All areas of law need to be adjusted to digitalisation. Also the update of product safety rules is facing the challenge to set up a regime fit for new devices (product+software) and for the control of online distribution chains. Two main developments requiring attention: increasing ‘smartness’ of products and increasing online distribution.
An article by Peter Rott
Whereas online distribution has already been considered with Regulation (EU) 2019/1020 on market surveillance and compliance of products for the so-called harmonised area of sector-specific product safety law, such as the Toys Directive 2009/48/EC, the General Product Safety Directive 2001/95/EC (GPSD) still reflects the pre-digital era. As the latest report of the European Commission on the implementation of the GPSD in the Member States shows, there is legal uncertainty even concerning the application of central concepts of the GPSD on smart products and on software, and Member States have begun to act differently in that regard. For example, only a few Member States apply product safety law to software as such. This disparity does not only jeopardise the free movement of goods, the primary aim of EU product safety law, but also the health and safety of consumers. Therefore, on 30 June 2021, the Commission has tabled a proposal for a General Product Safety Regulation (GPSR) to modernise general product safety law and to align it with the above-mentioned Market Surveillance Regulation (EU) 2019/1020.
While a smart fridge is a product, the classification of software as a product is less obvious even if software may change the characteristics of a product and make a previously safe product unsafe. In addition to that, product safety law focuses on the first placing on the market rather than subsequent developments, which raises questions in regard to self-learning products. According to the Commission, the new proposal clarifies that the GPSR applies to software (although it seems to do so in a fairly hidden way, by using the term ‘item’ in Art. 3 no. 1 GPSR). Moreover, products shall remain safe throughout their lifecycle, which implies that their safety must not be compromised by their evolving, learning and predictive functionalities (Art. 7(1)(i) GPSR).
The GPSD is also unclear in relation to whether cybersecurity is an element of safety and therefore protection is needed against hackers that may, for example, direct a smart car into a tree. Following the example of the new Sale of Goods Directive (EU) 2019/771, the proposed GPSR includes cybersecurity explicitly among the necessary safety features of a product (Art. 7(1)(h) GPSR).
The other big problem is online trade, and in particular direct shipping to consumers from third countries such as China. Member States’ authorities cannot control producers and traders outside the EU; thus, they can only control products when they are imported into the EU. This, however, is excessively difficult as they are now often sent in small parcels rather than in big containers that would arrive at EU ports. Controlling the safety of products that are offered online is difficult even if they are also sold in brick-and-mortar stores where market surveillance authorities can seize them free of charge. Indeed, the seemingly same product sold online has occasionally turned out to be different from its offline counterpart. What remains is mystery shopping, a competence that many market surveillance authorities do not have in the first place and that others cannot exercise, due to limited financial resources.
Online marketplaces that are of utmost relevance in practice, as this is where consumers and traders or producers from outside the EU meet, and they do not play any role in the GPSD of 2001. According to Arts 12 to 15 of the E-Commerce Directive 2000/31/EC, online marketplaces are generally not liable for third party content, unless they are aware of facts or circumstances on the basis of which a diligent economic operator should have realised that the offers for sale in question are unlawful and, in the event of it being so aware, fail to act expeditiously, as the Court of Justice has confirmed in the trademark case of L’Oréal v eBay. Importantly, they are under no duty to monitor the safety of products that are offered through them.
With the proposed GPSR, the Commission wants to strengthen the surveillance of online trade. Art. 4 GPSR clarifies that already an offer on internet that is directed to consumers in the EU qualifies as ‘making available on the market’ in the terms of Art. 3 no. 6 GPSR. In line with the Market Surveillance Regulation (EU) 2019/1020, third country producers must name a responsible person within the EU against whom measures can be taken if needed. Mystery shopping is introduced explicitly, and operators of online marketplaces must, on request of market surveillance authorities, remove specific illegal content referring to a dangerous product from its online interface, disable access to it or display an explicit warning to end users when they access it, provided that the competent authority does not avail of other effective measures.
What remains is the problem of insufficient personal and financial resources that has reduced the effectiveness of product safety law in the past even in rich Member States such as Germany. The envisaged new tasks related to cybersecurity will require specialised staff, and mystery shopping costs money, even if Art. 15 of Regulation (EU) 2019/1020 provides for compensation of all costs if a product turns out to be unsafe.
Interestingly, product safety law now features among the consumer legislation that can be enforced by qualified entities, thus consumer organisations, via representative actions under the new Directive (EU) 2020/1828. Art. 9(1) of that Directive lists as a possible redress measure the obligation of a trader to provide consumers concerned with remedies such as compensation, repair, replacement, price reduction, contract termination or reimbursement of the price paid, as appropriate and as available under Union or national law. Indeed, Art. 35 of the proposed GPSR for the first time provides for consumer remedies in the case of a recall. Consumers shall have the right to repair of the recalled product (possibly through an update), replacement of the recalled product and/or refund of the value of the recalled product. This could lead to partial privatisation of the enforcement of product safety law but would call for financial support for consumer organisations, as foreseen in Art. 20 of the Representative Actions Directive. After all, product safety costs money (current compliance costs for EU companies with the GPSD stand at EUR 1.1 billion per year) but it is worth the price.
Published under licence CC BY-NC-ND.