§IV.1 Where legal clarity exists
For any newcomer to this landscape, the first thing worth saying is that the law on AI-generated harm is not blank. There is legal clarity in several substantial places, and the cases described in Part I are not unfolding into a doctrinal void. The pre-existing structure of tort law, product liability, First Amendment doctrine, and consumer-protection statutes carries forward into the AI context. The work of the courts, in this wave, is to decide how those existing frames apply to AI-output products — and at the trial-court level, that work has begun.
What is clear:
Foundational free-speech doctrine is settled and durable. Brandenburg v. Ohio (1969) — the Supreme Court's incitement standard, requiring that speech be both directed to and likely to incite imminent lawless action before it can be punished — is the foundational filter for any case asking whether a speech-classified output can be the basis for legal liability. Counterman v. Colorado (2023) refined the doctrinal handling of "true threats," holding that the speaker must have at least a reckless awareness of the threatening nature of their statement before liability attaches. Both decisions long predate the current wave of AI-output litigation and do not depend on it. In the AI context they operate as constraints that any speech-classified-output theory must satisfy — and (so far) defendants have not successfully invoked them at the threshold to dismiss product-liability suits, because at least one trial court (Conway, in Garcia, May 2025) declined to classify the AI output as protected speech.
The First Amendment academic line on AI output is well-developed — and divided. Eugene Volokh, Mark Lemley, and Peter Henderson, "Freedom of Speech and AI Output," published in the Journal of Free Speech Law in 2023, is the lead article on the protection side: it concludes that AI-generated output is very likely constitutionally protected, grounding that protection not in any rights of the AI itself but in the rights of the programs' creators and their users (to speak through the tool and to receive its output). On the other side, Peter Salib's "AI Outputs Are Not Protected Speech," in the Washington University Law Review (2024), is the leading rebuttal — arguing that modern AI outputs are not protected speech, the position most consistent with Conway's product-not-speech approach; Austin and Levy's "Speech Certainty," in the Stanford Law Review (2025), express related doubt about treating algorithmic output as fully protected. The Harvard Law Review's "Beyond §230 Principles for AI Governance" (2025), at vol. 138, addresses the adjacent §230 question. What is "clear" here is that the doctrinal frameworks and the leading scholarship exist and are well-mapped; the protection question itself remains genuinely contested.
The product-liability framework, in its baseline form, is settled. Design-defect, manufacturing-defect, and failure-to-warn doctrine in U.S. tort law have a century of development. The contested question for AI-output litigation is not whether the framework exists or how it operates in standard-product cases. It is whether AI-generated output meets the threshold legal definition of "product" — that is, whether the framework attaches at all. Conway, in Garcia, said it does. Whether higher courts will affirm or reject that classification is the open question; the framework itself, once attached, is a known quantity.
The federal-preemption doctrinal frame is clear. Murphy v. NCAA (Supreme Court 2018) is the recent foundational authority on the limits of federal preemption of state law — a relevant frame because federal AI legislation, where it exists or is proposed, may or may not preempt state tort actions of the kind these wrongful-death suits represent. The contested question for AI is which doctrines preempt and which do not; Murphy governs the framework.
Statutory text is what it is. The EU Product Liability Directive 2024/2853 has been adopted (member states have until 9 December 2026 to transpose into local law); Colorado AI Act SB24-205 has been enacted; California SB 53 has been enacted; the federal AI LEAD Act S.2937 is a pending bill with text on the public record. NIST's AI Risk Management Framework is a published document, voluntarily adopted by industry signatories. The contested questions — discussed at §IV.4 below — are how courts, regulators, and labs will interpret and apply these texts. The texts themselves are clear and citable.
GRAD-INTERN — What "doctrinal clarity" means and does not mean
"The law is clear" carries two distinct senses that benefit from disambiguation. Procedural clarity — the doctrinal frame attaches; the standard of review is known; the elements of the cause of action are settled — is what we mean above. Outcome clarity — we know how a particular case will be decided on a particular set of facts — is something we do not have and cannot have until the cases are litigated. Conway is procedurally clear: the product-liability framework attaches at the motion-to-dismiss stage. Conway is not outcome-clear: whether plaintiffs will prevail at trial, whether higher courts will affirm the procedural posture, and whether parallel cases in other circuits will follow remain open. The defense bar's strategy across the wave is to push back on procedural clarity — to argue, in each new matter, that the framework should not attach in this case, on these facts, in this circuit. Settlement of Garcia mooted the appellate test of Conway in the Eleventh Circuit; subsequent matters will produce additional procedural rulings as they reach the threshold stages.
§IV.2 Where legal clarity does not exist
The map of unsettled doctrine is, in some ways, more interesting than the settled portion — because the unsettled portion is where the cases described in Part I will produce the next round of doctrinal rulings.
