Devin R. Bates, Benjamin D. Jackson
Information Security & Privacy
Self-driving cars and related legal issues have captivated the cybersecurity world as of late. And with good reason. In 2018 we saw the first fatality associated with a self-driving Uber, adding to the growing attention paid to autonomous vehicles and their security.
In March 2018, a self-driving Uber struck and killed a woman in Tempe, Arizona, prompting Uber to suspend the rollout of their self-driving transit service. Uber promptly settled, or at least partly settled, with the deceased party’s family. The National Transportation Safety Board (NTSB) immediately dispatched a small team to investigate the accident, and shortly thereafter released an update, providing a broad overview of what the investigation would entail. We are still awaiting the official NTSB reports, but Uber’s own report announced last week that a software glitch was to blame. While the official NTSB reports of individual investigators may be released soon, final accident reports from the NTSB take months, and sometimes years, to produce. We’re watching closely to see what the NTSB has to say, and especially monitoring their reports for any implicit calls to regulation. NTSB reports from this accident and others like it, have the potential to have a profound effect on this burgeoning form of transportation.
While the Arizona Uber fatality is novel because it is the first of its kind, every indication points to this being the tip of the iceberg. While Uber almost immediately suspended the commercial use of its self-driving vehicles, companies like General Motors, Ford, Aptiv, Zoox, and Waymo continue to test self-driving vehicles on public roads. The handful of increasingly competitive companies entering this market is on the rise. Their developers are constantly adjusting algorithms to improve this technology and reduce accidents. But as is the case when technology and the law collide, this mad rush to roll out self-driving inventions has far outpaced legal and regulatory oversight. The lack of clear regulations and the absence of case law assigning liability in self-driving vehicle accidents has led to a dearth of accountability.
Tighter laws and regulation governing self-driving vehicles will be forthcoming. Issues related to liability in self-driving vehicle accidents was implicated in a letter written by a group of 10 United States Senators sent to 60 manufacturers of the technology earlier this year. The proposed Self Driving Act and AV START Act, which have worked their way at least partially through the federal legislative system, are only the beginning.
Given the high rate of human error involved with driving vehicles, it seems quite possible that someday self-driving vehicles may be far safer than the traditional human-driven variety. The roads are already filled with connected cars with up to 10 different networks, 30 million lines of code, and between 100 to 150 automotive computers all communicating using various protocols.
However, given the amount of split second judgment calls necessary to navigate our streets, it will take time for artificial intelligence to be able to respond to all of the myriad situations that a human driver may instinctually handle. Regardless of whether self-driving vehicles have a lower rate of error than human drivers, there will always be accidents and errors. This is especially true as the companies that research and develop these vehicles work out the bugs.
So while the Arizona Uber fatality is noteworthy, it will be far from an anomaly, at least in the near future. And how the law handles such accidents is at the precipice of impending change. Whether shaped by NTSB reports or consumer demand, and whether originating from governmental agencies, the federal government, or state governments, one thing is for certain: changes in the law are on the horizon.