The obligation to secure your opponent's data in the age of hacking
Hacking, corporate espionage and data breaches are on the rise around the globe.
For autonomous vehicles to move from concept and testing to part of everyday reality, a comprehensive regulatory framework must be put in place – a framework that, to date, has been conspicuously absent. Federally, the United States government has merely called for research on the impact autonomous vehicles will have on the transportation system and released a framework to classify the technology used in autonomous vehicles. At the state level, only a handful of states have passed legislation related to autonomous vehicles. The legislation that exists primarily relates to the testing of autonomous vehicles. The current state statutes are not identical – they have different requirements for the testing and operation of autonomous vehicles. As autonomous vehicle technology advances, however, this sparse regulatory response—state and federal—is poised to change.
This limited regulatory landscape offers immense opportunity. For companies already testing self-driving vehicles or looking to enter the market, the lack of national consensus represents a chance to play a role in the crafting of necessary regulations. For these companies, the question should not be “how many regulatory hurdles do we have to jump?” but rather “how can we most effectively create a regulatory environment in which we can succeed?”
On the federal level in the United States, there is very little regulation related to the testing and operation of autonomous vehicles. Although the statutes in Title 49, Subtitle VI of the US Code and the regulations in Title 49, Subtitle B, Chapter V of the Code of Federal Regulations fill thousands of pages with federal motor vehicle standards, many—if not all—of those standards were drafted with human drivers in mind. With the recent snowballing momentum of autonomous vehicle technological innovation, however, the federal government has realized that it needs to re-evaluate these rules. Thus far, the agent of change has not been Congress but, rather, the Department of Transportation and, specifically, the National Highway Traffic Safety Administration (“NHTSA”).
Since 2013, only two federal bills have been introduced that touch upon autonomous vehicles, and only one has become law. On December 4, 2015, the “Surface Transportation Reauthorization and Reform Act of 2015” was signed into law as Public Law 114-94. This Act modestly calls for grants for autonomous vehicle research, for the Comptroller General of the United States to prepare reports on the autonomous transportation technology policy developed by public entities, to assess organizational challenges, and to recommend implementation paths for autonomous transportation technology, applications, and polices.
In 2013, the US Department of Transportation—through the NHTSA—issued its Preliminary Statement of Policy Concerning Automated Vehicles (“NHTSA Policy”). In it, the NHTSA set a path for future research and laid out a framework classifying five “levels” of autonomous capability. These levels are designed to track advances in autonomy in an organized fashion, stagger research goals, and facilitate the promulgation of rules for each level.
These levels can serve as a basis for either binding regulations or optional recommendations concerning the evolution of autonomous vehicles. In 2011, for example, the NHTSA issued 49 CFR Parts 571 and 585 requiring electronic stability control (ESC) systems—a level 1 technology—on passenger cars, multipurpose passenger vehicles, trucks, and some buses. In contrast, in the 2013 NHTSA Policy, the NHTSA opted to merely issue recommendations. The NHTSA Policy simply cautions states against permitting the operation of self-driving vehicles at levels 3 and 4 “for purposes other than testing.”
Companies in the autonomous vehicle market must be aware of NHTSA’s framework. Should it see a need, the NHTSA could turn current recommendations into future requirements and prohibitions. If mandatory regulations are issued, they would likely be based around the level framework defined in the NHTSA Policy, laid out below:
The federal government is beginning to ramp up its efforts in this area. In his January 2016 State of the Union address, for example, President Barack Obama expressed his desire that the federal government invest in a 21st Century transportation system. As part of his proposal, the Department of Transportation unveiled a 10-year, nearly $4 billion investment to accelerate the development and adoption of safe vehicle automation through real world pilot projects. The Department of Transportation also released a 2016 Update to its 2013 NHTSA Policy (“2016 Update”). Though lacking in specifics, the 2016 Update reiterated the federal government’s commitment to autonomous vehicles: “to that end, NHTSA will use all available tools to determine the safety potential of new technologies; to eliminate obstacles that would prevent or delay technological innovations... and to work with industry, governmental partners at all levels, and other stakeholders to develop or encourage new technologies and accelerate their adoption where appropriate.”
“This is an area of rapid change,” the 2016 Update asserts. “Within six months,” the 2016 Update promised, “NHTSA will propose best-practice guidance to industry on establishing principles of safe operation for fully autonomous vehicles (vehicles at Level 4 on the scale established in NHTSA’s 2013 preliminary policy statement).”
The NHTSA, however, is limited in how it can reconcile future technological advances with the current regulatory framework. NHTSA can initiate changes to the Federal Motor Vehicle Safety Standards. However, it takes substantial time to develop rulemaking proposals, to obtain review of the proposals, to solicit and review public comment, and, in some instances, to receive congressional approval. The NHTSA can also issue “interpretations” of the existing standards. Interpretations do not change existing rules, regulations, or standards, and cannot make a substantive change to or adopt a new position that is irreconcilable with the regulatory regime. Rather, interpretations are issued in response to clarification questions—they merely describe an agency’s view of the meaning of an existing statute or regulation. They are typically confined to the specific facts and circumstances of the request that triggered them. More often than not, they are temporary and susceptible to change or revocation in the face of new or different facts. Finally, the NHTSA has the regulatory authority to grant temporary exemptions from the Federal Motor Vehicle Safety Standards. See 49 USC. § 30114 and 49 CFR Part 555. Exemptions are more powerful than interpretations: where interpretations cannot conflict with the regulatory regime, exemptions allow manufacturers to avoid certain regulations entirely. Like interpretations, though, they are temporary and must be requested.
Utilizing its ability to issue interpretations of existing standards, on February 4, 2016, the NHTSA published a letter in response to Google’s request for clarification of NHTSA’s self-driving car policy. In the letter, the NHTSA acknowledged that under Google’s self-driving vehicle design, no human occupant could meet the current federal definition of a “driver,” (49 CFR 571.3 defines “driver” as the occupant of a motor vehicle seated immediately behind the steering control system.) In Google’s new design, there is no steering control system. As such, the NHTSA indicated that it would instead “interpret ‘driver’ in the context of Google’s described motor vehicle design as referring to the SDS [self-driving system], and not to any of the vehicle occupants …. If no human occupant of the vehicle can actually drive the vehicle, it is more reasonable to identify the ‘driver’ as whatever (as opposed to whoever) is doing the driving.”
Perhaps not surprisingly, a variety of safety regulations are based around the driver. 49 CFR 571.111, for example, lays out a requirement for “rear visibility” almost entirely from the perspective of the driver. How “driver” is defined and interpreted will have a substantial impact on how the safety standards apply and, consequently, determine which cars can or cannot be brought to market.
The NHTSA’s letter to Google is an interpretation. As a result, its practical impact is quite limited: it is confined to the specific facts and circumstances that Google asked about, it does not change any of the Federal Motor Vehicle Safety Standards, and it is susceptible to change or revocation at any time.
Although its practical impact is limited, its symbolic consequences are many. Reinterpreting the definition of “driver” under federal regulations signals a high degree of flexibility and willingness on behalf of the federal government to, as it promised in its 2016 update, “eliminate obstacles that would prevent or delay technological innovations.” In the letter to Google, NHTSA stated: “NHTSA recognizes that it can take substantial periods of time to develop rulemaking proposals and final rules... NHTSA further understands that the time it takes to conduct rulemakings may, in some instances, make such proceedings ill-suited as first-line regulatory mechanisms to address rapidly evolving technologies ….[as a result] Google may wish to explore the interim step of seeking exemptions.” Lastly, and perhaps most importantly, the NHTSA’s letter to Google signals that the NHTSA is seriously considering what regulatory changes may be required for this growing industry.
As with the federal level, the state regulatory landscape also is quite bare. Currently, only seven states and Washington, DC have passed legislation aimed at regulating autonomous vehicles and one state has issued an executive order. This means 43 states have yet to regulate—in any way—autonomous vehicles. And even those states that do have regulations, those regulations do not concern the operation, sale, and use or autonomous vehicles for the general public but rather regulate the testing of such vehicles.
Current state regulations are almost universally aimed at manufacturers and the testing process. These regulations also tend to be aspirational, as they target level 3 and level 4 autonomous vehicles—vehicles that for the most part are only now beginning to be developed. Because much level 3 and level 4 autonomous vehicle technology is unknown and, to any extent known, constantly being updated, these regulations are mainly focused on future risk prevention.
