Industry Comments On The California DMV’s Proposed Regulations On Autonomous Vehicles

The California Department of Motor Vehicles (DMV) has now released the written comments submitted in connection with its formal rulemaking on proposed updated regulations governing autonomous vehicles. In addition to comments from trade and special interest groups, consumer advocates, and individuals, a number of industry participants submitted written comments on the proposed regulations. A public hearing was held on April 25, 2017 in which verbal comments were submitted as well.

This article summarizes the key points made by industry participants in the written comments, by topic, and does not purport to cover all comments submitted or all points made. For a summary of the provisions of the proposed regulation itself, please see my earlier article here.

Testing of Autonomous Vehicles

Definition of Driverless Vehicles

The regulations require a special permit for testing of “driverless” vehicles and additional requirements for deployment as well. Driverless vehicles are those “capable of operating without the presence of a driver inside the vehicle.”

Ford notes that some autonomous vehicles capable of operating without a driver will initially be tested with a safety driver and suggests that the distinction should be made based on whether the car actually is “operating without the presence of a driver,” not whether it is “capable of” operating without a driver.

Waymo states that “the question of which type of AV permit is required should turn on whether or not a driver is in the vehicle (which is an easily administrable distinction), not on the capability of the vehicle involved.” The additional requirements for testing driverless vehicles “make sense only in the context where there is no driver in the vehicle” and should not apply to “vehicles that are capable of being operated without a driver, but nevertheless have a driver in the vehicle.”

Notice and Coordination with Local Authorities

In order to test driverless vehicles, a manufacturer must provide written notice to local authorities of the operational design domain of the vehicles being tested and coordinate such testing with authorities.

Auto Alliance (BMW, FCA, Ford, GM, Jaguar, Mazda, Mercedes, Mitsubishi, Porsche, Toyota, Volkswagen, Volvo) requests that the DMV clarify “what satisfies that the testing has been ‘coordinated’ with local authorities” and whether written notification is sufficient.

Ford suggests that notification should be sufficient and manufacturers should not be required to also “coordinate” the testing with local authorities. Ford also recommends a “central online directory” be established with contact information for “key authorities by location” that need to be contacted.

Global Automakers (Honda, Aston Martin, Ferrari, Hyundai, Isuzu, Kia, Maserati, McLaren, Nissan, Subaru, Suzuki, Toyota) notes that the “proposed regulations do not provide sufficient clarity in terms of the expected level of coordination, and this has the potential to create significant uncertainty for testing.” They suggest the DMV should “compile and maintain a list of local authorities that may need to be notified prior to the testing of automated vehicles in a particular area.”

Lyft suggests the DMV should clarify what is meant by notice to and coordination with “local authorities” since it is not clear who the proper local authority would be, how driverless testing should be coordinated with such authorities, or how to handle a situation where different authorities have views on how to coordinate testing. As an alternative, Lyft suggests the DMV “consider operating a webpage where manufacturers could post notices regarding their proposed testing areas” which would streamline notice and provide information to the public as well.

NIO also requests further clarification of the term “coordinate” as it relates to local authorities.

Peloton notes that for vehicles primarily tested on highways and interstates, which might pass through many cities for a just few minutes, the local notification and coordination provisions would be onerous. Instead, Peloton suggests coordination with the California Highway Patrol where “the operational design domain of vehicle testing is limited to California highways and interstates.”

Toyota suggests the provision for “coordination” with local authorities be removed and that only notice be required, as the term coordination is “a broad term and does not specify or set a standard for the interaction between the manufacturer and the local authorities which could create challenges and roadblocks.”

Uber suggests the coordination requirement with local authorities be removed, noting the legislature “created a statewide autonomous vehicle program” and requiring “vaguely-defined coordination” with local authorities risks “creating a fractured and inefficient testing regime because there are no guidelines or standards as to what the local authorities are supposed to do.”

