Three new approaches to enforcement of product legislation

Classic product legislation currently reaches its limits in several ways. One is 3D-printing which has been the topic of a separate article1. But the main issue is that the many control systems, be they pre-market or post-market oriented, tend to fail in front of an ever increasing number of economic operators and products and rather decreasing resources of state authorities. This article explores three novel approaches. These approaches can and should be used to complement the classic pre- and post-market verification. Some of them might even become alternatives thereto.

A. New approach 1: Central Product Safety System (CPSS)

1. Despite the many pre- or post-market verification principles, authorities still have difficulties to get full control of what matters: the safety of products and, for some product types, the performance of products. The first new approach explores the possibility of establishing a system which gives authorities control of what matters via data. This new approach requires a set of measures and mechanisms, some of which are already present here and there in certain jurisdictions and sectors:

2. Creation of an (internationally operating) incident reporting body, hereafter IRB. Its main task is to collect and pre-evaluate information about the lack of safety or performance of products. This information goes wider than pure incident reporting. The IRB couldn be an entrusted private, public or semi-public body. There are plenty of possibilities for its financing. Evidently, it can be publicly financed. But it could also be financed by mandatory contributions of the manufacturers or importers of the products. The question of the private, public or semi-public character is to be separated from the financing. All combinations are possible. It is critical that both the legal set-up and the finances should ensure long-term stability and sustainability.

3. Creation of an unequivocal product identification system. The system must implicitly also identify the manufacturer. Behind the system, there must be rules to determine whether a certain modification of a product may be used by the manufacturer to claim a new product (type) identity. To prevent claims of a new product identity aimed at circumventing unpleasant state measures, there must be a rule according to which a new product (type) identity may only be claimed if there is a noteworthy modification. As a rule of thumb, only modifications which may affect safety and performance are noteworthy. On the other hand, where ever a pre-market approval or certification system is applied, there must be limits to the keeping of a product (type) identity. It should not be permitted to claim product (type) identity where noteworthy modifications were made.

4. Mandatory labelling of the internet address of the IRB and of the product identity code. These two elements need to be clearly visible on the products themselves (where possible), their inner, outer and sales packaging and in the instructions for use. The purpose of the two needs to be explained so that all users of the products feel encouraged to report incidents or other safety or performance relevant information to the IRB.

5. Mandatory product registration in the database of IRB. The registration shall also cover crucial safety relevant information, such as the identification of safety relevant crucial components. Alternatively, manufacturers may also post evidence on sales data so as to put the number of incidents in relation to the overall number of products placed on the market thereby providing some context to (need to explain the benefit of providing this information).

6. Via a user-friendly form, the IRB receives incident reports from users and others from wherever the product is sold, thus from many jurisdictions. The IRB is found by the users via the labelling. The individual product can be identified via the product type number attributed by the Product Identification System.

7. IRB processes received data and publicly available data, including data publicly available in social media, with artificial intelligence (AI) software. Thereby, it tries to identify patterns not just for one specific product of one manufacturer, but also for product types, crucial components, coating materials etc. Furthermore, the AI software tries to identify patterns of erroneous use or conscious misuse leading to incidents.

8. IRB transmits data to market surveillance authorities and manufacturers. The IRB transmits in particular:

– non-anonymised data to authorities connected to IRB,

– the non-anonymised data of the specific manufacturer to this very manufacturer,

– anonymised data to manufacturers of the product group so that they are informed on incident trends for the product group in question regardless of whether their own products have been subject of incidents or not.

9. Manufacturers and authorities evaluate data themselves, with or without AI. A mixture of both is likely to be ideal. However, a certain screening with AI has already taken place at the level of the IRB. Hence, there is no need for mandatory use of AI.

10. Manufacturers and authorities enter into dialogue on corrective measures. They may wish to include authorities of other jurisdictions so that the corrective measures are generally agreed upon – the worst are diverging requirements of different jurisdictions.

11. Authorities take enforcement measures where necessary. No enforcement measures are necessary where manufacturers and authorities have agreed upon corrective measures or where corrective measures are disproportionate or almost useless.

12. Authorities inform other authorities linked to the IRB on measures taken and on evaluation. Ideally, they can do so via the IRB itself.

13. The advantages of the CPSS when compared to today’s classic enforcement are manifold:

– The system provides a much broader data basis to authorities;

– Due to the increased data basis, there is a lower likelihood of manufacturers trying to cheat;

– AI detects patterns across manufacturers and even product groups;

– Other jurisdictions contribute and take profit from the system;

– Manufacturers have lower burden by centralised data processing when compared to data processing in many different jurisdictions;

– Measures of central authorities becomes more effective;

– There is less likelihood that deficient products are dumped into not so strong jurisdictions.

14. The CPSS should be introduced, in a first step, by positive incentives such as:

– Dispense from (certain) pre-market certification obligation if CPSS is applied;

– A specific label could indicate that the product takes part in CPSS and thus has a reduced likelihood to be deficient;

– Dispense from reporting obligations under the various jurisdictions.

15. It is also possible to build-in incentives for not cheating. E.g., pre-market certification and other surveillance measures can become mandatory again once that cheating has been detected.

16. Once the CPSS has been well established and the cost-benefit-ratio for all parties can be evaluated, it might be useful to make it mandatory.

