ISO/TR 17427-8:2015

TECHNICAL ISO/TR
REPORT 17427-8
First edition
2015-11-01
Intelligent transport systems —
Cooperative ITS —
Part 8:
Liability aspects
Systèmes intelligents de transport — Systèmes intelligents de
transport coopératifs —
Partie 8: Aspects relatifs à la responsabilité
Reference number
ISO/TR 17427-8:2015(E)
©
ISO 2015

---------------------- Page: 1 ----------------------
ISO/TR 17427-8:2015(E)

COPYRIGHT PROTECTED DOCUMENT
© ISO 2015, Published in Switzerland
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form
or by any means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, without prior
written permission. Permission can be requested from either ISO at the address below or ISO’s member body in the country of
the requester.
ISO copyright office
Ch. de Blandonnet 8 • CP 401
CH-1214 Vernier, Geneva, Switzerland
Tel. +41 22 749 01 11
Fax +41 22 749 09 47
copyright@iso.org
www.iso.org
ii © ISO 2015 – All rights reserved

---------------------- Page: 2 ----------------------
ISO/TR 17427-8:2015(E)

Contents Page
Foreword .v
Introduction .vii
1 Scope . 1
2 Terms and definitions . 1
3 Abbreviations and acronyms . 2
4 How to use this Technical Report . 3
4.1 Acknowledgement . 3
4.2 Guidance . 3
4.3 C-ITS ‘Liability’ aspects . 3
5 What are the key liability issues . 5
5.1 Effects of different types of C-ITS applications technology risk . 5
5.2 Crash causation . 6
5.3 Types of parties in C-ITS . 7
5.4 Human factors . 8
5.5 What is the standard of safety expected? . 8
6 Legal Status . 8
6.1 Regional and National variations . 8
6.1.1 General. 8
6.1.2 Europe . 9
6.1.3 USA . 9
6.1.4 Australia .10
6.1.5 China .10
6.1.6 Japan .10
6.1.7 Other Countries .10
6.2 Driver remains in charge .10
6.3 Tort .11
6.3.1 General issues regarding ‘tort’ .11
6.3.2 Consequences of ‘breach of duty’ .12
6.3.3 Contract law .13
6.4 Product liability .13
6.5 Compulsory third party systems .13
7 Policy questions and options .14
7.1 General .14
7.2 Option 1: Continue current approach .14
7.3 Option 2: Enact specific C-ITS liability laws to clarify issues .14
7.4 Option 3: Non-legislative approaches .14
7.5 Option 4: Information and education campaigns .15
8 C-ITS Actors and Liability .15
8.1 C-ITS and jurisdictions .15
8.2 C-ITS and road operators/managers .15
8.3 C-ITS and manufacturers .16
8.4 C-ITS information/application service providers .16
8.5 C-ITS and drivers .16
9 Summary of findings.17
9.1 General .17
9.2 Explicit regulation by jurisdictions .17
9.3 ‘Opt-in’ to service provision .18
9.4 Advisory systems — Driver remains in charge .18
9.5 Interventionist systems .18
9.6 Service providers need to make users aware and limit risks through ‘opt-in’
conditions of use.18
© ISO 2015 – All rights reserved iii

---------------------- Page: 3 ----------------------
ISO/TR 17427-8:2015(E)

9.7 Manufacturers need to test thoroughly and have explicit conditions of use .18
9.8 Need for ‘audit trail’ .18
9.9 Minimize the points of opportunity of failure .18
9.10 Advise driver of status of systems .18
9.11 Human factor considerations will be critical .18
9.12 Road managers need to assess and manage risk implications .19
9.13 Expectations will change .19
9.14 Clear guidance and regulation required .19
9.15 Driver training .19
Bibliography .20
iv © ISO 2015 – All rights reserved

---------------------- Page: 4 ----------------------
ISO/TR 17427-8:2015(E)

Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards
bodies (ISO member bodies). The work of preparing International Standards is normally carried out
through ISO technical committees. Each member body interested in a subject for which a technical
committee has been established has the right to be represented on that committee. International
organizations, governmental and non-governmental, in liaison with ISO, also take part in the work.
ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of
electrotechnical standardization.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular the different approval criteria needed for the
different types of ISO documents should be noted. This document was drafted in accordance with the
editorial rules of the ISO/IEC Directives, Part 2 (see www.iso.org/directives).
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of
any patent rights identified during the development of the document will be in the Introduction and/or
on the ISO list of patent declarations received (see www.iso.org/patents).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation on the meaning of ISO specific terms and expressions related to conformity
assessment, as well as information about ISO’s adherence to the WTO principles in the Technical
Barriers to Trade (TBT) see the following URL: Foreword - Supplementary information
The committee responsible for this document is ISO/TC 204, Intelligent transport systems.
ISO 17427 consists of the following parts, under the general title Intelligent transport systems —
Cooperative ITS:
— Part 2: Framework Overview [Technical Report]
— Part 3: Concept of operations (ConOps) for ‘core’ systems [Technical Report]
— Part 4: Minimum system requirements and behaviour for core systems [Technical Report]
— Part 6: ‘Core system’ risk assessment methodology [Technical Report]
— Part 7: Privacy aspects [Technical Report]
— Part 8: Liability aspects [Technical Report]
— Part 9: Compliance and enforcement aspects [Technical Report]
— Part 10: Driver distraction and information display [Technical Report]
The following parts are under preparation:
— Part 1: Roles and responsibilities in the context of co-operative ITS architecture(s)
— Part 5: Common approaches to security [Technical Report]
— Part 11: Compliance and enforcement aspects [Technical Report]
— Part 12: Release processes [Technical Report]
— Part 13: Use case test cases [Technical Report]
— Part 14: Maintenance requirements and processes [Technical Report]
© ISO 2015 – All rights reserved v

---------------------- Page: 5 ----------------------
ISO/TR 17427-8:2015(E)

Further technical reports in this series are expected to follow. Please also note that these TRs are
expected to be updated from time to time as the C-ITS evolves.
vi © ISO 2015 – All rights reserved

---------------------- Page: 6 ----------------------
ISO/TR 17427-8:2015(E)

Introduction
Intelligent transport systems (ITS) are transport systems in which advanced information, communication,
sensor and control technologies, including the Internet, are applied to increase safety, sustainability,
efficiency, and comfort.
A distinguishing feature of ‘ITS’ are its communication with outside entities.
Some ITS systems operate autonomously, for example ‘adaptive cruise control’ uses radar/lidar/and/or
video to characterize the behaviour of the vehicle in front and adjust its vehicle speed accordingly.
Some ITS systems are informative, for example ‘Variable Message Signs’ at the roadside, or transmitted
into the vehicle, provide information and advice to the driver. Some ITS systems are semi-autonomous,
in that they are largely autonomous, but rely on ‘static’ or ‘broadcast’ data, for example, GNSS based
‘SatNav’ systems operate autonomously within a vehicle but are dependent on receiving data broadcast
from satellites in order to calculate the location of the vehicle.
Cooperative Intelligent transport systems (C-ITS) are a group of ITS technologies where service provision
is enabled by, or enhanced by, the use of ‘live’, present situation related, dynamic data/information from
other entities of similar functionality (for example from one vehicle to other vehicle(s)), and/or between
different elements of the transport network, including vehicles and infrastructure (for example from the
vehicle to an infrastructure managed system or from an infrastructure managed system to vehicle(s)).
Effectively, these systems allow vehicles to ‘talk’ to each other and to the infrastructure. These systems
have significant potential to improve the transport network.
A distinguishing feature of ‘C-ITS’ is that data is used across application/service boundaries.
It is important to understand that C-ITS is not an end in itself, but a combination of techniques, protocols,
systems and sub-systems to enable ‘cooperative’/collaborative service provision, but as these aspects
of transport technology advance, the issue of who is liable in the event of a crash will likely become
more complex.
The question of how liability will be resolved in the event of C-ITS system failure will be important
in providing certainty to drivers, manufacturers, insurers and road managers. It may be that, rather
than technical difficulties, uncertainty regarding liability issues could prove the largest deterrent to
investment in C-ITS service provision.
C-ITS applications will need adequate ‘audit trails’ in order to trace causation. The so called “human
factors” will need to be carefully considered and taken into consideration.
This means that manufacturers and services providers of C-ITS technology need to carefully consider
the safety risks of their systems and qualify their risk carefully, and road network managers will need
to assess the risk implications of providing infrastructure-based C-ITS solutions.
We are also in a situation where expectations of system performance and liability implications are
likely to change as C-ITS applications move from being advisory systems to overriding driver actions,
and the liability issues are different between these types of system.
The purpose of this Technical Report is to identify potential critical liability issues that C-ITS service
provision may introduce; to consider how to control, limit or mitigate such liability issues, and to limit
the risk of exposure to the financial consequences of liability issues.
This Technical Report is a ‘living document’ and as our experience with C-ITS develops, it is intended that
it will be updated from time to time, as and when we see opportunities to improve this Technical Report.
© ISO 2015 – All rights reserved vii

