Levelling the playing field for the driverless car: Part I

Barring an unforeseen development, such as a devastating economic downturn, an accident or other mishap that turns public opinion against the self-driven car or some technical issue that would make its continued development prohibitively expensive, a Level 3 version of the autonomous could be on the market by 2020.

In the SAE International’s definition of the stages of automation, that is a vehicle in which the driver “does not need to monitor the dynamic driving task or the driving environment at all times [but] must always be in a position to resume control.”

According to Aria Etemad, senior project manager for automated driving at Volkswagen Group Research and project coordinator of AdaptIVe, though some monitoring would still be required, that stage would represent “a huge step up from Level 2”, where the driver must constantly monitor the driving performance and the environment.

Currently, several cars on the market are equipped with systems that allow Level 2 driving in certain low-speed driving situations, such as in traffic jams. Forecasts vary but many analysts say the fully autonomous car, in which no driver is required in any driving situation, could be launched as early as 2030.

Interestingly, Etemad is not convinced that the car will ever reach full automation, or SAE Level 5. “We still don’t know if the car will be able to do everything that the driver does today, such as go off-road or drive at different speeds on all road types and under all weather conditions,” he says. “For instance, Google test their driverless cars up to 25mph and not more. They also have difficulties with adverse weather conditions such as snow, owing to sensor limits or the sensor is ‘blind’.”

But, regardless how autonomous the car ultimately becomes, in addition to transforming the way we travel in cars – as connectivity-related innovations such as real-time traffic data, GPS and usage-based insurance have already done – the evolution of the automated car will disrupt the entire automotive ecosystem. Carmakers will gradually change into service providers, auto insurance may become a form of property insurance, as risk evolves from the driver to the vehicle, and every moving object on and near motorways will be connected to the vast network through which vehicles communicate with each other, the road infrastructure, pedestrians, pets and prams.

Because the objective of this technology is to gradually transfer control of life-critical systems from a human driver to the ‘computer on wheels’, clear standards that define functions and performance parameters have become more necessary than ever. Lives are at stake, so these standards must be strict and strictly enforced, while at the same time allowing carmakers and other OEMs room to experiment and innovate.

Standards for Liability

For the development of the industry, nowhere are standards more important, and more difficult to define, than in the areas of liability and privacy. Regarding the former, Stephan Appt, a partner at the law firm Pinsent Masons Germany, says that liability currently depends to some extent on local laws. “It is not entirely harmonised yet.”

However, we will possibly see “a single liability standard eventually,” Appt says. “There is interest in Europe to have a harmonised liability law. We already have it on product liability laws which are based on a European Directive, a harmonised standard. National parliaments had to enact laws to implement these European standards into local laws.”

According to German law, he notes, a driver is liable if he or she acted at least negligently. “If he is not acting at all, as would be the case in a fully autonomous car, if he is a passenger and is not required even to monitor the vehicle, you cannot argue that he is negligent,” he says, “unless it was apparent that the autonomous car was defective and should not have been operated in the first place.”

As the cars on the road evolve towards full automation, from driver only, through the various stages of automation – assisted driving, partial automation, conditional automation, high automation and, possibly, full automation –“there will be a shift of liability from the driver to the [car] OEM,” Appt says.

In the final stage, when there is no driver, an accident can only occur if one or the other car involved in a crash has a defect. Or, Appt points out: “To what extent an MNO’s network failed and did not deliver data for a car to keep the right distance, for example.”

He points out that, currently, laws are in force that limit the liability of an MNO for pecuniary losses to €12,500 per end user or, in case several end users are affected, to an aggregate sum of 10M euros, which then will be distributed pro rata. “This means that if there is a big outage and all the cars on the road crash, the telecoms are liable for only €12,500 per user,” Appt says. “This makes sense for mobile telephony, since not much damage can occur with a connectivity outage affecting a simple telephone conversation. It will be interesting to see if this will still be adequate for connectivity powering connected cars or the internet of things in the wider sense.”

But the MNO or the carmaker might not be last in the chain of liability. “It could be that a certain part delivered by a Tier 1 is faulty,” he says. “So liability gets passed through the supply chain.”

In this case, contracts between carmakers and suppliers will play a crucial role, Appt explains. “[Car] OEMs have powerful positions. As a result, they typically can require Tier1s to accept extensive liability obligations”, thus reducing their own legal exposure.

