Mapping the legal framework for autonomous vehicles

Lawmakers, OEMs, Tier and other suppliers to the auto industry around the world are grappling with the prospect of what connected and autonomous cars will mean for the legal framework

International legal firm Pinsent Masons first raised these issues some years back in a white paper on Connectivity in the Automotive Sector. Today autonomous vehicles are disrupting car manufacturers’ business models and revenue streams, and a shift in the onus of liability. This could require rewriting of road traffic law, insurance provisions and contractual relationships across the supply chain. It brings potentially complex legal changes and challenges, as well as a need for all of those involved – manufacturers, service providers, suppliers and insurers – to keep up with changes, engage in the debate, and ensure they understand the impact of existing legislation and be prepared when it changes.

Automotive Industries (AI) asked Dr Stephan Appt, partner at Pinsent Masons, what legislation currently covers autonomous vehicles.

Appt: A wide range of legislation currently covers autonomous cars. This includes existing regulations such as road traffic laws, the construction and use of vehicles and product safety. But the legislation has not been framed with autonomous cars in mind. The result is the lack of an adequately balanced legal framework in which autonomous cars can be operated, or just simply do not fit – such as a requirement that vehicles, ultimately, need to be under the control of a human driver. Added to that are the legal questions around data protection and regulatory aspects related to provision of car connectivity.

AI: How comprehensive are the laws in Europe and the United States?

Appt: The laws in many jurisdictions are not particularly comprehensive in respect of autonomous vehicles. Countries in the EU (such as the UK and Germany) and the United States have announced measures to review their existing regulatory frameworks. As a result of this we expect changes to be made to existing legislation in a number of countries as lawmakers gain a greater understanding of the risks associated with autonomous vehicles.

Apart from traffic law implications the most important questions to be resolved relate to data, i.e. digital legal issues. With embedded SIM cards autonomous cars will collect and transfer a large amount data. Most of it will be qualified as personal data. The use of cameras is subject to substantial limitations in jurisdictions like Germany. The EU recently finalized a new framework for data protection laws, the European General Data Protection Regulation which will be applicable across the EU Member States, but it is felt that this framework does not necessarily provide answers the industry needs.

AI: What expertise do firms like Pinsent Masons have in this field?

Appt: We have a dedicated advanced manufacturing and technology team, and within that a group of expert lawyers that make up for Pinsent Masons’ Automotive Group, which not only covers traditional “old economy” automotive matters, but is exceptionally well-placed to advise on the legal issues arising out automotive digitisation and the testing, development and future commercialisation of autonomous vehicles.

We advise clients on matters such as road traffic, data protection and telecommunication laws as well as in setting up distribution schemes for connected car services and questions around new liability concepts in the supply chain. Suppliers are increasingly concerned to see their liability exposure increase on the way towards autonomous driving. This is often the case where suppliers of, for example, semiconductors or software used for vehicle-to-infrastructure communication or the like need to assess the relationship of small margins per part against a yet-unknown exposure regarding liability risks.

On the question of ownership of data generated by an autonomous vehicle we advise our clients on how to lawfully collect the data and whether and how intellectual property rights can be obtained with regard to connected and autonomous car  data. There are many new stakeholders involved, all of them have similar legal questions when it comes to “uncovering the gold mine” of data, ranging from Tier suppliers, infotainment providers, pay-as-you drive insurers, telecom service providers to Google, Apple and last, but not least, the car makers themselves.

AI: What needs to be done to make sure liability rests with the correct entity?

Appt: The existing liability regime needs to be reconsidered. It must clearly identify who is liable in the event that, amongst other things, injury or damage is caused by an autonomous vehicle. We have seen instances of OEMs committing to accept responsibility for such injury or damage in certain circumstances (e.g. Volvo and Daimler).

However, there will be instances where OEMs will not accept liability, such as where the autonomous vehicle has been modified or has not been serviced in accordance with the OEM’s instructions. It is the “grey areas” such as these where liability will need to be carefully considered and adequate regulatory frameworks put in place. The introduction of event data recorders will be inevitable as it will often not be possible to determine the cause of accidents of autonomous cars without monitoring the systems involved. With current legal standards, this again causes issues with regard to data protection laws. These need to be considered and resolved by using privacy by design.

A proposal by the US National Highway Traffic Safety Administration that a “system” could be treated as a driver gives rise to questions as to where liability for an accident would fall. If a machine can drive itself and the owner has little or no influence over how it operates, and if no technical fault arises that can be pinned on the manufacturer in the event of an accident, then you can see why there might need to be a paradigm shift in the allocation of liability. To be able to pursue a machine for damages there would need to be an underlying pot of money that those seeking redress could access. Alternatively, insurers might have a new market with manufacturers selling these vehicles by underwriting the risk of machine liability.

AI: Where is interest highest in the laws governing connected cars and autonomous vehicles and why?

Appt: Apart from road traffic implications the topic of who may use car data for which purposes is on top of mind. We work on strategies to put in place contractual arrangements addressing the question of ownership of data and to achieve compliance with privacy laws.

From a territorial perspective our European premium carmaker clients show the highest interest as they are at the forefront of developing connected and autonomous car technology moving from legacy to digital. As it is a global business OEMs also need to think big when it comes to the legal assessment. Another consideration is what happens when a vehicle crosses borders after being sold, and is then subject to differing jurisdictions.

Projects include, for example, telecom regulatory law aspects of embedded SIM card connectivity covering 40 jurisdictions, spanning from the Vatican City over Russia, Germany to the UK. But we are also acting for clients based outside Europe, such as Japanese suppliers of vehicle to infrastructure communication software, some of which is entering the European automotive market for the first time and therefore require a better understanding of the standards in OEM or Tiers 1 sourcing contracts as well as their product liability exposure.

Other clients draw on our expertise when it comes to establishing regulatory requirements under the laws of less obvious markets for premium cars, such as the UAE. This is a region where the market is focused on high-end premium cars, which will always need to be equipped with the latest connected car functionalities, thus triggering an increased need for the checking of legal compliance.