Automobile and transport systems have been traditionally dumb till the turn of this century. Since the beginning of the 21st century, digitalisation has been implemented in this sector to add intelligence and autonomy to the functioning of the car systems. From air bags and anti-lock brakes to cruise control, collision avoidance and even self-parking technology has been slowly enabling the consumers get attuned to intelligence and autonomy of the car systems.

As an evolution, the next generation of cars are to be completely autonomous and ‘driver’less cars. These cars use information and digital intelligence to navigate in the streets. This was recently seen in the past few year’s interest in the AI controlled cars. Bridging the gap between the digital and physical, this research is being pursued by giants in the various industries of automobile, technology and IT.

One of the primary drives for the increased focus on autonomous cars is that most road accidents are caused by human error. Autonomous cars are said to reduce accidents and increase the safety and security of the passengers, people outside and environment. Data from various sources, show the reduction of accidents due to the presence of autonomous systems in the cars. Hence, a completely autonomous vehicle would be able to reduce or eradicate accidents in the streets.

These cars have differing capacity of autonomous functioning — ranging from short distances, low speeds to complete autonomy. Some of these cars have already been seen on the streets for the purposes of test drive of various prototypes and to obtain public opinion. There have been numerous cases where these autonomous systems have been compromised due to external influences, bugs and issues in the systems and lack of proper intelligence in the systems.

Many researches have shown that these cars can be compromised and hacked to take control. There have also been cases of the AI not detecting or taking relevant measures to avoid accidents. Though these cases have been resolved, it leads to questions and arguments on the responsibility of the car, and environment. There are many variables involved and it is still unclear on how the law will deal with this issue. There is no fixed or standard definition for what an autonomous vehicle mean. Different versions exist and each define it differently. There needs to be a standard definition that is accepted by all. Since autonomous cars extend across the automobile and digital technologies a clear definition would help define its nature and give the right perspective for it.

Driver and Company

The first question that comes to the mind is whether the autonomous car would be considered as a AI robot or as an intelligent car. The key question is who is liable for any incident and takes responsibility? Is it the manufacturer or the programmer or the passenger or other parties involved.

If it is considered a digital solution — it is the software / programmer that is responsible for its operations and ensure proper functioning. But if it is considered to be a car, is the manufacturer responsible for the software that he has installed for the functionality.

One of the cases (link here: http://phys.org/news/2016-03-google-car-crashwho-blame-driverless.html) is about an incident where the car did not identify the possible collision with the bus. So should the passenger be responsible if an accident had occurred, when the car should have predicted and taken measures.

By current measures, the international Vienna Convention on Road Traffic gives responsibility for the car to the driver, saying “Every driver shall at all times be able to control his vehicle”(Vienna Convention on Road Traffic). But accidents can be due to a defect in the car or due to human error. Driverless car technologies come with a warning that they are not insulated from software or design faults. But manufacturers can still be held liable for negligence if there is evidence that an accident was caused by a product defect. (Joseph Savirimuthu, The Conversation)

Software is not without bugs and these can affect how the car performs. Any customisation or interference from the driver with the software can also lead to harm. Establishing liability in these cases can be problematic with shifting and difficulty in identifying the cause for the incident.

For now, the current laws in various countries require the driver to be available at all times irrespective of the technological advancement of the car and its operation. This means that, a licensed driver should be in the driver’s seat and be alert with eyes on road. Until the regulations are updated to fit the new scenario with smart cars, the driver is responsible for any accident or situation that occurs.

Insurance companies welcome the transition to the smart cars, since they believe that smart cars would reduce the number of accidents and be more safe than human drivers. Changes in the liability coverage could be manufacturers, suppliers or possibly even municipalities. After the transition to autonomous driving, insurers would rely more on telematic devices or “black boxes” to view the logs and monitor the various actions. Such devices have the ability to document driver’s behaviour and actions. This raises the concerns of privacy on what kind of data should be logged and shared, in relation to the safety and secure operation.

The increasing trend to use the public transportation and shared transport systems raises the need for ownership of cars. Some trends suggest that with the advent of automated and smart cars, the ownership of cars would be negligible, and most cars would be owned and operated by companies, communities, organisations or municipalities. These would lead to laying the responsibility at the hands of the operator and manufacturer. But until we see increasing number of smart and autonomous cars in the public streets being used by consumers, we can never say which way the ball rolls.

Accountability — in an autonomous era

Changing perspective

The need for a proper perspective is necessary since, this leads to defining the responsibility of the people involved and ensure they are liable. The best comparison that can be made is to the autopilot mode in aircrafts. This mode requires the pilot to be available for any situations requiring split second decisions and emergencies. This would be a suitable crossover reference to the road navigation, except that in road there might be more such situations.

Already laws are being changed to accommodate the increasing trends of autonomous and digitalisation. California State in the United States has already unveiled draft regulations and roadmap on regulating the consumer access to the self driving cars. The current draft is focused on the testing of the cars and regulates the manufacturers with its regulations.

The manufacturers covered by insurance are to maintain a copy of insurance and bond in the cars as a proof of financial responsibility. Further, identification and qualification of the cars and their respective drivers are to be provided, where the drivers are trained to handle such cars. Reporting of accidents and disengagement of autonomous mode are to be reported regularly. This is a first for the future.

Google has shown its displeasure in the strict key elements that there should be a steering wheel, a licensed driver should be available to take over if a failure occurs and log records of operation so that the data can be used to reconstruct an accident. Though there are no comprehensive rules to address this kind of technology, this development by the California’s Department of Motor Vehicles is a landmark in self driving technology.

