The case nobody ruled on

In march 2025, a us district court heard a case involving an ai-assisted medical diagnosis tool. The hospital blamed the model vendor. The vendor argued the hospital had fine-tuned the model and was therefore the operator. The case settled before a liability ruling. But the arguments made in that courtroom will define ai accountability law for the next decade.

Why existing frameworks don't fit

Product liability asks: was the product defective? But a language model changes with fine-tuning, system prompts, and retrieval augmentation — it's not a static product. Negligence asks: did someone fail to act with reasonable care? But when a model makes thousands of decisions per second, that's hard to operationalize. Contract law asks: what did the parties agree to? Most llm terms of service explicitly disclaim any warranty on output quality.

Where liability is concentrating

What's emerging from early cases and regulatory guidance is a three-layer distinction: model developer, deployer, and operator. The developer is responsible for the base model's safety characteristics. The deployer — the company integrating the model — is responsible for configuration and guardrails. The operator is responsible for the specific outputs produced for specific users. Liability concentrates at the deployer and operator layer.

What the defense looks like

The deployer's primary legal defense is documentation. Proof that the model was configured responsibly. Proof that the stored output matches what was actually produced. Proof that the log wasn't modified after a bad outcome was discovered. Companies that can produce a tamper-evident audit trail have a fundamentally different legal posture than companies that can't. That's not speculation — it's what the attorneys working these cases are already telling their clients.