The uncertain future of autonomous vehicle technology dominates state regulatory concerns. Should an accident with an autonomous vehicle occur, state regulations are aimed at ensuring that any damages are paid for. Three states, for example—California, Nevada, and Florida—require manufacturers to either have a $5 million insurance policy, take out a $5 million bond, or make a $5 million deposit or bond with the DMV. Although there is no evidence that test vehicles will be more dangerous on the road than ordinary vehicles and their human drivers—one of the goals of autonomous vehicles, after all, is to reduce accidents due to human error—this insurance requirement highlights the uncertainty of the risk associated with autonomous vehicles.
Highlighting the different approaches to this field, the various states with regulations also have put in place differing emergency control, geographical, permitting, licensing, and driver restrictions for the testing process. For example, in four states—California, Nevada, Michigan, and Florida—test drivers must be able to reassume immediate control at any time in the event of an emergency, which means there must be a driver’s seat with a steering wheel with pedals and the driver must be in the driver’s seat at all times. California, Michigan, and Florida have no geographical limits for testing. Nevada, however, has created six different geographical categories and five environmental types. Nevada additionally requires that a vehicle must have been safely driven in autonomous mode for not less than 10,000 miles before it is permitted on public roads. California requires test drivers to obtain a Test Vehicle Operator Permit from the state. The test driver must have a clean driving record with no at-fault accidents resulting in injury or death and no convictions for driving under the influence of intoxicants in the past ten years. Florida and Michigan merely require a driver’s license test. Nevada requires that the local DMV shall establish an endorsement system for autonomous vehicle drivers. Nevada also requires two licensed drivers in a test vehicle. Michigan only requires a special plate on test cars.
Current regulations target manufacturers, not consumers. As autonomous vehicle technology nears a point of readiness for general use, not only must the substance of the regulations change, the focus must shift away from manufacturers onto consumers. For autonomous vehicles to impact the market in the way they are predicted to, regulations will have to be issued that, while keeping the public safe, do not create such a burden so as to either make the purchase and operation of autonomous vehicles inconvenient or result in barriers of entry for smaller companies wishing to enter the market.
State regulatory agencies and legislatures must be careful when regulating for the general public. At the moment, too-forward-leaning legislation is ill-advised. In the NHTSA Policy, the NHTSA noted as much: “[b]ecause Level 4 automated systems are not yet in existence and the technical specifications for Level 3 automated systems are still in flux, the agency believes that regulation of the technical performance of automated vehicles is premature at this time.” Both state and federal governments run a real risk of stifling technological innovation by trying to regulate too far into the future.
An example of this may be the current requirement in California, Nevada, Michigan, and Florida that test drivers must be able to reassume immediate control at any time in the event of an emergency. This regulation invariably requires a driver’s seat, a steering wheel, pedals, and a driver in the driver’s seat at all times. Although suited to the autonomous capabilities of some technology, the need for a steering wheel with pedals and a driver’s seat could, at most, seriously impede the functionality of future autonomous vehicles and, at the least, limit the ability of manufacturers to design and test the cars of tomorrow.
Companies must be aware of the symbiotic relationship between technological advancement and state regulation. As autonomous vehicle technology improves, it will be of the utmost importance that manufacturers have ways of communicating with state lawmakers and vice versa. Only then will state regulations be able to not only keep pace with technological advancements—thereby keeping the public safe—but also be able to update themselves in a way so as not to impede the evolution of autonomous vehicles.
Manufacturers should consider playing a role in crafting the types of regulations necessary for a successful—yet safe—transition from the testing process to the public roadways. Considerations include:
As the advent of fully autonomous vehicles (or vehicles that incorporate more and more autonomous technology) draws ever closer, manufacturers should be mindful of the regulatory environment, how changes may affect them, and what role they might play in helping to craft them.
Though state governments traditionally respond to technological innovations much more quickly than the federal government, the NHTSA’s recent reinterpretation of what constitutes a “driver” in Google’s self-driving car context is a surprising example of the federal government leapfrogging ahead of current state regulation. At the state level, California’s current regulations, for example, require a human driver in the car, able to take over control of the car in emergency situations. This requirement is controversial and potentially limiting: it requires, at a minimum, a driver’s seat, steering wheels, and a pedal. At the federal level, the redefinition of a “driver” could obviate the need for such requirements.
State and federal rule-makers are not the only voices in the room; auto manufacturers have their own opinions. In a March 2016 hearing, before the Senate Committee on Commerce, Science, and Transportation, Chris Urmson, the technical leader of Google’s self-driving project, advocated for the federal government first approach: “If every state is left to go its own way without a unified approach,” he testified, “operating self-driving cars across state boundaries would be an unworkable situation and one that will significantly hinder safety innovation, interstate commerce, national competitiveness and the eventual deployment of autonomous vehicles.”
No matter the utility of the federal government’s first approach, however, amending the federal motor vehicle safety regulations is a herculean task. Changing the federal motor vehicle regulations to accommodate fully autonomous vehicles will take not only an inordinate amount of time but perhaps, in some circumstances, congressional input.
As a result, until the federal regulations have actually been changed, auto manufacturers should be wary of underestimating the impact and reach of state regulations.
Autonomous vehicle manufacturers should be prepared to face complex challenges and be willing to cooperate with cities, local governments, private companies, and residential communities to solve them. Several big-picture challenges will likely include:
These potential consequences are complex, difficult to deal with, and affect the entire world. These are just a few of the consequences of future roads populated by autonomous vehicles.
By some projections, upwards of 50 million autonomous vehicles will be in use globally by 2035. If such an estimate is to become reality, however, a multitude of issues must be addressed, many of which are discussed in this White Paper. Of particular importance is the issue of liability. Traditional vehicles have been a fertile source of lawsuits, including those related to gas tanks, ignition switches, air-bags, and safety belts.
With the rise of autonomous vehicles comes new and complex questions of liability for when the vehicles do not perform correctly, resulting in harm to someone or something. This section explores what that liability landscape may look like. Although some of the issues presented by autonomous cars may be novel, existing liability frameworks are likely well- positioned to address these issues. As new technologies have evolved over the years, so too has product liability law, and it is expected that it will be capable of doing the same with respect to autonomous vehicles.
When discussing potential liability associated with autonomous vehicles, a key threshold issue is whether legislation will permit the use and operation of self-driving vehicles on highways, roads, and local streets, and if so, under what circumstances. This legislation is necessary for widespread development and will likely frame or limit the liability environment for vehicles, equipment, and technology manufacturers.
Similar to pharmaceuticals and medical devices, the development of these technologies will have broad application and benefit to society, so manufacturers will require a legislative framework that provides them with limitations on product liability for injuries and property damage. Without such a framework, companies will likely be hesitant to implement products and technology or will do so in limited form or use.
Many United States jurisdictions have enacted, rejected, or are currently considering a variety of laws relating to autonomous vehicles, but only a very small number have addressed the impact of the autonomous vehicle industry on Original Equipment Manufacturers (“OEMs”):
At the time this went to press, only Florida, Nevada, Michigan, and the District of Columbia have enacted statutes limiting product liability actions against OEMs when the action is based upon a defect in an autonomous vehicle. Each statute generally provides that OEMs are not liable for defects in an autonomous vehicle if the defect was caused when the original vehicle was converted by a third party into an autonomous vehicle or if equipment installed by the autonomous vehicle creator was defective. OEMs remain liable for any defects in the original design or manufacturing process.
California law distinguishes between autonomous vehicle manufacturers and OEMs but does not expressly shield OEMs from liability relating to autonomous vehicles. The California Legislature has largely delegated regulation of autonomous cars to the Department of Motor Vehicles, which is charged with adopting and administering licensing requirements as well as safety and performance standards and is required to hold public hearings on the adoption of any regulation applicable to the operation of an autonomous vehicle without the presence of a driver inside.
The United States is arguably the most progressive country in the world in terms of autonomous driving, but, as mentioned in the section above, this position could be eroded if a national framework for regulation and testing is not developed. If 50 states have 50 different regulations, it would be difficult for manufacturers to comply with all of them.
One option, then, is for the federal government to preempt state laws by creating its own regulations for autonomous vehicles. Undoubtedly, Congress has the power to regulate vehicles as instrumentalities of interstate commerce, pursuant to the Commerce Clause of the US Constitution. Further, Congress established the Department of Transportation (“DOT”) in 1966 to ensure “a fast, safe, efficient, accessible and convenient transportation system that meets our vital national interests.” Congress (and therefore, the DOT) has the ability to create exclusively federal law and regulations by preempting state statutes under the Supremacy Clause of the Constitution, and it has done so previously in its regulation of automobiles.
