A Madagascar day gecko clings to a pane of glass

Symbolbild: Engineering/ F&E kritischer Systeme für funktionale Sicherheit (Safety) und Cybersicherheit (Security) Functional Safety: What about Liability?

Time to Read 9 min

A Collection of Questions and Answers on Legal Aspects

As soon as it comes to functional safety, questions of liability arise. What if I as a developer commit a mistake ? Who is liable anyWhat use is the TÜV in this case? And many more....

I am trying to collect answers to these questions with my modest knowledge as an engineer. If you have any additions, other answers or new questions, please contact me by email.

With functional safety, one is actually always at the interface between technology and law. Therefore, engineers and managers should also understand some of the legal background.

The chapters refer to Swiss law, and in some cases also to German or European Union law. Please note: This is not legal advice, please consult your lawyer or a liability specialist.

Here you will find a collection of questions and answers:

Graphical representation of the possible relationship in a project

What are the Terms? A Glossary

The following terms are used in this article:

  • For the network of relationships in a product development project (see also the graphic above):
    • End customer: the natural person who uses the product
    • Manufacturer: the company that places the product on the market for the end customer (B2C)
    • Subcontractor: the company that supplies parts of the product to another subcontractor or the manufacturer (e.g. components, subsystems; B2B)
    • Development service provider: the company that develops part or all of the product for the subcontractor or manufacturer
    • Notified body: the neutral, independent testing body, typically designated by the state ("TÜV")
  • Type of liability
    • Non-contractual: this liability always applies to you, especially if you place products on the market
    • Contractual: you owe contractual liability to your contractual partners
  • Thing/ movable thing: things, movable things are things that can be moved (i.e. not real estate)
    • Software is also considered a thing (especially if it is integrated into a thing ("embedded"))
  • Gross negligence: if someone fails to exercise the necessary care with which the damage could easily have been averted
    • e.g. no 4-eyes principle, i.e. no review
  • Intent: if the damage is caused deliberately
  • Product liability: liability for damages aof the manufacturer for damage caused to the end user as a result of a defective product

What is the Legal Basis?

There are two types of liability: non-contractual liability, which applies whenever you place products on the market. You owe contractual liability to your contractual partners.

Non-contractual liability

For non-contractual liability applies to product liability:

  • The Federal Act on Product Liability (Prodct Liability Act, PrHG)
    • Product: any movable object, even if it forms part of another movable object or an immovable object and electricity
      • Please note: according to the latest EU regulations, software should also be covered by product liability!
  • The Federal Act on Product Safety (Prodct Safety Act, PrSG)
    • Product: movable object ready for use, even if it forms part of another movable object or an immovable object

Liable are the management and the board of directors, even after they have relinquished their mandate.

For general liability:

Here (gross negligence and of course intent) everyone is personally liable. Specifically, for example, if someone does not comply with processes and instructions or standards.

Contractual Liability

Your contracts and the Swiss Code of Obligations (OR) apply here, typically the following types of contract:

  • Sales contract
  • Contract for work
  • Order

How is the Manufacturer Liable?

The manufacturer is contractually liable on the one hand, but more importantly non-contractually liable for functional safety:

  • Product Liability Act: Product liability in principle for every movable item vis-à-vis the end customer if the latter is a natural person
  • Product Safety Act: product liability in principle for every movable item vis-à-vis the end customer
  • Criminal law: for intent and gross negligence

Please note that software, especially embedded software, can/ is also classified as a movable thing and therefore also falls under this liability, including cyber security.

Specifically, this means that the manufacturer's management and board of directors can be held liable if the products they place on the market for end customers ("B2C") are not safe. For employee liability, see "How is the Employee Liable?".

How is the Subcontractor Liable?

The subcontractor is contractually liable on the one hand, but more importantly non-contractually liable for functional safety:

  • Product Liability Act: no product liability, as the customer (manufacturer) is not a natural person ("B2B")
  • Product Safety Act: product liability for products ready for use, e.g. for installation
    • PrSG Art. 2: "...a movable item ready for use, even if it forms part of another movable item or an immovable item. ...is deemed ready for use even if its individual parts are handed over to the recipient for installation or assembly."
  • Criminal law: for intent and gross negligence

Please note that software, especially embedded software, can/ is also classified as a movable thing and therefore also falls under this liability, including cyber security.

Specifically, this means that the subcontractor's management and board of directors can be held liable if the products they place on the market are not safe. For employee liability, see "How is the Employee Liable?".

How is the Development Service Provider Liable?

