December 3, 2018

Prepared by:

Ian Adams,
Associate Vice President of
Government Affairs
R Street Institute
1212 New York Ave NW, #900
Washington, DC 20001
(202) 525-5717
[email protected]

Caleb Watney,
Technology Policy Fellow
R Street Institute
1212 New York Ave NW, #900
Washington, DC 20001
(202) 525-5717
[email protected]


On behalf of the R Street Institute (R Street), we respectfully submit these comments in response to the Office of the Secretary of Transportation’s request for comments on the document, “Preparing for the Future of Transportation: Automated Vehicles 3.0” (AV 3.0).[1]

R Street is a free-market think tank that takes a pragmatic approach to public policy challenges.[2] R Street has previously submitted comments to the National Highway Traffic Safety Administration (NHTSA) in response to its request for comments on the Federal Automated Vehicles Policy in September 2016[3] and on the “Automated Driving Systems: A Vision for Safety” document that followed in September 2017.[4]

AV 3.0 builds on the best aspects of the previous voluntary guidance while also striking a delicate balance between regulatory humility and providing further clarity for market participants about the standards to which they are subject. The Department should be applauded in particular for its effort to bring uniformity to the treatment of automation across the scope of its regulatory purview. The need for such uniformity grows daily as automation and transportation become inextricably intertwined across modalities.

Additionally, the Department’s strong articulation of the importance of remaining technology-neutral in transportation regulation and its expansion of best practices for state and local officials are also positive developments.[5]  Yet while AV 3.0 represents an important next step in this conversation, there is still much more to do to ensure a streamlined policy framework for the development and deployment of Highly Automated Vehicles (HAVs).

Our comments are divided into the following sections:

  1. Considerations for state and local guidance
    1. Congestion pricing
    2. Voluntary data sharing
  2. Post-market testing by operational design domain
    1. Addressing new challenges in cybersecurity
  3. Expedited regulatory timelines for rail

I. Considerations for state and local guidance

Discerning the appropriate oversight role of state and local jurisdictions in the testing and deployment of HAVs has been a particularly high-salience issue in light of the pace of progress in this space. Questions about regulatory competency and capacity have driven policy discussions at all levels of government. In that context, AV 3.0 refines and expands guidance to state and local governments regarding how they should approach HAV policy.

The guidance highlights policy considerations such as “needs-based implementation,” “compatibility between intrastate and interstate commercial motor vehicle regulations,” and “how land use, including curb space, will be affected.” [6] All of these considerations are of vital importance and, if anything, would benefit from further expansion by the Department.

In the absence of federal legislation that draws clear lines between federal and state regulatory authority, there is a substantial risk that a patchwork of state and local regulatory frameworks could slow down the deployment of HAVs and their lifesaving potential.[7] With a host of state legislative sessions upcoming in early 2019, the policy guidance issued by NHTSA and the Department is of paramount importance.

In light of this reality, the Department should consider either refining to a granular level the state and local guidance portion of AV 3.0 in future drafts or developing an additional guidance document that provides more tangible implementation details. The Department has a critical opportunity to help shape the state legislative frameworks that will either slow or accelerate the timeline for HAV deployment. The history of path-dependence in policy frameworks only highlights the importance of getting the initial details right.

To that end, in addition to the principles articulated in AV 3.0, we recommend the Department further articulate state and local guidance on congestion pricing and data sharing.

A. Congestion pricing:

As the Department notes correctly on page 24, the induced demand effect of cheaper transportation that HAVs enable could increase the level of road congestion that major U.S. cities face:

“If automation provides a convenient, low-cost option for single occupant vehicle trips, it may lead to more congestion. For example, some current transit users may shift to lower occupancy automated vehicles. Automated vehicles may engage in zero-occupant vehicle trips, for vehicle repositioning. Automation will also provide new mobility options for people who do not travel much today. Local and State governments may need to consider appropriate policies to manage the potential for increased congestion.”