In addressing liability, Congress could mirror legislation such as the National Childhood Vaccination Injury Act of 1986. With an aim towards reducing liability and responding to public health concerns, this law exempts vaccine manufacturers from civil liability for “no fault” vaccine-related injuries or deaths. Importantly, injured plaintiffs are not left without a remedy. The law established a compensation program designed to compensate individuals who have been injured by certain childhood vaccines, and it allows injured plaintiffs to adjudicate their claims before the US Court of Federal Claims. Analogously, if Congress embraces autonomous vehicles as a major improvement to transportation safety, it could consider passing legislation that provides qualified immunity for OEMs, thereby assuaging concerns over potential liability.
Assuming an absence of either a state or federal legislative framework addressing liability, OEMs will be forced to operate under traditional theories of product liability. To that point, the Restatement (Third) of Torts states that product liability requires that a product must be found to have at least one of three categories of “defect” before liability can be imposed: (1) manufacturing defect, (2) design defect, or (3) inadequate instructions or warnings. A product liability suit can allege any or all of these theories.
A product contains a manufacturing defect when “the product departs from its intended design even though all possible care was exercised in the preparation and marketing of the product.” In the context of driverless vehicles, a plaintiff could prevail by showing that the autonomous equipment failed to work as specified by the manufacturers.
This first category of defect, however, presents a major hurdle to plaintiffs: no courts have applied manufacturing defects to software, because nothing tangible is manufactured. Therefore, if the alleged defect stems from an error in the autonomous software or algorithm, plaintiffs may be unable to avail themselves of traditional product liability law on manufacturing defects. A manufacturing defect theory may only be useful to a plaintiff when the parts themselves did not meet the manufacturing specifications. An understanding of the technology and how it interfaces with other components or systems will be essential to determining whether a manufacturing defect theory can be pursued.
The second category of defect, and perhaps the most significant for autonomous vehicles, is a design defect. The standard for a design defect is that “the foreseeable risks of harm posed by the product could have been reduced or avoided by the adoption of a reasonable alternative design ... and the omission of the alternative design renders the product not reasonably safe.” This is called the “risk-utility test.” It necessitates the plaintiffs determining the design cause of the accident, whether it be an actual product or component or the software involved in the process. Showing that a safer design would have prevented the accident could create an incredibly high burden of proof, however, and also may make it difficult to find qualified experts with legitimate experience.
An alternative test, called the “consumer expectation test,” inquires what level of safety a reasonable consumer would expect from the product in question. This test, however, is losing favor in many states and was rejected by the Restatement (Third) for design defects. That observation aside, the initial straight forward position plaintiff’s counsel will likely take under this test is that reasonable consumers expect that self-driving vehicles should drive themselves without any mishap. Such an expectation, however, is likely unrealistic.
The third defect, often referred to as “failure to warn,” applies “when the foreseeable risks of harm posed by the product could have been reduced or avoided by the provision of reasonable instructions or warnings... and the omission of the instructions or warnings renders the product not reasonably safe.” Most jurisdictions limit this duty to warn of risks that could be “reasonably” known at the time of sale.
The success or failure of this type of claim will largely depend on the product or technology description and marketing/sales materials, the reasons people are buying and using the technology, and the nature and extent of the instructions and warnings provided. Many anticipate this theory to be the most likely and least complicated avenue for potential recovery if plaintiffs can find and afford the multiple experts necessary to deal with computer hardware and software technology, cost analysis, and the appropriateness of certain instructions or warnings with regard to these types of vehicles.
An important first question every potential plaintiff must ask is, “Who do I sue?” In a conventional vehicle crash, a plaintiff will usually attribute blame to the driver and/or a vehicle manufacturer. But if an autonomous vehicle is involved, the liability dynamics go beyond those of a conventional vehicle accident. In fact, a plaintiff could have at least four, nonexclusive options to pursue.
First, the plaintiff could sue the operator of the vehicle, although the definition of “operator” may vary from jurisdiction to jurisdiction. In both Florida and Nevada, a person is an “operator” when he or she causes the vehicle’s autonomous technology to engage, regardless of whether the person is physically present in the vehicle. California offers a slight variation by defining an “operator” as “the person who is seated in the driver’s seat, or, if there is no person in the driver’s seat, causes the autonomous technology to engage.”
The particular circumstances and the vehicle’s level of autonomy will likely dictate the viability of a claim against the “operator.” For instance, if the technology is such that a person can simply input directions, then sit back while the car operates itself completely, it may be harder to find fault with the person when the car collides with a pedestrian. In a different scenario, what if an autonomous vehicle has alerted the occupant of a malfunction, but the occupant is unable to disengage autonomous mode and take control before an accident occurs? Liability of the occupant in that instance will likely hinge on whether the occupant is viewed more like the engineer of a train, whose role is to monitor and react to certain circumstances, or more like a passenger, who has little or no control of the vehicle’s behavior.
Second, the plaintiff could bring suit against the OEM, those who manufacture the original vehicle. But OEMs may have no part in the vehicle’s automation. For instance, Google initially used the Toyota Prius to test its driverless technology. Toyota, in that case, would be considered the OEM. However, if states like Nevada and Florida are any indication, the option to sue OEMs will likely be foreclosed as more and more state legislature pass laws limiting product liability for OEMs.
Third, the plaintiff may choose to sue the company that created the finished autonomous vehicle. Volvo is one such example, as it is in the process of developing its own line of driverless cars, called Concept 26. Should a plaintiff be injured as a result of a defect in one of Volvo’s autonomous vehicles, Volvo has pledged to be “fully liable” for accidents caused by its self-driving technology. Volvo was one of the first automakers to make such a pledge, and it has challenged other automakers to follow suit in hopes of expediting the creation of federal regulations for autonomous vehicles.
Finally, the plaintiff may have the option of suing the company that developed or created the autonomous technology.
The takeaway here is that plaintiffs will find no shortage of parties to potentially hold responsible. Autonomous vehicles involve multiple layers, from design, to manufacturing, to operating. With each layer comes an opportunity for negligence or product defects, and rest assured plaintiffs will attempt to exploit all of them in an effort to maximize their chances for recovery.
Regardless of the product liability theory a plaintiff relies upon, two evidentiary issues are likely to come into play: expert testimony and subsequent remedial measures.
Due to the complexity of autonomous vehicle technology, a plaintiff will need expert testimony to explain product safety and accidents to the court and the jury. But a plaintiff won’t need just one expert; he or she will need multiple experts to elucidate the issues presented, which could make the pursuit of product liability claims prohibitively expensive. For instance, under a design defect theory, the plaintiff may have to present evidence explaining how a complex algorithm could have been written safer and that the costs of discovering and implementing this new algorithm would not exceed the benefits of doing so. This will require a computer scientist to understand the algorithm, a mathematician to rewrite the equation, an economist to weigh the costs and benefits of the change, and an expert in autonomous vehicles to confirm the possibility of the change and that it would not negatively impact the vehicle.
To help reduce these costs, a plaintiff may be able to use a subsequent update in the algorithm or safety update as evidence that there was a reasonable alternative design. The ability to introduce subsequent remedial measures, however, will largely depend on the jurisdiction. In federal court, Federal Rule of Evidence 407 prohibits the admission of subsequent remedial measures, meaning that plaintiffs who rely on them will want to bring their claims in state court, assuming subsequent remedial measures are allowed in that jurisdiction. When a subsequent update in the algorithm is admissible, it will likely improve a plaintiff’s chance of success on the design defect claim because it will remove costs associated with developing an algorithm and proving the algorithm will help increase safety.
Product liability law provides manufacturers with a number of defenses that may prove useful. First, the manufacturer could raise a comparative negligence defense. Here, the manufacturers would argue that it should not be fully liable—or liable at all—because of the plaintiff’s own negligence. When evaluating the driver’s negligence, courts should focus on the ability of the person to prevent the accident, rather than what the driver was doing prior to the accident. After all, a major purpose of autonomous vehicles is to increase productivity of the occupants. Thus, if a plaintiff were found negligent for reading a book when the vehicle collided with a pedestrian, it would completely undermine the utility of driverless cars. Courts, then, will likely compare the role of the defective vehicle and the role of the plaintiff’s conduct in causing the accident. If the driver failed to exercise ordinary care, fault may be apportioned based on the driver’s ability to mitigate or prevent the accident.
