AI liability under the Defective Products Directive will fundamentally change the legal framework for software and artificial intelligence in the European Union from 9 December 2026. Directive (EU) 2024/2853 introduces a clear and disruptive principle: software and AI systems are products for the purposes of strict liability.
The European Commission’s latest Digital Omnibus package introduces a significant and much-debated idea: allowing AI training based on legitimate interest, under Article 6(1)(f) GDPR, accompanied by a new Article 88c. The proposal formalises something many expected — that training AI systems or AI models on personal data may rely on legitimate interest as a legal basis.
AI governance is no longer an abstract concept—it has become a core business necessity. In the latest episode of our podcast Legal Leaders Insights, I had the privilege of speaking with Emerald De Leeuw-Goggin, Global Head of AI Governance & Privacy at Logitech, about how companies can balance innovation with compliance in one of the fastest-evolving areas of law and technology.