Reporting Disengagements of Autonomous Mode

The regulations require all manufacturers with permits to test autonomous vehicles to report annually the disengagements of autonomous mode, with specified details.

Apple suggests some changes to the reporting of disengagements required in the regulation. Apple “believes that public acceptance is essential to the advancement of automated vehicles” and that “access to transparent and intuitive data on the safety of the vehicles being tested will be central to gaining public acceptance.” However, Apple believes the “appropriate disengagement metric” should include “successfully prevented crashes and traffic rule violations” and not other “subjective elements that reduce transparency and clarity.” Apple suggests that a disengagement should be defined as “an unexpected event or failure that requires the safety driver to take control of the vehicle in order to prevent a crash or traffic violation.” Apple believes the following events should not be reported as disengagements: operational constraints such as the system requires the driver to navigate through construction zones; system errors or failures that don’t affect safe operation; discretionary decisions by the safety driver; planned tests; the end of a test. Apple suggests removing the requirement to describe the type of incident that would have happened without disengagement as that requires speculation.

Global Automakers opposes the requirement that “testers report data concerning disengagements to the DMV.” Global Automakers believes “disengagement reports absent context are irrelevant in assessing the safety of the automated systems being tested, and can be very misleading to the public.” Global Automakers believes this regulation “imposes an unnecessary paperwork burden” and questions “why the DMV has legitimate need for this information.”

NIO suggests that planned test disengagements should not be reported as disengagements, only safety related disengagements. Otherwise this requirement “will act as a disincentive to manufacturers to plan test disengagements for fear that reporting a high number of ‘disengagements,’ even if planned, would result in a negative perception.”

Toyota suggests that reports should not include the number of miles that an autonomous test vehicle has driven because it “can provide the public with a false sense of the technology readiness of the system” and “can also provide information about the status of development to competitors.” Toyota requests the information be kept confidential if it is required. Similarly, Toyota requests other information be kept confidential because information “concerning the location of certain activities including disengagements could reveal to competitors the stage of a manufacturer’s development.”

Zoox encourages the department “to explore new safety metrics that more accurately represent the positive and negative events associated with HAVs” and “should consider a mechanism to expand safety metrics beyond disengagements to evaluate the safety and effectiveness of autonomous systems.”

Driverless Testing — Fault in a Collision

The regulations require certification by the manufacturer that to the extent a driverless vehicle is at-fault in any collision, the manufacturer shall assume any and all responsibility for liability associated with the operation of the vehicles on public roads.

Auto Alliance notes that the current provision “does not address possible third party modifications to the test vehicle for which an automaker has no control” and suggests limiting the provision to vehicles not modified by third parties. Auto Alliance also recommends clarifying that “a court with jurisdiction should make the determination if the test vehicle is at-fault in the collision.”

General Motors notes that the liability provision for driverless testing should be conformed to state law, as the provision “could be read to trigger strict liability if a manufacturer’s autonomous test vehicle were found to be at-fault to any extent in any collision.” GM suggests the provision be modified to provide the manufacturer “shall assume liability for damages caused by the autonomous vehicle in such collision, but in all cases in accordance with applicable law.”

Toyota notes the liability should only apply “to the injuries or damage caused by the autonomous test vehicle in the collision, not to liability for broad operation of all of the test vehicles on public roads.” Toyota also notes that operation of test vehicles will not always be done by the manufacturer and that “a manufacturer should not be liable for the operation of an autonomous test vehicle done by another entity.”

Waymo suggests deleting the provision concerning liability “because existing tort law already contains well-established principles to establish fault and apportion liability among tortfeasors, and DMV should not disturb those principles through this regulation.”

Communication Link with Remote Operators for Driverless Vehicles (Testing and Deployment)

The regulations require a communication link between a driverless vehicle and a remote operator allowing two-way communication and require continuous monitoring of the status of the vehicle while being operated. The regulations also provide a definition of a remote operator as a person located outside the vehicle and require submission of information about the training of remote operators.