However, the Department does not expand on what these “appropriate policies” might look like. And unfortunately, the early evidence does not indicate that cities will move in an appropriate policy direction without additional guidance. New York City, for instance, responded to fears of increased congestion from transportation network companies like Uber and Lyft by capping the number of ride-sharing vehicles that can operate in the city.[8] Other major U.S. cities, including Chicago, are reportedly considering a similar response.[9]

These types of blunt policy responses are bound to fail. They would only apply to a small portion of the overall vehicle supply and fail to differentiate supply and demand during peak rush hours. In contrast, a robust body of research supports the idea that congestion taxes and demand-based road pricing schemes are by far the most effective and fair mechanisms for managing congestion in high-volume metro areas.[10]

This policy will have significant implications for the future of HAV deployment. If major cities learn to rely on hard supply caps as the primary control method for congestion, political path-dependency will make it substantially more difficult for them to switch to a congestion pricing mechanism for HAVs at a later date. As such, the Department would be wise to come out explicitly in favor of congestion- and demand-based pricing mechanisms more broadly and to highlight the ways in which hard supply caps are likely to be counterproductive.

B. Voluntary data sharing:

AV 3.0 also features a short section on identifying data needs and opportunities to exchange data between cities and HAV companies. As the document notes, “The exchange of data and information in the roadway environment can help automated vehicles address static and dynamic elements that otherwise may be challenging for [automated driving systems] (e.g., work zones, rail crossings, managed lanes, and varying traffic laws).”[11] In addition to improving HAV performance by increasing awareness of work zones and construction, data-sharing agreements can also facilitate improved city services. Private HAV operators will have better on-the-ground information about road conditions, frequent traffic bottlenecks, degrading infrastructure, etc., which would be valuable for city officials in monitoring roads and directing transportation improvement funds.

Given the potential gains for both city officials and HAV operators from data-sharing agreements, the Department should take steps to more directly facilitate these agreements through roundtable discussions and guidance documents. For example, one precondition to voluntary data-sharing agreements will be that HAV operators trust that their data will be stored safely and confidentially. However, many cities lack the institutional capacity and cybersecurity experience to build these systems independently, which may discourage private operators from partnering with them in the first place. NHTSA and the Department more broadly should further research this area and collaboratively issue some best practices for transportation data storage and transfer so that HAV manufacturers have a readily available set of standards to which they can point before partnering with a city government.

The Department should expand its guidance on this issue and showcase what ideal voluntary data-sharing agreements might look like for the mutual benefit of cities and HAV companies.

II. Post-market testing by operational design domain

In AV 3.0, the Department makes a point of articulating the challenges that come from integrating a regulatory framework that traditionally manages a slow and iterative product with a dynamic, software-driven product that could potentially expand its operational design domain (ODD) overnight:

“Existing standards assume that a vehicle may be driven anywhere, but future standards will need to take into account that the operational design domain (ODD) for a particular [automated driving system] within a vehicle is likely to be limited in some ways that may be unique to that system. For example, not all Level 3 vehicles will have the same ODD.”[12]

This is important to note, given the current development path and likely deployment process we see from industry leaders. Waymo, for instance, has plans to begin the first HAV commercial service later this year in the Phoenix area, but these cars will be geofenced and only operate within the specific ODD on which they have been trained.[13] If NHTSA were to hold these Waymo vehicles to performance standards governing terrains and road conditions in which they are not actually being deployed, it would be a detriment to innovation. Such an approach could, in theory, require HAV manufactures to master Level 5 autonomy[14] before beginning deployment at all. Level 5 autonomy looks to be decades away, so rethinking the enforcement of federal safety standards for geofenced vehicles is an essential task.

One option NHTSA should consider when addressing this challenge is simply to limit the scope of its post-market testing regime to the specific ODD that manufacturers self-certify they meet. In order for this to work, manufacturers and operators would need to maintain close communication with NHTSA and keep the agency updated on any changes in their particular ODDs. For example, if a manufacturer rolled out an over-the-air software update that enabled its vehicles to operate in a new geographic area that included mountainous terrain, NHTSA would be authorized to rigorously test that manufacturer’s vehicles within this new ODD to ensure that the vehicles meet all the performance and safety standards within this new terrain.

