As autonomous vehicles evolve, the interconnected nature of these products may expose a wide group of consumer issues such as vehicle safety concerns or privacy breaches. Given that issues may be common to a product rather than individual to a specific consumer, autonomous and connected vehicles may have the potential to be ripe for class action exposure.
Why Autonomous Vehicles?
The technical capabilities of autonomous vehicles continue to advance and impress. Features such as automated self-parking are now blasé, making way for technology that enables vehicles without steering wheels or pedals to be manufactured in 2019.1 During operation, autonomous and connected vehicles generate and can record a significant amount of information including driving input, speed, and direction. Vehicles currently on the road may offer connected services for communications and driver aids (e.g. camera rear-view mirror, emergency braking, and reverse auto braking, etc.).
While impressive, these technologies (and the data creation that comes with them) risk system exploitation, data breach and product-wide issues. Researchers have already demonstrated the ability to penetrate connected systems2 and the risks of privacy breaches are all too well known. As increasing amounts of information are recorded and stored by autonomous vehicles or uploaded to connected servers, data from autonomous and connected vehicles will become more valuable to third-party hackers. Software or programming issues that could render an autonomous feature inadequate or unsafe would likely apply to all vehicles across a product range rather than individual vehicles.
This article considers two likely avenues for future autonomous vehicle class action litigation - privacy and product liability.
Privacy Class Actions
In the event that private data is accessed or disclosed as a result of a cybersecurity vulnerability, a class action provides one option for affected consumers. Privacy class actions are nothing new to Canada and have resulted in significant monetary settlements. While individual payments to class members are often nominal (from around $2,5003 to $5,0004 each), large class sizes have the potential to result in a high total damages award in addition to other expenses such as counsel fees and settlement administration. As an example of such exposure, in a recent case relating to a breach of personal and financial information, a defendant paid out approximately $1.25 million.5
While there have yet to be any class actions commenced in Canada for issues relating to connected and autonomous vehicles, recent litigation in the United States has considered claims relating to cybersecurity vulnerabilities in connected vehicles with varying results.
In Cahen, et al. v. Toyota Motor Corp., et al.6, plaintiffs alleged that certain Toyota vehicles had insufficient security measures and sought damages on the basis that the vehicles could be vulnerable to hacking despite the fact that no hacking had actually occurred. The district court dismissed the case, finding that the plaintiffs had not sufficiently alleged an injury which was specifically linked to the risk of hacking itself. This decision was upheld on appeal.7
In contrast, plaintiffs in a putative class action brought against Fiat Chrysler, Flynn et al. v. FCA US LLC et al.8, were partially successful in being permitted to proceed with claims relating to the risk of hacking. The action was commenced after software was updated to protect against potential hacking vulnerabilities. Although the Court dismissed claims for possible future hacking events, it permitted the plaintiffs to proceed with claims that their vehicles depreciated in value due to risk of hacking. Fiat Chrysler has requested leave to seek an interlocutory appeal, stating that "all connected products are potentially 'vulnerable' to hacking" and that an action alleging that a product could be vulnerable was not sufficient for certification.9
In Canada, manufacturers will want to continue to design their autonomous systems with sufficient protection to guard against the potential for privacy breaches in order to avoid a class action. Given the experience in the U.S., class actions brought to address potential future problems that have yet to materialize will likely be met with challenge.
Product Liability Class Actions
It is often suggested that product liability cases are "well-suited" or "ideal candidates" for class action treatment, as proof of a defect or product issue can be extrapolated to all of those who have purchased the same product.10 In Canada, a number of automotive claims have been deemed appropriate to be certified as a class action.11
A class action may not, however, be appropriate in cases where a common question is not easily posed. This may occur in circumstances where manufacturing techniques change over time, there are multiple parties involved in delivering the finished product to a consumer or there is a change in the appropriate standard of care.12 Given the pace of technological improvement and the complexity of the technical matters likely to be in issue, the importance of submitting evidence from an adequate expert to give some evidentiary basis for the claim cannot be ignored.13
"Commonality" will likely be a fertile battle ground for litigation relating to autonomous vehicles. In a product liability action, arguments usually focus upon the similarities (or differences) between the products which are alleged to have been defective.
As an illustrative example, three similar putative class actions considered product liability claims in relation to medical devices, but each arrived at separate results on certification.14 Two actions which alleged issues with a wide range of similar, but varied, products were deemed inappropriate for certification – the defendant's conduct differed among the products and no common defect across all products was identified.15 An action that focused on one "single undifferentiated product group" was deemed appropriate for certification as the parties did not draw distinctions between the devices.
Looking Forward
While autonomous or connected vehicles have yet to be the subject of a class action in Canada, the plaintiff's bar will be certain to raise issues which will test the boundaries of class proceedings.
Manufacturers and other parties responsible for the collection, use and storage of data gleaned from these productions should remain aware of the legal risks associated with maintaining data. Canada has already gained experience with class actions arising from privacy breaches, but there is an open question as to what type of loss will be sufficient to give rise to a certifiable class action.
Manufacturers and distributors of autonomous and connected vehicles remain exposed to the possibility of a product liability class action, but it is not yet clear whether the issues regarding these vehicles will be simple or narrow enough to be answered in common across a class. Largely, this will depend on the specific defect being alleged and the degree to which that defect is manifested across the series of products tied to a prospective class definition. It remains to be seen how these products will be dealt with on a motion for certification.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