Auto Alliance recommends that “the DMV amend the two-way communication link requirement to ‘if applicable’, because privately owned vehicles or delivery vehicles that do not have a human passenger should not require two-way communications.” Auto Alliance also notes that the definition of “remote operator” does not account “for test vehicles with a remote operator that is in the vehicle, but not seated in the driver’s seat.”

General Motors suggests that while “remote operators may play an important role in driverless testing of AV’s, this role may vary significantly depending upon how the technology advances.” GM suggests “a vehicle may not require a remote operator to engage the autonomous technology” and therefore recommends the definition of remote operator include a person who “is able to” engage and monitor the autonomous technology. GM notes that remote operators should have training sufficient to enable them “to safely execute the duties of a remote operator” but disagrees that the training should be the same as the “in-vehicle test drivers.”

Global Automakers notes concerns “with both the definition and concept of a ‘remote operator’ and the California-specific requirement that a person have the ability to ‘communicate’ with vehicle occupants in the vehicle through a communications link.” Global Automakers believes “it is inappropriate in this case for California DMV to be directly or indirectly imposing design requirements for automated vehicles.” Global Automakers also objects to the requirement of submitting the remote operator training program materials to the DMV and believes self-certification is sufficient.

Lyft suggests that the DMV provide clarification as to what the department considers a valid communication link for driverless vehicles and the remote operators. Lyft notes the “proposed regulation, to its credit, has deliberately avoided naming a specific technological capability or service, but additional clarity as to the types, kinds, or manner of operation of such links would be helpful.”

Mercedes states that it is “important (especially for test vehicles) that ‘remote’ [operator] means ‘not seated in the driver’s seat’ which includes but is not limited to ‘not located in the vehicle’.” Mercedes also notes that a communications link to vehicle occupants “is only necessary for driverless (test) vehicles that carry human passengers capable of making use of such a communications link” and should not be required “for a driverless (test) vehicle that does not carry human passengers, such as a driverless pacage or animal delivery vehicle.” Mercedes also states that a “privately-owned driverless vehicle designed for personal use should not be required to have a communications link as the vehicle owner/lessee has no need for it.”

Uber suggests that the Department “clarify that the communication link used to communicate with passengers may be achieved through a communication link with a device possessed by the passenger in the vehicle, like a smartphone, as an alternative to a communication link with the vehicle.”

Waymo notes the definition of “remote operator” does not recognize “that the functions of a remote operator (e.g. engaging the autonomous technology, monitoring the vehicle during operation, etc.) may be performed by multiple persons within a single entity.” Waymo recommends revising the definition to provide this flexibility “for each entity to determine how best to effectuate the remote operator functions among its personnel in a coordinated manner.”

Zoox commends the department for recognizing “the important role of remote vehicle operations” which “represent an opportunity for enhanced safety when an autonomous system encounters an uncertain or unknown situation.” Zoox notes that “by monitoring the vehicle’s location and status, a remote human operator can guide the vehicle safely through the encounter.” Zoox suggests that the definition of remote operator be broader to support innovation in this area. Zoox notes that for testing the remote operator may be inside the vehicle, and recommends using different definitions of remote operator for testing and for deployment. Zoox suggests there may be multiple types of remote operators “with specialized training or operational focus” and that training should be appropriate for that focus rather than just being a licensed driver.

Exclusion of Vehicles Over 10,000 Pounds

The regulations exclude certain types of vehicles from testing and deployment, including motorcycles, buses, trailers and trucks over 10,000 pounds.

Auto Alliance believes the benefits of autonomous technology “should not be limited to light duty vehicles, as there are many potential benefits to be gained from automating the medium and heavy duty vehicle fleet.” Auto Alliance suggests creating a process for manufacturers to apply for an exemption to test or deploy a vehicle otherwise prohibited.

Ford recommends removing the 10,000 pound gross vehicle weight rating exclusion which prevents larger vehicles such as trucks from testing.

