According to the US Department of Transportation’s recently issued Automated Vehicle Policy, “The development of advanced automated vehicle safety technologies, including fully self-driving cars, may prove to be the greatest personal transportation revolution since the popularization of the personal automobile nearly a century ago.”1 The advancement in these technologies will bring about corresponding changes in the manufacturer-dealer-end-user model.
Under the existing automotive service model, an end user’s relationship lies primarily with an independent dealer, rather than with the automotive manufacturer. This model will need to adapt to a number of changes and pressures resulting from the increasing incorporation of autonomous vehicle technologies. Several factors will sharply increase the pressure on the existing service delivery model to push toward a stronger and lasting connection between the manufacturer and the end user.
These factors include:
(i) the shift to a model of iterative development to ensure adaptability to changing customer needs, evolving regulations and growing cyber threats;
(ii) the need—and, in some instances, regulatory obligation—to keep software current, using secure updates throughout the life of the vehicle; and
(iii) the increasing collection and analysis of vehicle and user data to track and improve performance while remaining compliant with applicable privacy rules, even with a change in vehicle use or ownership.
The Shift to a Model of Iterative Development
As new technology providers enter the automotive market, they bring with them an iterative development approach that facilitates increased speed to market and anticipates continuous product development after the point of sale. This approach anticipates ongoing bug fixes, updates and feature-adding upgrades to meet evolving customer expectations. Yet, this iterative approach will need to be adapted to the automotive industry. Automotive industry players will need to balance the desire for speed to market against the risks associated with the release of technology potentially containing “bugs” or for which anticipated update needs are not fully addressed. In the highly regulated automotive industry, the risks associated with releasing technology too early—where the potential harms include physical injury to persons—include National Highway Traffic Safety Administration (NHTSA) investigations, costly recalls, class action suits and brand damage. Nevertheless, an agile approach seems essential to keeping up with the fast-paced changes in autonomous technologies and addressing consumer demands and safety and cyber issues efficiently through over-the-air updates.
The Need—and, in Some Instances, Regulatory Obligation—to Keep Software Current, Using Secure Updates throughout the Life of the Vehicle
The NHTSA Enforcement Bulletin issued in September 2016 states that failure to provide “secure updates” to a software system, resulting in a safety risk, may be considered a safety-related defect compelling a safety recall. Accordingly, it is incumbent upon vehicle manufacturers to have the ability to efficiently push out software updates and to do so in a secure manner.
In addition, the risk of cyber threats grows as the number of organizations and individuals with rights to access critical vehicle systems increases. Accordingly, a manufacturer wanting to ensure that updates are pushed out in a secure manner, without creating vulnerabilities and in compliance with NHTSA’s direction to provide secure updates, may want to limit who can access vehicle systems to update embedded vehicle technologies. For instance, manufacturers may be incentivized to push out through their own systems end-user updates and upgrades or to do so through their trusted technology providers.
The decision of automotive manufactures to directly—or through their technology providers—push updates to end users may be in tension with so-called “right to repair” laws. While such laws continue to evolve with advancements in technology, they generally require manufacturers to give independent auto repair shops sufficient access to vehicle systems so they can work on all vehicles, regardless of any contractual relationship with the manufacturer.
For dealerships, vehicle service and repairs are important revenue streams. The ability of a manufacturer to directly push updates to a vehicle remotely without going through a dealer will have implications for dealer relations and may force dealers and manufacturers to reassess the terms of their commercial relationship, including the pricing of other warranty and repair work.
The Increasing Collection and Analysis of Vehicle and User Data
As vehicles become more connected, manufacturers will have increased capability to collect vast amounts of data. The data will have tremendous value to manufacturers, as well as to technology providers in each manufacturer’s supply chain.
The types of data that can be collected, and the purposes for which that data can be used, include:
- Event Data Recorder (EDR) Data: Current federal and state legislation efforts are focused on privacy and use of data collected through “event data recorders” or “EDRs.” EDRs generate information in crash events (such as changes in speed or brake application) for a limited period of time just prior to an incident and, accordingly, can be used to investigate accidents.