B. New approach 2: outsourcing of damage avoidance

1. The European industrialisation in the 19th century created suddenly manifold risks that did not exist before, mainly in relation to machinery. Presumably, it was difficult to assess the manifold risks and to cover them with regulation. Some states reacted by a smart combination of minimally invasive regulatory measures that led to an efficient outsourcing of damage avoidance. They established public or semi-public insurance companies and obliged the owners of factories to sign contracts with these insurance companies or even to become a member of insurance cooperatives. The insurance companies or cooperatives set-up rules mandatory for their clients or members respectively.

2. Based on this historic model which still exists today for certain professional activities, one could imagine the following system:

– Regulation makes liability insurance for risky products mandatory;

– The insurance companies will react to damages by setting-up recommendations or mandatory rules;

– The insurance companies will also supervise the respect of the recommendations or mandatory rules and will react to non-compliance, e.g. by non-prolongation of contracts, by additional fees or by imposing further costly control mechanisms;

– Insurances will probably use the most effective path for risk reduction. When more promising, insurances might use information campaigns for specific risks rather than establishing complicated sets of recommendations or mandatory rules.

3. In particular for new products or risks, the liability insurances might have an interest in sharing their experience and in particular the data on various types of incidents and damages. This common interest might even lead to the joint establishment of specialised institutes that help to develop recommendations or mandatory rules for risk reduction.

C. New approach 3: mutual control systems

1. The OECD has been working with its Member States on enforcement for many years. Enforcement is the “dark art” of today’s regulatory system. Hardly any field on the matrix of jurisdictions listed horizontally and sectors listed vertically, disposes of sufficient enforcement. The lacking enforcement makes things unfair for compliant operators. They have a competitive disadvantage when compared to non-compliant operators.

2. The author has advocated for over a decade, with some success, for alternative enforcement techniques, particularly those involving the help of third parties. The list of alternative enforcement techniques has become longer with his continued research identifying more and more ingenious examples. But still enforcement is on average insufficient in the field of product legislation at least. The deeper reason is probably that the explosion of product types and regulatory requirements to be fulfilled (one and the same product type can be subject to 5 to 10 regulations) make it virtually impossible for authorities to follow, and more so, after human resources shrunk after the 2008 economic crisis. Accordingly, it is no wonder that the author knows several, not at all poor states, where one person is in charge of supervising the conformity of several million product types out of more than 10 product sectors. Guess how efficient this poor public official is.

3. Hence it is time to think of enforcement in another way, beyond that of the 19th century doctrine, “The state shall ensure that …”. A way-out of this impasse is to consider establishing a system in which various actors execute effective control on each other, without the predominant role of administrations. Evidently, one would build in enforcement via third parties.

4. Who are these third parties and how could they, e.g., execute effective control on manufacturers? The following list does not claim to be complete, but might give an insight into the spectrum of control strings that could be integrated in a complex network of control mechanisms:

– Competitors suing at courts;

– Competitors suing at private mandatory arbitrage institutions;

– Distributors suing at courts;

– Distributors suing at private mandatory arbitrage institutions;

– Business associations suing at courts;

– Business associations suing at private mandatory arbitrage institutions;

– Business chambers sanctioning its non-compliant members, combined with mandatory membership;

– NGOs suing at courts;

– NGOs suing at private mandatory arbitrage institutions;

– Specialised public institutes suing at courts;

– Specialised public institutes suing at private mandatory arbitrage institutions;

– Law-firms getting the right to sue on behalf of public interests at courts;

– Law-firms getting the right to sue on behalf of public interests at private mandatory arbitrage institutions;

– Citizens and other product users getting facilitated access to courts in case of damage;

– Citizens and other product users getting facilitated access to private mandatory arbitrage institutions in case of damage;

– Media getting the guarantee of not being sued when reporting on presumably deficient products provided they acted in good faith;

– Blacklisting non-compliant manufacturers by entrusted organisations;

– Organisations entrusted to organise information exchange across jurisdictions to spread news on non-compliance internationally.

5. Similar, but certainly shorter lists of control possibilities could be established for all the other actors relevant for the compliance of products, such as importers, distributors, conformity assessment bodies, and authorities. All these actors could be imagined at the heart fo a spiderweb where many control strings lead to.

6. Under the mutual control system paradigm, the role of the legislator changes. The legislator has to become the engineer of the mutual control system. Based on the situation in the respective sector and jurisdiction, the design of the mutual control system will be different. In some jurisdictions, courts are strong and still have available resources. They are thus best choice. But in others, they have no free work capacity. Hence arbitrage systems might be preferable, though they need to be designed as well.

7. Under the mutual control system paradigm, the legislator cannot simply build on the authorities to enforce. However, authorities might still have a role. In many jurisdictions, they have the monopoly for sanctions and physical enforcement. They might also assume the role of arbiters and maintenance operators in the mutual control system. In many cases, they are the only valuable candidates for running databases with confidential product information.

8. One might wonder whether it is realistic to privatise to such a large extent enforcement. However, already today jurisdictions around the world have already privatised the pre-market conformity control of products, food and services by entrusting private conformity assessment bodies. Jurisdictions have even largely privatised the supervision of these conformity assessment bodies to private accreditation structures. This process took some years, but turned out to be feasible. Why shouldn’t it be possible to go further down this road of privatisation? Certainly, privatisation is not ideal either and triggers a range of problems, namely the risk of unequal application. But the issue of unequal application of law also exists where different authorities are entrusted according to geographic responsibilities. Finally, in case of absence of powerful authorities, privatisation is the only way out.

1 Kohler, M., Decentralised 3D-printing: a regulatory challenge, https://www.howtoregulate.org/decentralized-3d-printing-a-regulatory-challenge/#more-23.

Leave a Reply