Misuse is another defense an autonomous vehicle manufacturer might raise. A manufacturer does not have a duty to protect against all misuses but only those that “could reasonably have been anticipated (foreseen) by the manufacturer.” In the context of autonomous vehicles, this defense becomes applicable when the plaintiff has misused the car in an unforeseeable manner, such as by making modifications to the vehicle. Plaintiff’s counsel certainly will contend that it is not “misusing” an autonomous vehicle simply by doing other activities while behind the wheel. Plaintiff would contend that because a manufacturer could anticipate that drivers will not pay attention like they do in regular vehicles, such “distraction” should not support a defense of “misuse.” Whether this argument, especially in the early years of the technology’s use when occupants will remain focused on the car’s capabilities, will gain traction will need to be seen.
Third, the state-of-the-art defense may come to the aid of manufacturers in design defect and failure to warn cases. For warning defects, courts look at what the manufacturer could have reasonably foreseen based on current technology and scientific knowledge at the time of production. For design defects, state-of-the-art defenses involve the feasibility of adopting curative design measures to reduce or eliminate a risk of which the manufacturer is aware. Although a manufacturer may be aware of a danger, current technological and scientific limits may make the risk unavoidable or protecting against the risk financially unfeasible. This defense will be applicable in suits involving autonomous vehicles much like it is applicable in suits involving traditional vehicles. A plaintiff can always argue that better technology would have prevented the accident, but the manufacturer may be applying the latest technology at the time such that there may well be no reasonable design alternative.
Finally, in the jurisdictions that still apply assumption of the risk, that defense may be invoked by autonomous vehicle manufacturers. The underlying idea of the assumption of the risk defense is that a user has fully consented to incur a risk that the user fully comprehends. By the act of incurring the risk, the user implicitly agrees to take responsibility for any harmful consequences that may result from the encounter. Fundamental to this defense is that the user’s encounter with a risk must be informed and voluntary. Accordingly, manufacturers will need to fully disclose the potential risks of autonomous vehicles to each consumer. For instance, a manufacturer may explain that the vehicle’s autonomous mode is not safe in snowy conditions, and the user should be in control of the vehicle in such conditions. If a driver then decides to operate the vehicle in autonomous mode while it is snowing, a reasonable argument can be made that the driver voluntarily engaged the risk despite subjective knowledge of that risk. Consequently, the manufacturer should not be held responsible because the driver assumed the risk.
Autonomous vehicles present novel legal issues and raise complex liability questions that must eventually be confronted by legislatures, regulatory bodies, and courts. Fortunately, product liability law is well-equipped to handle whatever legal conundrums may arise with the proliferation of autonomous vehicles. Product liability law has been highly adaptive to many new and emerging technologies over the past several decades, and it will be quite capable of adapting to autonomous vehicle technologies of the future.
The National Highway Traffic Safety Administration’s (NHTSA) goal is to “accelerate the deployment of technologies,” by “work[ing] with industry and other stakeholders to develop guidance on the safe deployment and operation of autonomous vehicles, providing a common understanding of the performance characteristics necessary for fully autonomous vehicles and the testing and analysis methods needed to assess them.” However, the use of this technology presents significant privacy and security issues that should be explored and addressed before these vehicles are fully commercialized.
Because autonomous vehicles are largely experimental at this time, it remains unclear what type of personal information may be collected by these vehicles. Nonetheless, at a minimum, location data associated with a particular vehicle will be tracked and logged. Location tracking has already proved to be a lightning rod with respect to mobile phones. Some of the privacy considerations related to the use of autonomous cars are discussed further below.
Perhaps the most important information that could be collected, particularly when combined with other information discussed in this section, is identifying information about the owner or passenger of the autonomous vehicle. It is likely that the autonomous vehicle would need to maintain information about the owner and passenger for a variety of different purposes. For example, the vehicle would likely need to maintain information about passengers to authenticate authorized use. Furthermore, information about the passengers would also lend itself to a variety of conveniences that are common in many cars available today, including customizable comfort, safety, and entertainment settings. It is likely that cars, based on setting preferences and other information collected while in use, will be able to identify drivers, passengers and their activities with a high degree of certainty.
The Drivers’ Privacy Protection Act, other federal statutes including the Electronic Communications Privacy Act and the Federal Communications Act could apply to certain aspects of autonomous vehicle data and communications. Additionally, 47 states and the District of Columbia have enacted laws applicable to personal information. While these laws are generally applicable to data breaches, many also include requirements for safeguarding personal information. Although these laws provide for some protections of various personal information, because of the type of data involved, the manner of collection, or the entity collecting the data, some or all of these protections may not be applicable to autonomous vehicles.
Location data is something that is necessarily implicated in the use of autonomous vehicles. In fact, it has been happening for some time now, but additional location information would allow the ability to provide additional features and benefits to the user. For example, navigation features available in many modern cars include the option to save specific locations in memory; use current location and planned route to identify additional information relevant to the trip, including real-time traffic data, points-of-interest on or near the planned route; and to set routing preferences, such as avoiding highways or toll roads.
Correlating location, destination, speed, and route data with additional information about the passenger, and date and time of the trip would allow someone to get a picture of when, where and how an individual travels, particularly if this information is stored or logged over some period of time. This information may prove very beneficial for purposes of traffic planning, reducing congestion and improving safety, but it also could be used for secondary marketing purposes.
However, looking at travel data and patterns over time may also enable one to deduce other information about the owner or passengers, such as where they live and work as well as locations like stores, restaurants and other establishments that the owner or passengers frequently visit.
The privacy risks associated with the collection of and access to location information raise both individual personal and larger policy and societal concerns. On an individual basis, the availability of location information “generates a precise, comprehensive record of a person’s public movements that reflects a wealth of detail about her familial, political, professional, religious, and sexual associations.” For example, accessing an individual’s historical location and destination information would permit visibility to “trips the indisputably private nature of which takes little imagination to conjure: trips to the psychiatrist, the plastic surgeon, the abortion clinic, the AIDS treatment center, the strip club, the criminal defense attorney, the by-the-hour motel, the union meeting, the mosque, synagogue or church, the gay bar and on and on.” Relatedly, even where location information does not reveal this type of private information, the ability to identify the present location or historical travel patterns of a particular person make them more susceptible to physical harm or stalking if the information is accessible to the wrong person.
From a commercial perspective, location and destination information could provide valuable marketing information to businesses and advertisers. Knowing where a person lives, works, and shops would allow a business to infer information about income level and spending habits. One could envision the tracking and storage of autonomous vehicle data to lead to lawsuits similar to those filed against various advertising companies on the internet engaged in behavioral tracking using cookies. There are various other implications of this data, ranging from providing customized advertising using interfaces connected to the Internet in the a vehicle (on a dedicated screen, through the car speakers or to mobile devices in the car), to specifically routing a vehicle to expose a captive audience of passengers to certain businesses or destinations based on personalized interests inferred from a passenger’s individual data.
Perhaps the most fundamental question that needs to be considered is how the collection and sharing of location data impacts the concept of an individual’s “reasonable expectation of privacy,” which impacts both protections afforded by Fourth Amendment and the applicability of privacy interests in tort law. Another factor that complicates the reasonable expectation of privacy issue is the potential that location data from autonomous cars would be shared with third parties, including the manufacturer or other service providers.
Autonomous cars in use today (and again many existing human-driven vehicles) contain various sensors that collect data relating to the operation of the autonomous vehicle as well as its surroundings. By constantly collecting data about its surroundings, however, the vehicle is continuously capturing information about the people and things it encounters. This creates a potential privacy concern in the same way that a different Google project, Google Street View, drew the interest of the Federal Communications Commission (FCC). There, the FCC imposed sanctions on Google for its conduct surrounding the gathering Wi-Fi network and “payload” data during the Street View project. One can envision a situation where autonomous vehicles are able to collect driving habits, destinations and other revealing information about other drivers without their knowledge or consent. Additional concerns could arise based on the use of imagery captured by the vehicle, including ownership disputes and potential invasion of privacy claims, depending upon the circumstances in which the images are captured.
One specific type of “sensor” that deserves particular attention are the voice recognition and control systems of the autonomous car. Many consumer devices currently on the market integrate voice control functionality, including smart phones and televisions. The addition of these features to consumer products has led to public concern and complaints about the collection and transmission of private communications.
