Mr. R. A. Whitfield

Quality Control Systems Corporation

1034 Plum Creek Drive

Crownsville, MD 21032-1322


Dear Mr. Whitfield:


This responds to your April 2, 2016 letter asking whether the National Highway Traffic Safety Administration (NHTSA) is precluded from taking enforcement action regarding a safety defect or noncompliance with a regulation or Federal Motor Vehicle Safety Standard (FMVSS) when that defect or noncompliance is a cyber threat indicator provided to the Federal government under the Cybersecurity Act of 2015.


As you know, the agency published a request for comments on NHTSA Enforcement Guidance Bulletin 2016-02: Safety-Related Defects and Emerging Automotive Technologies.[1]  We noticed that you submitted identical questions as a comment to the abovementioned docket.[2]  The issue you raise will be discussed in the agency’s response to comments that is currently being prepared.


Thank you for your interest in motor vehicle safety.  If you have further questions, please contact Ms. Sara Bennett of my staff at (202) 366-2992.




Paul A. Hemmersbaugh

Chief Counsel


Dated: 6/1/16

Ref: Miscellaneous


[1] Docket No. NHTSA-2016-0040 (Apr. 1, 2016), available at

[2] Your comment is available at!documentDetail;D=NHTSA-2016-0040-0013.