Autonomous vessels and the digital future
With reports that the first fully automated cargo ship will be launched in 2018 and, after a period of manned operation, will begin operating fully autonomously by 2020, the unmanned future for vessels appears to be just over the horizon. The success of such a technological leap will depend on public perception being able to adapt and accept unmanned vessels. It will also require applicable laws and regulations to be rewritten.
The use of unmanned vessels has been commonplace for some time in underwater operations. In particular remotely operated vehicles (ROVs) have been used extensively in offshore operations, including in association with drilling operations, offshore construction and decommissioning. Unmanned aerial vehicles (UAVs) are also increasingly being used to carry out inspections of vessels and offshore facilities.
In contrast unmanned surface vessels in commercial service, even remotely controlled, are comparatively new and have yet to be employed on any significant scale. Some of the advanced auto pilot systems currently being used are just the beginning of what is to come. When that time does come then many existing regulations will need to be rewritten as many assume or are based on the physical presence and oversight of people.
To give just two examples:
The Convention on the International Regulations for Preventing Collisions at Sea, 1972 (“COLREGs”) provides that: “every vessel shall at all times maintain a proper look-out by sight and hearing as well as by all available means appropriate in the prevailing circumstances and conditions so as to make a full appraisal of the situation and of the risk of collision” (Rule 5).
Can an autonomous vessel maintain a proper look-out? Arguably it can use cameras and sensors, but as all who use computer knows, electronics and software have a way of breaking down or needing a restart – often when it is least wanted. What is the back-up in case of a failure of systems in rough weather, when a proper look-out is perhaps most needed? At least initially, and particularly for navigation in especially hazardous waters, a qualified software engineer or master will need to remain onboard the vessel to ensure that there is sufficient back up should important systems fail.
Regulation 34 of Chapter 5 of the Safety of Life at Sea Convention (“SOLAS”) provides that the master has absolute discretion to take decisions in the interests of safety of life at sea and protection of the marine environment. With an automated vessel does that “master” become a set of pre-programmed decisions as to what the vessel should do in any given circumstances? If a vessel’s system has an ability to learn from previous activity how do we ensure that its learning is consistent with the learning of other autonomous vessels or manned vessels? Do pre-programmed decisions give preference to avoiding harm to the environment, potential loss of life on another vessel or some other factor?
It is clear that a fully autonomous commercial vessel would not currently comply with SOLAS and COLREGs, but the language of those conventions can be adjusted to allow for and adapt to the deployment of autonomous vessels.
Various entities are working on producing guidelines and suggestions as to how maritime law might be amended to reflect the operation of unmanned vessels. The Comité Maritime International (CMI) has set up an International Working Group for Maritime Law for Unmanned Craft. It also has established an International Working Group for Cybercrime in Shipping. One of the concerns often expressed about autonomous transport methods, including vessels, is the risk that they could be ‘hacked’ or their systems otherwise interfered with for an illegitimate purpose.
Cyber risk and hacking
The issue of cybercrime came into sharp focus earlier this year when Maersk were hit by computer issues triggered by the NotPetya cyberattack. It has been reported that this attack will cost the company as much as US$300 million in lost revenue. It has also been suggested that at least one of the collisions involving U.S. Navy vessels in Asian waters this year may have been the result of a cyberattack on the vessel’s computer systems. Whatever the truth of that suggestion, and no actual evidence of such an attack has been produced, with increased automation of vessels the risk of hackers gaining control of the operation of vessels, whether for criminal, terrorist or other purposes will increase.
Given the risks associated with the use of devices connected to the internet, including at ports as well as onboard vessels, owners should consider including cyber-attack within the definition of force majeure event in their contracts and charterers may wish to consider including specific warranties or obligations on the part of owners that they have taken steps to protect the vessel, and if applicable associated onshore systems, from cyber-attack.
If there is a system failure on board an autonomous vessel, whether caused by a cyberattack or some other cause, would that indicate that the vessel was unseaworthy?
The English law duty of seaworthiness (as per The Eurasian Dream  requires that:
“(1) The vessel must be in a suit
able condition and suitably manned and equipped to meet the ordinary perils likely to be encountered while performing the services required of it. This aspect of the duty relates to the following matters.
(a) The physical condition of the vessel and its equipment;
(b) The competence / efficiency of the Master and crew;
The position under Norwegian law is similar. With an autonomous vessel the physical condition of the vessel and its equipment merge with the competence of the master and crew, as it is the vessel which effectively acts as its own master and crew. Many of the factors currently used to judge the competence of the crew when considering an allegation of unseaworthiness are likely to have direct parallels to the systems onboard an autonomous vessel. For example the following have been considered by the English courts as characteristics of an incompetent crew:
(a) An inherent lack of ability;
(b) A lack of adequate training or instruction; and
(c) Physical or mental disability or incapacity (e.g. drunkenness, illness).
Applying that to an autonomous vessel could see the following characteristics considered:
(a) Is the software underlying the decision making process on board the vessel up to date and complete?
(b) Is that software free of viruses and any ‘back door’ allowing hackers to gain access?
(c) Has the reliability of back-up systems in the event of failure of autonomous systems been tested recently?
As a matter of English common law an owner gives an absolute warranty that a vessel is seaworthy to undertake the contractual voyage in question. So a defect in the software that controls an autonomous vessel, including so as to allow access to hackers, could amount to a breach of that warranty.
Many standard form contracts as well as rules such as the Hague-Visby Rules and the Norwegian Maritime Code, modify the common law position to require that an owner is only obliged to exercise due diligence to provide a seaworthy ship. Thus provided ‘best practice’ has been followed it is possible that an unknown defect in the software controlling an autonomous vessel might not amount to a breach of that due diligence seaworthiness obligation. As such it is likely that independent certification of the systems onboard autonomous vessels will be very important as owners will want to rely on that certification as showing that they have met their due diligence obligation.
For the moment most international maritime conventions are not yet suitable for widespread use of autonomous commercial vessels, but that will undoubtedly change. When autonomous commercial vessels start operations the underlying contracts will need to reflect how the specific risks and responsibilities associated with autonomous vessels are to be allocated. Some of the specific risks, such as including cyber-attack within any definition of force majeure, are matters that can be considered by all parties now. Other amendments, such as assessing what is the applicable standard of seaworthiness and how it is to be measured will become clearer once the technology is developed further and put into use.