Another report by the University of Washington — School of Law’s Technology Law and Policy Clinic, lists various recommendations that help in regulating autonomous vehicle. Starting by defining a suitable definition of autonomous vehicle, the report defines categories of vehicle development and compliance, requirements for the public use and mandatory features. It lists the requirements for the car itself, the driver’s qualification and use cases, manufacturing and certification compliance criteria. These are not final version and just a starting point for this discussion.

Protection and Security

Till now we have seen the autonomous car as an automobile and listed its drawbacks in the current legal environment. If we consider the car as a digital device, it raises more questions on the safety and security of car as primary concerns leading to the secondary concerns over the safe use of these cars in the public roads.

The recent technological development has led to most cars to now have atlas 50 separate electronic control units that wirelessly collect data and increase performance. This is a huge vulnerability for hacking or privacy intrusions. Most car manufacturers have not considered such a possibility where the various onboard systems lead to loss of control of the vehicle.

Many experiments have brought to light that its easy to confuse and lead the autonomous car systems astray, leading to paralysing or evasive actions. One example is that using a simple laser, it is easy to trick the lidar systems to detect fake objects around it. This is a possibility that most manufacturers have not considered, as Jonathan Petit explains. With cheap off shelf parts, it is easy to confuse the systems and carry out denial of service attack on the tracking system. Since all the car manufacturers use lidar, this hack has a larger impact on the smart car functionality and usage.

Another example is the case of Jeep where a security hole in the Uconnect internet enabled software enabled hackers to remotely access car’s systems and take control. Though this was not a smart car, this shows the vulnerability of the car systems to the hacking. This hack enables the hackers to take complete control without physical contact, which leads to the question of what can they cause.

Possibilities exist from just killing the ignition to causing accidents and harm to the passengers, other people and surroundings.

The security and protection measures against these situations are inconsistent and nearly 100% of the cars in the market are vulnerable with most manufacturers unaware of the problem. As a result of the increasing awareness and incidents, the Alliance of Automobile Manufacturers and the Association of Global Automakers released a joint statement setting out voluntary privacy protection principles for the industry, and suggested the automaker to collect information as needed for legitimate business purposes.

Automakers have not upheld their end of the deal on ensuring protection for systems installed in the cars that the users have become reliant on. Most drivers and users are unaware about these possibilities and the automakers have not taken measures to ensure their privacy of the data. This is following the vague answers related to the use of private vehicle data. There are no regulations on these data and no one is controlling how the manufacturers are using, involving third parties and retaining these data.

The Future

With increasing digitalisation, autonomous cars are unavoidable. So its just a matter of time before we see them on the streets all around us. Already countries (Germany, UK) are testing these cars in public spaces. Laws need to be in place before they become commonplace and an incident raises the questions of liability, safety and regulations.

Automakers must understand that their vehicles are not just automobile parts or system, but digital networks and take necessary precautions to protect the privacy and safety of the user. Most customers are not aware about this data collection and utilisation and are locked in with their need for the value added features, through which the data is being collected. With more and more companies working on autonomous vehicles, it becomes more necessary for the automakers are regulated on their cyber infrastructure and policies.

Hence it becomes increasingly necessary for the legal systems to come out with regulations and necessary laws that enable the players to be more responsible, more liable and aware of the various requirements and criteria to ensure safety.

References:

1) Vienna Convention on Road Traffic — http://www.unece.org/fileadmin/DAM/trans/conventn/crt1968e.pdf

2) California regulators have unveiled a roadmap and draft regulations to govern the consumer access to the self driving cars. (Links:

A. http://phys.org/news/2015-12-california-self-driving-cars.html#nRlv,

B. http://phys.org/news/2015-05-accidents-involving-self-driving-cars.html

C. http://phys.org/news/2015-12-california-self-driving-cars-driver-wheel.html )

3) Self driving cars and their Impact on Insurance — http://www.iii.org/issue-update/self-driving-cars-and-insurance

4) Google car crash — who’s to blame when a driverless car has an accident?,March 4, 2016 by Joseph Savirimuthu, The Conversation, (Read more at:http://phys.org/news/2016-03-google-car-crashwho-blame-driverless.html)

5) Draft for the Autonomous vehicles — California state — (link to document: https://www.dmv.ca.gov/portal/wcm/ connect/d48f347b-8815–458e-9df2–5ded9f208e9e/adopted_txt.pdf?MOD=AJPERES)

A. Report of Traffic Accident Involving an Autonomous Vehicle (OL 316), Link: https://www.dmv.ca.gov/portal/ dmv/detail/vr/autonomous/autonomousveh_ol316

B. Autonomous Vehicle Disengagement Reports, Link: https://www.dmv.ca.gov/portal/dmv/detail/vr/ autonomous/disengagement_report

6) Autonomous Vehicle Law Report and Recommendations to the ULC, TECHNOLOGY LAW AND POLICY CLINIC, School of Law, University of Washington, Link: https://www.law.washington.edu/Clinics/technology/ Reports/AutonomousVehicle.pdf

7) Hackers can trick self-driving cars into taking evasive action, Link: https://www.theguardian.com/technology/2015/ sep/07/hackers-trick-self-driving-cars-lidar-sensor

8) Tracking & Hacking: Security & Privacy Gaps Put American Drivers at Risk, http://www.markey.senate.gov/imo/ media/doc/2015–02–06_MarkeyReport-Tracking_Hacking_CarSecurity%202.pdf