4 Major Regulatory Hurdles in the Autonomous Driving Space
By Abhilash Malluru
March 13, 2023
Autonomous driving as a field is booming. As many automotive manufacturers integrate autonomous technologies in their vehicles, fully autonomous cars are becoming a mere stone's toss away.
Regulations for autonomous driving typically focus on two key areas: safety and performance. This article is mostly focused on the regulatory and legislative hurdles regarding safety of automated driving and autonomous vehicles.
1. Liability and Autonomous Vehicles
No means of transportation is without its hiccups. And unfortunately, autonomous driving has had numerous fatal accidents, with eleven recorded in 2022 alone. Currently, all autonomous auto manufacturers are required to report accidents to the National Highway Traffic Safety Administration.
The points of failure in an autonomous vehicle are a little more nebulous, and concerns have surfaced about who is liable in an accident. Since the cars are not fully autonomous, the accident could be from driver carelessness. Or they could be a result of software malfunctions or mechanical failures. As the technology improves and cars become more autonomous, the accident liability will shift toward the manufacturers and developers. There is no clear-cut solution yet, as the issue has yet to mature.
A Problem of Interwoven Pieces
Autonomous vehicles are complex. There's a lot of interconnectivity between the various pieces that power and control them. Some speculate that as liability shifts to developers and manufacturers, it will pose some severe hurdles to overcome per incident.
Those making the AVs must analyze every component of the vehicle and perhaps even divulge the proprietary software suites that power the car while assisting law enforcement.
2. Federal and State Regulations
The first road safety initiatives began years before computer chips ever graced automobiles. Much has changed in automotive technology since, but the regulatory bodies are slower to catch up. Currently, there isn't a wide-sweeping federal regulation governing fully autonomous vehicles.
The NHTSA has made some provisions regarding autonomous vehicles and specific safety feature requirements. This is a positive sign since the safety features that auto manufacturers must include are congruent with autonomous vehicle technologies.
State Laws
Only 43 states out of 50 have legislation regarding automated vehicles. Some are restrictive, while others depend on each vehicle's SAE automation level. Liability insurance factors into most of these laws since every state save Hawaii and Virginia requires it.
The other seven states haven't enacted laws regarding autonomous vehicles, and there is no indication of when legislation might be drafted. Multiple states also require licensure for mandated drivers, adding another logistics drain onto larger fleet deployments.
Federal Laws
The only federal-level agency providing some oversight over autonomous driving is the previously mentioned NHTSA. Federal regulation currently stipulates safety features, not the deployment of large commercial autonomous vehicle fleets. This isn't necessarily bad, but a lack of an overarching baseline may cause future headaches for manufacturers.
Limited federal regulations also mean manufacturers must consider various state laws when developing and deploying autonomous vehicles.
3. Cybersecurity of Autonomous Vehicles
Tech magnates worldwide have bolstered their cybersecurity after hard-learned lessons, including cyber attacks, extreme platform compromises, and significant money lost due to offline systems. Yet the nascent autonomous driving space hasn't fully accounted for their lack of protected systems. And if a server goes down and a vehicle is compromised, the effects would not only be money and time lost but potentially lives.
Despite the technological marvels surrounding AVs, there isn't much cybersecurity support. These vehicles have diverse means of connectivity, leaving many open attack vectors. For example, the Internet of Things (IoT) has long been a highly vulnerable method of communication. Many AVs communicate with smart devices in the home, and security measures haven't yet been fully developed to address potential attacks.
Much could be done to bolster and harden the systems around autonomous vehicles. Encrypted digital transmission has been present in IoT for quite some time. Hardened entry points requiring user authentication could mitigate possible actions and deter bad actors.
A clear and effective incident response to a systems breach is now a necessity, as it provides a blueprint for how to respond to a compromised vehicle.
4. Data Usage and Privacy Concerns
Along with the lack of security, there is the question of what data auto manufacturers collect and how they use it.
We can expect manufacturers to collect performance metrics, but gathering personalized data presents grave privacy concerns. Regulatory bodies have already addressed the data collected in the medical, financial, and educational sectors. So perhaps it's a matter of time before additional regulations develop regarding manufacturers' collection and safeguarding of personal data.
Other concerns arise regarding what the companies do with the data collected from their autonomous vehicles. Location data gives a glimpse at the patterns and lifestyle of the operator of any autonomous vehicle, and it would be a simple step to leverage that data into marketing materials and betray the trust of a potential customer.
Current American legislature regulations regarding data collection could be adapted to provide some degree of security for user data. New legislature and regulations could further impact how manufacturers use the data gathered by AVs.
How to Position Your Enterprise at the Forefront of AD Policies
With all these concerns, how would you move forward?
Here are some steps that you can take to move forward and position your enterprise at the forefront of these policies and regulations.
Liability: Your organization can handle self-reporting, which helps maintain paper trails for all incidents and prepares your staff to respond appropriately to any incidents.
Federal and State Regulations: Maintaining liaisons with regulatory bodies nationwide could benefit your enterprise. It's also best to adhere to good practices and industry-standard software stacks when approaching the development of these platforms.
Cybersecurity: Cybersecurity has many glaring issues, but you could strengthen your organization by adopting some of the principles AI and ML companies use.
Data: Software stacks could and should adhere to ISO standards regarding intelligent transport systems, like ISO 22737:2021. Data usage should be self-regulated, as there aren't provisions for the safest practices concerning the protection of customer data.
Are you looking to integrate standard software solutions for your autonomous driving firm? Digital Divide Data provides data annotation services with SOC 2 Type 2 and ISO 27001 certification.