Mercedes believes that “some of the more promising driving automation features from the standpoint of business and technological feasibility exist in the commercial vehicle realm where medium and heavy duty vehicles are common.” Mercedes “strongly encourages the California DMV to also include these heavier classes of vehicles in future rulemaking as expeditiously as possible.”

Self Driving Coalition for Safer Streets (Uber, Lyft, Volvo, Ford and Waymo) urges the DMV “to provide a clear timetable for completing a rule that would permit testing and deployment of these heavier vehicles as soon as possible” and that such a rule “should not impose more stringent requirements on the heavier vehicles than the current rulemaking would impose on light-duty vehicles.”

Tesla states that the current rules preserve “a blanket exclusion of all vehicles with a gross vehicle weight rating of more than 10,000 pounds from being approved for testing or deployment” on public roads. Tesla suggests the DMV should remove this prohibition because “it amounts to an indefinite statewide ban on any testing or deployment of heavy AVs, runs contrary to state legislative and federal intentions, does not promote safety and stifles innovation.” Tesla notes the implementing statute “does not make mention of any weight restrictions or other special restrictions against commercial vehicles, or otherwise require the DMV to establish such restrictions,” nor did NHTSA place special restrictions on heavy trucks in the Model State Policy section of the Federal Automated Vehicle Policy. Tesla believes this exclusion “creates an unnecessary double standard for heavy vehicles,” since light vehicles can be tested and deployed “in virtually any operational design domain in the state” but “even the most mundane operations involving heavy vehicles” are prohibited.

Toyota suggests that the DMV could provide for an exemption process where manufacturers could obtain an exemption to test or deploy a vehicle otherwise excluded under the rules, by providing the DMV with information concerning “what measures the manufacturer will take to address the unique operating conditions of the vehicle being tested or deployed” and certifying the vehicle will not be used to transport hazardous materials and otherwise meets the standard for an autonomous vehicle or test vehicle.

Uber believes “there is no need for the Department to delay the development of autonomous trucks while new regulations for large autonomous vehicles are created, a process that could take several years.” Uber notes that NHTSA’s guidelines “do not recommend any delayed introduction or otherwise different treatment of heavy vehicles; nor do any other jurisdictions that have autonomous vehicle laws and regulations.”

Deployment of Autonomous Vehicles

Definition of Deployment

Deployment is defined in the regulations to mean the operation of an autonomous vehicle on public roads by members of the public who are not employees, contractors, or designees of a manufacturer. Deployment is specifically defined to include selling, leasing or otherwise making autonomous vehicles available for use outside of a testing program, and where transportation services are provided to members of the public and a fee is charged.

Global Automakers objects to the definition of deployment as overly broad as it relates to sale or lease of a vehicle, and believes the definition is unworkable as most manufacturers do not sell or lease vehicles directly to the public, but through dealers. Global Automakers believes the regulations should “more clearly differentiate between the sale and the operation of an automated vehicle outside of the testing environment.”

Mercedes suggests that the definition is too narrow and does not permit vehicles that deliver packages or animals and suggests adding a section to confirm that deployment includes “transportation services” provided “for purposes of delivering packages or animals.”

Uber objects to the definition as it relates to transportation services and contends that “providing rides to paying passengers in this context is just as safe as testing autonomous vehicles with passengers riding for free, and obtaining the input of paying passengers provides valuable data as developers test the technology.” Uber notes that “from a safety perspective, it is immaterial whether or not a passenger pays a fare when the vehicle is operated by the manufacturer with a driver that meets the qualifications of the testing regime.”

