Digitalisation: EU Parliamentary Committee calls for Product Safety 4.0

On 26 October 2020, the EU Parliament’s Committee on the Internal Market and Consumer Protection, which is responsible, inter alia, for the harmonisation of legislation in the European Union in the area of the internal market, unanimously adopted a noteworthy draft report (2019/2190 (INI)) on product safety in the single market and called for the digitalisation of product safety.

Software updates only after placing on the market

The Committee rightfully calls for the concepts of ‘product’ and ‘safe product’, which are fundamental terms in technical compliance, to be fully reconsidered in order to include new technologies: subsequent software updates can in some cases completely modify the product and also raise new security issues for users and third parties. The Committee stated that it is therefore not only necessary to define them in law as products, as is currently the case only in medical device law. It is also suggested that the time at which a product should be considered safe should also be reconsidered: to date, all European CE Directives have been based on the clearly defined, single point in time of placing on the market. However, it is possible to envisage the need to take account of the entire lifetime of the product because subsequent changes ‘over the air’ cannot be made to the technical design itself, but certainly to the functionality.

Cybersecurity for connected products

The Committee also calls for the cybersecurity of connected devices to be taken into account in the context of product safety. This must be questioned critically, as safety and security aspects have so far been strictly separated for good reasons: Product safety always means the protection of third parties against industrially unintended health hazards. Cybersecurity, on the other hand, concerns deliberate IT vandalism by third parties. There is still much discussion as to whether it should be systematically intertwined with the means of product safety from the manufacturer’s point of view. It is also envisaged that there will be a system of mandatory cybersecurity certification of artificial intelligence products in the future. However, the Committee leaves the details up to the creativity of the European Commission.

Traceability via blockchain

In the case of product recalls, it can be a challenge for the manufacturer to trace the products concerned back to the consumer, especially in the manufacturing supply chain of the components. The Commission is therefore to examine whether blockchain technology could strengthen the traceability of products throughout the supply chain.

There have been various attempts over the past two decades to revise the European Product Safety Directive 2001/95/EC; so far, none of these have borne fruit. A change is expected in particular in view of the continuous development of new technologies in the context of digitalisation, IoT and connectivity. It remains to be seen whether the Committee’s many ambitious proposals will be included in the Commission’s draft.