Consumer protections

Policymakers and the private sector should embed consumer protections into automated vehicles and related services (see also AARP Consumer Principles, as well as this chapter’s section on Mobility on Demand). 

Policymakers and the private sector must safeguard access to redress after injury or damage, including through insurance and access to the courts. As the transition toward autonomous technology evolves, policymakers should consider whether new insurance or liability models are needed (see also Liability Insurance Policy, as well as Pre-Dispute Mandatory Binding Arbitration). 

Policymakers and the private sector must ensure the digital security of automated vehicles. They must make all possible efforts to protect them from harmful digital attacks, unauthorized access, and damage. Policymakers should require a comprehensive and layered system for preventing, detecting, and responding to cybersecurity threats. Companies should adopt the National Institute of Standards and Technology’s Cybersecurity Framework or a similar industry-standard cybersecurity framework (see also Data Security). 

Policymakers and the private sector must ensure privacy protections. Consumers should not be required to share any non-essential personal information in order to use AVs or related services. Consumers should maintain control over their individualized personal information that is not already publicly available. They should be able to understand how that information is collected and decide how it may be used (see also Consumer Data Issues). However, policymakers and the private sector should be able to use de-identified aggregated data for research, evaluation, and planning purposes. 

In order to maximize consumer choice and increase affordability, policymakers should refrain from requiring manufacturers to use a specific engine type, such as by limiting deployment to electric vehicles (see also Utility Rates).