---------------------- Page: 7 ----------------------
TECHNICAL REPORT ISO/TR 17427-8:2015(E)
Intelligent transport systems — Cooperative ITS —
Part 8:
Liability aspects
1 Scope
The scope of this Technical Report is an informative document to identify potential critical liability
issues that C-ITS service provision may introduce; to consider strategies for how to control, limit or
mitigate such liability issues; and to give pointers, where appropriate, to standards deliverables
existing that provide specifications for all or some of these aspects, and to limit the risk of exposure to
the financial consequences of liability issues.
The objective of this Technical Report is to raise awareness of and consideration of such issues. This
Technical Report does not provide specifications for solutions of these issues.
2 Terms and definitions
2.1
application
app
software application
2.2
application service
service provided by a service provider accessing data from the IVS, in the case of C-ITS (2.3), via a wireless
communications network, or provided on-board the vehicle as the result of software (and potentially
also hardware and firmware) installed by a service provider or to a service providers instruction
2.3
cooperative ITS
C-ITS
group of ITS technologies where service provision is enabled, or enhanced by, the use of ‘live’, present
situation related, data/information from other entities of similar functionality, for example, from one
vehicle to other vehicle(s), and/or between different elements of the transport network, including
vehicles and infrastructure, for example, from the vehicle to an infrastructure managed system or from
an infrastructure managed system to vehicle(s)
2.4
core system
combination of enabling technologies and services that will provide the foundation for the support of
a distributed, diverse set of applications (2.1), and application transactions which work in conjunction
with ‘External Support Systems’ such as ‘Certificate Authorities’
Note 1 to entry: The system boundary for the core system is not defined in terms of devices or agencies or
vendors, but by the open, standardized interface specifications that govern the behaviour of all interactions
between core system users.
2.5
global navigation satellite system
GNSS
comprises several networks of satellites that transmit radio signals containing time and distance data
that can be picked up by a receiver, allowing the user to identify the location of its receiver anywhere
around the globe
© ISO 2015 – All rights reserved 1

---------------------- Page: 8 ----------------------
ISO/TR 17427-8:2015(E)

2.6
in-vehicle system
IVS
hardware, firmware and software on board a vehicle that provides a platform to support C-ITS (2.3)
service provision, including that of the ITS-station (2.8) (ISO 21217), the facilities layer, data pantry and
on-board ‘apps’
2.7
intelligent transport systems
ITS
transport systems in which advanced information, communication, sensor and control technologies,
including the Internet, are applied to increase safety, sustainability, efficiency, and comfort
2.8
ITS-station
entity in a communication network [comprised of application (2.1), facilities, networking and access
layer components] that is capable of executing ITS-S application processes, comprised of an ITS-S
facilities layer, ITS-S networking & transport layer, ITS-S access layer, ITS-S management entity and
ITS-S security entity, which adheres to a minimum set of security principles and procedures so as to
establish a level of trust between itself and other similar ITS-stations with which it communicates
3 Abbreviations and acronyms
ABS anti-lock braking system
ACC adaptive cruise control
ADAS advanced driver assistance systems
C-ITS cooperative intelligent transport systems, cooperative ITS
CA certificate authority
CVIS cooperative vehicle-infrastructure systems (EC Project)
EC European Commission
ESC electronic stability control
EU European Union
GTR global technical requirement (UNECE)
ITS intelligent transport systems (2.7)
IVS in-vehicle system (2.6)
UNECE United Nations Economic Commission for Europe
V2V vehicle to vehicle
V2I vehicle to/from infrastructure
2 © ISO 2015 – All rights reserved

---------------------- Page: 9 ----------------------
ISO/TR 17427-8:2015(E)