Section 230 application to generative AI is unsettled and active. The Communications Decency Act §230 has, for two and a half decades, conferred broad immunity on online intermediaries for user-generated content. The Supreme Court's twin 2023 rulings in Gonzalez v. Google and Twitter v. Taamneh declined to substantially reshape the immunity, but did so on grounds that left the post-Gonzalez application of §230 to generative AI — where the "content" is co-produced by the platform's model, not authored by users — open. The Harvard Law Review's "Beyond §230 Principles for AI Governance" article (vol. 138, 2025) argues that the §230 frame does not naturally fit AI-generated output. The Center for Democracy & Technology's commentary and the Journal of Free Speech Law's "Where's Liability" piece pursue related lines. The defense bar in the active matters will argue §230 immunity; the developing trial-court and circuit-court treatment of those arguments will be the next major doctrinal frontier. (Full citations and pin-points to academic and think-tank sources are on file in the pinned corpus.)
The component-part-manufacturer doctrine in AI cases is at the threshold. Conway, in Garcia, kept Google in the case at the motion-to-dismiss stage on a theory that effectively imports component-part-manufacturer liability into the AI context: a foundation-model provider whose model technology underlies a deployer's product can — under the theory — bear liability for harms produced by the deployer's product. Whether that theory survives summary judgment, whether other circuits adopt it, and how it interacts with foundation-model licensing arrangements (most foundation-model providers limit their licensees' liability through ToS provisions) are open. The settlement in Garcia mooted the appellate test in that case.
Failure-to-warn doctrine for AI products is doctrinally underdeveloped. Whether a product-liability failure-to-warn theory applies to AI output, and what the duty looks like — what warning, to whom, presented how — is unsettled. The Raine amended-complaint safeguard-removal allegation creates a related but distinct doctrinal question: whether removing protective behavior from a deployed product can ground a separate cause of action. Both questions have been pleaded, neither has been adjudicated past the threshold stage in any matter we have reviewed. (See K&L Gates "Next Wave of AI Product Liability" and McGuireWoods analysis on defective-product framing — pinned in our research corpus.)
Negligent-design and per-se-negligence theories in the AI context are open. The pleadings name "negligent design" as a separate theory from product liability; whether courts will recognize it as a distinct cause of action with distinct elements (and standards of care that differ from the product-liability framework) is unsettled. Per-se-negligence theories — where violation of a statute supplies the negligence per se — are pleadable under (e.g.) state consumer-protection statutes; the matters described in Part I will test how readily courts accept them.
Preemption doctrine in the federal-vs-state AI frame is contested. Whether (and which) federal AI statutes preempt state-tort wrongful-death actions is unsettled. The federal AI LEAD Act, if enacted, would supply a preemption fight. State-level statutes — Illinois's proposed AI liability shield is the most-discussed industry-favored example — would, if enacted, themselves face state-constitutional challenges and federal-preemption analysis going the other direction. (For framing of the industry contest, see Hoodline reporting on the OpenAI-Anthropic split over the Illinois proposal — pinned in our research corpus.)
Discovery-scope doctrine for AI-lab safety processes is at the threshold. The active matters — particularly Raine, with the safeguard-removal allegation — will produce contests over what AI-lab internal safety-evaluation documentation must be produced in discovery, under what protective orders, and at what stage. Pre-deployment safety review, post-deployment monitoring telemetry, model-card revisions, and red-team reports are all candidate discovery targets. The labs will press hard for protective orders. The motion practice that develops will produce, in time, doctrinal rulings on the scope of discovery into AI-lab safety processes — a frontier-of-frontiers underdeveloped at the access date for this research.
GRAD-INTERN — The pace of doctrinal development is faster than usual, and slower than it looks
A reader new to this landscape is sometimes told that AI law is "moving fast." The accurate version of this statement is more subtle. Statutory enactment is genuinely fast — the EU Product Liability Directive, the EU AI Act, Colorado's SB24-205, and California's SB 53 all reached law within compressed time horizons relative to the pace of federal U.S. legislation. Trial-court rulings, however, take the time trial courts take; they cannot be rushed. As of access date 2026-05-06 the wave of cases described in Part I had produced one notable trial-court ruling at the motion-to-dismiss stage (Conway in Garcia, May 2025), one published Senate testimony (Matthew Raine, September 2025), several active motion-practice contests, and several settlements without disclosed terms. The substantive evidentiary record — depositions, documents, expert reports — has not yet been developed in any active matter past the threshold stage in a way that has reached the public record. The doctrinal acceleration is real but is concentrated in statutory and academic spheres, not yet in adjudicated case-law at the appellate level. The next eighteen-to-thirty-six months are likely to produce the first meaningful appellate rulings in this wave; until they do, what we have is procedural clarity around the framework and substantive uncertainty about the outcomes.