In October 2015, California enacted legislation regulating voice recognition technology in smart televisions. These laws require manufacturers of smart televisions to inform customers about the voice-recognition features during initial setup or installation and bar the sale or use of any speech captured by voice-recognition technology for advertising purposes. The law also prohibits the manufacturer or other entity providing these features from being compelled to build specific features for the purpose of allowing an investigative or law enforcement officer to monitor communications through that feature.
In addition to individual privacy concerns, autonomous vehicles also present issues relating to personal safety and security. The potential security risks come from a variety of sources, both internal and external to the automated vehicle itself, which are discussed in further detail below.
In a 2014 survey conducted by Harris Interactive about the use of autonomous cars, more than 50 percent of respondents raised concerns about the prospect of having a hacker gain control of the vehicle.
In 2015, researchers Charlie Miller and Chris Valasek were able to exploit a vulnerability in certain Chrysler vehicles to gain control of the vehicle’s internal computer network. Miller and Valasek discovered the vulnerability in the entertainment system, which allowed remote access through an open port in the system. With access to the entertainment system and the CAN bus, Miller and Valasek were able to remotely manipulate various systems, including the air conditioning controls, stereo, windshield wipers, transmission, steering, and were able to kill the engine, and to engage or disable the brakes. Although these vulnerabilities occurred in normal vehicles, they illustrate some of the potential risks that could arise with autonomous vehicles as one would expect many of the features and systems available in normal cars to be available and included in autonomous vehicles. Furthermore, to the extent that autonomous cars lack the ability for a passenger to take control of the vehicle to respond, the safety threat posed by these vulnerabilities could be even more acute.
The next source of risk related to personal safety with autonomous cars comes from the technology itself. Karl Lagnemma, director of the Robotic Mobility Group at MIT and CEO of nuTonomy, a start-up focused on the development of software for self-driving cars explained the risk posed by software bugs, stating: “[e]veryone knows security is an issue and will at some point become an important issue. But the biggest threat to an occupant of a self-driving car today isn’t any hack, it’s the bug in someone’s software because we don’t have systems that we’re 100-percent sure are safe.”
Steven Shladover, a researcher at the Partners for Advanced Transportation Technology at the University of California, Berkeley, stated that having “safety-critical, fail-safe software for completely driverless cars would require reimagining how software is designed.” Although having bugs in software in other devices, like computers, smart phones or other devices, is relatively common, the implications of software failure in an autonomous car could have much more serious implications. This is a risk widely recognized by American consumers, as 79 percent of consumers in a recent survey cited fears that “equipment needed by driverless vehicles-such as sensors or braking software-would fail at some point.”
The algorithms used in the autonomous vehicle’s decision making process also present potential risks to the safety of passengers and those in the vicinity of the vehicle:
Unlike human drivers who make real-time decisions while driving, an automated vehicle’s decision, although based on various inputs available from sensor data, is a result of logic developed and coded by a programmer ahead of time. The difficulty in making and coding the decision process is illustrated in the following hypothetical:
Although the ethical underpinnings of the decision making process is beyond the scope of the discussion here, the potential threats to personal safety presented by how an autonomous vehicle responds to its surroundings are serious, often involving life-and death decisions.
The technological advancement in these vehicles will be staggering and already generate significant excitement. However, the legal issues and risks associated with obtaining and using personal data, as well as the various cybersecurity threats, need to be thoroughly considered.
At the time of Norman Bel Geddes’ 1939 exhibition, Futurama, autonomous cars remained relegated to science fiction. Since then, however, through the advent of numerous automotive and infrastructure technologies, it is believed that autonomous or nearly autonomous cars will be on our national highways within the next decade or two.
These cars can see the road, pedestrians, street signs, other vehicles, and other items that can be encountered throughout the driving experience. They can talk to other cars about the traffic and road conditions ahead so that other vehicles can change their route accordingly. These technological feats are achieved through various computers, sensors, cameras, radar, LIDAR, networks, and other electronics that are now being constantly updated, but make even today’s car one of the most advanced products a consumer can purchase. And certainly one of the most expensive.
To some in the industry, the key technologies at issue in autonomous cars can be broken down into five categories. They are:
The race to develop advancements in these areas in the automotive industry has been on for some years now with many of the top players in the field obtaining significant patent coverage for their inventions. But non-traditional automotive players also have been active in this space and have too been acquiring their own patent portfolios to protect their innovations. As a result of the technological advancements and involvement of both traditional and non-traditional players, the patent landscape is changing dramatically.
At the same time, the underlying patent law has changed. The rules governing what can be patented, how the patents can be challenged, and even how damages are calculated, all have been notably revised. Below is an overview of the technology at issue in this space, various trends in the patenting of these different technological areas by both the traditional and non-traditional players, and summary of the major areas of change in the underlying patent law itself that may impact this fast-evolving space.
A cornerstone of driverless car technology is the ability for vehicles to communicate with each other. It is envisioned that such vehicles will communicate with each other using Dedicated Short Range Communications (DSRC) on the 5.9 GHz band. Vehicle to vehicle (V2V) communication is a subset of the DSRC two-way short-to-medium range wireless communication designed to allow automobiles to “talk” to each other. V2V communications make it possible to make driving remarkably safe and avoid traffic congestion on the roads. In addition to V2V communication, vehicles will be able to communicate with transportation infrastructure, such as traffic lights, through vehicle to infrastructure (V2I) communication. Other features such as toll payment and e-parking also will communicate via V2I communication. The SAE International standard for DSRC is SAE J2735, which standardizes DSRC message sets and data elements.
Adaptive cruise control (ACC) improves conventional cruise control systems by controlling the engine, power train, and/or service brakes in order to follow a forward vehicle at a pre-selected distance. Frequently, ACC systems rely only upon input from on-board sensors, typically radar or laser/ LIDAR. GPS-aided ACC further integrates navigation data to help interpret the intentions of slowing vehicles (e.g., a car slowing to exit a freeway off ramp). Cooperative Adaptive Cruise Control (CACC) integrates V2V communication with ACC in order to better determine the acceleration or deceleration of other vehicles; will allow the “platooning” of vehicles into a condensed convoy. The SAE International standard for ACC operating characteristics and user interface is SAE J2399.
Automatic Emergency Braking, also known as Autonomous Emergency Braking or Advanced Emergency Braking System, uses a system to “sense” an imminent collision with another object. Upon detection of an object, the system automatically applies brakes without any human intervention. The system uses sensors such as radar, LIDAR, video cameras, or infrared sensors to detect the oncoming object. In some applications, GPS input also is used to detect fixed objects such as approaching stop signs. The NHTSA has announced that beginning with model year 2018 vehicles, AEB will be recommended as part of the 5-Star Rating System. The SAE International standard for AEB test methods and performance assessment is SAE J3087.
There are three categories of lateral road lane assistance: Lane Departure Warning (LDW), Lane Keeping Assist (LKA), and Lane Centering Assist (LCA). Most systems rely upon a video camera to monitor lane markings. LDW provides the driver a visual, audible, and/or haptic alert that the vehicle is crossing a lane marking. It does not integrate vehicle steering. LKA and LCA both integrate the vehicle’s electrically powered steering. LKA will correct course with a counter-steer torque for a vehicle that is drifting out of the road lane. LCA goes further to continually reapply a force to maintain the vehicle centered in the lane. The SAE International standard for driver-vehicle interface considerations for Lane Keeping Assistance Systems is SAE J3048.
LIDAR emits a laser in a pattern similar to a rotating radar, only in more discrete and densely-spaced increments. The reflected laser light is used to determine distance for each discrete laser emission. The known distance of each laser spot is to provide a 3-D “point cloud” picture, as shown by the point cloud formed from a vehicle-mounted LIDAR.
In contrast with camera inputs that require pattern-recognizing software to recognize images, the data provided by LIDAR requires limited pattern recognition, and may be quickly processed by the vehicle’s ECU. Auto manufacturers and technology companies developing products for the autonomous market are divided on the need for LIDAR, due at least in part to the current shortcomings of LIDAR in wet or snowy driving conditions.
At the time this section went to press, there were 3,246 patent applications comprised of 1,512 patent families that reference DSRC communications with filing dates of 2005 or later. GM has been the predominant assignee of DSRC patent applications, beginning with an initial surge of filings in 2008. Per our search, GM has 174 DSRC patent filings. However, GM DSRC filings have declined since their peak in 2010. Google has recently increased filings, but currently only has 84 patent filings.