Permit for Deployment — Process

Global Automakers objects to the entire process of a permit to deploy autonomous vehicles, stating “we strongly disagree with the DMV’s proposal to implement a ‘permit to deploy’ process that conditions the sale of use of automated vehicles based on a manufacturer’s obtaining a ‘permit’ from the DMV to do so.” Global Automakers believes “the California DMV should not be requiring manufacturers to obtain a permit to sell (or make commercially available) a vehicle that is certified to meet all applicable federal safety standards and that is therefore otherwise legal to sell in the other 49 states.” Global Automakers believes “this could not only prevent the sale or operation in California of automated vehicles that are legal in other states, but it also sets a dangerous precedent for the development of automated vehicle policy across the United States.” Global Automakers believes all provisions relating to the performance and design of automated vehicles should be excluded from state rules.

Permit for Deployment — Certification Regarding Operational Design Domain

To obtain a permit to deploy, manufacturers must identify the operational design domain of the vehicles and certify the vehicles are designed to be incapable of operating in the autonomous mode in areas outside of the disclosed operational design domain.

Ford suggests that rather than certifying a vehicle is “designed to be incapable of operating in autonomous mode” under certain conditions or outside the operational design domain that instead the certification should be that the vehicles are “designed to enter a pre-defined minimum risk condition in the event of experiencing conditions (weather, etc.) outside of ODD.”

General Motors suggests the language be modified to require that vehicles “are designed not to operate in autonomous mode outside of their disclosed operational design domain or under disclosed conditions.” GM notes “the relevant safety question is not whether the vehicle is capable of operating outside of its ODD or under certain conditions, but rather whether the vehicle does or does not operate outside of its ODD.”

Lyft notes this requirement is aimed at traditional sales to consumers and does not adequately take into account rideshare industry models.

Peloton believes the provision “may create an unrealistic standard for automated vehicle manufacturers based on the rapid variability of road conditions.” In particular, Peloton notes the “operation of such a mechanism is only as good as the information available to the vehicle” and it would be “exceedingly difficult for any automated driving system to be designed so that in all instances it would know about such conditions” such as black ice or fog “with enough warning to disable autonomous mode and safely transfer control back to a human driver.” Peloton suggests the language should be changed to add the system is incapable of operating in autonomous mode under those conditions “when such conditions can be reasonably known and reacted to by the system.”

Toyota notes that rather than require “technical incapability” for vehicles where a driver is present, “it should be sufficient for an autonomous vehicle that preserves a role for a driver to provide a warning or alert to the driver to take over should the vehicle exit the intended operational design domain or encounter any conditions in which it is not designed or intended to be operated.”

Uber notes that “manufacturers that operate fleets” have “alternative avenues to ensure vehicles are deployed safely” and can “ensure a vehicle is only deployed in areas or on specific routes, times of day or weather in which the vehicle can operate safely.” Uber suggests the manufacturer should certify that the vehicles “will not operate” in autonomous mode outside the disclosed operational design domain.

Permit to Deploy — Autonomous Technology Data Recorder

For deployment, the regulations require certification that the vehicles are equipped with a separate autonomous technology data recorder with certain specifications.

Auto Alliance recognizes there will be significant differences with respect to data collection and storage for autonomous vehicles and suggests a modified electronic data recorder framework would be appropriate. Auto Alliance notes the SAE EDR Committee is working on a new framework and suggests the DMV wait for the outcome of this work relating to recording parameters for crash reconstruction purposes before specifying post-collision recording time. Auto Alliance also suggests the requirement for collecting data be limited to data “sufficient for crash reconstruction purposes” rather than “all vehicle functions that are controlled by the autonomous technology.” Auto Alliance also suggests conforming the trigger threshold for activation of the recorder to conform to existing federal rules.

Ford suggests that the DMV “should engage with the automotive industry and other stakeholders to resolve some of the open issues relating to data recorders,” including the type of data collected, the storage location, protection of consumer privacy, the type of event that triggers storage of data and the logistics of sharing the data.

General Motors asks the DMV to clarify that the data captured should be the processed data usable to the autonomous technology, not all the raw data gathered by the vehicle’s sensors.

