DOT Releases Federal Automated Vehicle Policy
On September 20, 2016, the U.S. Department of Transportation’s (DOT) National Highway Traffic Safety Administration (NHTSA) issued the first Federal Automated Vehicles Policy, providing guidance for manufacturers, suppliers, developers, and others entities involved in the development and deployment of automated vehicles. The Policy offers a flexible approach to a dynamic and rapidly-developing area. In a press conference on Tuesday, DOT Secretary Anthony Foxx stated that he intends for the Policy to be a living, breathing document with enough flexibility to keep up with the changing technology of automated vehicles. The DOT intends to review and update the Policy annually.
The Policy outlines the best practices for highly automated vehicles (HAVs) before they are available for commercial sale or operation on public roads, including a 15-point safety assessment checklist that manufacturers and other entities should use to certify that their vehicles are safe for testing and production. The 15-point safety assessment applies to original automated equipment, as well as updated or replacement equipment. Under the Policy, NHTSA suggests that HAV manufacturers submit a safety assessment letter demonstrating compliance with the criteria in the checklist before commencing testing and production. The safety assessment will help NHTSA better understand the safety features available in HAVs, and how such vehicles comply with Federal Motor Vehicle Safety Standards. In the coming months, NHTSA will continue researching ways to refine and expand on this guidance.
The Policy also provides a Model State Policy that distinguishes between the responsibilities of the federal and state governments depending on who—or what—is operating a vehicle, and suggests a regulatory framework for states desiring to regulate HAVs. Under the Policy, NHTSA has complete regulatory authority over safety and vehicles, while states reserve authority over humans in their capacity as drivers. As vehicle control shifts from a human driver to software at the highest levels of automation, NHTSA jurisdiction becomes exclusive. Where a vehicle is driven by software, the “driver” is part of the vehicle, which falls within NHTSA’s jurisdiction. States retain responsibility for licensing drivers, registering vehicles, and enforcing traffic laws, conducting safety inspections (in some states), and regulating insurance and liability. One of the central goals of the Policy is to create a consistent national framework with compatible state laws. To this end, the Policy specifically calls out areas in which states can coordinate, such as standardizing and maintaining road infrastructure.
While touching on vehicle privacy and cybersecurity, the Policy does not provide any overarching standards. The Policy recognizes that vehicle cybersecurity will continue to evolve as automated vehicle technology develops, and that additional research and input from stakeholders is needed in order to develop regulatory standards. In the meantime, the Policy recommends that manufacturers and technology companies follow industry best practices and share information regarding potential cybersecurity threats and vulnerabilities.
The DOT has issued a Request for Comment (RFC) seeking comment on the new Policy. Notice of the RFC was published in the Federal Register on September 23, 2016. Accordingly, comments are due on or before November 22, 2016.