No doubt you have heard plenty in recent years about the development of the autonomous car – how a handful of states have passed laws regarding vehicle testing and Google’s (its stand-alone autonomous car subsidiary is now known as Waymo) early testing adventures. Since those early steps, hundreds of companies, thousands of people and billions of dollars are currently being spent on bringing the various subsystems together in a cohesive retail offering available to the American motorist in the next several years. While it’s not possible to detail all the efforts going on around the world to this end, I can give you a bird’s eye view on the important issues and a few of the organizations that are having a direct impact on this evolving industry.
The Beginning – About two years after Google first started experimenting with self-driving cars (2011), the National Highway Traffic Safety Administration (NHTSA) within the US Department of Transportation issued the first guidelines for states to use when considering the regulation of these vehicles within their states. That document also identified five (5) levels of vehicle autonomy – with Level 0 being fully manual to Level 4 which would be considered to be fully autonomous. Five states and the District of Columbia became early adopters. At the time, the guidelines were only a good beginning. NHTSA would issue more comprehensive standards.
General Guidelines – In September 2016, NHTSA issued a 116-page document titled Federal Automated Vehicle Guidelines in which the agency sought to establish a foundation and a framework upon which future Agency action will occur. The document also was designed to serve as guidelines for manufacturers, developers, and interested third-parties – as well as state and federal regulators. Across the industry, there is consensus that a major challenge to the successful implementation of autonomous vehicle technology across the United States is the lagging regulatory apparatus. Currently, it is the states that are grappling with the many different issues that the autonomous vehicle presents. As a result, regulation is more of a patchwork than a comprehensive package of consistent requirements and expected outcomes.
NHTSA is working with a number of stakeholders which includes state transportation officials and the Society of Automotive Engineers (SAE) to attempt to address this thicket of issues. Together they are working on what is called Model State Policy – a package of rules and regulations that can be adopted by state transportation departments and voted into law (as needed and required) by state legislatures to assure consistent laws and administrative guidelines.
Under the Vehicle Safety Act of 1966, Federal law expressly preempts States from issuing any standard that regulates performance if that standard is not identical to an existing FMVSS (Federal Motor Vehicle Safety Standard – these regulate the automotive industry and issued by NHTSA by its authority under the act). The Supreme Court has also found that State laws may be preempted if they stand as an obstacle to the accomplishment of a NHTSA safety standard.
However, NHTSA also discusses in the document its limitations with respect to its rule-making authority when considering the new regulatory “tools” it will need to react to fulfilling its purpose to ensure public safety on the nation’s roads. It is important for both Federal and State-specific rule-making and legislation to occur in order for the autonomous car to be readily available to the public. But NHTSA did not stop there.
Cybersecurity Guidelines – NHTSA has also issued guidelines regarding vehicle cybersecurity last October. Titled “Cybersecurity Best Practices for Modern Vehicles”, this 22-page document provides general and automotive industry cybersecurity guidance, as well as an in-depth discussion of fundamental vehicle cybersecurity protections. While the document is considered to be “non-binding guidance” by the Agency, NHTSA admonishes the automotive industry that “Nevertheless, motor vehicle and motor vehicle equipment manufacturers are required by the National Traffic and Motor Vehicle Safety Act, as amended, to ensure that systems are designed free of unreasonable risks to motor vehicle safety, including those that may result due to existence of potential cybersecurity vulnerabilities.” In fact NHTSA has already issued a cybersecurity safety recall of over 1,400,000 vehicles in 2015 to correct such a vulnerability.