The legal and regulatory implications of driverless vehicles, and the role traditional car manufacturers will play in a new landscape.
CCBJ: Driverless cars have the potential to gather a substantial amount of data. Tell us about some of the data privacy concerns brought on by this – perhaps specifically with regard to the GDPR and the upcoming California Consumer Privacy Act (CCPA).
Glynna Christian: This is one of the biggest issues when it comes not only to driverless cars but also many other new technologies that are already being integrated into cars – new music features or virtual reality applications. The data that can be collected is even more far ranging than the telematic data that has been collected: “How fast are you going? How often and when do you brake? What is the tire pressure?” Things like that. Now it can even include biometric data, such as the driver’s heartbeat and the line of sight from a driver’s eyes. Advances in technology and telematics coupled with machine learning enable companies to derive insights into driver and even passenger behavior and preferences, such as the driver’s preferred route to work, favorite type of music. Companies will need to know not only what data is being collected but what data is being derived that would fall under the CCPA’s broad meaning of personal data, how that data is being used and if they have adequate rights to use the data and are protecting it appropriately. It’s not intuitive and will require peeling back the layers to understand the full picture.
Let’s talk about the impact autonomous vehicles will have on manufacturing and supply chain management, in terms of efficiency and speed but also risk management.
Historically original equipment manufacturers (OEMs) and tier one companies were the main manufacturers and suppliers of the components of cars – and that model is changing. Now, there are these technology companies involved that don’t have those decades of automotive industry experience, the quality control processes and supply chain relationships in place. On one hand, that could be great because it can bring new thoughts, processes and innovation to the industry. But it also introduces a certain amount of risk, because these are companies that aren’t necessarily used to scaling the way that is needed in this industry. Some of our larger car makers have thousands and thousands of cars on the road. How do you make sure you scale at that level while ensuring quality? I think it will require some additional diligence and partnering on the part of OEMs and tier one suppliers to help tech companies scale without losing quality.
I’ve heard some folks at OEMs comment specifically on that. They’re very interested in checking out technology from these new tech companies, and in partnering with many of them. But high-growth technology companies make 5,000 of one component. So how do you scale up to 50,000 – or even more – and do it in a way that’s efficient and price competitive and without losing quality? It’s so important with these products. It’s not like it’s a software application for music. You’re putting a vehicle out there on the road that could hurt people. So it’s really important to get right.
As autonomous vehicles move from conception to reality, what other regulatory issues should companies be aware of? How can companies best position themselves for success?
It’s interesting because right now the regulatory scheme is all over the place. There is no federal legislation that allows driverless cars to go from California to Maine, for example. It’s a patchwork of laws. You can do different things in different states, but you couldn’t ride in a driverless car all the way across the country. At some point, of course, there will be federal legislation, and so what we’re starting to see – and which we encourage – is both OEMs and tier one suppliers, as well as tech companies, working with regulators in this space. When we talk to regulators, they’re very interested in knowing what’s going on in this industry, because they want to anticipate it and enable it. They’re not trying to slow this down. But they want to be thoughtful and make sure they’re protecting the public, which is their role.
For example, when the Highway Department is putting down new asphalt on an interstate, they’re asking questions like, “Should we use a certain type of paint that would be more visible to driverless cars?” And right now that’s an unknown. Nobody really knows that one particular type of paint would be more helpful or not. But they’re trying to be very thoughtful about it, and the industry is still trying to catch up and figure out answers to questions like that as well. I think closer collaboration is the key to making sure this happens quickly and consistently.
In an article you wrote for Automotive News, you mentioned that the reality of driverless cars on the roads will “profoundly alter the nature of the relationship between automakers and consumers.” Can you talk about some of the implications, legal or otherwise, of that adjustment?
Other than Tesla, vehicles have been sold in the U.S. through dealerships with financing through the OEM’s financing entity but not so much a direct-to-consumer service model. They may have an ongoing service relationship with the consumer through the maintenance and service departments but that’s done by the dealership. But with Tesla, for instance, we’re starting to see a more ongoing relationship with the consumer. And as more consumer technology is integrated in cars, through apps and direct integration, that may create more touch points with consumers for manufacturers. For example, if a consumer wants to use a mobile app provided by an OEM in order to access a remote unlock feature, the consumer should agree to a terms of use with the OEM for use of that service. That creates a direct, contractual relationship between the OEM and the consumer for that service.
So the OEMs will have that new relationship, but third parties who providing other apps and services will also have a relationship with the same consumer. How does that all work together, particularly from a data rights and protection standpoint? Do the manufacturers need to be thinking a bit differently in building out their business-to-consumer model? They have always had the consumer in mind from a regulatory standpoint, but they haven’t dealt as much with consumers directly. What does that mean from a product liability standpoint, a data privacy standpoint and a consumer protection standpoint? Much remains to be seen.
Published September 6, 2019.