§IV.3 Doctrinal axes (sub-sections)
The remainder of this Part walks the doctrinal axes one by one. Each axis below has its own developed body of pre-AI doctrine, its own AI-specific developments, and its own open questions. We treat the axes separately for clarity; in actual cases, multiple axes are pleaded together.
§IV.3.a Product liability
The product-liability axis is the central doctrinal vector for the consumer-AI wrongful-death wave. The threshold question — whether AI output meets the legal definition of "product" — was answered yes, at the motion-to-dismiss stage, by Judge Conway in Garcia (May 2025). The downstream questions — design defect, manufacturing defect, failure to warn — are then the standard product-liability menu, applied to AI-output products.
Three strands of attorney-side commentary surround the product-liability axis. K&L Gates published a "next wave of AI product liability" analysis tracking the doctrinal developments. McGuireWoods has tracked defective-product framing in AI matters specifically. Winston has tracked the chatbot-as-product framing. Tyson Mendes commented specifically on the Raine matter. (All four are pinned in our research corpus: K&L Gates + McGuireWoods + Winston + Tyson Mendes [pin-d3eea0bb]; commentary URLs are on file in the pinned corpus.)
The Raine amended-complaint safeguard-removal allegation — the assertion that OpenAI removed protective behavior from the deployed product before the decedent's death — interacts with product-liability doctrine in a specific way. Standard product-liability framing examines the product as designed and manufactured at the time of sale. Safeguard-removal converts the framing into a post-sale modification question: did the company change the product after deployment in a way that rendered it more dangerous? Post-sale modification doctrine in standard product-liability law (where the manufacturer modifies a product already in use) has a developed line of authority. Whether a software product that updates over the network maps cleanly onto the post-sale-modification frame, or whether some adapted doctrine is needed, is the open question.
The component-part-manufacturer theory — Google's continuing presence in Garcia — extends product-liability framework upstream, naming foundation-model providers as defendants in matters where deployers built atop their model technology. The doctrine survived motion-to-dismiss in Garcia; whether it survives summary judgment in any matter, whether higher courts will affirm, and how it interacts with foundation-model licensing arrangements are open. (See the non-product-defense pin contents in our research substrate for the defense-side doctrinal counter; full verbatim quotation is on file in the pinned corpus.)
GRAD-INTERN — Why the post-sale-modification angle is doctrinally significant
The standard pre-AI product-liability examination of safety asks: was the product, as designed and manufactured at the time of sale, unreasonably dangerous? An AI product that updates continuously over the network — model weights revised; system prompts altered; deployed behavior tuned — does not fit the "as designed at sale" frame cleanly. The post-sale-modification doctrine fills part of the gap: the manufacturer can be liable for changes that increase danger after sale. But software-product post-sale modification operates at a tempo and scale not contemplated by the pre-network-software development of the doctrine. A meaningful doctrinal innovation around post-sale modification may emerge from the Raine matter, depending on how the safeguard-removal allegation is litigated. The discovery contest will reach (a) the version-history of the deployed model, (b) the safety-evaluation processes attendant to changes, (c) the post-deployment monitoring data, (d) the policy-and-comms papertrail, and (e) the legal-and-compliance review (or its absence). If discovery proceeds to that record, the resulting trial-court rulings on the application of post-sale-modification doctrine to network-updated AI products will become foundational.
§IV.3.b First Amendment
The First Amendment axis is the defense bar's first-best argument against AI-output liability. The argument runs: AI output is speech (whose speech, exactly — the AI's, the deployer's, or the user's — varies by version of the argument), and the First Amendment bars liability for speech outside narrow categories (incitement, true threats, defamation, certain fraud). Therefore, AI-output liability is barred at the threshold.
The argument has been raised in essentially every motion-to-dismiss in the wave. It was, most prominently, raised by Character Technologies in Garcia and rejected by Judge Conway in May 2025. Conway's product-not-speech holding was the first ruling to actually decide the question in a wrongful-death context.
The supporting doctrine on the plaintiffs' side draws on:
- Brandenburg v. Ohio (1969) — incitement standard; speech can be regulated where directed to and likely to incite imminent lawless action.
- Counterman v. Colorado (2023) — true-threats standard; speaker must have at least reckless awareness of the threatening nature of the statement.
