The Regulation of Cybersecurity of Autonomous Vehicles using a Law and Economics approach

Autonomous Vehicles promise considerable social benefits but they are still fraught with risks including their vulnerability to cyber-attacks. This AI application lacks a suitable legal and cybersecurity framework. This paper inquires into the optimal regulatory response to the cyber-security risks associated with automated vehicles. It adopts a Law and Economics approach, more specifically the theory of optimal enforcement. Instead of only focusing on the regulation of technical deficiencies, this paper argues that many security systems implemented in automated vehicles fail because of the design of individual decision-making incentives given to different actors. This paper employs the theory of optimal enforcement to examine which enforcement mechanisms (private enforcement through liability or public enforcement through administrative and criminal enforcement) will provide the most suitable incentive structures towards achieving a high level of security in automated vehicles.