Lawmakers used a hearing on self-driving cars Tuesday to ask whether the much-hyped vehicles would be vulnerable to hacking.
The focus on cybersecurity and consumer data privacy from some members of the Senate Commerce Committee caused moments of friction in an otherwise smooth hearing for representatives from companies like Google and Lyft, which are both invested in the success of self-driving technology.
“You can imagine in this world of cybersecurity and cyberattacks, imagine what would happen to autonomous vehicles to get hacked while they’re out on the road,” said ranking member Bill NelsonBill NelsonPath to 60 narrows for Trump pick The Hill’s Whip List: Where Dems stand on Trump’s Supreme Court nominee Overnight Tech: Senate votes to eliminate Obama internet privacy rules | FCC chief wants to stay out of 'political debate' on fake news | Wikileaks reveals new CIA docs MORE (D-Fla.). “One small defect could end up in a massive safety crisis.”
But the harshest heat for the witnesses came from Sens. Ed MarkeyEd MarkeyThe Hill’s Whip List: Where Dems stand on Trump’s Supreme Court nominee Overnight Regulation: Senate moves to strike Obama-era internet privacy rules Overnight Tech: Senate votes to eliminate Obama internet privacy rules | FCC chief wants to stay out of 'political debate' on fake news | Wikileaks reveals new CIA docs MORE (D-Mass.) and Richard BlumenthalRichard BlumenthalSenators introduce new Iran sanctions Senators demand Pentagon action after nude photo scandal Gorsuch rewrites playbook for confirmation hearings MORE (D-Conn.), both of whom advocated for the creation of standards governing protection of data from cyberattacks.
"Clearly hackers are going to have the ability to break into these vehicles,” Markey said. “And so the kinds of protections you build in can be voluntary, but if 10 companies do it and 10 don’t, then those 10 are going to be identified by the hackers as the ones they’re going to be playing games with out on the highways.”
"And I just think we need minimal standards that every company is going to meet."
The witnesses were reluctant to say definitively that there should be governmental cybersecurity standards for the cars.
“We really haven’t determined whether we think we need mandatory standards or not, but what we have determined is that it does help to standardize … so then the question for us is how do we get there,” said Glen DeVos, an executive at Delphi Automotive.
That equivocation appeared to irk Blumenthal.
“May I respectfully suggest that the answer to the question, should there be mandatory safety and privacy standards, is yes,” he said. “And I didn’t hear that from all of the witnesses. I heard answers that basically implied maybe there should be.”
Both lawmakers also pressed the witnesses on whether there should be standards to protect owners of self-driving cars from having their data used by marketers and for other purposes unrelated to the operation of the car.
When Markey went down the witness table asking whether they thought standards were a good idea, he was met mostly with non-committal answers. Chris Urmson, the Google executive leading their car project and the most high-profile witness, said he wasn't in a position to answer on behalf of the company.
Committee Chairman John ThuneJohn ThuneThis week: GOP picks up the pieces after healthcare defeat Lawmakers want infrastructure funded by offshore tax reform Senate GOP hedges on ObamaCare repeal timeline MORE (R-S.D.), who later said he didn't want to see the government handle safety in a way that inhibits innovation, teased Markey for his persistence to laughter from a packed committee room.
“Thank you Sen. Markey,” he said. “And there is no requirement for the panelists to agree with him.”