4 How to use this Technical Report
4.1 Acknowledgement
Much of the inspiration for this document and its considerations and content originate from the reports
“Cooperative ITS Regulatory Policy Issues” and “Cooperative Intelligent Transport Systems Policy Paper”
[1][17]
National Transport Commission, Australia. And this source is acknowledged and thanked.
Contribution from various TCA (Transport Certification Australia) documents is acknowledged.
4.2 Guidance
This Technical Report is designed to provide guidance and a direction for considering the issues
concerning liability associated with the deployment of C-ITS (2.3) service provision. It does not purport
to be a list of all potential liability factors — which will vary according to the regime of the jurisdiction
and to the form of the instantiation. Rather, it discusses the major issues, and provides guidance and
direction for considering and managing the future and instantiation specific deployment of C-ITS.
4.3 C-ITS ‘Liability’ aspects
This part if ISO/TR 17427 explores potential business, organisational and regulatory approaches to
address liability concerns, and particularly the combination of such aspects in order to manage liability
issues related to C-ITS service provision.
As transport technology advances, the issue of who is liable in the event of a crash will potentially become
more complex. The question of how liability would be resolved in the event of C-ITS system failure will be
important in providing certainty to drivers, manufacturers, insurers and road managers. It is expected
that the number of crashes would be reduced significantly in a fully C-ITS equipped environment,
however crashes would still occur, with some specific C-ITS related reasons such as the following:
— data communication failure or interference;
— conflicting or erroneous warnings being provided to drivers;
— driver failing to respond to a warning received;
— driver over-reliance on the technology;
— driver switching off the C-ITS and being involved in injury to a third party that may have been
avoided had he been receiving the benefits of the service.
A number of other scenarios could also be imagined, involving either the failure of the technology,
limitations of the technology in different conditions or problems in the interaction between the driver
and the technology. C-ITS applications (2.1) draw together the whole range of parties typically involved
in the transport network, including road agencies, drivers, operators and manufacturers.
While C-ITS applications have significant potential to increase road safety, crashes will continue to
occur and liability issues will arise. ITS applications in general raise some broad liability risks.
Within any jurisdiction, any guidance or legislation that seeks to deal with the issues raised by ITS
based solutions will have to interact with the current regulatory framework in a sufficiently clear and
delineated manner and will have to deal with a wide range of causes of liability including the following:
— device or system failure;
— conflict between multiple ITS products;
— operator information overload;
— loss of operator attention;
© ISO 2015 – All rights reserved 3

---------------------- Page: 10 ----------------------
ISO/TR 17427-8:2015(E)

— risk compensation;
— incorrect interpretation of information;
— liability arising as a result of the interaction of both enabled and conventional vehicles.
Although most C-ITS service provision is designed to, and overall may be proven to, improve safety
and reduce or mitigate death and injury, it must be recognized that C-ITS applications could potentially
cause a collision, for example, when such an application
— fails to provide an appropriate warning in the lead-up to a collision,
— provides incorrect information (for example, in regard to the local speed zone),
— provides a misleading warning (for example, the direction of a potential collision is unclear),
— provides a warning which distracts the driver, leading to a crash, and
— overrides the driver’s action in a way that causes a collision (for example, a brake assist application
that causes a vehicle to brake suddenly in the middle of fast moving traffic).
Failure to provide appropriate warnings could result from a range of sources, including software
problems (including those introduced as part of upgrades), limitations on sensors, signal interference,
lack of accuracy in mapping or positioning information or other sources. The exact list will depend on
the specific applications and whether they are merely advisory systems or more interventionist systems.
It is important to understand that liability concerns have been raised as a potential disincentive for
manufacturers to develop C-ITS applications and other safety systems: ‘these technologies pose challenges
for manufacturers and may increase their liability risk in ways that discourage the efficient introduction of
[5][6]
these technologies’.
The introduction of airbags by the US National Highway Traffic Safety Administration (NHTSA) is a
cautionary example, where even safety technology with significant benefits can have unintended
consequences.
In 1977, in the USA, NHTSA estimated that air bags would save on the order of 9,000 lives per year and
based its regulations on these expectations. Today, by contrast, NHTSA calculates that air bags saved
8,369 lives in the 14 years between 1987 and 2001. Simultaneously, however, it has become evident
that air bags pose a risk to some passengers, particularly smaller passengers, such as women of small
stature, the elderly, and children. NHTSA determined that 291 deaths
...