HB Ad Slot
HB Mobile Ad Slot
Worldwide Group of Data Privacy Regulators Issues Guidance on Connected-Car Technologies
Monday, October 2, 2017

A global group of data privacy regulators has, for the first time, set forth data privacy and security guidance on the development of automated and connected-car technologies. The Resolution on Data Protection in Automated and Connected Vehicles was announced at the recently convened International Conference of Data Protection and Privacy Commissioners (ICDPPC). The resolution sets forth 16 data privacy and security principles to guide automotive manufacturers, transportation-service providers, car rental companies, and providers of data-driven services (e.g., speech recognition, navigation remote maintenance, or motor insurance telematics services) in the development of connected-car technologies.

Of note, the Commissioners recommend that automotive manufacturers and other relevant parties:

  • utilize anonymization measures to "minimize the amount of personal data or use pseudonymization when the former is not feasible;"

  • minimize collection and retention of personal data;

  • implement easy-to-use privacy controls for vehicle users, enabling them to grant or withhold access to different data categories, where appropriate;

  • implement secure data storage technologies;

  • develop and implement technologies to prevent unauthorized access to and interception of collected personal data;

  • provide safeguards against unlawful tracking/tracing of drivers, and limit the possibility of illegitimate vehicle tracking and driver identification;

  • commission an assessment by an independent third party of potential discriminatory automated decisions arising from self-learning algorithms, and;

  • conduct data impact assessments for new, innovative, or risky development or implementation of these data technologies.

The ICDPPC is composed of dozens of member entities from around the world, and includes representative organizations from the European Union as well as the Federal Trade Commission (FTC).

The non-binding resolution was adopted in a closed session at the conference and represents the first—and by far the most granular—data privacy and security guidance for connected-car manufacturers. Notably, the FTC abstained from the resolution, leaving open the question of applicability to connected-car manufacturers, application developers, and car rental companies in the United States.

Implementation of the resolution will require a substantial investment of technological resources by connected-car manufacturers (and other original equipment manufacturers) as well as careful legal consideration of the potential impact on privacy of these technologies.

HTML Embed Code
HB Ad Slot
HB Ad Slot
HB Mobile Ad Slot
HB Ad Slot
HB Mobile Ad Slot
 
NLR Logo
We collaborate with the world's leading lawyers to deliver news tailored for you. Sign Up to receive our free e-Newsbulletins

 

Sign Up for e-NewsBulletins