The Department of Transportation announced AV 4.0, voluntary guidelines for driverless vehicles. The guidelines "use a holistic, risk-based approach to protect the security of data and the public's privacy as AV technologies are designed and integrated." EPIC commented on an earlier version of the guidelines, saying the agency "should promulgate mandatory rather than voluntary cybersecurity guidelines." EPIC warned that "the very real possibility of remote car hacking poses substantial risks to driver safety and security." EPIC also testified before Congress in 2015, explaining that "current approaches, based on industry self-regulation, are inadequate and fail to protect driver privacy and safety."