Global Automakers believes the “requirements for an ‘autonomous vehicle data recorder’ conflict with current federal law, as they impose requirements for an ‘event data recorder’ that go beyond those found in NHTSA regulations.” Global Automakers understands that “state law requires the DMV develop regulations to address this issue” but believes the regulations go beyond the statute.

Mercedes states that the provision for recording data for all vehicle functions controlled by the autonomous technology is “much too broad to be practicable and would require capturing far more data than necessary to reconstruct a crash.” Mercedes recommends limiting the data to that “necessary to reconstruct the crash.” Mercedes recommends that the DMV not specify post-crash recording time since it is not required by the statute adn instead suggests the DMV should look to the SAE EDR Committee work on this subject. Mercedes also suggests the trigger threshold should be consistent with federal rules for event data recorders.

Uber suggests that the regulations requiring an autonomous technology data recorder be revised to more closely track the language in the authorizing statute, noting that the statute “only requires that the vehicle have a mechanism to store data before the collision occurs, not after, and data must be capable of being extracted by any ‘external device,’ not a ‘commercially available tool.’” Uber states that the flexibility indicated in the statute is “better suited to a rapidly evolving autonomous vehicle industry, and adding more data recording requirements does not contribute to the safe performance of the vehicle.”

Volvo believes data should “be stored in accordance with the recommendations that will be issued by the SAE EDR task force, rather than through separate regulations.

Permit to Deploy — Cybersecurity

For deployment, the regulations require a certification that the vehicles have self-diagnostic capabilities that meet current industry best practices for detecting and responding to cyber-attacks, unauthorized intrusions, and false or spurious messages or control commands.

Auto Alliance notes that the requirement for self-diagnostic capabilities is a “vehicle performance standard” under the purview of NHTSA and should only be implemented at a federal level. Auto Alliance suggests removing that reference.

General Motors suggests deleting this regulation because it “does not provide for meaningful certification and in fact may lead to confusion and erroneous expectations.” GM believes “best practices are not a set of objective tests or criteria” but are “applications of methodologies and approaches” that cannot be measured “with objective and static tests.” GM also notes that cybersecurity best practices are not “one-size-fits-all.”

Self Driving Coalition “encourages the DMV to avoid contributing to a patchwork of requirements by requiring state-level certification on this issue.”

Volvo supports “strong cybersecurity protections in all motor vehicles” but “does not believe this is a matter that can be effectively regulated.” Volvo suggests that the DMV should instead require certification that autonomous vehicles are in line with the Automotive Cybersecurity Best Practices being developed as part of a global collaboration.

Permit to Deploy — Submission of Testing Data

For deployment, manufacturers must submit test data showing the technology has been tested in the operational design domain and include specified information concerning miles tested, locations, methods used to validate performance, and measures taken to remediate the causes of safety-critical incidents.

Auto Alliance recommends clarifying that no confidential business information should be included in this data submission. Auto Alliance suggests limiting the safety-critical incidents reported to those “successfully avoided” and removing the requirement to report measures taken to remediate the causes of those incidents.

Global Automakers believes this provision is unnecessary and should not be required. Global Automakers notes the provision “presupposes that the DMV will review the data and determine whether the automated vehicles is safe to sell and operate in the state, but that is not (and should not be) the DMV’s role nor is it the DMV’s expertise.” Global Automakers notes that “NHTSA is the sole authority for determining whether a manufacturer has designed a safe vehicle.”

Mercedes notes the submission of this test data “would require revelation of confidential business information about the design of the ADS, as well as artificially and unnecessarily inflating liability risk, which the DMV should not require.”

Uber notes that manufacturers must submit certain data and information, such as “an explanation of the testing methods used to validate the performance of the autonomous vehicles, measures taken to remediate safety-critical incidents, and also a description of the operational design domains and restrictive conditions in which their vehicles can operate,” in order to obtain a deployment permit. Uber suggests that the regulations be revised to recognize that this information may contain confidential trade secrets which should not be subject to disclosures. Given the sensitive nature of this business information, Uber suggests that the Department provide “appropriate safeguards for the submission of such information during the application process.”