- The academic line at §IV.1, on the side that supports the product-classification (not-protected-speech) path: principally Salib ("AI Outputs Are Not Protected Speech," 2024) and Austin-Levy ("Speech Certainty," 2025), with the Harvard JOLT and Journal of Free Speech Law treatments of generative-AI-§230 — arguing that AI output is not the speech of a First-Amendment-rights-holder, that its classification as protected speech does not follow naturally from First Amendment doctrine, and that the product-classification path is doctrinally viable. (Note: Volokh-Lemley-Henderson, the best-known article in this literature, reaches the opposite conclusion — that AI output is very likely protected — and is treated on the defense side below.) (Pin-point citations and full verbatim quotation are on file in the pinned corpus.)
The supporting doctrine on the defense side draws on:
- The general structural priority of First Amendment doctrine over tort law (the constitutional question is decided before the tort doctrine attaches).
- The line of cases historically treating expressive products (films, video games, books) as expressive content carrying First Amendment protection notwithstanding their commercial-product character.
- The pro-protection academic line — led by Volokh, Lemley, and Henderson ("Freedom of Speech and AI Output," 2023), who conclude AI output is very likely protected on the strength of the creators' and users' First Amendment interests. The broader defense-side literature is otherwise less deeply represented in our research substrate than the plaintiff-side line; that depth gap is an acknowledged research gap and a candidate for follow-on research.
The constitutional-and-federalism interaction with the next axis (§IV.3.c §230) creates additional defensive moves: where §230 grants immunity, the First Amendment question doesn't reach the merits. Where Conway's framing prevails (chatbot output as product, not speech), §230 is structurally less likely to apply. The strategic interaction across these axes is part of why active matters present a multidimensional defense problem.
GRAD-INTERN — The academic split and what Conway tracks
The two leading academic positions cut in opposite directions, and it is worth being precise about which one Conway resembles. Volokh, Lemley, and Henderson ("Freedom of Speech and AI Output," 2023) conclude that AI output is very likely protected — not as the AI's own speech, but on the strength of the creators' and the users' First Amendment interests (the user's right to speak through the tool and to receive its output). That is the pro-protection framework, and on its own terms it cuts against a flat product-not-speech holding. Peter Salib ("AI Outputs Are Not Protected Speech," 2024) takes the opposite view: because no First-Amendment-rights-holder is expressing herself when a modern system generates output, the output is not protected speech, which leaves it exposed to the ordinary product-liability menu. Conway's ruling tracks the Salib side of this split: it refuses categorical First Amendment immunity at the motion-to-dismiss stage in a wrongful-death matter and treats the chatbot as a product — while (importantly) not foreclosing a narrower, fact-specific free-speech analysis at later stages. The VLH user-rights point still matters defensively: even where output is treated as a product for liability purposes, a user's interest in receiving AI-generated content can constrain categorical state prohibitions. The doctrine is genuinely contested, and a court could yet adopt the VLH protection analysis on appeal.
§IV.3.c Section 230
Section 230 of the Communications Decency Act has, since 1996, conferred broad immunity on online intermediaries for content authored by their users. The two foundational holdings — that platforms are not treated as publishers or speakers of user content (47 U.S.C. § 230(c)(1)), and that good-faith content moderation does not strip immunity (§ 230(c)(2)) — have shaped the architecture of the consumer internet.
The Supreme Court's 2023 holdings in Gonzalez v. Google and Twitter v. Taamneh declined to substantially reshape the immunity, but did so on grounds (in Taamneh, on aiding-and-abetting analysis under the Anti-Terrorism Act) that did not fully resolve §230's application to generative AI content — where the platform's model is co-author of the output, not merely a passive distributor of user-authored material.
The post-Gonzalez doctrinal frontier is whether §230 applies to generative AI output at all. The arguments:
Defense argument (§230 applies). The model "publishes" output the same way a platform publishes user-content; the platform is not the author; immunity attaches.
Plaintiff argument (§230 does not apply). The model is the author (or co-author) of the output; the immunity statute presupposes a third-party author distinct from the platform; in the generative-AI case, no such distinct third-party author exists.
The academic literature substantially favors the plaintiff argument:
- Harvard Law Review, "Beyond §230 Principles for AI Governance," vol. 138 (2025) — argues §230 does not naturally fit generative-AI output.
- Center for Democracy & Technology, "Section 230 and Its Applicability to Generative AI: A Legal Analysis" — analytical commentary in the same direction. (Pinned in our cross-warehouse corpus at Anthropic Counsel Research WarehouseA.)
- Moody's — §230 analysis from a credit-rating-firm perspective focused on lab risk exposure.
- The Journal of Free Speech Law's "Where's the Liability in Harmful AI Speech?" (Henderson/Hashimoto/Lemley 2023) — locates the liability gap §230 creates if it does apply. (Gold-tier pinned at our AIH research corpus
aih_p5_7_b0_pdfs_r1_warehouse_part1.json; 1089 sentence-level pins.) - The Harvard Journal of Law & Technology article on generative-AI-§230 — pursues the same line.
