When an AI agent causes harm to a third party: who is responsible?

An artificial intelligence agent acts autonomously. It makes decisions, performs tasks, and produces results, sometimes without any direct human intervention at the moment the damage occurs. The question of responsibility then immediately arises: who is liable for the harm suffered by the third party?

The answer rests on a fundamental principle, too often overlooked by organizations deploying AI systems: artificial intelligence has no legal personality. It can neither hold rights nor bear obligations. Therefore, it can never be held responsible. Responsibility will always fall to a natural person or a company. The question is which one, and on what legal basis.

Why can't AI be held responsible?

Civil liability presupposes the existence of a legal subject. However, an artificial intelligence system, no matter how sophisticated or autonomous, is not one. This observation is not a temporary limitation of the law awaiting adaptation: it is a structural choice, consistent with the entire current legal architecture.

The practical consequence is direct. When an AI agent causes harm, the focus is not on whether the AI acted correctly. Instead, the search is for which natural or legal person, upstream or downstream of the system, committed a fault likely to have caused that damage. General civil liability law applies: fault, damage, causal link (Article 1240 of the Civil Code).

Two actors are particularly exposed: the provider of the artificial intelligence system and its deployer.

The provider's liability: design flaws

Who is the provider and why are they exposed?

The provider is the entity that designs, develops, and places the artificial intelligence system on the market. Their liability may be sought when a defect affects the very design of the system: erroneous or insufficiently diversified training data, absence of appropriate security mechanisms, failure to update in the face of identified vulnerabilities, or non-compliance with obligations imposed by the European Artificial Intelligence Act (hereinafter: AI Act) and the General Data Protection Regulation (GDPR).

One point deserves particular attention: these obligations do not end on the date of placement on the market. The provider remains bound by continuous obligations after the system's deployment. A system initially compliant can engage the liability of its designer if the latter has not maintained this compliance over time. Compliance on the date of placement on the market does not constitute a definitive shield.

The AI Act as a tool for identifying design flaws

Since the entry into force of the AI Act, identifying a design flaw has been facilitated. The obligations imposed on providers regarding technical documentation, risk management, post-market surveillance, and data logging constitute benchmarks from which a victim can establish that a specific obligation has not been met.

The mechanism is comparable to that developed for GDPR violations. Following the judgment of the Court of Justice of the European Union of 4 May 2023 (Case C-300/21), the violation of a regulatory obligation can form the basis for a claim for damages under general law, provided that the existence of harm and an adequate causal link are demonstrated. The same will apply to the obligations under the AI Act. However, a clarification is necessary: the strict liability provided for by the regulation itself does not automatically extend to the scope of Article 1240 of the Civil Code. Fault, as well as harm and the causal link, will need to be demonstrated.

The deployer's liability: misuse

Who is the deployer?

The deployer is the entity that integrates an AI system into its processes or makes it available to end-users. This is often the client company, the service provider, or any organization using a system designed by a third party. Under the AI Act, it is a distinct actor from the provider, subject to its own obligations.

Faults likely to engage their liability

The deployer's liability may be sought when the damage results not from a defect in the system itself, but from the way it was used. Several situations can be identified: use of the system for purposes other than those intended by the provider, absence of adequate human supervision, or unverified adoption of a manifestly erroneous result (hallucination, false reference, deepfake).

The human oversight obligation imposed by the AI Act

The AI Act introduces a principle of human oversight, which is the responsibility of the deployer for high-risk systems. Its Article 26, paragraph 2, requires deployers to assign this oversight to natural persons with the necessary competence, training, and authority. If damage occurs due to insufficient supervision, the deployer's liability may be engaged on this ground.

The absence of human supervision is not merely an organizational failing. It is a fault that can form the basis for a civil liability claim.

Proving Fault, Damage, and Causation: The Evidentiary Challenge

Two Distinct Obstacles: The Autonomy and Opacity of AI Systems

For the victim, establishing the three conditions for a liability claim presents particular difficulties when an AI system is involved.

The system's autonomy creates a distance between human action upstream and the damage observed downstream. The greater this distance, the more difficult it is to identify a specific fault. However, autonomy should not be confused with independence: an AI system remains conditioned by the design choices and usage modalities decided by identifiable human actors.

Opacity represents a distinct and often more difficult obstacle to overcome. The internal workings of an AI system, particularly its machine learning aspect, can be difficult to reconstruct from the outside. This difficulty is especially pronounced for design faults, where the produced result depends on a sequence of complex parameters, often untraceable without internal documentation.

Documentation Requirements as Leverage for the Victim

The documentation and traceability obligations imposed by the AI Act and the GDPR open up concrete evidentiary avenues. These texts compel providers and deployers to maintain continuous documentation: risk assessments, operational logs, data processing records, and supervision policies. These documents can constitute decisive evidence to establish fault or a causal link.

When opacity is such that no document allows for the reconstruction of the causal chain, recourse to presumptions could enable the victim to obtain compensation despite residual technical uncertainty.

FAQ (Frequently Asked Questions)

Can an artificial intelligence be held liable for damage caused to a third party?

No. An artificial intelligence system lacks legal personality: it can neither hold rights nor bear obligations. Liability is always borne by a natural person or a legal entity, according to the general rules of civil liability (Article 1240 of the Civil Code).

What is the difference between the provider and the deployer of an AI system?

The provider designs and places the artificial intelligence system on the market. The deployer integrates it into their processes or makes it available to end-users. This distinction is central to the European AI Act (RIA), which assigns them distinct obligations and determines which party is exposed depending on the nature of the fault committed.

What is a design fault in an AI system?

This refers to a fault committed by the provider during the design or maintenance of the system: biased or insufficient training data, absence of security mechanisms, failure to update, or non-compliance with obligations imposed by the AI Act or the GDPR. These obligations are continuous and do not cease after the system is placed on the market.

Can a user be held liable for damage caused by an AI system they did not design?

Yes. Their liability may be engaged if they use the system for purposes not intended by the provider, if they fail to implement adequate human supervision, or if they adopt a manifestly erroneous result without verification. Article 26, paragraph 2 of the AI Act imposes an explicit obligation of human oversight on deployers of high-risk systems.

How can a victim prove that damage was caused by an AI system?

Proving this is made difficult by the autonomy and opacity of AI systems. Victims can rely on the documentation requirements imposed by the AI Act and GDPR: operational logs, risk assessments, and processing records. In cases of persistent opacity, resorting to presumptions could help establish causality despite technical uncertainty.

Does the European Artificial Intelligence Act (AI Act) create an autonomous civil liability regime?

No. The AI Act does not establish its own civil liability regime. It imposes compliance obligations, the violation of which can, based on Article 1240 of the Civil Code, form the basis for a claim for damages. Its main contribution is to facilitate the identification and proof of faults by requiring continuous documentation from providers and deployers.

How can I protect my organization against damage caused by an AI agent?

Contractualization is the primary lever. It allows for precise definition of the system's authorized purpose, the provider's compliance documentation obligations, the required supervision mechanisms, the distribution of responsibilities between provider and deployer, and the compensation conditions in case of system failure. A preliminary legal analysis helps identify the specific risks for each configuration.