At press time, there were 1,464 patent applications classified in US patent class 701/093, vehicle speed control, which includes subclass 96, inter-vehicle distance or speed control. As a trend, 701/093 patent filings are slowly decreasing among the top assignees, although 2010 was the lowest filing year. Of the 1,464 published patent applications, there are 1,083 patent families, which indicates few continuation applications. The top assignee, Toyota, has 115 patent applications, 10% of the total 1,464 applications, with a filing peak in 2009. GM has the second most assigned applications with 80. Nissan and Bosch were the predominant applicants in 2005 but have consistently filed less applications since then.
At press time, there were 569 patent applications comprised of 342 patent families related to automatic collision avoidance. Toyota has been the predominant filer of collision avoidance applications, especially in 2011 and 2012. Per our search, Toyota has 53 patent filings, 14% of the 360 total. Tier 1 suppliers Denso and Bosch are the second and third most common assignees with 35 and 30 applications, respectively. Each has had recent spikes in application filings. GM is tied for the third most applications with 30, 8% of the total applications.
At press time, there were 1,965 patent applications comprised of 1,224 patent families related to lane detection within US patent class 701. GM has been the predominant filer of lane detection patent applications, with a peak in filings in 2011. Per our search, GM has 102 patent applications, 5% of the 1,379 total applications. Toyota has the second most applications with 93, just under 5% of the total applications. Tier 1 suppliers Denso and Bosch, with supply affiliations with Toyota and GM, respectively, are the third and fourth most common assignee. The patent filings from technology firm Google spiked in 2012. Hyundai and Denso have had similar increases.
At press time, there were 290 patent applications comprised of 201 patent families related to LIDAR technology within US patent class 701, vehicle guidance and navigation. GM has been the predominant filer of LIDAR patent applications, with a peak in 2008. Per our search, GM has 38 LIDAR patent filings, 10°/o of the 290 total applications. Bosch is the second most common assignee, with 25 applications. Google, Ford, and Volvo each have 14 applications. Google filed several applications in 2012 and 2013, while Volvo has had the most recent surge of filings with 8 applications in 2014 (not shown).
At press time, there were 194 patent infringement suits filed since January 2010 with patents-in-dispute related to US patent class 180, motor vehicles, and class 701, data processing for vehicle control and guidance. Within these 194 cases, there have been 66 inter partes review (“IPR”) petitions filed contesting the patentability of patents related to motor vehicles data processing for vehicle control and guidance, or 34% of the total cases. Of the remaining 128 district court cases, very few of the patents-in-dispute involve technology directly related to autonomous vehicle technology. The patents-in-dispute in the Magna Electronics Inc. v. TRW Automotive Holdings litigation are an exception. Magna Electronics’ patents-in-dispute relate to automobile camera technology, out of lane detection, and collision avoidance.
The majority of patent litigation related to US patent classes 180 and 701 originates from complaints filed by PAEs. PAEs are responsible for 89 cases or nearly 70% of the aforementioned 128 district court cases. The PAE-generated litigation can be further divided amongst four prevalent PAEs: American Vehicular Sciences, LLC; Cruise Control Technologies LLC; Joao Control and Monitoring Systems LLC; and Signal IP, Inc. The prevalence of PAEs mirrors a 2013 estimate by the White House in which PAEs represented 62 percent of all patent litigation in 2012.
American Vehicular Sciences LLC has filed 25 patent infringement lawsuits involving various patents. The patents are not directly related to autonomous vehicle technology, but instead disclose a system for diagnosing the state of a component of the vehicle and transmitting the output of the diagnostic system to a remote location, possibly through a satellite or the Internet.
Cruise Control Technologies LLC has filed 28 patent infringement lawsuits involving US Patent No. 6,324,463, which is related to a cruise control for digital speedometers that displays the preset speed along with an indication when the cruise control system is engaged.
Joao Control and Monitoring Systems LLC has filed 14 patent infringement lawsuits involving two patents-in-dispute related to hardware and software configured to remotely control one or more vehicle communications and diagnostic systems of a vehicle.
Signal IP, Inc. is a wholly-owned subsidiary of the Marathon Patent Group, itself a PAE. Signal IP has filed 22 patent infringement lawsuits involving a mix of patents. Two of the patents-in-dispute involve two different driver assistance technologies: a side detection radar for blind spot monitoring and an object sensing system for crash avoidance calculations.
There have been no patent lawsuits between auto manufacturers involving patents related to motor vehicles and data processing for vehicle control. However, the TRW v. Magna litigation is one example of litigation related to driver assistance technology between Tier 1 suppliers.
Perhaps not surprisingly, the Eastern District of Michigan was the primary forum for lawsuits related to motor vehicles and data processing for vehicle control. Of the total 194 lawsuits filed since January 2010, 29 have been filed in the Eastern District of Michigan (“MIED”). The Central District of California (“CACD”) has had the second most lawsuits with 26, followed by the District of Delaware (“DED”) at 23 and the Eastern District of Texas (“TXED”) at 22. The next closest district, the Northern District of California (“CAND”), was a very distant fifth with only 4 lawsuits. However, filings by PAEs were the sole reason the top four districts had so many lawsuits. For example, American Vehicular Sciences comprised 19 of the 22 lawsuits in the E.D. Texas and 6 of the lawsuits in the E.D. of Michigan. Complaints filed by Cruise Control Technologies LLC comprised 13 of the lawsuits in the E.D. of Michigan and 15 in the District of Delaware.
Of the 66 IPR petitions, 62 were filed by auto manufacturers, or 94°/o of the total IPRs. Only 3 IPRs have been filed by a Tier 1 supplier, Aisin. Forty-two of the IPRs have been filed since January 2015, indicating that IPRs initiated by auto manufacturers are on the rise.
It has been two years since the Supreme Court’s decision in Alice v. CLS Bank, and it continues to have significant impact on software patents. Under the Alice decision, the Supreme Court mandates a two-step inquiry in determining patent- eligibility. First, the trier of fact must determine whether the claim is directed to patent-ineligible abstract ideas. If so, the trier of fact must then decide whether any claim elements transform the nature of the claim into a patent-eligible application of that abstract idea. This second step is the search for an inventive concept or something significantly more than just a patent-ineligible concept.
For business method and software innovators, Alice is a game-changer. Before Alice, the patent office had issued large numbers of patents where, under the prior “machine or transformation” test, a business method was carried out by a computer. The shift brought on by Alice has caused the number of rejections under 35 USC §101 at the United States Patent Office to grow significantly and the number of issued “business method” patents to decline. In patent litigation involving these types of patents, Alice also has resulted in a number of these patents being struck down as invalid for not covering patent eligible subject matter. While litigators continue to look for arguments to support these types of patent claims, patent prosecutors too are developing and learning a whole new set of drafting techniques to satisfy Alice’s two pronged test.
In the U. S., patent infringement is committed when anyone, without authorization, “makes, uses, offers to sell, or sells any patented invention, within the United States or imports into the United States any patented invention during the term of the patent.” 35 U.S.C. § 271(a). If such infringing activity is found, the patent holder is entitled to damages that would compensate the patent holder, “but in no event less than a reasonable royalty for the use made of the invention by the infringer, together with interest and costs as fixed by the court.” 35 U.S.C. § 284. The premise of this legal structure is that in those cases where a patentee cannot prove actual damages (e.g., lost profits) for the infringing sales, the patentee is still entitled to damages for the infringing activity – reasonable royalty damages.
Historically, parties that held a particular patent for a specific feature of a device laden with other, non-patented, features would still use the price of the entire device as the basis for their damages claim. They would claim that the rate they applied took into account the fractional value provided by the particular patent element. This approach was called the “entire market” rule. For a variety of reasons, courts have more recently taken an especially harsh view of the use of the “entire market value” rule: “when claims are drawn to an individual component of a multi-component product, it is the exception not the rule, that damages may be based upon the value of the multi-component product.”
Courts now take the view that in order to recover the entire revenue of a multi-featured product when only one feature is at issue, patentees must establish that the “patented feature creates the basis for customer demand or substantially creates the value of the component parts.” Courts have concluded that this rule is in line with the general requirement that damages must be actually attributable to the infringing features within a reasonable degree of certainty, and thus the rule requires that the patentee “give evidence tending to separate or apportion the defendant’s profits and the patentee’s damages between the patented feature and unpatented features, and such evidence must be reliable and tangible, and not conjectural or speculative.”
