Stay in the know
We’ll send you the latest insights and briefings tailored to your needs
The development of connected and autonomous vehicle technology continues to progress at a pace that legislators and regulators are struggling to match. Regulators are looking to develop standards to govern the design, testing and deployment of autonomous vehicles that will promote public safety while not impeding innovation. As described below, among recent developments, US lawmakers have just passed legislation that, if enacted into law, would provide standards for the nationwide introduction of automated vehicles. In addition, the UK government has proposed key cyber security principles for connected and autonomous vehicles and the German government has adopted an action plan to implement ethical guidelines regarding automated vehicles.
Legislation that would pave the way for nationwide testing and deployment of “highly automated vehicles” (“HAVs”) on US roads was passed on Wednesday 6 September by the US House of Representatives, marking the first effort by US lawmakers to impose federal regulation in this fast-moving area. The “Safely Ensuring Lives Future Deployment and Research In Vehicle Evolution Act,’’ or the “SELF DRIVE Act,” would establish the federal government’s primary role in regulating HAV design, construction and performance, and replace the current patchwork regulation at the state level with a uniform system of HAV rules that HAV manufacturers and other stakeholders have sought, and which should enhance the innovation and deployment of HAVs in the US.
Key provisions of the SELF DRIVE Act include:
Clarification of federal and state regulatory responsibilities
The Act puts regulations addressing HAV design, testing, safety and performance squarely under the authority of the US National Highway Traffic Safety Administration (“NHTSA”), the federal agency responsible for road safety in the US, and pre-empts contrary state laws in these areas. This occupation of the HAV field by the federal government would supplant the often inconsistent and contradictory state regulations, which nearly all stakeholders deem an impediment to HAV innovation and testing.
The states would retain authority to regulate HAV registration, licensing, driver education, insurance, inspections and traffic laws, as they do for conventional vehicles.
Updated/new safety standards for HAVs
The NHTSA, within one year, is to issue a regulatory and “safety priority plan” for the development and deployment of HAVs in the US, with safety standard regulations to follow. Within two years, the NHTSA is to require submission of safety assessment certifications by HAV manufacturers reflecting safety-related test results and other data.
More HAV exemptions from current vehicle safety standards
Since current federal motor vehicle safety standards contemplate the presence of a human driver and consequently a steering wheel and brake pedals (among other things), certain HAVs would require exemptions from such standards prior to deployment. Under current law, the NHTSA can exempt up to 2,500 vehicles per year. The Act would increase the exemptions for HAVs, starting at 25,000 in the first year, and gradually increasing to 100,000 HAV exemptions three to four years after the Act takes effect. To secure an exemption, HAV manufacturers would need to show that the “overall safety level [of the HAV is] at least equal to the overall safety level of nonexempt vehicles.”
Cyber security and privacy protections
The Act would require HAV makers to develop a written privacy plan regarding the collection, use, sharing and storage of information about vehicle owners or occupants collected by a HAV or automated driving system, and outlining how owners and occupants of the vehicle will receive notice of this policy. It also would require a written cyber security plan with respect to the practices of the manufacturer for detecting and responding to cyber attacks, unauthorised intrusions and “false and spurious messages and malicious vehicle control commands.” The Act would create the Highly Automated Vehicle Advisory Council, which as part of its mandate would advise on whether the practices introduced by HAV manufacturers are effectively protecting consumer privacy and security.
Consumer education
To promote safety and consumer understanding of HAVs, the NHTSA is to issue regulations requiring HAV manufacturers to inform consumers of the “capabilities and limitations” of a vehicle’s driving automation system or features.
The unanimous passage of the SELF DRIVE Act by the House reflects the broad and bipartisan support for this HAV initiative. Attention now turns to the US Senate, which is expected shortly to consider companion legislation to the Act (which then must be reconciled with the Act before it can be sent to the President for review and approval). Key Senate leaders have previously indicated support for federal legislation that would reinforce the federal government’s primary regulatory role for HAVs while promoting innovation and safety. It remains to be seen whether any Senate legislation would track the House bill, or whether, for example, any Senate action would include larger commercial trucks, which were not part of the Act. While favourable Senate action is not a certainty, HAV manufacturers and related stakeholders can be cautiously optimistic that the US is on the path toward uniform federal HAV regulation.
