What happens when a self-driving car kills someone and there is no human driver to blame, no detailed public regulation to point to, and a jury that has never heard of ISO 26262 or UL 4600? Who decides what “reasonable care” means when safety choices are embedded in code, sensors, and validation protocols rather than in a driver’s split-second decision?
In his insightful paper Swords and Shields, Gary Marchant argues that in this world, private technical standards will quietly become the real baseline for tort law. Standards written by SAE, ISO, UL, IEEE, and other standard-setting organizations—largely unfamiliar to most people—will serve as shields for autonomous-vehicle (AV) manufacturers who comply with them, and as swords for plaintiffs when manufacturers ignore them.
The core claim is simple but powerful: compliance with well-recognized AV standards should be treated as a partial shield against negligence and especially punitive damages, while noncompliance should be a partial sword suggesting unreasonable conduct.
The pacing problem and the AV standards ecosystem
Marchant begins with the “pacing problem”: technology moves faster than government. AV technology is advancing rapidly and detailed public regulation is thin and, in the case of NHTSA, often deliberately hands-off. As Marchant describes, NHTSA’s central concern is not only lack of information and expertise, but the fear of prematurely locking in design choices and limiting innovation in a field that might ultimately reduce accidents dramatically. That mix of uncertainty and capacity constraints, and perhaps even anxiety about being blamed for stifling life-saving technology helps explain why the agency has preferred flexible guidance and voluntary frameworks over detailed, binding AV safety rules.
Into this vacuum step standard-setting organizations. Historically, private standards handled dull but important things: thread sizes, plug shapes, inter-operability. Today, they increasingly handle governance: risk management, safety, data security, and even aspects of AI ethics.
In the AV context, Marchant describes a dense and growing ecosystem of standards, including:
- Functional safety standards (such as ISO 26262), focused on preventing catastrophic outcomes from random hardware and software failures.
- Safety of the intended function (SOTIF) standards (such as ISO 21448), dealing with hazards arising even when systems work “as designed.”
- System-level AV standards (such as UL 4600), covering how to design, validate, document, and argue for the safety of autonomous products.
These standards are not mere definitions. They prescribe how AV manufacturers should do hazard analysis, simulation and real-world testing, monitoring, and updates. If courts are going to say anything meaningful about whether an AV design was “reasonable,” these standards are the obvious place to start.
Swords and shields
Marchant’s illuminating contribution is to explain how these standards should function in tort litigation.
On the shield side, he argues that compliance with recognized AV safety standards should weigh heavily against findings of negligence, design defect, or punitive damages. The argument is intuitive: if a manufacturer has followed a serious, technically sophisticated, multi-stakeholder safety framework, it is hard to say it acted with the kind of disregard that punitive damages are supposed to punish.
On the sword side, noncompliance with these standards should count as strong evidence for negligence or defect. As AV standards become the de facto safety baseline for responsible actors, ignoring them without a very good reason looks increasingly like a failure to use reasonable care.
Crucially, for Marchant both sword and shield are partial, not absolute. Compliance is presumptive but rebuttable evidence of due care; noncompliance is presumptive but rebuttable evidence of lack of due care. A jury can still find a compliant manufacturer negligent in an extreme case (for example, if a standard is clearly outdated or reflective only of industry capture), and it can still find a noncompliant manufacturer non-negligent if it has adopted an even better, more up-to-date safety regime. This way of applying the standards helps incentivizing conformance with them by AV manufacturers.
The treatment of punitive damages is sharper. Marchant thinks compliance with AV standards should almost always block punitive damages, while serious noncompliance should be a strong basis for them. In other words, standards play a special role in sorting ordinary negligence from conduct that deserves moral condemnation and extra deterrence.
Private standards as proto-regulation: a comparison
Marchant’s story fits into a broader literature on using private actors to structure tort duties. In earlier work on Private Regulation,1 I proposed a “Private Regulation Regime” (PRR) in medical malpractice. There, private expert entities would write evidence-based clinical guidelines under a statutory framework. If physicians complied with these guidelines, they would enjoy an absolute safe harbor from malpractice liability; if they deviated, the guidelines would serve as a kind of “blunt sword” for plaintiffs.
Comparing Marchant’s proposal with that kind of private regulation regime helps to clarify what Swords and Shields is, and what it is not.
The first contrast is the institutional ambition of the proposals. The PRR is a full-scale architecture: the law defines who the private regulators are, how they are funded, how they internalize the social costs of too-risky or too-conservative guidelines, how their guidelines are evaluated ex ante from a social-welfare perspective, how intellectual-property rights are handled, and how guideline writers themselves are held liable if their standards are inefficiently dangerous. In return, compliant physicians get complete immunity from malpractice suits.