Codification of NHTSA Safety Assessment Letter (Testing and Deployment)

For testing driverless vehicles and for deployment, the regulations require a manufacturer to submit a copy of the safety assessment letter that has been submitted to NHTSA as specified in the Federal Automated Vehicle Policy.

Auto Alliance notes that since submission of a safety assessment letter is not currently mandated by NHTSA, the phase “if applicable” should be added to indicate it is not required.

Ford suggests that compliance with the NHTSA safety assessment letter process should be voluntary not mandatory, with submission to the DMV required only if a submission was made to NHTSA.

Global Automakers supports the DMV’s approach “to not require a safety assessment letter for testing while a driver is present as this will help address the potential for significant administrative burden through duplicative reporting.” However, Global Automakers does have concerns that the rule “would improperly codify certain aspects of the NHTSA Federal Policy.” Global Automakers strongly recommends that “California reconsider its approach by not seeking to address matters of vehicle performance and design in its regulations for the operation of automated vehicles in the state.” Since there is no federal requirement that a safety assessment letter be submitted to NHTSA, Global Automakers states “it is our understanding that the DMV’s intent is to require an SAL only if one has been provided to NHTSA” and suggests “the DMV should clarify this requirement in the final rule.”

Self Driving Coalition recommends the DMV remove the requirement that manufacturers must submit a copy of the Safety Assessment Letter submitted to NHTSA to obtain a permit to test or deploy driverless vehicles. Instead, the Coalition recommends making the submission voluntary and incentivizing the submission of the voluntary letter by providing the DMV will expedite its review and commit to “completion of its review within 30 days when a copy of the Safety Assessment Letter is submitted.”

Tesla believes that the DMV “inappropriately transfers federal regulatory authority to itself and contravenes the spirit of voluntary cooperation that NHTSA intended with the Safety Assessment.” Tesla believes the DMV should request but not require manufacturers to submit a Safety Assessment.

Uber urges the DMV to remove both references to the NHTSA Safety Assessment Letter from the regulations, for testing of driverless vehicles and for deployment. Uber notes the Safety Assessment Letter is a “voluntary process” described in “a non-binding agency guidance document that is subject to change.”

Volvo notes that, while the NHTSA FAVP is a voluntary program, the DMV regulations would require submission of a safety assessment letter and mandate NHTSA’ s voluntary guidance. Volvo “recommends that the DMV clarify that submission of the Safety Assessment Letter to the CA DMV is necessary after it has been submitted to NHTSA.” Volvo also suggests the DMV should act to protect confidential business information by stating that “information contained in these submissions should not be released under California’s Public Records Act.”

Deployment — Information Privacy

The regulations require a manufacturer to either provide a written disclosure to the driver or occupants of the vehicle (if no driver required) that describes the information collected by the autonomous technology that is not necessary for the safe operation of the vehicle and obtain the written approval of the operator of an autonomous vehicle to collect the information, or to anonymize the information that is not necessary for the safe operation of the vehicle.

Auto Alliance suggests the DMV amend the language on privacy to make consistent with the 2014 Privacy Principles, which are “already well-established and enforceable by the FTC.” Auto Alliance notes the term operator “is not defined” and “could feasibly refer to a vehicle owner, lessee, driver, remote operator or third party service provider.” Auto Alliance recommends removing the term and conforming the language to the guidance offered in the Privacy Principles concerning the “appropriate retention of identifiable information and corresponding notice to vehicle owners or lessees about this process.”

General Motors suggests striking the privacy requirements in favor of existing federal and state law protections concerning privacy and the best practices set forth in the 2014 Privacy Principles from the industry. GM notes that if the privacy provisions are retained, they should only apply to sale or lease of a vehicle, and not in a ridesharing context where “companies are generally not compelled to provide services to consumers who do not agree to terms of use, including privacy terms.”