As courts have moved away from allowing patentees to use the entire market value as a basis for the damages calculation, they have required them to consider the smallest salable unit that embodies the patented invention. That “smallest salable unit” concept frequently confines the patentee to using the economics of that particular unit to conduct their damages assessment – how much value did that specific technical unit provide, how much did that unit cost, and what substitutes are available to it. However, if the smallest salable unit is still a “multi-component product containing several non- infringing features with no relation to the patented feature,” courts require that the reasonable royalty be further tailored to apportion the amount of product value that correlates to the patented invention. This new approach could have a significant impact on the damages claim that could be made in patent cases that cover one or more features of today’s and tomorrow’s high-tech cars.
During the Cold War era, the United States and Soviet Union engaged in a game called MAD, Mutual Assured Destruction. Essentially, the two superpowers realized that each had such large nuclear stockpiles that any preemptive attack would result in the attacker too being destroyed.
In the IP world, MAD is considered a “defensive patent strategy”. With an appropriately designed patent portfolio, a company that tries to sue another company that has such a large scale patent portfolio probably will be infringing the larger company’s patents, so both stand down and do not actually end up in court. A company with a large patent portfolio is in a better position to raise patent infringement counterclaims against a company that tries to hold it up. It also is better able to encourage others to license their patents (or perhaps portfolios of patents) or to demand that other companies agree not to assert blocking patents against it (often called non-assertion agreements).
Historically, the automotive industry, at least at the OEM level, worked at least partially with a MAD patent strategy in mind. Due in part to the large sizes of their respective patent portfolios, the major car manufacturers rarely were involved in patent infringement suits against each other and the resulting détente allowed them to design freely without much worry over whether they were going to trip over the patents of another major player or be hauled into court if they did.
However, the excitement surrounding the development of autonomous cars, and the various technologies that are involved in making that goal a reality has now encouraged new players to enter this developing space. Google, Yahoo, Tesla, and many others are now actively participating in the race to develop autonomous cars. Tier 1 suppliers also are aligning with technology players such as QNX, Cisco Systems, Codha Wireless, Covisint, and Nvidia in order to respond to the changing demands of auto manufacturers.
These new market entrants are not as susceptible to the MAD strategy that the traditional car manufacturers have enjoyed for so long. The portfolios of the traditional companies were developed with an eye towards other automotive manufacturers and, therefore, do not necessarily cover the technologies of the new market players or at least not as thoroughly, and therefore do not provide the benefit of the détente effect that those portfolios were, at least partially, designed to create.
Just as the development activity in this space continues to grow, so too does the run to the Patent Office to protect those inventions. The involvement of both traditional and non-traditional players combined with dramatic changes to the patent laws require companies to re-visit their patent procurement and enforcement strategies to better align them with the new realities of this evolving space.
Autonomous cars are at the forefront of significant changes in the automotive industry. As the demand for more automation, safety electronics, mobile communication and entertainment features increases, innovation is no longer strictly in the domain of traditional car manufacturers and their component suppliers, but is increasingly driven by non-traditional players such as technology companies, software developers or startups in the sensor, mapping or similar industry. Developments in information technology open the market to new players and force existing players to reinvent themselves or cede market share. As a result, Original Equipment Manufacturers (OEMs) may shift more and more away from their vertically integrated, asset heavy business model to an industry structure similar to the PC/smartphone industry. These IT developments require legacy leaders in the car industry to embrace new digital technologies, processes, and a new culture or they risk falling behind their faster moving, more culturally adept digital-native competitors such as Google, Mobileye or Apple.
The technologies that transform the conventional car into the autonomous vehicle are the new value drivers in the automotive supply chain. They include technologies such as radar, LIDAR, GPS, dynamic digital 3D mapping, odometry, and computer vision by which the car obtains input about its surrounding environment. There are currently two approaches to sensory input: The first allows the car to obtain input from infrastructure (like road sensors, intersection management systems and other V2X communications), compare it to a map database and then identify any obstacles or differences that have to be navigated around. The second approach obtains input via cameras, radar and sensors and allows the car to react proactively to obstacles. Finally, advanced control units, as for example Audi’s zFAS control unit, interpret and analyze the sensory information and identify appropriate navigation paths, as well as obstacles and relevant signage. Consequently, there are a number of non-traditional industries that benefit from self-driving cars. The following table shows only some of the industries and players that benefit from self-driving cars:
Source: Self-Driving Cars: Disruptive or Incremental? Applied Innovation Review, Issue June 2015 (available at http://cet.berkeley.edu/wp-content/uploads/Self-Driving Cars.pdf)
Also benefiting from the self-driving cars are companies such as Amazon and new mobility providers like Uber and Lyft.
Analysts and market researchers believe that autonomous driving capability is changing the auto industry and its supply chain in fundamental ways by shifting the value of the car away from predominantly hardware features to a vehicle dominated by software components. Prices charged for cars will be based on their digital components rather than traditional automotive components. Analysts predict that the value of digital products will increase from 35% to 50% of new premium cars.
OEMs and their suppliers have to differentiate themselves by creating digital experiences that stand out in a crowded market. Consequently, auto manufacturers, especially Tier 1 suppliers, are under increasing pressure to invest more capital towards autonomous driving systems, connected features, electrification, and car-sharing options. Moreover, OEMs will have to regard themselves as service providers, or sellers of data and information, in addition to being product providers. Successful OEMs and Tier 1 suppliers will be able to tap into new revenue opportunities created by the value shift in the auto industry for example by offering mobility services, creating subscription models for IT services and similar services that are already seen in the PC/iPhone industry. Three options are available to OEMs and Tier 1 suppliers: developing the technologies on their own; forming alliances and partnerships short of combining; and combining by way of mergers and acquisitions.
Similarly, technology companies have to form partnerships with automakers in order to realize their version of a self-driving car and bring it to market. In order to market their vehicles for commercial sales, technology companies need the established car manufacturers. Traditional OEMs have decades of experience in designing, manufacturing and selling vehicles and therefore have the confidence of consumers, in particular with regard to safety and quality. Consumers may very well prefer getting a driverless car designed by Ford or General Motors rather than by Google or Microsoft. Consequently, technology companies will have to consider forming alliances and partnerships as well as mergers and acquisitions.
Companies have used a spectrum of legal structures to form strategic alliances. These alliances range from simple supply, distribution, licensing, collaboration or development agreements to more complex alliances such as joint ventures, equity investments and mergers and acquisitions, or a combination or hybrid of any of these methods. Such corporate alliances may be short-term, project-focused relationships or long-term cooperation agreements. There are various reasons for considering these various alliances, including acquiring markets or strengthening market power; gaining access to or developing new and converging technologies, products or resources (including patents); achieving economies of scale; sharing of costs and pooling of resources; minimizing and spreading risks; reducing overcapacity; deepening vertical integration and expanding supply links; cooperating with competitors; as well as overcoming legal and regulatory barriers.
E&Y Global Automotive & Transportation Leader, Transaction Advisory Services, observed, “Automotive companies are already realizing they can’t meet consumer or regulator demand for innovation on their own. As a result, they must identify, invest in and use new technologies to gain a competitive advantage.” Automakers are already linked by a series of joint ventures and equity stakes. In the industry today, there are 16 joint ventures, 17 assembly alliances, 15 technical alliances and nine deals where an automaker holds equity in another. Most of the activities are among Tier 1, Tier 2 and Tier 3 suppliers as OEMs look to component suppliers to provide specific parts or technologies (such as sensors or artificial intelligence) that OEMs will integrate into the autonomous car. Tier 1 suppliers are looking for acquisitions that can help them provide the technology necessary for autonomous cars.