- Operational Vehicle Data: Operational vehicle data includes information such as vehicle speed, fuel economy, tire pressure and vehicle health reports. Such data can be used as indicators of the need for repair or maintenance and can be used to improve products.
- User Data: User data includes information regarding geolocation, biometrics and driver behavior. User data can be used for machine learning and artificial intelligence applications but can also be used for marketing or other non-vehicle purposes.
- In-Car Services Data: In-car services data includes information such as music listening preferences and telephone call monitoring. As with user data, in-car services data can be used for marketing or other non-vehicle purposes.
- Emergency Call (E-Call) Data: E-call data includes geolocation data and data from emergency telephone call services. This data can used to assist end users in distress.
- Registration/Mobile App/Website Data: This data includes registration data and other information collected through websites and connected devices.
As the ability to collect data increases, the question becomes “Who has rights to the data, and when is end-user consent required for the collection and use of the data?” In the case of EDR data, the answer is currently addressed through legislation. EDR laws require that data collected from motor vehicle EDRs may only be downloaded with the consent of the vehicle owner or policyholder, with certain exceptions. However, this may need to shift in light of NHTSA’s desire for EDRs to collect and maintain data in the event of crash-avoidance and crash incidents involving autonomous vehicles and its desire for a requirement that vehicle manufacturers maintain and report that data to NHTSA so that it can assess the efficacy of the autonomous technologies.
For certain other data, such as user and in-car services data, it seems clear that the data generally constitutes personal data, and accordingly, the best practice would be for end-user consent to be obtained to collect and use the data. For other data, the answer may be less clear. For example, does operational vehicle data constitute personal data? The data—by itself—might not be personally identifiable. However, that data, when combined with other information, such as component information, registration data or other user data, may be easily tied back to an end user. That data may also reveal potentially sensitive information, such as an end user’s driving habits, including their propensity to disregard speed limits.
How will manufacturers get the consent of end users to collect and use data and for what purposes should consent be granted? The need to notify, and obtain consent from, end users is not unique to connected vehicles. However, traditional consent models will need to evolve for the autonomous vehicle industry to take account of the fact that the end user is not necessarily limited to the vehicle owner and may include other drivers and even passengers. How notice is provided and consent is obtained may vary for different forms of data as well as for the different types of end users (e.g., vehicle owners vs. occasional drivers vs. passengers) and could include notice through owner’s manuals or in-vehicle displays and consent through paper or electronic registration forms and use agreements. Furthermore, manufacturers will need to consider the lifecycle of their vehicles and the ways in which notices may need to be updated or altered.
Consideration will also need to be given to the ability of the end user to opt out of data collection and updated technologies. Will users be given the option to turn off collection and/or transmission of such information, and will doing so impact in-car services, the ability of the manufacturer to push out updates and upgrades, and even the operation of the connected vehicle itself? What about new owners if vehicles are resold? How will manufacturers track and accommodate an ever-changing set of consents as the vehicle occupants change and vehicles move through their lifecycles?
Thus, the need to evolve the manufacturer-dealer-end-user model seems inevitable. Manufacturers and their dealers will need to re-examine their business models in light of the need to provide secure over-the-air software updates as well as the need for consent to collect and use data in compliance with privacy laws. Similarly, manufacturers will need to develop and implement ground rules and processes for establishing and building relationships with end users.
See also Evolving Issues for Connected and Autonomous Vehicles and Critical Issues in Supplier Contracts for Connected and Autonomous Vehicles. In these earlier Legal Updates, we noted that vehicle manufacturers, their suppliers and dealers will need to think disruptively for their organizations to effectively participate in the revolutionary changes to personal transportation brought by the development of advanced automated vehicle safety technologies and the potential of fully self-driving cars—while mitigating the risks inherent in such a revolutionary shift.