Marchant does not go that far. He works with the standard-setting institutions we already have without trying to re-engineer their incentives from the ground up. Standards are treated as sophisticated custom, not as the output of a dedicated private regulator charged by statute with optimizing social welfare. That institutional modesty is part of the reason he stops at partial swords and shields.
Second, who is being protected? The PRR addresses individual physicians facing enormous pressure to practice defensive medicine. The safe harbor is partly about liberating them from ex post second-guessing that overweighs bad outcomes and ignores the beneficiaries of cost-effective care. Marchant focuses on AV manufacturers: large, sophisticated firms already accustomed to complex regulation and liability exposure. Giving them full immunity merely for complying with self-influenced standards would raise more serious under-deterrence and capture concerns.
The third consideration is whether the system is designed ex post or ex ante. A central move in private regulation is to design the guidelines themselves under an explicit ex ante framework: guideline writers must internalize the costs of harm and of wasteful safety measures before accidents occur. Crucially, the PRR’s strict ex ante focus is designed to eliminate cognitive biases inherent in the tort system (e.g., Hindsight Bias and Identifiable-Other Effect) by holding the guideline writer strictly liable. Marchant’s approach uses ex post standards merely to moderate these biases, making it a more cautious step than a full private regulation regime.
The PRR further enforces systematic knowledge production by explicitly denying the guideline writer the “State of the Art Defense,” thereby forcing the continuous scientific updating of standards
In Swords and Shields, Marchant takes the standards mostly as given and asks: Given what these institutions are already doing, how should courts treat their work when AV cases arise? His answer is doctrinal and incremental rather than systemic and reconstructive.
Seen this way, Swords and Shields can be read as a “proto-PRR” in the AV context, a first step in treating private standards as quasi-regulatory baselines for tort law, without yet building the complete private regulation machinery around them.
The worries Marchant takes seriously
Marchant does not pretend that outsourcing so much to private standards is costless. He flags several important concerns.
- Capture. Standard-setting processes are formally open and multi-stakeholder, but in practice industry often dominates. If AV makers push for weak standards and then claim a shield by complying with them, courts will be asked to ratify captured norms. Marchant’s helpful answer is that the sword-and-shield effect should depend on the procedural quality and perceived legitimacy of a standard, not just its existence.
- Fragmentation. AVs face multiple overlapping standards, which are sometimes inconsistent. Which one is the baseline? Marchant suggests looking at industry uptake, credibility of the SSO, and fit with the technology at issue. The more a standard looks like a real, widely accepted baseline, the more weight it should get.
- Partial compliance. Manufacturers may comply with some standards and not others, or with some parts of a standard and not others. This will make AV litigation messy, but not unmanageable. Here, too, the sword and shield are partial: the pattern of compliance becomes grist for experts and juries.
- Access and copyright. Because many standards are paywalled and copyrighted, simply putting the standard in front of a jury can be surprisingly difficult. Marchant notes that courts and legislatures may have to rely on fair-use doctrines, compulsory licensing, or other solutions if standards are to be used routinely in litigation.
Marchant gives us an important starting place for a conversation about standards governing new technologies. Consider the following questions: First, once courts treat AV standards as central evidence of reasonableness and of entitlement (or not) to punitive damages, the design of the standard-setting process itself becomes crucial. Marchant hints at this but does not fully explore it. If private standards are going to carry this much legal weight, we may eventually need to think about borrowing some of the tools from more ambitious private regulation proposals: ex ante evaluation and perhaps even some form of liability for standard-setters who get it badly wrong.
Second, AVs are likely just the beginning. Any domain with rapid technological change, thin public regulation, and dense private standards, such as medical AI, robotics, and some areas of fintech, will be tempted to adopt the “partial sword, partial shield” approach Marchant sketches. The hard question, which this paper invites rather than fully answers, is where to draw the line between incremental doctrinal adaptation and full-blown private regulation regimes.
At the end of the day, Swords and Shields offers a clear, thoughtful account of how courts should use private standards to decide liability for autonomous vehicles. It shows how tort law can, at least for now, ride on the back of private technical expertise without formally abandoning negligence or products liability. Whether future work will push toward more structured private regulation or stay with Marchant’s more modest swords and shields, his article richly deserves a reading.
- Ronen Avraham, Private Regulation, 34 Harv. J.L. & Pub. Pol’y 543 (2011).
