HIGHLIGHTS:

  • The transportation industry is on the verge of a major revolution as personal and commercial vehicles transition from incorporating some driver-assisting technologies to actually becoming highly autonomous, self-driving vehicles. To achieve full implementation, however, there are many technical, legal and ethical hurdles that need to be cleared.
  • Automotive companies already have made massive strides with highly automated vehicles (HAVs) in the last few years, and a number of companies have tested prototypes of partially and fully autonomous vehicles.
  • While at the federal level some regulatory structures are being worked out, states have moved ahead to pass laws that allow prototypes of self-driving vehicles to be tested today on public roads. However, the private sector has expressed concerns over the need for federal preemption over the states when it comes to the safety and testing of the vehicle as well as the need to update the current Federal Motor Vehicle Safety Standards (FMVSS).

The transportation industry is on the verge of a major revolution as personal and commercial vehicles transition from incorporating some driver-assisting technologies to actually becoming highly autonomous, self-driving vehicles. Human error results in more than 35,000 fatalities and more than 2.4 million injuries per year on our roadways,1 and the advent of autonomous vehicles and new technologies stand to dramatically reduce these numbers. To achieve full implementation, however, there are many technical, legal and ethical hurdles that need to be cleared.

While the concept of "intelligent" vehicles has been around for more than 20 years, the development of more accurate sensors, artificial intelligence (AI) and machine learning technologies, vehicle-to-vehicle communications (V2V) and vehicle-to-infrastructure communications (V2I) raise a host of cybersecurity, privacy and potential liability issues for every manufacturer and vehicle operator involved in the transportation system. While the issues faced by automotive manufacturers and technology vendors differ from those faced by fleet operators and motor carriers, everyone stands to benefit from the coming developments.

Automotive companies already have made massive strides with highly automated vehicles (HAVs) in the last few years, and a number of companies have tested prototypes of partially and fully autonomous vehicles. These current prototypes generally use a variety of detailed maps, GPS technologies, physical sensors and computers to navigate through their surroundings. These systems have proven to be quite effective when operating within known, defined parameters, but reports suggest they may be prone to failure when faced with real or perceived unexpected crises. There also are documented cases where cybersecurity risks have allowed hackers to take over control of portions of the vehicle and to "confuse" the sensors into "seeing" and "reacting" to things that may not exist. Changing weather conditions (such as fog, rain, smoke or thick snow that covers lane markers) also have confused or blocked sensors. V2V and V2I systems continue to be developed but face many challenges. Those include the regulatory structure needed to support the systems as well as the implementation of systems that must be integrated across many manufacturers and safe from outside interference. When implemented, these systems will allow vehicles within short range of each other to share road experiences, effectively see around corners and obstacles, and possibly avoid intersection and left-turn collisions. Combining these systems with advancing AI technologies truly could revolutionize the transportation industry.

Prototypes of partially autonomous vehicles from one company have driven more than 1.5 million miles on public roads in the United States and have been involved in 14 reported accidents. To date, 13 of these accidents were blamed on human error of other drivers. The other accident was blamed on the HAV hitting another vehicle when trying to avoid road debris. It is unknown whether any of these accidents potentially were avoidable through V2V or V2I technologies or whether the systems used were completely autonomous as the machine-human interface and systems governing the ultimate control of the vehicle in emergent situations are still being refined. There also are a number of challenges that partially and fully automated systems may experience with varying state speed limit laws, road debris, constant construction changes, geographic differences and fine color variations. At least one fatality has been blamed on a semi-autonomous vehicle operating in "autopilot mode." The vehicle collided with a trailer when the camera-based sensor system did not differentiate between the horizon and the all-white trailer. In this instance, systemic differences between the vehicle manufacturer and the sensor manufacturer exemplify the challenges. The vehicle manufacturer stated that the accident may have been prevented if the sensor systems also had incorporated radar technologies in addition to cameras. The sensor manufacturer noted that the vehicle manufacturer should better warn its drivers to stay alert and take over the driving function, if required.

These are the types of issues that the U.S. Department of Transportation (DOT) and the National Highway Traffic Safety Administration (NHTSA) have been considering over the past several years in connection with potential new regulatory regimes for HAVs to ensure the safety of the traveling public.

In September 2016, the NHTSA released a long-awaited policy that Holland & Knight previously discussed that included guidance on autonomous vehicles. The NHTSA also sent a Final Notice for Safety-Related Defects and Automated Safety Technologies to the Federal Register, making it clear that safety issues that result from the use of automated technology, as well as cybersecurity, fit under its existing enforcement authorities. Then, in October, the NHTSA released a document, "Cybersecurity Best Practices for Modern Vehicles." The four-part policy makes clear the DOT's role and oversight of autonomous vehicles, as well as expectations on cybersecurity and privacy issues. At the same time, it suggests that changes to existing authorities may be needed.

The quick advancement by the private sector on autonomous vehicles jump-started a process during the Obama Administration and with Congress as the regulators and key decision-makers focused on how to create a regime that provides guidance to the private sector and addresses areas that the current legal and regulatory regime never contemplated. It is expected that the incoming Trump Administration and the new Congress will continue this focus. The NHTSA and the DOT have asked the private sector for recommendations on how best to update the existing regulatory structure and the current public-private sector approach to work collaboratively should continue. President-Elect Donald Trump's nominee for DOT secretary, Elaine Chao, has a long history with transportation issues. While the new team is expected to review and reassess what has happened to date, consistency going forward is likely.

The DOT also has been consistently clear about the need for strong cybersecurity and privacy components in any automated vehicles (AV) policy and has cited the White House Consumer Privacy Bill of Rights from 2015. While the Bill of Rights refers to "best practices" for cybersecurity rather than mandate specific requirements, it is clear that manufacturers should fully document "all actions, changes, design choices, analyses, associated testing and data should be traceable within a robust document version control environment." On privacy issues, while the Bill of Rights stops short of a specific mandate, it does state that manufacturers "should ensure" seven main pillars: Transparency; Choice; Respect for Context; Minimization, De-Identification and Retention; Data Security; Integrity and Access as well as Accountability.

While at the federal level these regulatory structures are being worked out, states have moved ahead to pass laws that allow prototypes of self-driving vehicles to be tested today on public roads. However, the private sector has expressed concerns over the need for federal preemption over the states when it comes to the safety and testing of the vehicle as well as the need to update the current Federal Motor Vehicle Safety Standards (FMVSS) to accommodate for the changes regarding the use of fully autonomous vehicles.

Many key issues remain unresolved regarding liability and ultimate responsibility for fully autonomous vehicles. While the use of AI underlines all potential technology, ethical issues remain since humans will ultimately be programming the AI systems and dictating how it responds to the same challenges that humans face on the roadways. The issues faced by partial or fully automated vehicles also will be multiplied during what likely will be a lengthy transition period while older vehicles remain in service (including ones that do not communicate with V2V technologies).

Nevertheless, as has been seen with many other safety-related technologies, it is only a matter of time before claims are made for the failure of a vehicle manufacturer or fleet operator to install and take advantage of available accident-avoidance or accident-reduction automated technologies and/or for the failure of those technologies to prevent or reduce the severity of an accident when utilized. Failures in the technology in autonomous vehicles also means the vehicles will have to be able to communicate with human passengers in the event that the human needs to take over control in a crisis. There are a host of liability issues surrounding the use of these technologies and much more work is needed to ensure issues are clearly worked out. Consumers and the range of companies within the transportation system will need to work closely together with the insurance community to structure programs that can meet the needs of all involved.