(All sources pinned in our research corpus; full verbatim quotation is on file in the pinned corpus. Prior-project research substrates on AI-speech doctrine and First Amendment consequences contributed pin contents only; synthesis-document outputs from those prior projects were not used as a synthesis source.)
How courts will resolve §230 application to generative AI is the next major doctrinal frontier the active wrongful-death matters will produce rulings on. As of access date 2026-05-06 we are not aware of an appellate-level ruling deciding the question.
GRAD-INTERN — The §230-as-architecture argument vs the §230-as-shield argument
A subtle distinction worth holding: §230 was historically defended on architectural grounds — without it, platform liability for user-content would chill the open internet. That argument is structural, not categorical. The generative-AI case strains the architectural argument: the relevant "speech" is no longer chilled-content from third parties; it is platform-produced content from the platform's own machinery. The chilling-of-third-party-speech rationale, in the generative-AI case, evaporates — because the third-party speaker either does not exist (the model produced the output unprompted in some material way) or is the user issuing the prompt (whose speech is, separately, protected under First Amendment doctrine independent of §230). What remains, if §230 is extended to generative AI, is shield rather than architecture: protection for the platform from the consequences of its own machine-produced output. Whether that extension is consistent with the statute's text and purpose is the question. The academic line cited above answers no. The eventual circuit-and-Supreme-Court answer is what matters.
§IV.3.d Federal preemption
The federal-preemption axis asks: where federal law and state law both purport to regulate a domain, does the federal law displace the state law? In the AI context the question is concrete: where state-tort wrongful-death actions (Garcia; Raine; the Nov-2025 graduate matter) proceed under state law, can a federal AI statute preempt them?
The doctrinal foundation is Murphy v. NCAA (2018), the Supreme Court's recent foundational authority on the limits of federal preemption — particularly the anti-commandeering principle that constrains how federal law can structure state regulatory action. Murphy is foundational regardless of context; in AI it operates as a constraint on federal-statute drafters who would attempt to displace state tort actions.
The relevant federal AI statutes and proposals:
- AI LEAD Act S.2937 — pending federal bill; statutory text on the public record; would, if enacted, supply a preemption fight depending on its drafted scope. (Pinned in our research corpus from prior research; full verbatim quotation is on file in the pinned corpus.)
- NIST AI Risk Management Framework — voluntary, not preemptive; but cited heavily in industry signatory commitments and as a defensive baseline.
The relevant analysis on the preemption question:
- Computer & Communications Industry Association (CCIA), "$600 Billion AI Abundance Dividend from Federal Preemption of State Laws" (Trevor Wagener, Nov 28, 2025) — industry-favored position on the preemption question.
The preemption fight is asymmetric: industry favors federal preemption (a single regulatory regime, predictable, with fewer venues for tort liability); plaintiff bars favor non-preemption (multiple state forums, state-law tort frameworks intact, broader liability surface). Whether pending federal legislation will be drafted with explicit preemption language and how courts will interpret that language are the open variables.
GRAD-INTERN — Why preemption analysis is doctrinally distinct from substantive AI doctrine
Federal-preemption analysis operates at a different doctrinal layer than the substantive AI questions discussed elsewhere in this Part. Whether AI output is product or speech, whether §230 applies, whether failure-to-warn duties attach — these are substantive doctrinal questions about the application of existing law to AI facts. Preemption is a structural question about which sovereign's law applies to a given dispute. A given case can resolve substantively (the AI defendant prevails on the merits) without ever reaching the preemption question. Conversely, a case can be dismissed on preemption grounds without reaching the substantive questions at all. For the plaintiffs' bar working in this wave, the preemption question is a defensive one: keep state-law forums open, defeat any preemption argument the defendants raise, and let the substantive doctrinal work proceed in state courts. The federal-statutory landscape will determine how much preemption work the defendants can do.
§IV.3.e Failure-to-warn and negligent-design
The failure-to-warn axis attaches once the product-liability framework attaches (per §IV.3.a). The question is whether the company adequately warned users — and, where minor users are foreseeable, parents — about the foreseeable risks of harmful chatbot output.
The doctrinal questions are:
What warning, presented how, satisfies the duty? A label on a settings page does not necessarily satisfy a duty to warn users that the product can produce method-specific suicide content if the user constructs the conversation a certain way. What does satisfy the duty in the AI consumer-product context is unsettled.
To whom is the warning owed? End users; parents of foreseeable minor users; downstream deployers building atop a foundation-model API; secondary users (a spouse, a clinician) who interact with the user. The duty's scope across these populations is doctrinally underdeveloped.
