Today, CEI submitted comments to the National Highway Traffic Safety Administration (NHTSA) in response to its notice of proposed rulemaking (NPRM), “Federal Motor Vehicle Safety Standards; V2V Communications,” which was published in the Federal Register on January 12, 2017. In it, NHTSA proposes to mandate that all new light-duty vehicles have vehicle-to-vehicle (V2V) communications devices installed and that they use a particular communications protocol called dedicated short range communications (DSRC). The purpose of the mandate, as currently contemplated by NHTSA, is to offer future drivers advance warnings of traffic and roadway hazards.
Last week, CEI and a coalition of free-market organizations sent a letter to Secretary of Transportation Elaine Chao asking her to temporarily suspend the V2V rulemaking proceeding in order to allow the new administration to examine this controversial midnight Obama proposal. CEI previously submitted comments in 2014 in response to NHTSA’s advance notice of proposed rulemaking on V2V.
The full comment letter is here. We develop four points, which are summarized below.
First, NHTSA fails to adequately consider alternatives to DSRC, ones that could enable faster adoption of V2V at a lower cost. Wireless carriers plan to upgrade their networks to next generation mobile networks, known as 5G, over the same time period as the mandate phase-in, which resolves many of the latency (delay) issues with earlier cellular-based V2V while harnessing existing terrestrial networks—meaning there would be no need to install nearly 20,000 roadside devices along the National Highway System to support the mandated V2V-DSRC system. Moreover, NHTSA does not explain who would operate this new infrastructure or how it would be funded and maintained.
Second, NHTSA leaves a number of important privacy and cybersecurity issues unresolved. The agency proposes a Secure Credential Management System (SCMS) to mitigate these risks but does not propose any specific regulatory text. This is worrying because the SCMS would be a critical component of safely functioning V2V. NHTSA, at the very least, should propose SCMS regulatory language prior to the promulgation of a final rule and allow the public to examine and comment on it.
Third, NHTSA’s plan to require owner consent for software updates and new security certificates undermines the claimed benefits of forced V2V. While the agency is not inclined to allow automakers to install V2V devices with an “off switch” for drivers wishing to disable V2V, V2V can nonetheless be disabled under NHTSA’s proposal if the owner refuses updates. NHTSA suggests that a telltale lamp or dashboard message could prod drivers to consent to updates, but this likely will not deter some drivers from allowing their V2V devices to deactivate. Given perceived (and real) privacy and cybersecurity risks, and the fact that around 10 percent of vehicles on the road today display “check engine” telltales, NHTSA should better consider the “apathy rate” in its benefits projections.
Fourth, NHTSA fails to adequately consider the impacts of forced V2V on vehicle automation systems. Automation has the potential to save far more lives than V2V hazard warnings, but requiring a one-size-fits-all approach to connectivity introduces new privacy and cybersecurity risks into these automation systems. This is the reason most automated vehicle developers are focusing exclusively on vehicle-resident sensor technologies, rather than connectivity. It has been argued by a number of developers and technologists that V2V-DSRC as contemplated by NHTSA is obsolete, and that requiring all new vehicle—included automated vehicles—to come installed with V2V devices puts these new, more promising technologies at risk.
Based on these concerns, we conclude by urging NHTSA to withdraw the NPRM. Read the full comment letter here.