The development service provider is contractually liable on the one hand, but more importantly non-contractually liable for functional safety:

  • Product Liability Act: no product liability, as the service is not a movable item
  • Product Safety Act: no product liability, as the service is not a movable item
  • Criminal law: for intent and gross negligence

Please note that software, especially embedded software, can/ is also classified as a movable thing and therefore also falls under this liability, including cyber security.

Specifically, this means that the development service providerr's management and board of directors can be held liable if they act negligently. For employee liability, see "How is the Employee Liable?".

What does this mean for Quality Management in Regulated Markets?

The manufacturer is always responsible for quality assurance. He can comply with this responsibility for purchased development services in regulated markets (e.g. medical devices, aviation) in two ways:

  • The service provider has a corresponding process certification (e.g. ISO 13485, DoA (Design Organization Approval), i.e. the corresponding quality management system. In this case, the manufacturer only has to ensure that the certificate is valid and request the necessary documentation for the interface to his quality management system.
  • The service provider does not have process certification. Then the manufacturer must ensure that the process requirements (usually those of the manufacturer's own quality management system) are met, typically with supplier audits.

The first route is of course much easier for the manufacturer.

How is the Notified Body Liable?

In principle, the notified body is contractually liable in the same way as the development service provider, but is more importantly non-contractually liable for functional safety:

The manufacturer is contractually liable on the one hand, but more importantly non-contractually liable for functional safety:

  • Product Liability Act: no product liability, as the service is not a movable item, but see below "Joint Liability for Notified Body"
  • Product Safety Act: no product liability, as the service is not a movable item, but see below "Joint Liability for Notified Body"

Specifically, this means that the notified body's management and board of directors can be held liable if they act negligently. For employee liability, see "How is the Employee Liable?".

A document from the notified body is therefore mainly a marketing issue and can possibly serve as an argumentation aid in the event of a court case.

Joint Liability for Notified Body

Attention: In the "breast implant case" of 2020, a court has ruled that the notified body of the implant manufacturer is liable for the defective silicone oil that was not identified in the audit. According to the judges in Karlsruhe, ensuring the protection of the end customer should not be the sole responsibility of the manufacturer, but also that of the notified body. The notified body has an independent position from its client and serves not only the manufacturer but also the end customer with its testing activities. However, it is still unclear what this case means for Europe-wide jurisdiction.

How is the Employee Liable?

The employee's is primary liability is non-contractually:

  • Product Liability Act: no liability, unless he is a member of the company management, see above
  • Product Safety Act: no liability unless he is a member of the company management, see above
  • Criminal law: for intent and gross negligence

In concrete terms, this means that employees can be held accountable if they act with gross negligence (or worse, intentionally), e.g. if they do not comply with processes or do not carry out a review. They cannot be held accountable for errors, i.e. if they comply with all processes and standards but make a mistake. Otherwise nobody would develop medical devices, airplanes, trains, etc. anymore.

Are Standards Legally Binding?

In principle, standards are not legally binding. Their application is therefore voluntary in principle.

However, there are cases where this is not the case:

  • Standards that are referenced by laws or regulations, e.g. in EU directives, are then non-contractually legally binding.
  • Standards that are mentioned in a contract become contractually binding. Typically, these standards (e.g. ISO 26262) then run through the entire supply chain from the manufacturer (OEM) to the last supplier.
  • In a product liability process, standards are the basis for proof of careful development.
    • This is particularly important because in a product liability case, the injured end customer can claim the reversal of the burden of proof. The end customer only has to prove the occurrence of a damaging event. The manufacturer must then prove careful development, i.e. that the defect could not have been detected according to the state of the art in science and technology at the time the manufacturer placed the product on the market. The standards are at least a (necessary, if not sufficient: see below) definition of the state of the art.
  • The same applies to liability processes under criminal law, although the reversal of the burden of proof does not apply there.

And What about the State of the Art?

There is a ruling ("airbag ruling") by the German Federal Court of Justice, which obliges manufacturers to comply with the state of the art in science and technology. Incidentally, the EU directives do the same, although the exact meaning of the term is not defined.

A ruling by the Federal Constitutional Court ("Kalkar ruling") requires that not only standards, but the state of "current human knowledge" be taken as a reference. In concrete terms, this means that more recent and other sources (proposed standards, conferences, papers...) must be consulted when assessing the state of the art in science and technology...

Andreas Stucki

Do you have additional questions? Do you have a different opinion? If so, email me  or comment your thoughts below!

Author

Comments

No Comments

What is Your Opinion?

* These fields are required

Let us discuss your idea/ your project

+41 (0)44 555 39 00 E-Mail