Does failure to warn produce a separate cause of action or a basis for design-defect liability? Both, under standard product-liability doctrine. How the doctrines interact in AI cases is unsettled.
The negligent-design axis is doctrinally adjacent. Negligent-design pleads that the company's design choices fell below the standard of care and that the design proximately caused harm. In the AI consumer-product context this reaches design choices around (a) safety-tuning of the deployed model, (b) content-filter selection, (c) detection-and-intervention behavior on harm-pattern conversations, (d) age-gate enforcement, (e) safeguard maintenance over time (the Raine post-sale-modification frame again).
The Raine amended-complaint safeguard-removal allegation is the central doctrinal lever for failure-to-warn and negligent-design framings to reach beyond design-at-deployment into ongoing operational duty. If the company knew (or had reason to know) that removing protective behavior would foreseeably increase harm-output, and removed it anyway without adequate warning to users (or, perhaps, to anyone), the failure-to-warn and negligent-design theories combine into a particularly potent claim. The discovery the theory reaches — and the proof problems the discovery will produce for both sides — is the litigation frontier.
GRAD-INTERN — Daubert exposure and the unique problem of expert witnesses on AI safety
Failure-to-warn and negligent-design theories typically rely on expert testimony to establish (a) the standard of care, (b) the breach, (c) causation. Daubert v. Merrell Dow Pharmaceuticals (1993) supplies the federal evidentiary standard for expert-opinion admissibility. Expert testimony on AI safety presents distinctive Daubert problems: the field is young, the experts are concentrated in industry positions or academic positions only loosely connected to litigation experience, the methodologies (red-team practices; safety eval; alignment training assessment) are not yet standardized in the way that, say, vehicle-crash reconstruction is, and many of the most-knowledgeable experts work for the labs themselves and have employment-conflict barriers to testifying for plaintiffs. The plaintiff's bar's expert-witness pipeline for AI cases is, as of access date for this research, in active formation. The defense bar will leverage Daubert aggressively — challenging expert qualifications, methodology reliability, and the connection between methodology and conclusions. Daubert doctrine itself is settled; its application to AI-safety expert testimony is at the threshold. This is a frontier-of-frontiers and a candidate for follow-on research.
§IV.3.f Regulatory enforcement
The regulatory-enforcement axis is doctrinally distinct from civil tort, as discussed at §I.5. State attorneys general, federal regulators (FTC; SEC for public-company disclosure issues; FDA for medical-device-classified AI), and EU regulators (under the AI Act and AI Liability Directive) operate under their own statutory authorities, with their own remedial menus.
State AG actions under consumer-protection statutes are the most immediately visible example. The Pennsylvania AG action against Character.AI (alleging unlawful medical practice and consumer-protection violations) is the leading example as of access date. Other state AGs have signaled investigative interest in AI-product matters; what investigations and enforcement actions emerge in the next research cycle is open.
Federal Trade Commission authority under §5 of the FTC Act (unfair or deceptive acts or practices) reaches AI-product representations; FTC has signaled increasing scrutiny of consumer-AI products. Specific action against any of the wrongful-death-named companies as of access date for this research has not been observed in our corpus; FTC press releases and investigative disclosures are a follow-on research candidate.
EU regulatory authority under the AI Act (especially the prohibition on certain manipulation/deception practices and the regulation of high-risk AI systems) and the Product Liability Directive 2024/2853 supplies an additional regulatory track. EU regulatory action against U.S.-deployed consumer-AI products is, structurally, possible — though the cross-jurisdictional enforcement mechanics are layered.
The regulatory track produces consent decrees with public terms, including injunctive obligations reaching product features and operational practices. Civil tort settlements typically produce private terms. The regulatory record is therefore a public-record asset that civil plaintiffs in subsequent matters can leverage.
GRAD-INTERN — Why state AG actions are an underleveraged civil-tort feeder
State AG investigations and enforcement actions produce documentary records — investigative subpoena returns, deposition transcripts, settlement-conference filings — that are public-record (or that become public-record on settlement). Civil plaintiffs in subsequent matters (and even in concurrent matters, where coordination is permissible) can use those records as evidence in their own cases. The structural pattern: the regulatory track does the discovery, the civil track captures the doctrinal advance, and the plaintiff's bar reaches across both tracks. As of access date for this research, the only fully-developed example in the wave is the PA AG matter, which is itself recent. Whether other state AGs follow, whether the FTC follows, and whether EU regulatory action interacts with U.S. civil tort matters are open questions tracked in subsequent research cycles.
§IV.4 Statutory frame
The legislative-and-regulatory landscape around AI runs in parallel with, and sometimes ahead of, the case-law landscape. This section maps the statutory frame as of access date 2026-05-06.
