This issue involves several complex relationships. On the shipping side of the equation, there is the complex commercial interaction of the owner, operator, various management companies, insurers, brokers, agents, and crews (and more). On the regulatory side, the issue is somewhat clearer but generally involves inspectors (having limited enforcement, public agent or policing roles), government officials, legal teams and so forth. When considering the interaction between these, the factors involve jurisdiction and the interaction of nations and companies that is coordinated in accordance with various port state control agreements.
When considering the issue of autonomous shipping, we must be careful at the onset regarding certain terms. The term autonomous generally refers to a state of acting independently or having the freedom to act independently. In short, the system on board the vessel can identify, assess and respond to conditions around it in accordance with programming factors.
How does this become challenging within the legal domain? Let us consider four major areas:
- The conduct of inspections on board the vessel;
- The ability to enforce compliance or require immediate action on board the vessel;
- The ability to investigate potential crimes; and
- The ability to prosecute and enforce the rule of law.
The first involves the ability to conduct an inspection on board the vessel. The question here is how does one inspect the data-link between the entity controlling the vessel and the vessel itself? As those involved in the penetration testing regime understand, one does not simply launch into a full examination of an operational network without taking more than a few precautions to ensure that the examination itself does not interfere with critical or safety-related services. The questions here involve issues associated with a changing role for inspectors, expanding the knowledge necessarily possessed by inspectors, the tools that are used by inspectors, and the limits of legal liability.
The second element involves the question of how to respond to an issue that requires immediate correction. While there is a master and crew on board the vessel, the inspector can require that certain steps be taken immediately to prevent the detention of the ship or even denying its ability to enter territorial waters. Would this result in a situation where the vessel’s management must accept the potential losses or damages associated with a government contracted response team coming on board to take a corrective action? What costs would be passed on to the company? Would it involve the inspectors being required to follow certain steps to mitigate risks and require that the ship put into port for the necessary actions—and does this impact issues such as the sovereign control of the state to limit entry or create a new level of activities involving the redirection of a vessel so that it is no longer on charter? Again, what are the legal, commercial and financial implications of this?
The third issue involves the challenges associated with regulatory and criminal enforcement. Cyber crimes are notoriously difficult to prosecute, particularly when dealing with the evidentiary standards of the criminal court. Given this complexity and the requirements of the court, shipping companies should be asking themselves under what conditions can a vessel be held in detention for purposes of investigation. Similarly, what if the ship’s systems need to be seized as evidence for a case that may be heard well into the future—these involving issues that range from how the costs associated with the ship’s seizure are managed to the potential loss of availability of the vessel. Insurers may want to look very closely at how contract clauses associated with force majeure are included with respect to government action before offering coverage.
A maritime cybercrime investigation will most likely involve multiple police jurisdictions. While this does not mean that the investigation will involve jurisdictional conflict, it does mean that the number of moving parts in the investigation is likely to increase and that companies may face themselves under the scrutiny of several nations’ law enforcement and security agencies.
Finally, there is the issue of prosecution. While this may look like a windfall for certain kinds of shadier companies, it doesn’t function that way. The prosecution of a case and its ultimate resolution also means the closure of the case. For those on the receiving end, this means that they may (1) finally be clear of the issue, (2) be able to negotiate, through legal channels, an agreeable resolution, (3) understand what penalty is being applied and (4) understand the limits associated with that enforcement action. If the case remains open and active, the company will face a level of uncertainty regarding the potential impacts and outcomes and this uncertainty has the potential to impact customer and client confidence.
Before rushing down the path of automation, these questions need to be well on the road to resolution at the international levels. While it has not been discussed here, there may be other questions—such as the liability of executives that push towards this kind of technology without understanding the full financial impacts and liabilities associated with it and how that may come into conflict with the expectations of shareholders.
This is not to say that automation is bad, evil or even negligent. It simply means that shipping executives may wish to ask careful questions in order to make sure that they can exploit the new opportunities that this kind of technology may offer without exposing themselves to unknown risks.
This article, the first of several, is intended to promote thoughtful consideration of future risks. It is not to express anything that should be construed as a government policy or approach, nor is it an offer of legal advice.
Allan McDougall BA BMASc PCIP CMAS CISSP CPP PSP CMSP is the chief learning officer of the IAMSP and an executive vice president of Knowledge Advancement Solutions based in Ottawa, Canada. In addition to his military experience, he has served as a security advisor with Canada’s Coast Guard, Department of Fisheries and Oceans and Canada Border Services Agency. He was also previously a senior inspector with Transport Canada’s Marine Security Operations and has coauthored several works associated with infrastructure protection and emergency preparedness.