In February of this year, the National Highway Traffic Safety Administration in the US (arguably, the world’s most stringent automotive regulator) legalised the use of Google’s driverless car. Numerous trials of similar vehicles are taking place around the world, including here in the UK. Whilst there are still regulatory obstacles in many parts of the globe, the world’s automotive regulators have now fully woken up to the fact that the traditional assumption that a human has to be in control of a vehicle can no longer be sustained in the face of ever-advancing technology.

With road to the fully legalised use of driverless cars now opening up, the vehicle industry is set to be transformed by the digital revolution with vehicle manufacturers becoming more like IT companies and with some IT companies such as Google experimenting with the idea of developing and producing their own connected vehicles. Below, we discuss some of the opportunities and risks associated with driverless vehicles.



As our vehicles become fully connected, they are set to become massive mobile computers. It is expected that 90% of all cars sold by 2020 will incorporate some degree of built-in connectivity. All of these vehicles, regardless of whether or not they are fully driverless, will be generating, processing and sending vast amounts of data over the internet and whilst on the move. Perhaps the crucial factor in all of these developments is the fact that the connected vehicles of the future will all be connected to the internet. As such, rather than each vehicle representing a closed computer system, each vehicle will be connected to each other and all manner of external systems and data sources via the internet. This, in turn, gives rise to significant new commercial opportunities and, sadly, new risks. In this new world, all manufacturers of vehicles and automotive components need to be aware of the revolutionary impact of digitisation on their industry as do all companies who will now be able to supply a myriad of new communications and software based applications and services to the automotive sector along with any business which sees the connected car as a new market opportunity.

Some key points to consider will include:


The development and sale of connected vehicles is already opening up a vast array of new commercial opportunities. For example, vehicle manufacturers will need to enter into new contracts with the providers of all manner of applications and IT-enabled components along with the providers of cellular services, platforms, cloud, data centre and data evaluation services which will be needed to support the required connectivity between all connected vehicles. In addition, all connected vehicles will need to be interacting and sharing information with many providers of traffic management services and a plethora of other information services. Also, virtually all providers of mechanical components which are used in the driving of a vehicle will need to invest in the development of electronically enabled components which can be incorporated into the connected vehicles of tomorrow.


Clearly, given the importance of data to connected vehicles, the data protection ramifications are potentially critical. However, as things currently stand, the extent to which personal data needs to be shared between connected vehicles, the vehicle manufacturers and all service providers will require some very careful consideration and, in all likelihood, dialogue with regulators around the world.

Communications Services

Moving on from data protection itself, the manufacturers of connected vehicles will need to consider how they structure their contracts with the providers of all communication services which are required for the connected vehicles to operate. Here, it will be necessary to consider whether the connected vehicle manufacturer becomes the provider of a regulated telecommunications service because of the way in which its contracts with the communication services providers are structured.

In addition, concerns over network black spots will have to be resolved alongside ensuring that our networks can cope with all of the new data that will be shared between connected vehicles. In all of this mix, regulatory notification and compliance issues will need to be considered depending on the contractual arrangements between the manufacturer of the connected vehicle and the communications service provider, as will the related risk and compliance sharing obligations between these companies.


The biggest concerns regarding connected vehicles relate to whether the vehicles are safe to use and how vulnerable they are to cyber security. Whilst vehicles have incorporated computer systems for many years, these systems have been closed systems. However, the connectivity required to make connected cars work opens them up to the internet and, as a result, connected vehicles become the targets of cybercrime. Just imagine the horrors of a connected vehicle manufacturer suffering a cyber-attack which results in all of its vehicles suddenly accelerating, swerving or braking in an unexpected manner. All of this brings concerns and questions regarding:

  1. how to make connected vehicles secure from cyber-attack with particular focus of potential weak spots.
  2. the risk to manufacturers of connected vehicles and systems in relation to potential claims for the death and personal injury of users of their products.
  3. how to comply with ever-increasing cyber security regulations which are likely to vary between countries.
  4. how best to develop and manage systems to mitigate against the risk of data loss, whether as a result of systems design, disaffected staff or cyber-attack alongside well-considered crisis management plans which will help to minimise the concerns of affected users.

Product Liability

Product liability law places an onus on the producer to ensure that their product is safe. This means that the absence of technical regulations governing how driverless systems should work is not, as some might suppose, a barrier to new technology, but in practice means that producers must take on a more onerous burden in ensuring the safety of the products they place on the market. This, in turn, will mean that manufacturers must also take great care to warn consumers of what they need to do to ensure that they remain safe whilst using a driverless vehicle. This, in essence, is no different to any other product. However, the challenge will, no doubt, be how all of the necessary instructions and warnings are communicated whilst the connected vehicles will have to build in significant safety features that will detect any issues with the vehicles’ communications technology.


Many difficult issues remain to be resolved in relation to insurance and who is responsible for any accidents and any associated product liability issues. Much will depend on whether the “driver” is in control. This is clearly the case with a traditional vehicle and will not be the case with a fully connected vehicle. However, there remains much debate over who is at fault in the event that a highly automated vehicle is involved in an accident. The questions become even more complicated when trying to unpick issues of liability between the providers of software and the providers of communications services. There is also considerable debate in the market as to whether the manufacturers of connected vehicles offer (or may even be required by law) to put insurance in place to cover the risks associated with technological defects and cyber-crime.

So what?

Clearly, connected vehicles will become a reality. As companies race to develop these vehicles, much thought will need to be given to how the resulting commercial opportunities are maximised whilst ensuring that all of the risks are considered and managed. This will, in turn, require both dialogue between industry and the regulators alongside the development of driverless systems which are safe to use. Nowhere will all of this be more the case than with the increasing overlap between tomorrow’s automotive, communications and technology industries.