Abstract
With the increase in automation of vehicles and the rise of driver monitoring systems in those vehicles, data protection becomes more relevant for the automotive sector. Monitoring systems could contribute to road safety by, for instance, warning the driver if he is dozing off. However, keeping such a close eye on the user of the vehicle has legal implications. Within the European Union, the data gathered through the monitoring system, and the automated vehicle as a whole, will have to be collected and processed in conformity with the General Data Protection Regulation. By means of a use case, the different types of data collected by the automated vehicle, including health data, and the different requirements applicable to the collecting and processing of those types of data are explored. A three-step approach to ensuring data protection in automated vehicles is discussed. In addition, the possibilities to ensure data protection at a European level via the (type-) approval requirements will be explored.
Highlights
How would you feel if your car knows your heart rate, or counts the number of times you blink? With the emergence of automated vehicles, the number of sensors keeping an eye on you, the user of the vehicle, will increase
The EU Member States already mentioned in the 2016 Declaration of Amsterdam on cooperation in the field of connected and automated driving[2] the right to privacy and data protection, and they agreed to a joint agenda which, amongst others, should ensure privacy and data protection.[3]
If through sensors and cameras the vehicle collects information on the heart rate of the user, its eye movements and other indicators of the physical and mental state of the user, can these data be stored by the operator of a fleet of automated vehicles and perhaps sold to, for instance, the health care insurer of the user? Is it allowed to combine these data with other data, such as the location of the vehicle and the time of day, and sell it to a company wanting to advertise their restaurant to the user? We will explore the possibilities and restrictions of the processing and use of these data under the EU General Data Protection Regulation (GDPR)
Summary
How would you feel if your car knows your heart rate, or counts the number of times you blink? With the emergence of automated vehicles, the number of sensors keeping an eye on you, the user of the vehicle, will increase. The GDPR is a general data protection instrument that is technology neutral and applies to data collected by automated vehicles.[4] In addition to setting legal boundaries, the GDPR offers inspiration for how to deal with data protection issues in this technologically enriched world. This inspiration serves as a starting point for a novel threestep approach applied to automated vehicles on the integration of data protection in automated vehicles. Of collecting data concerning health, referred to as health data, via sensors and cameras in automated vehicles
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have