NIO requests the DMV “provide examples of the types of information the Committee considers to be ‘information collected by the autonomous technology that is not necessary for the safe operation of the vehicle.’”

Self Driving Coalition recommends the information privacy section “specifically be limited to requiring a company to provide a privacy policy that would govern personal information collected about passengers and how it is used.”

Toyota recommends removing this provision entirely as it “would be unworkable in cases in which the service itself (such as ridesharing) is dependent on the collection of data.”

Volvo recommends that the privacy provisions in the regulations “be harmonized” with the Privacy Principles issued in 2014 by the Alliance and Global Automakers groups, which are enforceable by the Federal Trade Commission.

Waymo believes that “information privacy is outside the expertise and purview of the DMV” and that to the extent the DMV has authority to regulate information privacy, “it should be limited to requiring a manufacturer to provide a privacy policy which governs information collected about the passenger and how it is used.”

Deployment — Driver and Manufacturer Responsibility

The regulations provide that the manufacturer of a Level 4 or 5 vehicle shall be responsible for the safe operation of the vehicle when operating in its operational design domain. For Level 3 vehicles, the manufacturer is responsible when it is operating in autonomous mode in its approved operational design domain.

Auto Alliance recommends deleting this provision. Auto Alliance notes that California “has well developed laws governing product liability and negligence” and the proposed regulations “would upset those principles by vesting responsibility solely in the manufacturer” even when “a person other than a manufacturer (e.g., the vehicle owner) may be responsible for obtaining updates, maintenance, or other factors essential to safe operation of the vehicle.” Auto Alliance believes this provision “will discourage any business model where the manufacturer relinquishes control over the vehicle.”

General Motors suggests deleting this provision because it “could be read to place all responsibility on the manufacturer, without taking into account the acts of intervening parties and other factors that contributed to an incident (i.e., imposing strict liability).” GM notes that existing law “protects consumers and provides the tools necessary for allocating responsibility.”

Global Automakers “supports the DMV proposed regulations addressing issues of driver and manufacturer responsibility” and notes that for Level 3 vehicles “it is important that there be a requirement that a licensed driver be available to provide the necessary fallback to the system.”

NIO suggests this section should note that the driver is responsible for any failure to adhere to traffic laws “if a driver bypasses, modifies or otherwise overrides the standard autonomous functionality.”

Waymo notes this provision “ignores the practical reality that the safe operation of the vehicle can be impacted by factors outside of the manufacturer’s control” and “recommends deleting this section because existing tort law already contains well-established principles to establish responsibility and fault and apportion liability among relevant parties, and DMV should not disturb those principles through this regulation.”

Permit to Deploy — New Application Required for Material Changes

The regulations require a manufacturer to submit a new permit application for public deployment prior to implementing a material change in the capabilities or performance of an autonomous vehicle previously approved.

General Motors notes that the proposed regulations required a manufacturer to submit a new application for deployment to the DMV each time it makes a significant improvement to its technology. GM states this could “unintentionally encourage manufacturers to avoid characterizing a change as ‘material’ so as not to halt their programs for six months or more” waiting for new permit approval. GM suggests a revision such that for material “improvements” to the vehicles’ capabilities or performance, the manufacturer would notify the DMV “if the improvement changes information provided in the application” but a manufacturer need not submit a new application. Instead, manufacturers would only need to submit new applications “prior to implementing a material change that materially reduces the capabilities or performance” of a vehicle previously approved.

Global Automakers disagrees with the DMV proposal that a manufacturer submit a new application for public deployment prior to implementing a material change in the capabilities or performance of an autonomous vehicle previously approved for deployment. Global Automakers believes “this will significantly impact innovation by requiring ‘pre-market’ approval prior to ‘any hardware, software, or other significant update to the autonomous vehicle’s autonomous technology.”

Lyft notes the amendment provision “has the potential effect of making it harder to improve the capability of safety of a vehicle” since the change cannot be implemented until a new application has been approved by the department.