Take a look to the future: driverless vehicles pose privacy and other regulatory challenges

Take a look to the future: driverless vehicles pose privacy and other regulatory challenges

Take a look to the future: driverless vehicles pose privacy and other regulatory challenges

Automated driving technology is constantly evolving. A major stumbling block to the introduction of advanced driverless systems is not necessarily technology-related, but rather the need for a regulatory framework to underpin the introduction of automated vehicle activity. This requires consideration of the adequacy of design and manufacturing standards, a revision of road rules and a review of privacy laws.

The progress of automated vehicles to date

The evolution of automated vehicles is more advanced than many may appreciate.

The Google Self-Driving Car Project has a testing fleet of automated vehicles which has travelled well over a million kilometres across three cities in the United States.
In Australia, Rio Tinto uses remote-controlled trucks at its Yandicoogina and Nammuldi mine sites in the Pilbara region, controlled largely from an operations centre in Perth, some 1200 kilometres away.

The attraction of automated vehicles in broad terms lies in:

  • Their capacity to improve safety (such as by eliminating human driver reaction times and reducing or avoiding the risks associated with alcohol or drug impairment of drivers behind the wheel)
  • Increasing fuel efficiency (such as by enabling heavy vehicle “platooning”)
  • Easing congestion and reducing commuting time.

Automated driving systems exercise greater levels of control over vehicles and driving tasks and have a greater capacity to monitor the driving environment than current features with which drivers are already familiar, such as cruise control, automated parking and satellite navigation.

Fully automated trains, which already operate in many countries, are a more immediate reality. These trains will begin running on Sydney’s North West Rail Link in 2019.  One reason why the introduction of fully automated trains has been less problematic than the introduction of automated vehicles is that their operation is not regarded as giving rise to significant regulatory challenges.

Legal challenges associated with automated vehicles

A regulatory framework is required in Australia to address the legal challenges associated with automated vehicles.  The framework needs to be well designed and to contain adequate protections and safeguards which at the same time do not unnecessarily constrain further technological innovation and development.  A number of issues need to be addressed in this context, including the liability of owners, manufacturers and system operators, and the responsibility of governments and other agencies in managing the personal data which will inevitably be generated or collected by a centralised monitoring and control authority.

Degrees of vehicle automation

The popular expression “driverless” is not entirely helpful as it begs the question as to what constitutes a “driver”, and it fails to differentiate between different levels of automated function.  The Society of Automotive Engineers instead uses the term “automation” and has adopted an international standard which describes three levels of automated driving systems.

1. Conditional automation
The lowest level of automation which is classifiable as an “automated driving system” is “conditional automation”.  Conditional automation systems (such as automated freeway driving) drive the vehicle for sustained periods of time and monitor the driving environment.  A human driver only intervenes in response to a request to do so from the system.  

The progression from current technologies to conditional automation and to more advanced categories revolves around the development and integration of more sophisticated GPS systems (comprising gyroscopes, altimeters and accelerometers), combined with sensors (including radar, ultrasound, laser and optical technologies) which recognise and enable the navigation of dynamic, changeable road conditions such as traffic lights, speed limits, road signs, weather conditions and of course, other vehicular and pedestrian traffic.

2. High automation
With the implementation of appropriate technology, “conditional automation” metamorphoses into the next category, “high automation”.  This essentially describes a vehicle which is able to come to a stop without a human driver intervening – for example, if it encounters inclement weather and its sensors fail.  The shortcoming is that highly automated vehicles remain restricted as to the roads on which they can effectively operate.

3. Full automation
The ultimate category in the evolutionary process is the “fully automated” vehicle.  Full automation removes all elements of the human driver, with the system driving the vehicle and monitoring all weather and road conditions, with no requirement for human intervention.  Realistically, fully automated vehicular traffic will not appear on our roads in the foreseeable future.

It is clear that any consideration of a regulatory environment for automated vehicles needs to begin with a consideration of the anticipated level of automation.

Current vehicle and driver regulation

Australia’s current regulatory framework for road vehicles is complex. Commonwealth legislation addresses vehicle design rules and consumer protection relating to vehicles, whilst state and territory legislation addresses ongoing safety compliance, road rules, vehicle restrictions, driving and design standards, licensing, registration and general public safety.  The broader regulatory framework covers a range of additional matters including those relating to the environment and privacy.

In simple terms, the Australian Design Rules (ADRs) are national standards for safety, anti-theft and emissions in vehicle design.  The ADRs are administered by the Australian Government under the Motor Vehicle Standards Act 1989 (Cth). The Australian Road Rules (ARRs) are model road rules developed by the NTC and applied with broad consistency in state and territory legislation.

The ARRs do not state that the driver of a vehicle must be a human but it is clearly assumed.  The rules tend to be structured around the concept of what a “driver” can and cannot do when behind the wheel and in manual control of the car.

Recent developments and the National Transport Commission issues paper

An International Driverless Cars Conference was held in Adelaide, South Australia, in November 2015.  The discussion during that conference centred as much upon the need for regulatory change, as it did on the latest advances in technology.

In February 2016, the National Transport Commission (NTC) released an issues paper (the NTC issues paper) in February 2016 in response to a request by the Transport and Infrastructure Council in November 2015 for the NTC to identify regulatory barriers to the safe introduction of more automated vehicles in Australia.  

The NTC has foreshadowed that it will release a discussion paper relating to these issues later this year.

Key issues identified in the NTC issues paper

Data collection and privacy
Automated vehicle system technologies will most likely generate detailed and precise information about a range of factors including vehicle location, occupancy, speed, telephone activity and social media use.  In some instances, such information could be classifiable as “personal information”, and perhaps “sensitive information”, under the Privacy Act 1988 (Cth), as currently framed.  