In August 2017, the UK Department for Transport, in conjunction with the Centre for the Protection of National Infrastructure, published guidance setting out key principles of cyber security for use throughout the automotive sector, the connected and autonomous vehicles (“CAVs”) and intelligent transport systems (“ITS”) ecosystems and their supply chains.
The guidance aims to (i) address the potential risks of hacking and data theft associated with the development of connected and automated vehicles; and (ii) provide all stakeholders, including designers, engineers, retailers and senior level executives, with consistent guidance on cyber security.
The guidance is divided into the following eight key principles:
The publication of this guidance represents a further step by the UK government to regulate CAVs, having previously issued a code of practice for testing CAVs in 2015. The UK government also seems set to tackle the issue of insurance for CAVs, having announced in the Queen’s Speech this year that a new insurance framework will be dealt with in an Autonomous and Electric Vehicles Bill.
In June 2017, the German Ethics Commission on Automated and Connected Driving, which was appointed by the Federal Minister of Transport and Digital Infrastructure, published a report containing the world’s first ethical guidelines for CAVs. The Ethics Commission is led by Dr Udo di Fabio, a former Federal Constitutional Court Judge and Professor at the University of Bonn, and is made up of representatives from law, philosophy, social sciences, technology, the automotive industry and software.
Last month, Germany’s Federal Minister of Transport and Digital Infrastructure, Alexander Dobrindt, presented the report and the German Cabinet has adopted an action plan to implement its findings.
The report sets out 20 ethical guidelines, which will be reviewed after two years of use. Key principles of the guidelines include:
The protection of individuals takes precedence; the licencing of CAVs is not justifiable unless it reduces harm.
A balance must be struck between maximum personal freedom, development and the freedom of others and their safety.
Protecting human life is the first priority and systems must accept damage to animals or property in a conflict if necessary to prevent personal injury.
Technology should prevent accidents wherever practically possible and should be designed so that critical situations (e.g. dilemma situations where a vehicle must “decide” between two evils) do not arise – the spectrum of technological options should be used and evolved.
The “right” decision to make in a genuine dilemma (e.g. deciding between human lives) depends on the particular situation and cannot be standardised or programmed in an ethically sound manner; an independent public sector agency should process the lessons learned.
In the event of an unavoidable accident, any distinction based on personal features (age, gender, physical or mental constitution) is prohibited.
The law must reflect the shift of accountability from individual motorists to system manufacturers and operators and bodies responsible for making infrastructure, policy and legal decisions.
Liability for damage caused by CAVs is governed by product liability principles so manufacturers and operators must continuously observe and improve their systems where technologically possible and reasonable.
Vehicle users should be able to decide whether their vehicle data is forwarded and used.
It must be possible to identify when the system or the driver is responsible (e.g. where the driver can overrule the system); international standardisation of the handover process and its documentation is required.
The software and technology must be designed so that situations of abrupt or emergency handover are avoided and systems should adapt to human communicative behaviour.
In emergency situations, vehicles must be able to enter into a safe condition without human assistance.
The advent of CAV and ITS technology raises a number of novel and challenging ethical questions. There have been calls by a number of stakeholders for these issues to be taken out of the hands of manufacturers and addressed by government. Consistent with its desire to be at the forefront of the development of CAV and ITS technology, Germany is the first country to tackle this difficult issue. It will be interesting to see whether other countries now take up the task and, if so, whether they adopt a different approach.
Partner, Intellectual Property and Global Head of Cyber & Data Security, London
Partner, Australian Registered Foreign Lawyer (Admitted in England & Wales, not admitted in Australia), Melbourne
The contents of this publication are for reference purposes only and may not be current as at the date of accessing this publication. They do not constitute legal advice and should not be relied upon as such. Specific legal advice about your specific circumstances should always be sought separately before taking any action based on this publication.
© Herbert Smith Freehills 2024
We’ll send you the latest insights and briefings tailored to your needs