The Driver Privacy Protection Act, other federal statutes, including the Electronic Communications Privacy Act and the Federal Communications Act, may apply to certain aspects of autonomous vehicle data and communications. In addition, 47 states and the District of Columbia have passed laws that apply to personal information. While these laws are generally applicable to data breaches, many also include personal data protection requirements. While these laws provide some protection for various personal data, some or all of these safeguards may not apply to autonomous vehicles due to the nature of the data, the nature of the data collection, or the entity collecting the data. In the United States, patent infringement occurs when a person « makes, uses, offers for sale, or sells a patented invention in the United States, or imports a patented invention into the United States during the term of the patent, » without authorization. 35 U.S.C. § 271(a). If such infringing activity is detected, the patent owner is entitled to damages that would compensate the patent owner, « but in no case less than a reasonable royalty for the use of the invention by the infringer, plus such interest and costs as may be determined by the court. » 35 U.S.C. § 284. The premise of this legal structure is that in cases where a patent owner cannot prove actual harm (e.g.
lost profits) for infringing sales, the patent owner is always entitled to compensation for the infringing activity – reasonable royalties. In 1996, for example, an Illinois court wrote, « If an unreasonably dangerous condition is caused by a modification of the product after it has left the manufacturer`s control, the manufacturer will not be liable unless the change is reasonably foreseeable. » 70 Applied to autonomous vehicles, the logic of the « unless » clause could be problematic. Indeed, if autonomous vehicle technology becomes commonplace, modifications for installation in non-autonomous vehicles will be « reasonably foreseeable ». However, on this basis alone, it would be unfair to impose liability on initial manufacturers of non-autonomous vehicles for third-party autonomous vehicle technologies that they were not involved in the development or installation. First, the plaintiff could sue the operator of the vehicle, although the definition of « operator » may vary from jurisdiction to jurisdiction. In Florida and Nevada, a person is an « operator » when they activate the vehicle`s autonomous technology, whether or not they are physically present in the vehicle. California offers a slight variation in defining an « operator » as « the person sitting in the driver`s seat or, when there is no one in the driver`s seat, activates autonomous technology. » Perhaps the most important information that may be collected, particularly in combination with other information discussed in this section, is identifying information about the owner or passenger of the autonomous vehicle. It is likely that the autonomous vehicle would have to store information about the owner and passenger for various purposes.
For example, the vehicle would likely need to retain passenger information to authenticate the authorized use. In addition, passenger information would also lend itself to a variety of amenities common to many cars available today, including comfort, safety, and customizable entertainment settings. It is likely that, based on configuration preferences and other information collected during operation, cars will be able to identify drivers, passengers and their activities with a high level of safety. Many jurisdictions in the U.S. have passed, rejected, or are currently considering various laws regarding autonomous vehicles, but only a very small number have addressed the impact of the autonomous vehicle industry on original equipment manufacturers (OEMs): While technology is generally described as a catalyst for autonomous vehicles, liability is often described as a barrier. A 2013 article in the San Diego Union-Tribune put it bluntly: « Experts said that if left unresolved, the liability issue could delay or even destroy the vision of driverless cars that are widely available. » 57 Also in 2013, MSN published an article entitled « Will Lawsuits Kill the Autonomous Car? »,58 and the Wall Street Journal published an article entitled « Liability Issues Create Potholes on the Road to Driverless Cars ». 59 Since then, Washington D.C. and twenty-nine states have passed laws regulating the use of autonomous vehicles. In September 2018, Congress issued basic federal guidelines that determine the classification of vehicles from non-autonomous (human-controlled) to fully autonomous (« autonomous ») vehicles.
While federal guidelines now define what counts as an autonomous vehicle, other legal definitions differ from state to state, and additional issues associated with their use still need to be addressed. According to the second reformulation – and thus under a huge body of product liability jurisprudence – a manufacturer can be held liable for the sale of a product that contains an « unreasonably dangerous » defect, even if he has exercised « all feasible precautions in the manufacture and sale » of the product. In addition, liability may apply even if the user of the product « did not purchase the product from the seller or entered into a contractual relationship with him ». 30 Therefore, any entity in the distribution chain of the product upstream of the user can be held strictly responsible, 31 and the user does not need to have purchased the product at all. If a manufacturing defect injures a passenger in a friend`s car, the injured passenger could make a no-fault liability claim against the manufacturer (or other companies in the distribution chain). Autonomous vehicles are an exciting part of the future of the world. Technologies are advancing rapidly, cars are becoming aware of their surroundings and safety is taking precedence over the front seat. Infrastructure around the world is built with self-driving cars at its center. Important methods of risk mitigation are pre-transaction planning, due diligence, and post-transaction integration and follow-up. It is essential to determine at the outset the scope and purpose of the strategic alliance and the expectations of each party, how the alliance fits into each participant`s current business plan, what each party`s core competencies are, where synergies can be created, what intellectual property and competitive information should be protected or excluded from the alliance. What will be the life cycle of the project, what will be the rights to management, monitoring and supervision, and what exit strategies there are for its participants. Our contribution to upcoming legal concepts for autonomous vehicles is just the beginning of this exciting topic.
The rule of law community will play a vital role in the decades to come. Forster Y, Hergeth S, Naujoks F, Krems J, Keinath A (2020) What and how to tell before: the effect of user education on understanding and satisfaction with driving automation. Transp Res Part F 68:316 Regulators and government legislators must be careful when regulating for the general public. At present, legislation that is too forward-looking is ill-advised. In the NHTSA guidance, NHTSA stated, « As Level 4 automated systems do not yet exist and the technical specifications for Level 3 automated systems are still evolving, the Agency believes that regulation of the technical performance of automated vehicles is premature at this stage. » State and federal governments risk stifling technological innovation by trying to regulate too far in the future. In 1998, the American Law Institute published the « Restatement (Third) of Torts: Product Liability. » 32 The third rewording deals specifically with manufacturing defects, design defects and lack of warning, but provides, inter alia, for liability for design defects and the absence of a warning of `foreseeable risks`. In this context, which is likely to be used by more and more courts in the future, a manufacturer`s failure to identify and mitigate a dangerous « foreseeable » risk is more akin to negligence than strict liability. While the landscape has changed somewhat when it comes to specific theories of liability that can be used to pursue claims related to manufacturing defects, design defects, and lack of warning, all three remain at the heart of product liability law. In 2015, researchers Charlie Miller and Chris Valasek were able to exploit a vulnerability in some Chrysler vehicles to take control of the vehicle`s internal computer network.
Miller and Valasek discovered the vulnerability in the entertainment system that allowed remote access through an open port in the system. With access to the entertainment system and CAN bus, Miller and Valasek were able to remotely control various systems, including climate control, stereo, windshield wipers, transmission, steering, and were able to kill the engine and activate or disable the brakes. While these vulnerabilities have occurred in normal vehicles, they illustrate some of the potential risks that could arise with autonomous vehicles, as many of the features and systems available in normal vehicles should be available and included in autonomous vehicles. To the extent that self-driving cars are unable to take control of the vehicle to respond, the security threat posed by these vulnerabilities could be even more acute.
