Under U.S. law, the answer is clear in principle but complex in practice. Responsibility does not sit with the technology itself, but with the people and organisations using it, exposing employers to increasing risk where AI is deployed without proper oversight.

Who Is Legally Responsible When AI Goes Wrong at Work?

In many cases, the employer is likely to face primary liability exposure where an employee uses AI in the course of their work and that use causes harm.

This reflects the established doctrine of respondeat superior, under which employers may be held responsible for wrongful acts committed by employees within the scope of their employment, although the precise test varies across jurisdictions.

Liability does not automatically rest with the employer in every case. It may shift where an employee acts outside their role, breaches clear internal policies, or uses unauthorised tools.

Responsibility may also extend to third-party providers where the AI system itself is defective or produces misleading outputs.

In practice, courts are likely to focus on who controlled the use of the AI, whether the risk was foreseeable, and whether appropriate oversight was in place.

At-a-Glance Liability Table

Scenario Variation	Likely Liable Party	Why
AI used during normal duties leads to harm	Employer	Within scope of employment
Employee uses unauthorised AI tool	Employee (or shared)	Outside approved conduct
AI-driven hiring creates biased outcomes	Employer	Responsibility for employment decisions
Defective AI system causes harm	Employer + vendor	Shared fault depending on defect

How Liability Is Assessed and Shifted

The use of AI does not create a separate legal framework. Courts continue to apply established principles such as negligence, causation, and scope-of-employment analysis.

A central issue is foreseeability—whether the risks associated with using AI could reasonably have been anticipated.

Employers may also be liable under respondeat superior, meaning responsibility can attach where employees act within the scope of their role.

The presence of AI does not alter that principle, but it can affect how courts assess whether reasonable steps were taken to supervise and verify decision-making processes.

Liability can shift depending on how the AI was used. If an employee deliberately bypasses company rules, for example, by using an unauthorised tool or mishandling confidential data—their conduct becomes a relevant factor.

Even in those cases, businesses may still face exposure if they failed to implement effective controls or oversight.

Responsibility may also extend beyond the employer. Where harm is caused by a defective system or misleading output, liability can involve third-party providers, particularly where contractual protections are unclear.

In many situations, courts may allocate responsibility between multiple parties based on their respective contribution to the harm.

How This Plays Out in Practice

Consider a situation where an employee uses AI-generated content in client communications without verifying its accuracy.

If that content is incorrect and causes financial loss, the employer is likely to face liability exposure because the activity falls within normal business operations and reflects a lack of oversight.

A different outcome may arise where an employee uploads confidential company data into an external AI tool in breach of clear internal policies. In that case, liability may shift, although the employer may still face consequences if governance and controls were inadequate.

Another common scenario involves AI-driven hiring systems. If an automated tool produces discriminatory outcomes, responsibility typically remains with the employer, regardless of whether the system was developed internally or supplied by a third party.

The Equal Employment Opportunity Commission has made clear that employers must ensure that employment decisions comply with federal anti-discrimination laws, including where those decisions are supported by automated systems or external vendors.

Business Risk and Regulatory Exposure

Recent developments highlight how quickly AI is moving into real-world environments. At a White House technology summit, Melania Trump appeared alongside a humanoid robot to promote the use of AI in education, underscoring how these systems are increasingly being positioned within decision-making roles.

The risk is not theoretical. U.S. regulators including the Federal Trade Commission and the Equal Employment Opportunity Commission have made clear that existing legal obligations continue to apply where AI is used, particularly where outcomes affect consumers or employees.

From a business perspective, this creates layered exposure: financial claims, regulatory scrutiny, and reputational damage.

The use of AI can increase the scale and speed at which decisions are made, which may in turn increase exposure where appropriate safeguards are not in place.

Managing AI Risk and Defending Legal Claims

Managing AI-related risk requires treating these systems as controlled tools rather than autonomous decision-makers.

Businesses should establish clear rules governing how AI can be used, ensure staff understand its limitations, and require human review where outputs influence legal or financial outcomes.

Risk assessments should be carried out before deployment, with ongoing records maintained to show how systems are used in practice. Contracts with providers should also clearly allocate responsibility and define performance expectations.

If a claim arises, the focus shifts to evidence of control and oversight. Courts will assess whether the business acted reasonably, whether the risk was foreseeable, and whether appropriate safeguards were in place.

While some claims may settle early where liability is clear, contested cases will turn on how effectively the organisation can demonstrate that it identified, managed, and monitored the risks associated with AI use.