§IV.4.a EU AI Act and EU Product Liability Directive 2024/2853
The European Union's AI Act, adopted in 2024 with phased implementation, regulates AI systems by risk category — banning certain practices (manipulation; social scoring), heavily regulating "high-risk" AI systems (including some used in consumer contexts), and imposing transparency and conformity-assessment obligations on general-purpose AI models. The Act is a regulatory framework, not a tort statute; it operates through regulators and conformity-assessment bodies, with administrative penalties for violations.
The EU Product Liability Directive (PLD; 2024/2853), adopted in October 2024 and repealing the 1985 Council Directive 85/374/EEC, addresses civil-liability questions arising from defective products — expressly including software and AI systems. It creates rebuttable presumptions of defectiveness and causality in cases of technical or scientific complexity, easing plaintiffs' evidentiary burden in cases against AI providers. Member states have until 9 December 2026 to transpose the directive into local law. (Statutory text pinned at our cross-warehouse corpus [Steven_Federal_Preemption W-3 eur-lex_europa_eu_CELEX_32024L2853; 194 KB substantive content]; full verbatim and pin-point citations are on file in the pinned corpus. Note: a separate proposed EU AI Liability Directive — COM/2022/496 — was shelved by the Commission; the PLD now supplies the primary EU civil-liability regime for AI harm per Goodwin Procter, "EU Updates its Product Liability Regime: Important Considerations for Providers of AI Systems and Software," 18 February 2025.)
The interaction between the EU framework and U.S.-deployed consumer-AI products is a cross-jurisdictional doctrinal question. U.S. labs deploying products to EU users face EU regulatory authority on those deployments; products marketed primarily in the U.S. with incidental EU exposure face attenuated authority. Industry commentary has described the EU's regulatory regime as creating a regulatory floor that influences U.S. deployer behavior even where U.S. law does not yet require equivalent practice. (Goodwin Procter, "EU Updates its Product Liability Regime: Important Considerations for Providers of AI Systems and Software," 18 February 2025 — pinned in our cross-warehouse corpus ; analysis observes that the Product Liability Directive expressly extends to software including AI systems, with implications for AI providers' global risk profile and contractual practices regardless of whether U.S. law requires equivalent compliance.)
§IV.4.b Colorado AI Act SB24-205
Colorado enacted SB24-205, effective by phased dates running through 2026, regulating "high-risk artificial intelligence systems" — defined to include consumer-facing AI making consequential decisions. The statute imposes obligations on developers and deployers, including risk-management and impact-assessment requirements. It is a state-administrative statute, not a tort statute; it operates through state regulatory authority. (Statutory text pinned in our research corpus; full verbatim quotation is on file in the pinned corpus.)
The Colorado AI Act is the leading example of state-level AI regulation in the U.S. and supplies a regulatory baseline against which subsequent state legislation has been compared. Industry has alternately favored and opposed the Colorado approach depending on the specific provision; the OpenAI-Anthropic split over related state-level regulation (the Illinois approach; see §IV.4.e) reflects the same fault lines.
§IV.4.c California SB 53
California enacted SB 53, regulating AI safety practices for frontier AI developers — including transparency requirements, safety-and-security plan obligations, and reporting requirements for catastrophic-harm-relevant safety incidents. The statute reaches frontier-lab safety practice directly. (Anthropic published an SB53-compliance framework — pinned in our R1 corpus; statutory text fresh-harvest is a candidate for a follow-on research round.)
SB 53 supplies state-level statutory foundation for the kinds of safety-evaluation and transparency obligations that voluntary industry commitments (RSPs; Frontier Safety Roadmaps) had previously addressed. The statute's interaction with federal preemption questions (§IV.3.d) and with the Raine post-sale-modification doctrinal frontier is potentially significant: SB 53 documentation regimes may affect the discovery contests in active cases, depending on how they are interpreted.
§IV.4.d AI LEAD Act S.2937
The federal AI Leadership in Education and Defense Act (S.2937) is a pending federal bill addressing AI policy in defined contexts. The statutory text is on the public record. As of access date for this research the bill had not been enacted. (Bill text pinned in our research corpus; full verbatim quotation is on file in the pinned corpus.)
If enacted, S.2937 would supply a federal-preemption fight (§IV.3.d) depending on its drafted scope. Pending federal AI legislation broadly is closely watched by both industry and plaintiffs' bars for preemption implications.
§IV.4.e Illinois AI Liability Shield (industry-contest example)
Illinois has been the venue for an industry-contest over a state-level AI liability shield bill, where reporting at the access date for this research observed an OpenAI-Anthropic split: OpenAI favoring the shield, Anthropic opposing or reserved. The industry contest is itself doctrinally informative: it surfaces what industry believes its most-exposed liability surfaces are, and (by inference) what defenses each company expects to need. (See Hoodline reporting on the OpenAI-Anthropic split — pinned in our R1 corpus.)