In general, the principal ways of acquiring a business are either through the purchase of specific assets, the purchase of the target company’s stock or through a merger. An asset purchase allows the buyer to acquire specific tangible and intangible assets and to assume only those liabilities of a target company that are specified in the purchase agreement. While this method allows flexibility in picking and choosing specific assets and liabilities, it is more complex and costly and the buyer may nevertheless be exposed to certain successor liabilities imposed by the law. This method is often used to acquire a single branch or business unit of a company. Another acquisition method is the stock purchase whereby the buyer acquires the stock of a target company directly from its stockholders. The target company changes ownership but remains in existence (with all its assets and liabilities) as a wholly-owned subsidiary of the buyer. Finally, a buyer may acquire another company by way of a merger, i.e. two separate legal entities combine into one surviving entity. By operation of law, the surviving entity assumes all assets, rights and liabilities of the extinguished entity. There are several variations of a merger, ranging from a direct merger between two entities to mergers involving a separate third entity, with the target being the surviving entity or being merged out of existence. Commercial and legal reasons, including unknown risks and liabilities, the need for specific assets, intellectual property and know-how, third-party consents and tax issues, are among the main factors that determine the acquisition choice. An acquisition is a long-term commitment. Consequently, a key issue in the acquisition of a business is its successful integration into the buyer. Successful integration, especially in the automotive industry and its acquisition of non-traditional players such as technology companies, starts with careful early planning, including assessment of the strategic, cultural and organizational fit of the target and requires valuation of synergies and value drivers, identification of risks and clarification of liability issues, as well as conduct of careful due diligence.
Most of the recent M&A activities in the automotive industry did not concentrate on horizontal acquisitions between OEMs, but involved Tier 1 suppliers or other players in the supply chain or new players outside the traditional automotive supply change. For example, OEMs like BMW, Audi and Daimler acquired in 2015 the mapping business HERE from Nokia. There was horizontal merger activity between Tier 1 suppliers. For example, US-based TRW Automotive Holdings and German-based ZF Friedrichshafen AG merged to strengthen their market position. With the $12.6 billion acquisition, ZF Friedrichshafen acquired crucial technology, such as radar and vision systems and advanced electronic units, to become a leader in automated driving capabilities. Forecasts for 2016 M&A activity predicted a rise in cross-sector M&A involving technology companies.
Although mergers and acquisitions and joint ventures have been an important strategy for decades in the automotive industry, in 2015 two-thirds of automotive executives viewed organic growth as the number one strategy for the future according to KPMG’s Global Automotive Executive Survey 2015. Some OEMs have simply hired high tech engineers to develop driver-less software. For example, Tesla has been hiring “hardcore” software engineers to expand its Autopilot self-driving-car technology as it is pushing towards Level 4 or Level 5 autonomy. Other participants in the automotive supply chain have chosen to pursue simple contractual relationships in order to be more flexible in the marketplace.
Under this approach, parties have a wide variety of arrangements at their disposal. These may include supply, distribution, licensing, cooperation or development agreements (especially for R&D and technology development) in order to gain access to external resources, knowledge and expertise (e.g. in proprietary processes, intellectual capital, research, market penetration, manufacturing and/or distribution capabilities) and to supplement internal R&D efforts and resources to generate valuable intellectual property rights which are capable of commercial exploitation.
In the development of autonomous driving features, OEMs have formed strategic alliances with other OEMs, and suppliers in the automotive supply chain as well as with IT companies and universities. For example, the Stanford Center for Automotive Research (CARS) and Volkswagen have been collaborating on autonomous vehicles since vehicle automation was accelerated by the U.S. Defense Advanced Research Projects Agency (DARPA) which held prize competitions for American autonomous vehicles in the period between 2003 and 2007. Even earlier than that there has been collaboration between Carnegie Mellon University’s Navlab and autonomous land vehicle (ALV) projects in 1984 and Mercedes-Benz and Bundeswehr University Munich’s Eureka Prometheus Project in 1987.
More recently, we have seen the cooperation between Audi, Delphi and TTTech for zFAS technology (central driver assistance controller technology), the cooperation between Audi, Bosch, Continental, Valeo and Delphi on sensors and actuating elements such as braking and steering systems, the Nissan-Renault strategic partnership that was already formed in 1999, the cooperation between Nissan and MIT, Stanford, Oxford, Carnegie Mellon University, the Bosch, Google, Tesla, Porsche and TomTom cooperation and notable others mentioned in below.
A joint venture is typically a separate legal entity owned by two or more companies, typically a complementary, non-competitive business (but may also be formed with a competitive business). Joining with a rival may turn the competitor into an ally and both may gain synergy by combining resources, sharing costs and minimizing risks. Joint ventures may be created via a separate legal entity that functions as the vehicle for the joint venture or one party may buy equity interests in an existing entity. Joint ventures may also be formed through a simple contractual relationship without the use of a separate entity. A number of important topics have to be addressed in order to establish a successful joint venture. For example, the stakeholders have to consider the particular corporate form for the joint venture, the governance structure and the extent of authority delegated to the joint venture as well as requirements of local law regarding ownership and control. Consideration must also be given to each stakeholder’s appropriate representation in the management and thus decision-making process of the joint venture, what fundamental matters should be reserved for vote by the stakeholders only rather than by management of the joint venture, how deadlocks are avoided and how minority ownership rights are protected. Potential conflicts over matters such as future contribution requirements and financing of the joint venture, ownership of IP rights, R&D, acquisitions and disposals of assets, dividends and distributions should be adequately addressed in the underlying agreements between the parties.
Various exit strategies are typically used for joint ventures, including (i) termination and liquidation of the joint venture; (ii) sale of the joint venture to a joint venture partner or a third party; (iii) initial public offering of shares in the joint venture; or (iv) typical termination agreement if the joint venture does not involve a separate legal entity.
Strategic partnerships are fairly common in the automotive industry and in connection with the development of autonomous cars. Section 15 below provides a select list of recent strategic alliances.
There are a number of risks that could undermine a strategic partnership and prevent partners from realizing the expected benefits of the transactions or the achievement of strategic objectives, as summarized in a recent registration statement:
“If problems or issues were to arise among the parties to one or more strategic alliances for managerial, financial, or other reasons, or if such strategic alliances or other relationships were terminated, the company’s product lines, businesses, financial position, and results of operations could be adversely affected.”
Important risk reducing methods are pre-deal planning, due diligence and post-deal integration and monitoring. It is crucial to identify early on the scope and objective of the strategic alliance and of each party’s expectations, how the alliance fits with the current business plan of each participant, what each party’s core competencies are, where synergies may be created, what intellectual property and competitive information needs to be protected or excluded from the alliance, what the life-cycle of the project will be, what rights to management, monitoring and oversight and what exits strategies there are for its participants.
Analysts report that deal activity in the global automotive supplier sector has occurred at an unprecedented level. Most of the M&A activity involves automotive suppliers rather than Original Equipment Manufacturers (OEMs). OEMs look to collaborating mostly with other OEMs and suppliers, short of an actual merger or acquisition. Quite the opposite is the case at the supplier level. Many automotive suppliers are prompted by the need to keep up with recent rapid changes in automotive technology. They are looking to M&A to gain or maintain their competitive advantage and to stay on top of the automotive supply chain. Although the number of deals in 2015 has decreased (down from 217 in 2014 to about 200 in 2015), there have been twice as many mega transactions in 2015 as in prior years, with deals worth more than $500 million. Analysts predicted that the deal value will top US $48 billion for 2015, a 340% increase over 2014, as illustrated by the following graphics.”
In 2015, automotive firms partnered with technology companies to advance the development of connected vehicles, mobility sharing, vehicle safety, autonomous vehicles and fuel economy. As the automotive and technology sectors converge, we expect to see more cross-sector transactions.” According to the Automotive Capital Confidence Barometer, published by Ernst & Young LLP, 85 percent of automotive executives expect an improvement in the M&A market through 2016 with 59 percent expecting to pursue acquisitions during that time. Forecasts for 2016 M&A activity predict a rise in cross-sector M&A partnerships involving technology companies.
The following tables, which have been assembled from various publicly available sources, list some notable transactions in the past 12 months involving OEMs, Tier 1 suppliers, Tier 2 suppliers and other companies and automotive semiconductor companies. Data obtained from publicly available sources has not been independently verified by Norton Rose Fulbright US LLP.
As more traditional car companies look to further develop their autonomous vehicles and enhance their driverless car programs, they will need to consider whether and what level to collaborate with leaders in the complimentary technology space. Those relationships already are being formed and may have significant impact on how well (and when) the leaders in this space will reach their business and financial goals.
Hacking, corporate espionage and data breaches are on the rise around the globe.
Implications for cryptocurrency trading, smart contracts and AI
Decree No. 228 of 2019 (Decree 228/2019) came into effect on 27 August 2019, which simplifies and revokes previous decrees of the Ministry of Employment (MoE) to widen the type of job titles allowed for foreign professionals to work in Indonesia.