At present, Australian governments and government agencies do not have the capacity to monitor the whereabouts of individuals or the vehicles in which they travel, unless lawful access is gained to sufficient information from a relevant navigation system or smartphone.  In the context of vehicle automation, consideration is required as to whether current statutory privacy protections are adequate and appropriate in addressing the circumstances in which government agencies might legitimately require access to automated vehicle data and, just as importantly, the use to which they might put data which is collected and centralised under an automated driving regime.  

It is easy to mount an argument that there should be no restrictions on gathering intelligence data to prevent criminal or terrorist activity, but the question of the extent to which the private activities of law-abiding individuals should be monitored and archived, and the use to which that data might ultimately be put, is something else.

The NTC has previously recommended that consideration be given to the adoption of “privacy by design” principles, advancing the ability of individuals to remain anonymous, ensuring that unique identifiers are stored separately to licensing and registration information, and perhaps adopting specific legislative measures to require compliance with, or exemption from, applicable privacy principles.

Driver responsibility
Consequent upon the model ARRs, many state and territory road safety traffic laws assume that the driver is human. The ARRs focus to a significant extent on human driver responsibility, such as the regulation of speed and the requirement to obey signs.  An important matter relating to driver responsibility in the context of conditional automation systems, for example, concerns the circumstances in which a human driver should be held responsible for not resuming or taking back control from the automated system.
The ARRs are in large measure inappropriate or irrelevant to a range of automated system technologies.  Issues thus arise, in simple terms, as to how an automated vehicle, or an operator of one, can hold a driver’s licence, respond to directions from police or provide assistance to an injured person.  At the very least, the definition of “driver” would have to be expanded to embrace the operator of an automated vehicle system, or to describe the system itself, and more specifically to clarify what it means for an individual to be “in control” of a vehicle.

Manufacturer responsibility
A major distinguishing feature of an automated vehicle is that responsibility for control, and hence potential liability, will increasingly shift from the human driver to the manufacturer as the level of system automation increases.  

A clearly defined legal entity must ultimately be responsible for controlling the vehicle.  That person is easily identifiable in the case of a human driver, but the issue is less clear where the human is only monitoring the automated system and only intervening if and when requested to do so by the system.

Third parties, in addition to vehicle manufacturers, could also have some exposure, including software developers, service technicians and parties involved in the development, design and manufacture of automated systems and related devices.

As a corollary, enforcement agencies and courts may be confronted by challenges in identifying who is in control of a vehicle at any particular time and/or who is responsible for an accident, and to what extent.  

Of further relevance to vehicle design issues, the current ADRs focus on the physical vehicle and do not attempt to ensure road rules compliance.  Under the Motor Vehicle Standards Act 1989 (Cth), all road vehicles must comply with the ADRs at the time of supply to the Australian market.

Under the ADRs as presently defined, it may not be possible to import highly or fully automated vehicles into Australia without a specific exemption.  This is because some ADRs, although not precluding automated vehicles, adopt criteria which are not relevant to automated vehicles and which would therefore not be met.  For example, a highly or fully automated vehicle may not require a steering column or break peddles to operate safely.

Another potential shortcoming in the ADRs would arise from the fact that they relate to physical vehicle performance and do not address road rules compliance, given that road rules have traditionally been the responsibility of the human driver.  The ADRs might therefore require amendment to ensure compliance with the ARRs, or alternative regulatory mechanisms may have to be adopted.

The “home mechanic” problem
Human vehicle owners can at present, within limits, effect modifications to their vehicles without the need for regulatory oversight or certification.  As vehicles become more automated, however, there is a risk that modifications to the physical vehicle or software could impact upon the safe operation of the automated vehicle system and therefore the automated vehicle itself.

Accordingly, it is necessary for consideration to be given as to whether and to what extent any individual can tamper with or modify any aspect of their vehicle’s systems.  Perhaps the days of the “home mechanic” are numbered.

Safe distance rules
At present, the ARRs prescribe a safe distance which must be maintained between long vehicles (specifically, a minimum distance of 60 metres).  With automated driving systems, however, the practice of heavy vehicle “platooning” becomes possible.  This involves a number of vehicles travelling close together at speed.  Automated systems can make this possible by controlling the simultaneous acceleration and deceleration of all vehicles in the platoon.  The automated vehicle systems would eliminate the relevance of human driver reaction times.  Platooning could provide fuel efficiency and safety benefits and is accordingly another issue which would require regulatory consideration.

The way forward
There is presently a degree of uncertainty about the nature of the automated driving system technologies that will ultimately be commercialised and introduced into the market.  While this debate unfolds at a technical and commercial level, simultaneous consideration must be given to the relevant legal and regulatory issues.  Historically, the law has always lagged behind the development of new technologies, meaning either delays in introducing the technology or the late emergence of unintended legal consequences and loopholes.  In the case of automated vehicle technologies, it would be refreshing to see innovators keeping regulators informed about the direction and likely nature and scope of innovation and commercialisation in this area, to assist them in their law and regulatory reform efforts.

The NTC discussion paper, which is currently expected to be released around the middle of 2016, should provide the catalyst for informed debate on this very real issue.

We look forward to keeping you informed on this topical issue and should you wish to discuss any of the points raised in this article, please feel free to contact Dr Gordon Hughes or Andrew Sutherland.

Dr Gordon Hughes
Phone: +61 3 9254 2582.
Email: ghughes@davies.com.au

Andrew Sutherland
Phone: +61 3 9254 2639
Email: asutherland@davies.com.au