implements the European Product Liability Directive (EU) 2024/2853, which is largely fully harmonizing, we may see only very limited changes prior to its adoption.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

[View Source]
Authors
Photo of Carsten Kociok
Carsten Kociok
Photo of Ricarda Seifert
Ricarda Seifert
Photo of Jurij Müller
Jurij Müller
See More Popular Content From

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More