And there is the possible scenario in which a fault in the connected infrastructure deployed by a local authority or community – say, a red light or stop sign – causes an accident. “In this case, the local community, for example, would be liable in the first instance,” Appt explains. “Then, in the second instance, the city might sue the supplier of the faulty system or part.”

But simply because the car no longer needs a driver does not mean that the owner of the vehicle is no longer liable. “Currently there is also the liability of the car owner which applies regardless of whether the owner was driving the car or not when the accident occurred,” he says. “Operating one’s car in the streets contributes a certain risk. So, whoever suffered the damages can raise claims against both the driver and the car owner and, ultimately, their insurer.”

He notes that carmakers have put forward a plan that calls for all stakeholders to put money into a fund to pay damages in cases where it cannot be established who was responsible for the accident. This seems a sensible idea since, on the one hand, automated driving involves a complex collaboration of stakeholders and, on the other, it will occasionally be difficult to assign fault in an accident.

“An accident involving a ‘smart’, or connected, car and a ‘dumb’ car would make for an interesting scenario,” Appt says. “And even in an accident with two ‘smart’ cars it will be a difficult task to establish which system failed or if the telecom operator failed. To establish what happened, you probably need a black box recording the data of what happened in case of a crash, such as the mandatory event-data recorders in the United States.”

Standardising Data Use and Privacy

The use of event-data recorders (EDR) raises another potentially difficult issue, data privacy, which will ultimately be subject to a standard more rigorous than the current EU Data Protection Directive, which was adopted in 1995. After three years of apparently intense negotiations, the EU has now taken steps to tighten data protection, while seeking to form a single digital union of all 28 member states.

According to recent media reports, in June all EU members agreed to a set of tough new regulations that would be harmonised across the entire Union. It would see the creation of a single European framework for personal privacy and the handling of data.

The pan-European framework was initially proposed by the European Commission in 2012 but agreement has been difficult to reach. The new proposals, such as a contentious clause that would allow users to sue companies who process and collect data, still need to be debated and approved before they become law, a process that will take at least three years.

According to Appt, EDRs have storage systems that constantly record data. “In case of a crash, this data is frozen and can be read by [car] OEMs or repair shops,” he says. “This raises very real privacy concerns because without using anonymization tools and privacy by design, it will typically need to be qualified as personal data as it can be linked to the car owner via the vehicle identification number. You can establish who owns the car, which means that these data sets which appear to be technical are actually personally identifiable and, therefore, subject to privacy laws.”

This also raises an issue that has been a matter of intense debate since the advent of connectivity: who owns the data and who will be entitled to extract it from a vehicle? This controversy, explains Appt, involves two legal concepts: one, does the car owner actually "own" the data or can he only foreclose third parties from accessing the data carrier, the car; and, two, does the car owner have the right to allow a third part to take data from the car that can be linked to other people, such as the driver (if someone else was driving) and the passenger, a question subject to privacy laws.

The first legal concept is wrong, he says, because “there is no ownership of data, only ownership of the carrier of the data.” However, if you caused an accident and your car is equipped with an EDR [event data recorder], your own property would potentially establish your fault, helping your legal opponent and the police. “In this context the general legal principle that no one is bound to incriminate himself is being discussed among legal experts,” Appt says.

In the second case, where a car owner allows someone else to take data involving other people, privacy laws must be observed, he maintains. “They can argue that this invades my privacy, so stay away, rather than it’s my property, so stay away.”

Some people have raised a question about the mandated pan-European emergency response system eCall, now scheduled to be deployed by 2018, since there is a black box in every car that will be recording data about the movement and location of the vehicle. But, Appt says, “This is an example of data processed within the limits that the law provides, so privacy laws are not affected, unless the eCall data will be used for other purposes than handling the specific case of emergency.”

However, as the car and its infrastructure become more connected and, as a result, more and more seemingly technical data is generated and stored, the nature of the data may change. In a more or less fully automated transport network, presumably pedestrians and cyclists will all be equipped with devices that signal their location throughout the day. This could enable someone to establish a pattern of behaviour of this person and perhaps even identify him or her.

“This could start as a few pieces of a puzzle,” Appt says, “but in big data there are so many pieces that you could eventually be identified. With big data and without privacy by design eventually there will probably be no more anonymous data and everything will be under personal privacy laws."

Now see Part II here>>>

Catch up with the latest thinking at Consumer Telematics Show 2016 January 5.

Leave a comment

Your email address will not be published. Required fields are marked *