Whether the Illinois shield bill enacts in any version is open as of access date. State-level AI liability shields, if enacted, themselves face state-constitutional challenges (open-courts-clause analysis under state constitutions; due-process challenges) and federal-preemption analysis going the other direction.
§IV.4.f State-legislation status more broadly
Beyond Colorado, California, Illinois, and Pennsylvania (the regulatory-enforcement venue rather than legislation venue), state-level AI legislation is in active development across most U.S. states. NCSL's AI Legislation Tracker is the standard reference; the version pinned in our research corpus is from 2024 and is therefore stale at access date 2026-05-06. State-legislation-status currency is a known research gap and a follow-on research candidate.
GRAD-INTERN — Statute-as-doctrinal-input vs case-law-as-doctrinal-input
A doctrinal map that focuses primarily on case law underrepresents the role that statutes play in shaping AI litigation. Three structural mechanics are worth holding. First, statutes can create new causes of action (consumer-protection statutes the PA AG matter rests on; the EU Product Liability Directive's rebuttable presumptions of defectiveness/causality). Second, statutes can constrain or expand existing causes of action through preemption, immunity grants (state-level liability shields), or burden-shifting (the EU Directive again). Third, statutes can create documentation regimes (SB 53 transparency and safety-and-security plan requirements; EU AI Act conformity assessments) that reshape the discovery landscape in subsequent civil cases. The case-law-only frame misses all three mechanics. A complete doctrinal map of the AI-harm landscape — like the one we are constructing — must integrate the statutory frame as doctrinal input, not as background context.
§IV.5 NIST AI Risk Management Framework and TEVV
The U.S. National Institute of Standards and Technology published the AI Risk Management Framework (AI RMF) as a voluntary risk-management standard. It is not a statute, not a regulation, and not directly enforceable by any agency. It is, however, a widely-adopted reference baseline that surfaces in industry standard-of-care discussions and in regulatory commentary. (NIST AI RMF text pinned in our research corpus from prior research; full verbatim quotation is on file in the pinned corpus.)
The related "TEVV" framework — Testing, Evaluation, Validation, Verification — appears in CISA documentation and in AI-safety practice documentation generally. CISA published a TEVV-focused document in late 2024 / early 2025; the pin set in our R1 corpus includes an 82-pin source on the TEVV framework. (See CISA TEVV pin set in R1 research corpus; full verbatim quotation is on file in the pinned corpus.)
The doctrinal significance of NIST AI RMF and TEVV lies in their adoption as standard-of-care references. If the lab's internal practices conform to NIST AI RMF and TEVV, the lab can argue (in a subsequent failure-to-warn or negligent-design case) that its practices met the prevailing industry standard of care. If the lab's internal practices do not conform, plaintiffs can argue the inverse: that the lab fell below the prevailing industry standard. The doctrinal weight of voluntary-standard adoption in standard-of-care analysis is well-developed in pre-AI product-liability jurisprudence; in the AI context it operates the same way, with NIST AI RMF and TEVV occupying the role that ANSI standards occupy in many other product-liability fields.
GRAD-INTERN — Voluntary-standard adoption as evidence of industry standard of care
Standard-of-care analysis in tort doctrine examines what a reasonable manufacturer would have done in the circumstances. Industry-wide voluntary-standard documents — ANSI standards in many product domains; NIST RMF in the AI domain — supply evidence of what a substantial portion of the industry has agreed are reasonable practices. Conformity to the voluntary standard is admissible as evidence of due care; non-conformity is admissible as evidence of falling below. Neither is conclusive — voluntary standards do not displace the trier of fact's ultimate determination — but both are weighted heavily in jury instructions and in expert-witness testimony. The labs' adoption of NIST AI RMF (Anthropic, OpenAI, others) is therefore not merely a compliance gesture; it is an evidentiary positioning move that affects later litigation. Plaintiffs' experts in matters reaching trial will examine specifically: did the lab claim conformity to NIST AI RMF or TEVV; did it actually conform; if not, where did it diverge; were the divergences material to the harm complained of. The interaction between voluntary-standard documentation regimes and litigation discovery is a structural force in the doctrinal development of this domain.
Part IV forward-pointer
Part IV has assembled the doctrinal frame the cases of Part I proceed under. The next sections of the site walk the AI ecosystem (Part II) and then step into the per-layer technical-and-legal walks (Part III). The cases give the precipitating questions; the doctrines give the legal vocabulary the answers will be expressed in; the layers (Part III) supply the substrate where the answers will actually unfold — because no doctrinal question is decided in isolation from the technical and operational facts about how AI products are built, deployed, and run.