Under such a system, manufacturers would need to explicitly communicate to NHTSA the specific ODDs in which their vehicles can operate. NHTSA would then have the authority to verify a) that HAVs are not being deployed outside of the specified ODD, and b) that HAVs meet performance standards within the specified ODD. Note that the ODD includes weather conditions in addition to terrain and road types. If a manufacturer never plans to deploy vehicles in HAV modes in particular weather conditions—such as snow or heavy rain—NHTSA’s post-market testing should reflect that reality.

This approach would also have the benefit of more narrowly tailoring the tests that NHTSA is tasked to employ in the context of post-market evaluation, which will bolster NHTSA’s ability to effectively evaluate the technology. On balance, the administrative burden of ODD-specific evaluation may change, but this approach would ensure that HAV manufacturers can roll out their vehicles in an iterative manner without needing to achieve full, Level 5 autonomy first. If NHTSA needs more funding to maintain its post-market testing mechanism in light of careful differentiation by ODD, the agency should make that case to Congress.

III. Addressing new challenges in cybersecurity

Throughout AV 3.0 is an acknowledgment that the rapid pace of cybersecurity vulnerability discovery and response poses new challenges to the traditional NHTSA regulatory model. Sentiments like, “Depending on the vehicle platform, some safety items (such as cybersecurity and human-machine interface) may still be addressed in alternative ways”[15] appear repeatedly throughout the document without a detailed assessment of the “alternative ways” that might suffice.

As R Street details in a previous paper,[16] NHTSA’s post-market testing and recall model can be extended to address cybersecurity concerns by testing based on the stated cybersecurity capabilities of HAV manufactures and by contracting with independent cybersecurity professionals. Such an approach could include:

  1. NHTSA requiring manufacturers to provide, by a fixed date, written in-depth answers to questions on the capabilities and characteristics of their cybersecurity plans, the types of attacks they should be able to thwart, various levels of redundancy and layered defenses they have installed, and how their vehicles should perform if attacked.
  2. NHTSA making non-sensitive/non-confidential answers available to the public. This will allow intra-industry competition for more comprehensive and effective cybersecurity plans. Answers that include specific trade secrets or information that should not be disclosed publicly would be carefully controlled, maintained by NHTSA, and used only for internal assessments.
  3. NHTSA selectively testing these manufacturer claims in a manner similar to, and inspired by, its current post-market oversight. The agency may also contract with independent cybersecurity experts to proactively test the robustness of cybersecurity systems. If a vulnerability is found that is inconsistent with a representation published in the manufacturer’s cybersecurity plan and subsequent answers to questions (either those publicly disclosed or held internally by the NHTSA), the agency would be able to use its existing recall authority to rectify the issue.

There are several advantages to taking such an approach. First, this is an enforcement process with which industry groups and manufacturers are already familiar. This should reduce the level of regulatory uncertainty associated with compliance. Second, the approach allows the level of cybersecurity enforcement for which companies are held responsible to evolve over time as companies update their publicly-available cybersecurity plans. Further, manufacturers will have an incentive not only to tell the public that they have a more rigorous cybersecurity plan than competitors, but to be honest about their current level of security. The desired end-result is that manufacturers will feel compelled internally to bring their level of cybersecurity enforcement closer toward current best practices in order to remain competitive.

This type of enforcement mechanism could, in effect, replace the need for specific federal motor vehicle cybersecurity standards. As NHTSA contemplates ways in which to address the new challenges of automotive cybersecurity, we hope it will consider this approach, or at least elements from it, in its response.[17]

IV.  Expedited regulatory timelines for rail

The expansion of focus to automation in all surface transportation methods is undoubtedly one of the most positive aspects of AV 3.0. In this expansion, however, it is important to keep in mind the disparate timelines for automation in different forms of transportation. For example, given the relative simplicity of the ODD faced on railroads, we should expect rail automation to progress significantly faster than car automation. Similarly, if technical setbacks delay the timeline of HAVs, that should not necessarily affect the timeline for automated rail transit.

