Here we go again – another  Tesla “autopilot” incident

Back in January 2020, an incident featured a self-driving Tesla going 135km/h while the driver flossed his teeth. Two months earlier it was a driverless Tesla powered by the “smart summon” capability, driving on the wrong side of the road. 

The latest event took place in Alberta, Canada, where a Model S Tesla was speeding while the driver was fast asleep on the reclined front seat. 

The car was cruising well above the legal speed limit (of 110km/h), when the Royal Canadian Mounted Police flashed its lights in an attempt to draw the driver’s attention, at which stage it accelerated to exactly 150km/h. The driver was charged with speeding and the province has also decided to charge him with dangerous driving. 

But hold on. 

Is the driver responsible for reckless driving? After all, the car was self-driving so maybe the car maker is to blame…  

As you would expect, Tesla has a disclaimer on its website that relates to its autonomous driving technology – “The currently enabled features require active driver supervision and do not make the vehicle autonomous” the company explains.

This incident (and many more) raise a fundamental question – who’s liable? 

The proliferation of autonomous vehicles, pioneered by Tesla, Waymo and Cruise, poses a challenge for regulators and vehicle OEMs. They are trying to determine the effectiveness of modern automotive technologies and looking at who’s responsible for the safety of vehicles and people alike. 

It’s the same story for automotive cyber security.

As passenger and commercial vehicles get hyper-connected and software-defined, there is a growing risk of introducing software vulnerabilities. Who is liable for a vehicle’s safe and secure operation and for the lives of people, not only when the vehicles are coming off the production line, but also when they hit the road? 

Policymakers and regulators are just as concerned with these issues, driving initiatives that will make cyber security integral to the automotive supply chain, such as the UNECE WP.29 regulation and ISO/SAE 21434 standard (but there are more). Some, such as WP.29, see the OEM responsible for overall cybersecurity, others leave this issue unresolved.

Regardless, it is in the best interest of OEMs to extend their cyber-responsibility across the supply chain. By failing to do so, they risk exposure to regulatory violations, liability claims, brand equity erosion, and more.

In the meantime, this question remains open.


By Guy Gilam

Guy is Head of Product Marketing at Cybellum. He enjoys cultivating the connection between innovation and market value, aided by 15 years of product management and marketing experience at start-ups and tech giants, in domains ranging from cyber security to TV services to IoT platforms.