At a time where digitalisation and online selling are constantly bringing new challenges to consumers, it is no coincidence that EU policymakers are putting consumer protection at the forefront of the European Commission’s (Commission) agenda and are working on updating the existing framework on product safety.
While much of companies’ focus has understandably been on the negotiations on Digital Services Act, which are still ongoing, and the recently agreed Digital Markets Act, extremely relevant discussions are taking place around the Commission’s proposal for a new General Product Safety Regulation (GPSR), which would replace the existing General Product Safety Directive (2001/95/EC) (GPSD).
What does the existing General Product Safety Directive do, and why does it need updating?
The existing GPSD dates back to 2001, after which it was implemented by the various Member States. The GPSD principally applies to consumer products which do not fall within sector-specific safety regulations (such as those governing medical devices or food) or where those regulations don’t cover all safety aspects of the relevant product (in which case, the GPSD fills in the gaps).
The GPSD obliges manufacturers, importers and other producers to:
- place only safe products on the market;
- inform consumers of risks associated with the product; and
- ensure that products are traceable and to notify the relevant authorities if products need to be recalled.
Where they do not do so, Member States can impose fines and other criminal or administrative penalties for breach.
The GPSD also established the RAPEX notification system to allow Member States to share information on potentially dangerous products and recall exercises.
However, the GPSD was not designed to deal with issues which have gained more recognised importance in the last 20 years, such as:
- responsibility for safety in the case of direct-to-consumer sales from outside the EU;
- safety risks posed by software and products involving technologies such as AI, and by cyber threats;
- expanding concepts of what “safety” should mean (e.g. whether this should cover mental health risks posed by products as well as risks to physical health).
Background on the Commission’s proposal for a new GPSR
As outlined in the EU’s Consumer Agenda unveiled in November 2020, the Commission has planned for some time to review the GPSD in order to harmonise the current rules and to ensure that these are adequately dealing with the globalisation of production and retail trade, including through online channels. Against this background, on 30 June 2021, the Commission published its proposal for the GPSR to make sure that dangerous products are recalled from the market. When presenting the initiative, Czech Commissioner for Values and Transparency Věra Jourová said, “Consumers face many challenges, especially in the digital world which revolutionised shopping, services or financial markets. This is why we are stepping up consumer protection [by] putting even stronger rules for product safety in place [and] more responsibility on market players […].”
A key element of the proposal is that the Commission decided to change the legal instrument and move from a Directive to a Regulation, with the aim of providing more legal certainty that would help companies comply with the rules. The proposed GPSR also addresses cybersecurity risks related to new technologies and would introduce the following changes:
- Additional obligations for online marketplaces in order to make sure that consumers do not end up buying dangerous products;
- Reinforced responsibilities across the supply chain, to ensure a level playing field between businesses which operate online and/or offline is guaranteed; and
- More powers granted to surveillance authorities, so that they can face existing problems when it comes to enforcement practices.
Changes to the scope of products covered and of the types of risks that producers would need to guard against may also be on the cards.
What has happened since the proposal was published?
The Commission’s draft proposal needs to pass through the European legislative procedure. The legislative text is currently being scrutinised by the European Parliament, on the one hand, and by the Council, representing the 27 Member States, on the other.
In the European Parliament, the file was allocated to the Committee on the Internal Market and Consumer Protection, and Czech Liberal MEP Dita Charanzová was appointed as the lead MEP. In her draft report, she proposed adding more targeted obligations to online marketplaces but her amendments were not considered ambitious enough by several MEPs, especially those from left-wing political groups. Amendments from other MEPs propose incorporating software as a standalone item to be covered under this piece of legislation, extending its scope to digital products like apps, creating a “European Injury Database” and increasing penalties.
Discussions among Member States in the Council, under the leadership of the French Presidency, have been progressing steadily and it seems like the inclusion of standalone software as a product is gaining traction, as are additional requirements for tech manufacturers, which might be obliged to provide safeguards against the potential misuse of their products. Discussions around economic operators and online marketplaces, however, are on hold, until an agreement is reached on the Digital Services Act, as the Council wants to ensure that obligations are fully aligned.
What are the links with other key EU proposals?
There are clear overlaps with other pieces of legislation that are currently being discussed and negotiated at an EU level. For instance, the Parliament has insisted on “introducing product safety rules for online marketplaces” and “making product recalls more effective” in the Digital Services Act. There seems to be an understanding in the Parliament, however, that GPSR should act as lex specialis when it comes to product safety issues.
There are also other potential overlaps when it comes to addressing cybersecurity risks, since this is one of the key goals of the AI Act presented in April 2021. Other initiatives that are interlinked with the GPSR are changes to the civil liability regime for AI and the potential revision of the Product Liability Directive, which we are expecting to be announced in Q3 2021.
The European Parliament is currently considering all the amendments proposed by MEPs and a vote in the responsible committee is expected to take place in mid-May 2022. In parallel, we expect the Council to agree its position in the coming months. This may enable interinstitutional negotiations (“trilogues”) to commence under the French Presidency. Given the number of amendments currently being proposed to the Commission’s proposal, we do not expect a final agreement on the text until after the summer break. The Commission has proposed that it would become applicable only 6 months after entry into force.
Freshfields is a member of the European Commission’s Consumer Safety Network subgroup on product safety, which is discussing amendments to the GPSR, and we are following developments closely.
Czech Commissioner for Values and Transparency Věra Jourová said, “Consumers face many challenges, especially in the digital world which revolutionised shopping, services or financial markets. This is why we are stepping up consumer protection [by] putting even stronger rules for product safety in place [and] more responsibility on market players […].”