While technical setbacks in other sectors leading to undifferentiated policy responses at the federal level pose a future threat to automation in the rail sector, ill-conceived state activity presents an immediate challenge. This is because, like HAVs, rail is susceptible to well-meaning but profoundly problematic state-level policymaking that risks creating a regulatory patchwork.

Crew size regulations in particular present a major barrier to the ready adoption of automated systems because they confuse and diminish the Department’s unified approach to automated safety technologies. They also impose redundant costs without an attendant demonstrable safety benefit.

To address these issues, the Department should seek to clarify the scope of its authority over staffing concerns in a manner that effectively signals to states that crew size falls within the scope of federal authority. This step would ensure uniformity between parts of the Department vis-a-vis its responsibilities for overseeing the safe deployment of automated systems, as AV 3.0 already does with the Federal Motor Carrier Safety Administration.[18]

For these reasons, it is vital that the Department continue its commitment to a multimodal approach to the regulatory oversight of automated systems. As such, the Department should expand guidance for automated rail and accelerate the timeline for regulatory updates of rail as it pertains to automation.


We appreciate the opportunity to comment on the Department’s AV 3.0 document and look forward to further participation in the regulatory process.


Respectfully submitted,

Ian Adams
Associate Vice President of Government Affairs
R Street Institute

Caleb Watney
Technology Policy Fellow
R Street Institute

[1] Notice of Request for Comments: Preparing for the Future of Transportation: Automated Vehicles 3.0, 83 Fed. Reg. 50746 (Oct. 9, 2018).

[2] See About R Street, R Street Institute, (last visited Dec. 3, 2018).

[3] Comments of the Competitive Enterprise Institute, R Street Institute & TechFreedom, Request for Comments on Federal Automated Vehicles Policy, 81 Fed. Reg. 65703 (Dep’t of Transp. Sept. 23, 2016),

[4] Comments of the Competitive Enterprise Institute & R Street Institute, Automated Driving Systems: A Vision for Safety, 82 Fed. Reg. 43321 (Dep’t of Transp. Sept. 15, 2017),

[5] See U.S. Dep’t of Transp., Preparing for the Future of Transportation: Automated Vehicles 3.0 (Oct. 9, 2018) [hereinafter AV 3.0],

[6] Id. at 18–38.

[7] Adam Thierer & Caleb Watney, Robots Don’t Get Drunk or Drowsy, So Why Hold Up Driverless Cars?, The Hill (July 14, 2017),

[8] Shoshana Wodinsky, In Major Defeat for Uber and Lyft, New York City Votes to Limit Ride-Hailing Cars, The Verge (Aug. 8, 2018),

[9] Mary Wisniewski, Too Much of a Good Thing? Aldermen Consider Capping the Number of Ride-Share Vehicles, Chicago Trib., Aug. 20, 2018,

[10] There is a consensus among academic economists that the proposed ride-sharing vehicle caps would be ineffective and that a congestion tax would be a better alternative. See, e.g., IGM Economic Experts Panel, Univ. of Chicago Booth Sch. of Bus., Ride-Sharing Caps (Aug. 21, 2018),

[11] AV 3.0 at 21–22.

[12] Id. at 7.

[13] Timothy B. Lee, Fully Driverless Waymo Taxis are Due Out This Year, Alarming Critics, Ars Technica (Oct. 1, 2018),

[14] Level 5 autonomy here is based on the traditional Society of Automation Engineers (SAE) levels of autonomy. See SAE International, Taxonomy and Definitions for Terms Related to Driving Automation Systems for On-Road Motor Vehicles, Standard J 3016-2018 (June 2018).

[15] AV 3.0 at 38.

[16] Caleb Watney & Cyril Draffin, R Street Institute, Addressing New Challenges in Automotive Cybersecurity (Nov. 9, 2017),

[17] This section was adapted from R Street’s paper entitled, “Addressing New Challenges in Automotive Cybersecurity.” See id. For a longer discussion of the proposed model, see the full paper. Id. at 13–14.

[18] Id. at 8.

Featured Publications